From 0bf0f72defc5260346717cf7c9d836342b34ebd6 Mon Sep 17 00:00:00 2001 From: James Slagle Date: Wed, 20 Apr 2016 10:11:36 -0400 Subject: Add dport/sport parameter to firewall rule The port parameter to puppetlabs-firewall is actually deprecated[1]. This adds support for using the new parameter names dport and sport. The port parameter is still retained in puppet-tripleo for backwards compatibily for anyone using that interface. It is marked deprecated in the documentation, however no deprecation warning is needed because there is already a warning from from puppetlabs-firewall. blueprint undercloud-elements Change-Id: I0598007f90018f80a3266193bb24dbf112de49b7 --- spec/classes/tripleo_firewall_spec.rb | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'spec') diff --git a/spec/classes/tripleo_firewall_spec.rb b/spec/classes/tripleo_firewall_spec.rb index aa5d1d7..27ac62a 100644 --- a/spec/classes/tripleo_firewall_spec.rb +++ b/spec/classes/tripleo_firewall_spec.rb @@ -51,7 +51,7 @@ describe 'tripleo::firewall' do :state => ['NEW'], ) is_expected.to contain_firewall('003 accept ssh').with( - :port => '22', + :dport => '22', :proto => 'tcp', :action => 'accept', :state => ['NEW'], @@ -74,7 +74,9 @@ describe 'tripleo::firewall' do :firewall_rules => { '300 add custom application 1' => {'port' => '999', 'proto' => 'udp', 'action' => 'accept'}, '301 add custom application 2' => {'port' => '8081', 'proto' => 'tcp', 'action' => 'accept'}, - '302 fwd custom cidr 1' => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'} + '302 fwd custom cidr 1' => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'}, + '303 add custom application 3' => {'dport' => '8081', 'proto' => 'tcp', 'action' => 'accept'}, + '304 add custom application 4' => {'sport' => '1000', 'proto' => 'tcp', 'action' => 'accept'} } ) end @@ -95,6 +97,18 @@ describe 'tripleo::firewall' do :chain => 'FORWARD', :destination => '192.0.2.0/24', ) + is_expected.to contain_firewall('303 add custom application 3').with( + :dport => '8081', + :proto => 'tcp', + :action => 'accept', + :state => ['NEW'], + ) + is_expected.to contain_firewall('304 add custom application 4').with( + :sport => '1000', + :proto => 'tcp', + :action => 'accept', + :state => ['NEW'], + ) end end -- cgit 1.2.3-korg