diff options
-rw-r--r-- | manifests/firewall/rule.pp | 11 | ||||
-rw-r--r-- | spec/classes/tripleo_firewall_spec.rb | 4 |
2 files changed, 12 insertions, 3 deletions
diff --git a/manifests/firewall/rule.pp b/manifests/firewall/rule.pp index c63162b..6801dc4 100644 --- a/manifests/firewall/rule.pp +++ b/manifests/firewall/rule.pp @@ -83,14 +83,21 @@ define tripleo::firewall::rule ( 'sport' => $sport, 'proto' => $proto, 'action' => $action, - 'state' => $state, 'source' => $source, 'iniface' => $iniface, 'chain' => $chain, 'destination' => $destination, } + if $proto != 'gre' { + $state_rule = { + 'state' => $state + } + } else { + $state_rule = {} + } + - $rule = merge($basic, $extras) + $rule = merge($basic, $state_rule, $extras) validate_hash($rule) create_resources('firewall', { "${title}" => $rule }) diff --git a/spec/classes/tripleo_firewall_spec.rb b/spec/classes/tripleo_firewall_spec.rb index 1270aa7..3116a51 100644 --- a/spec/classes/tripleo_firewall_spec.rb +++ b/spec/classes/tripleo_firewall_spec.rb @@ -76,7 +76,8 @@ describe 'tripleo::firewall' do '301 add custom application 2' => {'port' => '8081', 'proto' => 'tcp', 'action' => 'accept'}, '302 fwd custom cidr 1' => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'}, '303 add custom application 3' => {'dport' => '8081', 'proto' => 'tcp', 'action' => 'accept'}, - '304 add custom application 4' => {'sport' => '1000', 'proto' => 'tcp', 'action' => 'accept'} + '304 add custom application 4' => {'sport' => '1000', 'proto' => 'tcp', 'action' => 'accept'}, + '305 add gre rule' => {'proto' => 'gre'} } ) end @@ -109,6 +110,7 @@ describe 'tripleo::firewall' do :action => 'accept', :state => ['NEW'], ) + is_expected.to contain_firewall('305 add gre rule').without(:state) end end |