From ac73e4c7faad0f2f4b995803073330da8f5eda30 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Rapha=C3=ABl=20Pinson?= Date: Wed, 27 Nov 2019 14:04:20 +0100 Subject: [PATCH] Test invalid ctstate and ctdir values --- .../firewall_attributes_exceptions_spec.rb | 41 +++++++++++++++++++ 1 file changed, 41 insertions(+) diff --git a/spec/acceptance/firewall_attributes_exceptions_spec.rb b/spec/acceptance/firewall_attributes_exceptions_spec.rb index c19e1f1..fbe5cad 100644 --- a/spec/acceptance/firewall_attributes_exceptions_spec.rb +++ b/spec/acceptance/firewall_attributes_exceptions_spec.rb @@ -1338,4 +1338,45 @@ describe 'firewall basics', docker: true do expect(result.stdout).to match(%r{-A INPUT -p tcp -m hashlimit --hashlimit-upto 16\/sec --hashlimit-burst 640 --hashlimit-name upto --hashlimit-htable-size 1310000 --hashlimit-htable-max 320000 --hashlimit-htable-expire 36000000 -m comment --comment "806 - hashlimit_upto test" -j ACCEPT}) # rubocop:disable Metrics/LineLength : Cannot reduce line to required length end end + + describe 'ctstate' do + context 'when invalid value' do + pp = <<-PUPPETCODE + firewall { '004 - log_level and log_prefix': + chain => 'INPUT', + proto => 'all', + ctstate => 'foobar', + jump => 'LOG', + log_level => '3', + log_prefix => 'IPTABLES dropped invalid: ', + } + PUPPETCODE + it 'fails' do + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{ctstate}) + end + end + end + end + + describe 'ctdir' do + context 'when invalid value' do + pp = <<-PUPPETCODE + firewall { '004 - log_level and log_prefix': + chain => 'INPUT', + proto => 'all', + ctstate => 'INVALID', + ctdir => 'foobar', + jump => 'LOG', + log_level => '3', + log_prefix => 'IPTABLES dropped invalid: ', + } + PUPPETCODE + it 'fails' do + apply_manifest(pp, expect_failures: true) do |r| + expect(r.stderr).to match(%r{ctdir}) + end + end + end + end end -- 2.45.2