2015-10-12 10:32:14 +02:00
|
|
|
# encoding: utf-8
|
|
|
|
|
# author: Christoph Hartmann
|
|
|
|
|
# author: Dominik Richter
|
|
|
|
|
|
|
|
|
|
require 'helper'
|
2015-10-26 04:04:18 +01:00
|
|
|
require 'inspec/resource'
|
2015-10-12 10:32:14 +02:00
|
|
|
|
2015-10-26 04:04:18 +01:00
|
|
|
describe 'Inspec::Resources::Iptables' do
|
2015-10-12 10:32:14 +02:00
|
|
|
|
|
|
|
|
# ubuntu 14.04
|
|
|
|
|
it 'verify iptables on ubuntu' do
|
|
|
|
|
resource = MockLoader.new(:ubuntu1404).load_resource('iptables')
|
|
|
|
|
_(resource.has_rule?('-P OUTPUT ACCEPT')).must_equal true
|
|
|
|
|
_(resource.has_rule?('-P OUTPUT DROP')).must_equal false
|
|
|
|
|
end
|
|
|
|
|
|
2016-02-09 16:53:25 +01:00
|
|
|
it 'verify iptables with comments on ubuntu' do
|
|
|
|
|
resource = MockLoader.new(:ubuntu1404).load_resource('iptables')
|
|
|
|
|
_(resource.has_rule?('-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "http like its 1990" -j ACCEPT')).must_equal true
|
|
|
|
|
end
|
|
|
|
|
|
2015-10-12 10:32:14 +02:00
|
|
|
it 'verify iptables on windows' do
|
|
|
|
|
resource = MockLoader.new(:windows).load_resource('iptables')
|
|
|
|
|
_(resource.has_rule?('-P OUTPUT ACCEPT')).must_equal false
|
|
|
|
|
_(resource.has_rule?('-P OUTPUT DROP')).must_equal false
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
# undefined
|
|
|
|
|
it 'verify iptables on unsupported os' do
|
|
|
|
|
resource = MockLoader.new(:undefined).load_resource('iptables')
|
|
|
|
|
_(resource.has_rule?('-P OUTPUT ACCEPT')).must_equal false
|
|
|
|
|
_(resource.has_rule?('-P OUTPUT DROP')).must_equal false
|
|
|
|
|
end
|
|
|
|
|
|
|
|
|
|
end
|
