From a005e3e052a4e41397e7060ad3bc8f45860e5336 Mon Sep 17 00:00:00 2001
From: James Slagle <jslagle@redhat.com>
Date: Wed, 20 Apr 2016 09:03:03 -0400
Subject: Add destination parameter to firewall rule

Specifying a destination cidr is already supported by
puppetlabs-firewall, we just need to pass through the parameter in
rule.pp in puppet-tripleo.

This will allow creating iptables rules that forward network traffic for
a given cidr via puppet-tripleo.

Change-Id: I23582a55cd97248be52f45e14de7e813ff499ff7
---
 spec/classes/tripleo_firewall_spec.rb | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'spec')

diff --git a/spec/classes/tripleo_firewall_spec.rb b/spec/classes/tripleo_firewall_spec.rb
index 7d1d1ec..aa5d1d7 100644
--- a/spec/classes/tripleo_firewall_spec.rb
+++ b/spec/classes/tripleo_firewall_spec.rb
@@ -73,7 +73,8 @@ describe 'tripleo::firewall' do
           :manage_firewall     => true,
           :firewall_rules => {
             '300 add custom application 1' => {'port' => '999', 'proto' => 'udp', 'action' => 'accept'},
-            '301 add custom application 2' => {'port' => '8081', 'proto' => 'tcp', 'action' => 'accept'}
+            '301 add custom application 2' => {'port' => '8081', 'proto' => 'tcp', 'action' => 'accept'},
+            '302 fwd custom cidr 1'        => {'chain' => 'FORWARD', 'destination' => '192.0.2.0/24'}
           }
         )
       end
@@ -90,6 +91,10 @@ describe 'tripleo::firewall' do
           :action => 'accept',
           :state  => ['NEW'],
         )
+        is_expected.to contain_firewall('302 fwd custom cidr 1').with(
+          :chain   => 'FORWARD',
+          :destination  => '192.0.2.0/24',
+        )
       end
     end
 
-- 
cgit 1.2.3-korg