/test/integration/default/serverspec/windows_spec.rb

https://github.com/chef-cookbooks/firewall · Ruby · 30 lines · 26 code · 3 blank · 1 comment · 0 complexity · 61bc16393e5f44ce6c1f7fbb73de1e4e MD5 · raw file 

    

  1. # these tests only for windows
    2. 

  2. require 'spec_helper'
    3. 

  3. 

  4. expected_rules = [
    5. 

  5.   /firewall add rule name="prepend" description="prepend" dir=in protocol=tcp localip=any localport=7788 interfacetype=any remoteip=any remoteport=any action=allow/,
    6. 

  6.   /firewall add rule name="block-192.168.99.99" description="block-192.168.99.99" dir=in protocol=tcp localip=any localport=any interfacetype=any remoteip=192.168.99.99 remoteport=any action=block/,
    7. 

  7.   /firewall add rule name="allow world to winrm" description="allow world to winrm" dir=in protocol=tcp localip=any localport=5989 interfacetype=any remoteip=any remoteport=any action=allow/,
    8. 

  8.   /firewall add rule name="ssh22" description="ssh22" dir=in protocol=tcp localip=any localport=22 interfacetype=any remoteip=any remoteport=any action=allow/,
    9. 

  9.   /firewall add rule name="ssh2222" description="ssh2222" dir=in protocol=tcp localip=any localport=2200,2222 interfacetype=any remoteip=any remoteport=any action=allow/,
    10. 

  10.   /firewall add rule name="temp1" description="temp1" dir=in protocol=tcp localip=any localport=1234 interfacetype=any remoteip=any remoteport=any action=block/,
    11. 

  11.   /firewall add rule name="temp2" description="temp2" dir=in protocol=tcp localip=any localport=1235 interfacetype=any remoteip=any remoteport=any action=block/,
    12. 

  12.   /firewall add rule name="addremove2" description="addremove2" dir=in protocol=tcp localip=any localport=1236 interfacetype=any remoteip=any remoteport=any action=block/,
    13. 

  13.   /firewall add rule name="duplicate0" description="same comment" dir=in protocol=tcp localip=any localport=1111 interfacetype=any remoteip=any remoteport=any action=allow/,
    14. 

  14.   /firewall add rule name="duplicate0" description="same comment" dir=in protocol=tcp localip=any localport=5431,5432 interfacetype=any remoteip=any remoteport=any action=allow/,
    15. 

  15.   /firewall add rule name="duplicate1" description="same comment" dir=in protocol=tcp localip=any localport=1111 interfacetype=any remoteip=any remoteport=any action=allow/,
    16. 

  16.   /firewall add rule name="duplicate1" description="same comment" dir=in protocol=tcp localip=any localport=5431,5432 interfacetype=any remoteip=any remoteport=any action=allow/,
    17. 

  17.   /firewall add rule name="ipv6-source" description="ipv6-source" dir=in protocol=tcp localip=any localport=80 interfacetype=any remoteip=2001:db8::ff00:42:8329 remoteport=any action=allow/,
    18. 

  18.   /firewall add rule name="range" description="range" dir=in protocol=tcp localip=any localport=1000-1100 interfacetype=any remoteip=any remoteport=any action=allow/,
    19. 

  19.   /firewall add rule name="array" description="array" dir=in protocol=tcp localip=any localport=1234,5000-5100,5678 interfacetype=any remoteip=any remoteport=any action=allow/,
    20. 

  20. ]
    21. 

  21. 

  22. describe file("#{ENV['HOME']}/windows-chef.rules"), if: windows? do
    23. 

  23.   expected_rules.each do |r|
    24. 

  24.     its(:content) { should match(r) }
    25. 

  25.   end
    26. 

  26. end
    27. 

  27. 

  28. describe command('netsh advfirewall show currentprofile firewallpolicy | findstr "Firewall Policy"'), if: windows? do
    29. 

  29.   its(:stdout) { should match('BlockInbound,AllowOutbound') }
    30. 

  30. end
    31.