From a7d54646c6abb887e67f62fbdf3d49c681fc6641 Mon Sep 17 00:00:00 2001
From: adrianiurca <adrian.iurca@gmail.com>
Date: Mon, 11 Jan 2021 19:17:48 +0200
Subject: [PATCH] add acceptance test

---
 lib/puppet/type/firewall.rb                        |  6 +++++-
 .../firewall_attributes_ipv6_happy_path_spec.rb    | 14 ++++++++++++++
 2 files changed, 19 insertions(+), 1 deletion(-)

diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index e227aba..ba1b799 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -2075,7 +2075,11 @@ Puppet::Type.newtype(:firewall) do
       given as an argument.
     PUPPETCODE
     munge do |value|
-      _value = value.split('|').map { |x| x.include?('!') ? x : "|#{x.delete(' ')}|" }.join
+      _value = if value.include?('!')
+                 value.split('|').map { |x| x.include?('!') ? x : "|#{x.delete(' ')}|" }.join
+               else
+                 value.delete(' ')
+               end
     end
   end
 
diff --git a/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb b/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb
index 9db540d..96291e4 100644
--- a/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb
+++ b/spec/acceptance/firewall_attributes_ipv6_happy_path_spec.rb
@@ -272,6 +272,16 @@ describe 'firewall attribute testing, happy path', unless: (os[:family] == 'redh
           action      => accept,
           provider    => 'ip6tables',
         }
+        firewall { '500 allow v6 non-any queries':
+          chain       => 'OUTPUT',
+          proto       => 'udp',
+          dport       => '53',
+          string_hex  => '! |0000ff0001|',
+          string_algo => 'bm',
+          to          => '65535',
+          action      => 'accept',
+          provider    => 'ip6tables',
+        }
       PUPPETCODE
       idempotent_apply(pp)
     end
@@ -379,5 +389,9 @@ describe 'firewall attribute testing, happy path', unless: (os[:family] == 'redh
     it 'checks hex_string value' do
       expect(result.stdout).to match(%r{-A INPUT -p tcp -m string --hex-string "|f46d0425b202000a|" --algo kmp --to 65535 -m comment --comment "812 - hex_string" -j ACCEPT})
     end
+    it 'checks hex_string value which include negation operator' do
+      regex_string = %r{-A OUTPUT -p udp -m multiport --dports 53 -m string ! --hex-string "|0000ff0001|" --algo bm --to 65535 -m comment --comment "500 allow v6 non-any queries" -j ACCEPT}
+      expect(result.stdout).to match(regex_string)
+    end
   end
 end
-- 
2.45.2