module Test_lokkit = let conf = "# Configuration file for system-config-firewall --enabled --port=111:tcp -p 111:udp -p 2020-2049:tcp --port=5900-5910:tcp --custom-rules=ipv4:filter:/var/lib/misc/iptables-forward-bridged -s dns --service=ssh --trust=trust1 --masq=eth42 --block-icmp=5 -t trust0 --addmodule=fancy --removemodule=broken --forward-port=if=forw0:port=42:proto=tcp:toport=42:toaddr=192.168.0.42 --selinux=permissive " test Lokkit.lns get conf = { "#comment" = "Configuration file for system-config-firewall" } { } { "enabled" } { "port" { "start" = "111" } { "protocol" = "tcp" } } { "port" { "start" = "111" } { "protocol" = "udp" } } { "port" { "start" = "2020" } { "end" = "2049" } { "protocol" = "tcp" } } { "port" { "start" = "5900" } { "end" = "5910" } { "protocol" = "tcp" } } { "custom-rules" = "/var/lib/misc/iptables-forward-bridged" { "type" = "ipv4" } { "table" = "filter" } } { "service" = "dns" } { "service" = "ssh" } { "trust" = "trust1" } { "masq" = "eth42" } { "block-icmp" = "5" } { "trust" = "trust0" } { "addmodule" = "fancy" } { "removemodule" = "broken" } { "forward-port" { "if" = "forw0" } { "port" = "42" } { "proto" = "tcp" } { "toport" = "42" } { "toaddr" = "192.168.0.42" } } { "selinux" = "permissive" } test Lokkit.custom_rules get "--custom-rules=ipv4:filter:/some/file\n" = { "custom-rules" = "/some/file" { "type" = "ipv4" } { "table" = "filter" } } test Lokkit.custom_rules get "--custom-rules=filter:/some/file\n" = { "custom-rules" = "/some/file" { "table" = "filter" } } test Lokkit.custom_rules get "--custom-rules=ipv4:/some/file\n" = { "custom-rules" = "/some/file" { "type" = "ipv4" } } test Lokkit.custom_rules get "--custom-rules=/some/file\n" = { "custom-rules" = "/some/file" } test Lokkit.lns get "--trust=tun+\n--trust=eth0.42\n--trust=eth0:1\n" = { "trust" = "tun+" } { "trust" = "eth0.42" } { "trust" = "eth0:1" } (* We didn't allow '-' in the service name *) test Lokkit.lns get "--service=samba-client\n" = { "service" = "samba-client" }