From 15181eb3e89dc6667d6393eaa232c18c4434a4f9 Mon Sep 17 00:00:00 2001
From: Dan Carley <dan.carley@gmail.com>
Date: Tue, 12 Jun 2012 08:17:11 +0100
Subject: [PATCH] (#14755) Stub iptables facts for set_mark tests

Tests both paths of new set_mark code for IPtables 1.3.2 and 1.4.2

Also allows these tests to run independently of the version of IPtables on
the host machine, if any at all.
---
 spec/unit/puppet/type/firewall_spec.rb | 99 +++++++++++++++++---------
 1 file changed, 67 insertions(+), 32 deletions(-)

diff --git a/spec/unit/puppet/type/firewall_spec.rb b/spec/unit/puppet/type/firewall_spec.rb
index 137b199d1..2704e304b 100755
--- a/spec/unit/puppet/type/firewall_spec.rb
+++ b/spec/unit/puppet/type/firewall_spec.rb
@@ -309,40 +309,75 @@
   end
 
   describe ':set_mark' do
-    it 'should allow me to set set-mark' do
-      @resource[:set_mark] = '0x3e8/0xffffffff'
-      @resource[:set_mark].should == '0x3e8/0xffffffff'
-    end
-    it 'should convert int to hex and add a 32 bit mask' do
-      @resource[:set_mark] = '1000'
-      @resource[:set_mark].should == '0x3e8/0xffffffff'
-    end
-    it 'should add a 32 bit mask' do
-      @resource[:set_mark] = '0x32'
-      @resource[:set_mark].should == '0x32/0xffffffff'
-    end
-    it 'should use the mask provided' do
-      @resource[:set_mark] = '0x32/0x4'
-      @resource[:set_mark].should == '0x32/0x4'
-    end
-    it 'should use the mask provided and convert int to hex' do
-      @resource[:set_mark] = '1000/0x4'
-      @resource[:set_mark].should == '0x3e8/0x4'
-    end
-    ['/', '1000/', 'pwnie'].each do |bad_mark|
-      it "should fail with malformed mark '#{bad_mark}'" do
-        lambda { @resource[:set_mark] = bad_mark}.should raise_error(Puppet::Error)
+    ['1.3.2', '1.4.2'].each do |iptables_version|
+      describe "with iptables #{iptables_version}" do
+        before {
+          Facter.clear
+          Facter.fact(:iptables_version).stubs(:value).returns(iptables_version)
+          Facter.fact(:ip6tables_version).stubs(:value).returns(iptables_version)
+        }
+
+        if iptables_version == '1.3.2'
+          it 'should allow me to set set-mark without mask' do
+            @resource[:set_mark] = '0x3e8'
+            @resource[:set_mark].should == '0x3e8'
+          end
+          it 'should convert int to hex without mask' do
+            @resource[:set_mark] = '1000'
+            @resource[:set_mark].should == '0x3e8'
+          end
+          it 'should fail if mask is present' do
+            lambda { @resource[:set_mark] = '0x3e8/0xffffffff'}.should raise_error(
+              Puppet::Error, /iptables version #{iptables_version} does not support masks on MARK rules$/
+            )
+          end
+        end
+
+        if iptables_version == '1.4.2'
+          it 'should allow me to set set-mark with mask' do
+            @resource[:set_mark] = '0x3e8/0xffffffff'
+            @resource[:set_mark].should == '0x3e8/0xffffffff'
+          end
+          it 'should convert int to hex and add a 32 bit mask' do
+            @resource[:set_mark] = '1000'
+            @resource[:set_mark].should == '0x3e8/0xffffffff'
+          end
+          it 'should add a 32 bit mask' do
+            @resource[:set_mark] = '0x32'
+            @resource[:set_mark].should == '0x32/0xffffffff'
+          end
+          it 'should use the mask provided' do
+            @resource[:set_mark] = '0x32/0x4'
+            @resource[:set_mark].should == '0x32/0x4'
+          end
+          it 'should use the mask provided and convert int to hex' do
+            @resource[:set_mark] = '1000/0x4'
+            @resource[:set_mark].should == '0x3e8/0x4'
+          end
+          it 'should fail if mask value is more than 32 bits' do
+            lambda { @resource[:set_mark] = '1/4294967296'}.should raise_error(
+              Puppet::Error, /MARK mask must be integer or hex between 0 and 0xffffffff$/
+            )
+          end
+          it 'should fail if mask is malformed' do
+            lambda { @resource[:set_mark] = '1000/0xq4'}.should raise_error(
+              Puppet::Error, /MARK mask must be integer or hex between 0 and 0xffffffff$/
+            )
+          end
+        end
+
+        ['/', '1000/', 'pwnie'].each do |bad_mark|
+          it "should fail with malformed mark '#{bad_mark}'" do
+            lambda { @resource[:set_mark] = bad_mark}.should raise_error(Puppet::Error)
+          end
+        end
+        it 'should fail if mark value is more than 32 bits' do
+          lambda { @resource[:set_mark] = '4294967296'}.should raise_error(
+            Puppet::Error, /MARK value must be integer or hex between 0 and 0xffffffff$/
+          )
+        end
       end
     end
-    it 'should fail if mask is malformed' do
-      lambda { @resource[:set_mark] = '1000/0xq4'}.should raise_error(Puppet::Error)
-    end
-    it 'should fail if mark value is more than 32 bits' do
-      lambda { @resource[:set_mark] = '4294967296'}.should raise_error(Puppet::Error)
-    end
-    it 'should fail if mask value is more than 32 bits' do
-      lambda { @resource[:set_mark] = '1/4294967296'}.should raise_error(Puppet::Error)
-    end
   end
 
   [:chain, :jump].each do |param|