/test/cookbooks/iptables_ng_test/files/default/tests/minitest/lwrp_chain_create_default_test.rb
Ruby | 22 lines | 17 code | 5 blank | 0 comment | 2 complexity | 1f8a1d0964f92e4b4f6412512b8d0221 MD5 | raw file
- require File.expand_path('../support/helpers', __FILE__)
- describe 'iptables-ng::lwrp_chain_create_default' do
- include Helpers::TestHelpers
- it 'should set default FORWARD policy to DROP' do
- file('/etc/iptables.d/filter/FORWARD/default').must_include('DROP [0:0]')
- end
- it 'should enable iptables serices' do
- service(node['iptables-ng']['service_ipv4']).must_be_enabled if node['iptables-ng']['service_ipv4']
- service(node['iptables-ng']['service_ipv6']).must_be_enabled if node['iptables-ng']['service_ipv6']
- end
- it 'should apply the specified iptables rules' do
- ipv4 = shell_out('iptables -L -n')
- ipv4.stdout.must_include('Chain FORWARD (policy DROP)')
- ipv6 = shell_out('ip6tables -L -n')
- ipv6.stdout.must_include('Chain FORWARD (policy DROP)')
- end
- end