Skip to content

Commit

Permalink
Merge pull request #499 from jonnytpuppet/fix_test
Browse files Browse the repository at this point in the history 
Fix iptmodules test
  • Loading branch information
@tphoney
tphoney committed Mar 10, 2015
2 parents 22bbd8e + 5958a9b commit ff48d31
Showing 1 changed file with 6 additions and 6 deletions.
12 changes: 6 additions & 6 deletions spec/acceptance/firewall_iptmodules_spec.rb
View file
Expand Up @@ -21,7 +21,7 @@ class { '::firewall': }
dport => '8080',
action => reject,
chain => 'OUTPUT',
uid => 500,
uid => 0,
gid => 404,
src_range => "90.0.0.1-90.0.0.2",
dst_range => "100.0.0.1-100.0.0.2",
Expand All @@ -41,7 +41,7 @@ class { '::firewall': }

it 'should contain the rule' do
shell('iptables-save') do |r|
expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 90.0.0.1-90.0.0.2\s+--dst-range 100.0.0.1-100.0.0.2 -m owner --uid-owner 500 --gid-owner 404 -m multiport --dports 8080 -m addrtype --src-type LOCAL --dst-type UNICAST -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp-port-unreachable/)
expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 90.0.0.1-90.0.0.2\s+--dst-range 100.0.0.1-100.0.0.2 -m owner --uid-owner (0|root) --gid-owner 404 -m multiport --dports 8080 -m addrtype --src-type LOCAL --dst-type UNICAST -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp-port-unreachable/)
end
end
end
Expand Down Expand Up @@ -90,7 +90,7 @@ class { '::firewall': }
action => reject,
chain => 'OUTPUT',
provider => 'ip6tables',
uid => 500,
uid => 0,
gid => 404,
src_range => "2001::-2002::",
dst_range => "2003::-2004::",
Expand All @@ -110,7 +110,7 @@ class { '::firewall': }

it 'should contain the rule' do
shell('ip6tables-save') do |r|
expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 2001::-2002::\s+--dst-range 2003::-2004:: -m owner --uid-owner 500 --gid-owner 404 -m multiport --dports 8080 -m addrtype --src-type LOCAL --dst-type UNICAST -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/)
expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 2001::-2002::\s+--dst-range 2003::-2004:: -m owner --uid-owner (0|root) --gid-owner 404 -m multiport --dports 8080 -m addrtype --src-type LOCAL --dst-type UNICAST -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/)
end
end
end
Expand Down Expand Up @@ -160,7 +160,7 @@ class { '::firewall': }
action => reject,
chain => 'OUTPUT',
provider => 'ip6tables',
uid => 500,
uid => 0,
gid => 404,
src_range => "2001::-2002::",
dst_range => "2003::-2004::",
Expand All @@ -178,7 +178,7 @@ class { '::firewall': }

it 'should contain the rule' do
shell('ip6tables-save') do |r|
expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 2001::-2002::\s+--dst-range 2003::-2004:: -m owner --uid-owner 500 --gid-owner 404 -m multiport --dports 8080 -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/)
expect(r.stdout).to match(/-A OUTPUT -p tcp -m physdev\s+--physdev-in eth0 --physdev-out eth1 --physdev-is-bridged -m iprange --src-range 2001::-2002::\s+--dst-range 2003::-2004:: -m owner --uid-owner (0|root) --gid-owner 404 -m multiport --dports 8080 -m comment --comment "801 - ipt_modules tests" -j REJECT --reject-with icmp6-port-unreachable/)
end
end
end
Expand Down

0 comments on commit ff48d31

Please sign in to comment.