2019-06-11 22:24:35 +00:00
|
|
|
require "helper"
|
|
|
|
require "inspec/resource"
|
|
|
|
require "inspec/resources/iptables"
|
2015-10-12 08:32:14 +00:00
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
describe "Inspec::Resources::Iptables" do
|
2015-10-12 08:32:14 +00:00
|
|
|
|
|
|
|
# ubuntu 14.04
|
2019-06-11 22:24:35 +00:00
|
|
|
it "verify iptables on ubuntu" do
|
2021-09-30 08:56:43 +00:00
|
|
|
resource = MockLoader.new(:ubuntu).load_resource("iptables")
|
2019-06-11 22:24:35 +00:00
|
|
|
_(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal true
|
|
|
|
_(resource.has_rule?("-P OUTPUT DROP")).must_equal false
|
2015-10-12 08:32:14 +00:00
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "verify iptables with comments on ubuntu" do
|
2021-09-30 08:56:43 +00:00
|
|
|
resource = MockLoader.new(:ubuntu).load_resource("iptables")
|
2016-02-09 15:53:25 +00:00
|
|
|
_(resource.has_rule?('-A INPUT -i eth0 -p tcp -m tcp --dport 80 -m state --state NEW -m comment --comment "http like its 1990" -j ACCEPT')).must_equal true
|
|
|
|
end
|
|
|
|
|
2019-06-11 22:24:35 +00:00
|
|
|
it "verify iptables on windows" do
|
|
|
|
resource = MockLoader.new(:windows).load_resource("iptables")
|
|
|
|
_(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal false
|
|
|
|
_(resource.has_rule?("-P OUTPUT DROP")).must_equal false
|
2015-10-12 08:32:14 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
# undefined
|
2019-06-11 22:24:35 +00:00
|
|
|
it "verify iptables on unsupported os" do
|
|
|
|
resource = MockLoader.new(:undefined).load_resource("iptables")
|
|
|
|
_(resource.has_rule?("-P OUTPUT ACCEPT")).must_equal false
|
|
|
|
_(resource.has_rule?("-P OUTPUT DROP")).must_equal false
|
2015-10-12 08:32:14 +00:00
|
|
|
end
|
|
|
|
|
|
|
|
end
|