2 changed files with 47 additions and 35 deletions
@ -1,31 +1,33 @@
|
||||
describe iptables do |
||||
it { should have_rule "-A DOCKER-USER -p udp -m set --match-set management-ipv4 src -m udp --dport 3478 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 6789 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 8843 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 8880 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 1883 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 1884 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 8443 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 9090 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set minions-ipv4 src -m tcp --dport 9001 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4883 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4884 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 8080 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p udp -m set --match-set management-ipv4 src -m udp --dport 3478 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 6789 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 8843 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 8880 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 1883 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 1884 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 8443 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv4 src -m tcp --dport 9090 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set minions-ipv4 src -m tcp --dport 9001 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4883 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4884 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 8080 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -j DROP" } |
||||
it { should_not have_rule "-A DOCKER-USER -j RETURN" } |
||||
end |
||||
|
||||
describe ip6tables do |
||||
it { should have_rule "-A DOCKER-USER -p udp -m set --match-set management-ipv6 src -m udp --dport 3478 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 6789 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 8843 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 8880 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 8443 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 9090 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 1884 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 1883 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set minions-ipv6 src -m tcp --dport 9001 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4884 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4883 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 8080 -j ACCEPT" } |
||||
it { should have_rule "-A DOCKER-USER -p udp -m set --match-set management-ipv6 src -m udp --dport 3478 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 6789 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 8843 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 8880 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 8443 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 9090 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 1884 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set management-ipv6 src -m tcp --dport 1883 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m set --match-set minions-ipv6 src -m tcp --dport 9001 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4884 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 4883 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -p tcp -m tcp --dport 8080 -j RETURN" } |
||||
it { should have_rule "-A DOCKER-USER -j DROP" } |
||||
it { should_not have_rule "-A DOCKER-USER -j RETURN" } |
||||
end |
Loading…
Reference in new issue