From d1436c67e5e3a52f657cec92e3a1ec64e4f7181b Mon Sep 17 00:00:00 2001
From: Hunter Haugen <hunter@puppetlabs.com>
Date: Wed, 5 Feb 2014 14:38:16 -0800
Subject: [PATCH] (MODULES-48) Parse negated rules

This adds tests mentioned in #141 and MODULES-48 to make sure that they
are covered by #267

Closes #141
---
 spec/acceptance/resource_cmd_spec.rb | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/spec/acceptance/resource_cmd_spec.rb b/spec/acceptance/resource_cmd_spec.rb
index f67c300..575fa8c 100644
--- a/spec/acceptance/resource_cmd_spec.rb
+++ b/spec/acceptance/resource_cmd_spec.rb
@@ -58,4 +58,21 @@ describe 'puppet resource firewall command:' do
       end
     end
   end
+
+  context 'accepts rules with negation' do
+    before :all do
+      iptables_flush_all_tables
+      shell('/sbin/iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p tcp -j MASQUERADE --to-ports 1024-65535')
+      shell('/sbin/iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -p udp -j MASQUERADE --to-ports 1024-65535')
+      shell('/sbin/iptables -t nat -A POSTROUTING -s 192.168.122.0/24 ! -d 192.168.122.0/24 -j MASQUERADE')
+    end
+
+    it do
+      shell('puppet resource firewall') do |r|
+        r.exit_code.should be_zero
+        # don't check stdout, testing preexisting rules, output is normal
+        r.stderr.should be_empty
+      end
+    end
+  end
 end
-- 
2.45.2