forked from aronparsons/puppetlabs-firewall
-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathconnmark_spec.rb
More file actions
27 lines (23 loc) · 722 Bytes
/
connmark_spec.rb
File metadata and controls
27 lines (23 loc) · 722 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
require 'spec_helper_acceptance'
describe 'firewall type', :unless => UNSUPPORTED_PLATFORMS.include?(fact('osfamily')) do
describe 'connmark' do
context '50' do
it 'applies' do
pp = <<-EOS
class { '::firewall': }
firewall { '502 - test':
proto => 'all',
connmark => '0x1',
action => reject,
}
EOS
apply_manifest(pp, :catch_failures => true)
end
it 'should contain the rule' do
shell('iptables-save') do |r|
expect(r.stdout).to match(/-A INPUT -m comment --comment "502 - test" -m connmark --mark 0x1 -j REJECT --reject-with icmp-port-unreachable/)
end
end
end
end
end