forked from chr4-cookbooks/iptables-ng
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.kitchen.yml
120 lines (108 loc) · 3.49 KB
/
.kitchen.yml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
---
driver_plugin: vagrant
driver_config:
require_chef_omnibus: true
platforms:
- name: ubuntu-13.04
driver_config:
box: opscode-ubuntu-13.04
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-13.04_provisionerless.box
- name: ubuntu-12.10
driver_config:
box: opscode-ubuntu-12.10
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-12.10_provisionerless.box
- name: ubuntu-12.04
driver_config:
box: opscode-ubuntu-12.04
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_ubuntu-12.04_provisionerless.box
- name: debian-7.1.0
driver_config:
box: opscode-debian-7.1.0
box_url: http://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_debian-7.1.0_provisionerless.box
- name: centos-6.4
driver_config:
box: opscode-centos-6.4
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_centos-6.4_provisionerless.box
- name: centos-5.9
driver_config:
box: opscode-centos-5.9
box_url: https://opscode-vm-bento.s3.amazonaws.com/vagrant/opscode_centos-5.9_provisionerless.box
suites:
- name: lwrp_chain_create_default
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_chain_create_default]
- name: lwrp_chain_create_custom
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_chain_create_custom]
- name: lwrp_chain_create_if_missing
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_chain_create_if_missing]
- name: lwrp_chain_create_empty
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_chain_create_empty]
- name: lwrp_rule_create_default
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_create_default]
- name: lwrp_rule_create_custom
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_create_custom]
- name: lwrp_rule_create_custom_chain
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_create_custom_chain]
- name: lwrp_rule_create_invalid_custom_chain
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_create_invalid_custom_chain]
- name: lwrp_rule_create_toolong_custom_chain
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_create_toolong_custom_chain]
- name: lwrp_rule_create_if_missing
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_create_if_missing]
- name: lwrp_rule_delete
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_delete]
- name: lwrp_rule_check_order
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::lwrp_rule_check_order]
- name: recipe_default
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::recipe_default]
attributes:
iptables-ng:
rules:
filter:
INPUT:
ssh:
rule: '--protocol tcp --dport 22 --match state --state NEW --jump ACCEPT'
ipv4_only:
rule: '--protocol tcp --source 1.2.3.4 --dport 123 --jump ACCEPT'
ip_version: 4
OUTPUT:
testrule:
rule: '--protocol icmp --jump ACCEPT'
FORWARD:
default: 'DROP [0:0]'
nat:
POSTROUTING:
nat_test:
rule: '--protocol tcp -j ACCEPT'
mangle:
FORWARD:
default: 'DROP [0:0]'
- name: recipe_install
run_list:
- recipe[minitest-handler]
- recipe[iptables_ng_test::recipe_install]