89 lines
2.1 KiB
Plaintext
89 lines
2.1 KiB
Plaintext
|
module Test_lokkit =
|
||
|
|
||
|
let conf = "# Configuration file for system-config-firewall
|
||
|
|
||
|
--enabled
|
||
|
--port=111:tcp
|
||
|
-p 111:udp
|
||
|
-p 2020-2049:tcp
|
||
|
--port=5900-5910:tcp
|
||
|
--custom-rules=ipv4:filter:/var/lib/misc/iptables-forward-bridged
|
||
|
-s dns
|
||
|
--service=ssh
|
||
|
--trust=trust1
|
||
|
--masq=eth42
|
||
|
--block-icmp=5
|
||
|
-t trust0
|
||
|
--addmodule=fancy
|
||
|
--removemodule=broken
|
||
|
--forward-port=if=forw0:port=42:proto=tcp:toport=42:toaddr=192.168.0.42
|
||
|
--selinux=permissive
|
||
|
"
|
||
|
|
||
|
test Lokkit.lns get conf =
|
||
|
{ "#comment" = "Configuration file for system-config-firewall" }
|
||
|
{ }
|
||
|
{ "enabled" }
|
||
|
{ "port"
|
||
|
{ "start" = "111" }
|
||
|
{ "protocol" = "tcp" } }
|
||
|
{ "port"
|
||
|
{ "start" = "111" }
|
||
|
{ "protocol" = "udp" } }
|
||
|
{ "port"
|
||
|
{ "start" = "2020" }
|
||
|
{ "end" = "2049" }
|
||
|
{ "protocol" = "tcp" } }
|
||
|
{ "port"
|
||
|
{ "start" = "5900" }
|
||
|
{ "end" = "5910" }
|
||
|
{ "protocol" = "tcp" } }
|
||
|
{ "custom-rules" = "/var/lib/misc/iptables-forward-bridged"
|
||
|
{ "type" = "ipv4" }
|
||
|
{ "table" = "filter" } }
|
||
|
{ "service" = "dns" }
|
||
|
{ "service" = "ssh" }
|
||
|
{ "trust" = "trust1" }
|
||
|
{ "masq" = "eth42" }
|
||
|
{ "block-icmp" = "5" }
|
||
|
{ "trust" = "trust0" }
|
||
|
{ "addmodule" = "fancy" }
|
||
|
{ "removemodule" = "broken" }
|
||
|
{ "forward-port"
|
||
|
{ "if" = "forw0" }
|
||
|
{ "port" = "42" }
|
||
|
{ "proto" = "tcp" }
|
||
|
{ "toport" = "42" }
|
||
|
{ "toaddr" = "192.168.0.42" } }
|
||
|
{ "selinux" = "permissive" }
|
||
|
|
||
|
test Lokkit.custom_rules get
|
||
|
"--custom-rules=ipv4:filter:/some/file\n" =
|
||
|
{ "custom-rules" = "/some/file"
|
||
|
{ "type" = "ipv4" }
|
||
|
{ "table" = "filter" } }
|
||
|
|
||
|
test Lokkit.custom_rules get
|
||
|
"--custom-rules=filter:/some/file\n" =
|
||
|
{ "custom-rules" = "/some/file"
|
||
|
{ "table" = "filter" } }
|
||
|
|
||
|
test Lokkit.custom_rules get
|
||
|
"--custom-rules=ipv4:/some/file\n" =
|
||
|
{ "custom-rules" = "/some/file"
|
||
|
{ "type" = "ipv4" } }
|
||
|
|
||
|
test Lokkit.custom_rules get
|
||
|
"--custom-rules=/some/file\n" =
|
||
|
{ "custom-rules" = "/some/file" }
|
||
|
|
||
|
test Lokkit.lns get
|
||
|
"--trust=tun+\n--trust=eth0.42\n--trust=eth0:1\n" =
|
||
|
{ "trust" = "tun+" }
|
||
|
{ "trust" = "eth0.42" }
|
||
|
{ "trust" = "eth0:1" }
|
||
|
|
||
|
(* We didn't allow '-' in the service name *)
|
||
|
test Lokkit.lns get "--service=samba-client\n" =
|
||
|
{ "service" = "samba-client" }
|