inspec/test/unit/resources/ip6tables_test.rb

require "helper"
require "inspec/resource"
require "inspec/resources/ip6tables"

describe "Inspec::Resources::Ip6tables" do

  # ubuntu 14.04
  it "verify ip6tables on ubuntu" do
    resource = MockLoader.new(:ubuntu1404).load_resource("ip6tables")
    _(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal true
    _(resource.has_rule?("-P OUTPUT DROP")).must_equal false
  end

  it "verify ip6tables with comments on ubuntu" do
    resource = MockLoader.new(:ubuntu1404).load_resource("ip6tables")
    _(resource.has_rule?('-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "http-v6 like its 1990" -j ACCEPT')).must_equal true
  end

  it "verify ip6tables on windows" do
    resource = MockLoader.new(:windows).load_resource("ip6tables")
    _(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal false
    _(resource.has_rule?("-P OUTPUT DROP")).must_equal false
  end

  # undefined
  it "verify ip6tables on unsupported os" do
    resource = MockLoader.new(:undefined).load_resource("ip6tables")
    _(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal false
    _(resource.has_rule?("-P OUTPUT DROP")).must_equal false
  end

end
Add ip6tables resource This should resolve #1011 which provides an ip6tables resource to test IPv6 iptables rules. This is essentially a copy of the iptables resource with a few renames. In addition, I've pulled in the integration tests for iptables into ip6tables and enabled it on docker so that it properly gets tested regularly. The test cookbook recipe has been updated to support all of the current platforms that are being tested. Signed-off-by: Lance Albertson <lance@osuosl.org> 2019-06-23 00:35:32 +00:00			`require "helper"`
			`require "inspec/resource"`
			`require "inspec/resources/ip6tables"`

			`describe "Inspec::Resources::Ip6tables" do`

			`# ubuntu 14.04`
			`it "verify ip6tables on ubuntu" do`
			`resource = MockLoader.new(:ubuntu1404).load_resource("ip6tables")`
			`_(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal true`
			`_(resource.has_rule?("-P OUTPUT DROP")).must_equal false`
			`end`

			`it "verify ip6tables with comments on ubuntu" do`
			`resource = MockLoader.new(:ubuntu1404).load_resource("ip6tables")`
			`_(resource.has_rule?('-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "http-v6 like its 1990" -j ACCEPT')).must_equal true`
			`end`

			`it "verify ip6tables on windows" do`
			`resource = MockLoader.new(:windows).load_resource("ip6tables")`
			`_(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal false`
			`_(resource.has_rule?("-P OUTPUT DROP")).must_equal false`
			`end`

			`# undefined`
			`it "verify ip6tables on unsupported os" do`
			`resource = MockLoader.new(:undefined).load_resource("ip6tables")`
			`_(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal false`
			`_(resource.has_rule?("-P OUTPUT DROP")).must_equal false`
			`end`

			`end`