From: Hunter Haugen <hunter@puppetlabs.com>
Date: Wed, 5 Feb 2014 22:38:16 +0000 (-0800)
Subject: (MODULES-48) Parse negated rules
X-Git-Tag: 0.5.0~4^2
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=d1436c67e5e3a52f657cec92e3a1ec64e4f7181b;p=puppet-modules%2Fpuppetlabs-firewall.git

(MODULES-48) Parse negated rules

This adds tests mentioned in #141 and MODULES-48 to make sure that they
are covered by #267

Closes #141
---

diff --git a/spec/acceptance/resource_cmd_spec.rb b/spec/acceptance/resource_cmd_spec.rb
index f67c300..575fa8c 100644
--- a/spec/acceptance/resource_cmd_spec.rb
+++ b/spec/acceptance/resource_cmd_spec.rb
@@ -58,4 +58,21 @@ describe 'puppet resource firewall command:' do
       end
     end
   end
+
+  context 'accepts rules with negation' do
+    before :all do
+      iptables_flush_all_tables
+      shell('/sbin/iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535')
+      shell('/sbin/iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535')
+      shell('/sbin/iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE')
+    end
+
+    it do
+      shell('puppet resource firewall') do |r|
+        r.exit_code.should be_zero
+        # don't check stdout, testing preexisting rules, output is normal
+        r.stderr.should be_empty
+      end
+    end
+  end
 end