From a07d1ea0e24b756026e92d45c79ed244ac5d45e4 Mon Sep 17 00:00:00 2001 From: adrianiurca Date: Mon, 9 Aug 2021 00:21:50 +0300 Subject: [PATCH] mac_source is downcased by iptables also on debian-11 --- lib/puppet/type/firewall.rb | 2 +- spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb index 428174f..bd57ce9 100644 --- a/lib/puppet/type/firewall.rb +++ b/lib/puppet/type/firewall.rb @@ -1852,7 +1852,7 @@ Puppet::Type.newtype(:firewall) do newvalues(%r{^([0-9a-f]{2}[:]){5}([0-9a-f]{2})$}i) facter_os_name = Facter.value(:os)['name'].downcase facter_os_release = Facter.value(:os)['release']['major'].to_i - if facter_os_name == 'sles' && facter_os_release == 15 + if ['debian-11', 'sles-15'].include?("#{facter_os_name}-#{facter_os_release}") munge do |value| _value = value.downcase end diff --git a/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb b/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb index 96291e4..e2772f2 100644 --- a/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb +++ b/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb @@ -321,7 +321,7 @@ describe 'firewall attribute testing, happy path', unless: (os[:family] == 'redh expect(result.stdout).to match(%r{-A INPUT -p tcp -m iprange --dst-range 2001:db8::1-2001:db8::ff -m multiport --dports 602 -m comment --comment "602 - dst_range" -j ACCEPT}) end it 'mac_source is set' do - expect(result.stdout).to match(%r{-A INPUT -s 2001:db8::1\/(128|ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "604 - mac_source"}) + expect(result.stdout).to match(%r{-A INPUT -s 2001:db8::1\/(128|ffff:ffff:ffff:ffff:ffff:ffff:ffff:ffff) -p tcp -m mac --mac-source 0(a|A):1(b|B):3(c|C):4(d|D):5(e|E):6(f|F) -m comment --comment "604 - mac_source"}) # rubocop:disable Layout/LineLength end it 'socket when true' do expect(result.stdout).to match(%r{-A INPUT -p tcp -m multiport --dports 605 -m socket -m comment --comment "605 - socket true" -j ACCEPT}) -- 2.45.2