From c1bde17219c744da09ca4bd991002a41208f51af Mon Sep 17 00:00:00 2001
From: adrianiurca <adrian.iurca@gmail.com>
Date: Mon, 5 Jul 2021 13:34:49 +0300
Subject: [PATCH] mac_source is downcased by iptables

---
 lib/puppet/type/firewall.rb                            | 7 +++++++
 spec/acceptance/firewall_attributes_exceptions_spec.rb | 4 ++--
 2 files changed, 9 insertions(+), 2 deletions(-)

diff --git a/lib/puppet/type/firewall.rb b/lib/puppet/type/firewall.rb
index ba1b799..58fd41d 100644
--- a/lib/puppet/type/firewall.rb
+++ b/lib/puppet/type/firewall.rb
@@ -1850,6 +1850,13 @@ Puppet::Type.newtype(:firewall) do
       MAC Source
     PUPPETCODE
     newvalues(%r{^([0-9a-f]{2}[:]){5}([0-9a-f]{2})$}i)
+    facter_os_name = Facter.fact(:os).value['name'].downcase
+    facter_os_release = Facter.fact(:os).value['release']['major'].to_i
+    if facter_os_name == 'sles' && facter_os_release == 15
+      munge do |value|
+        _value = value.downcase
+      end
+    end
   end
 
   newproperty(:physdev_in, required_features: :iptables) do
diff --git a/spec/acceptance/firewall_attributes_exceptions_spec.rb b/spec/acceptance/firewall_attributes_exceptions_spec.rb
index 67e59c2..cf5f144 100644
--- a/spec/acceptance/firewall_attributes_exceptions_spec.rb
+++ b/spec/acceptance/firewall_attributes_exceptions_spec.rb
@@ -337,14 +337,14 @@ describe 'firewall basics', docker: true do
           }
       PUPPETCODE
       it 'applies' do
-        apply_manifest(pp88, catch_failures: true)
+        idempotent_apply(pp88)
       end
       it 'contains the rule' do
         run_shell('iptables-save') do |r|
           if os[:family] == 'redhat' && os[:release].start_with?('5')
             expect(r.stdout).to match(%r{-A INPUT -s 10.1.5.28 -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "610 - test"})
           else
-            expect(r.stdout).to match(%r{-A INPUT -s 10.1.5.28\/(32|255\.255\.255\.255) -p tcp -m mac --mac-source 0A:1B:3C:4D:5E:6F -m comment --comment "610 - test"})
+            expect(r.stdout).to match(%r{-A INPUT -s 10.1.5.28\/(32|255\.255\.255\.255) -p tcp -m mac --mac-source 0(a|A):1(b|B):3(c|C):4(d|D):5(e|E):6(f|F) -m comment --comment "610 - test"})
           end
         end
       end
-- 
2.45.2