From: adrianiurca <adrian.iurca@gmail.com>
Date: Mon, 5 Jul 2021 10:34:49 +0000 (+0300)
Subject: mac_source is downcased by iptables
X-Git-Tag: v3.0.2~3^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=c1bde17219c744da09ca4bd991002a41208f51af;p=puppet-modules%2Fpuppetlabs-firewall.git
mac_source is downcased by iptables
---
diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index ba1b799..58fd41d 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -1850,6 +1850,13 @@ Puppet::Type.newtype(:firewall) do
MAC Source
PUPPETCODE
newvalues(%r{^([0-9a-f]{2}[:]){5}([0-9a-f]{2})$}i)
+ facter_os_name = Facter.fact(:os).value['name'].downcase
+ facter_os_release = Facter.fact(:os).value['release']['major'].to_i
+ if facter_os_name == 'sles' && facter_os_release == 15
+ munge do |value|
+ _value = value.downcase
+ end
+ end
end
newproperty(:physdev_in, required_features: :iptables) do
diff --git a/spec/acceptance/firewall_attributes_exceptions_spec.rb b/spec/acceptance/firewall_attributes_exceptions_spec.rb
index 67e59c2..cf5f144 100644
--- a/spec/acceptance/firewall_attributes_exceptions_spec.rb
+++ b/spec/acceptance/firewall_attributes_exceptions_spec.rb
@@ -337,14 +337,14 @@ describe 'firewall basics', docker: true do
}
PUPPETCODE
it 'applies' do
- apply_manifest(pp88, catch_failures: true)
+ idempotent_apply(pp88)
end
it 'contains the rule' do
run_shell('iptables-save') do |r|
if os[:family] == 'redhat' && os[:release].start_with?('5')
expect(r.stdout).to match(%r{-A INPUT -s 10.1.5.28 -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "610 - test"})
else
- expect(r.stdout).to match(%r{-A INPUT -s 10.1.5.28\/(32|255\.255\.255\.255) -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "610 - test"})
+ expect(r.stdout).to match(%r{-A INPUT -s 10.1.5.28\/(32|255\.255\.255\.255) -p tcp -m mac --mac-source 0(a|A):1(b|B):3(c|C):4(d|D):5(e|E):6(f|F) -m comment --comment "610 - test"})
end
end
end