def test_ensure_common_chain(): with mock.patch.object(iptables, 'ensure_chain', autospec=True) as m: firewall._ensure_common_chain() call, = m.call_args_list args, _ = call assert args[0] == 'PAASTA-COMMON' assert args[1] == ( EMPTY_RULE._replace( target='ACCEPT', matches=( ('conntrack', (('ctstate', ('ESTABLISHED',)),)), ), ), EMPTY_RULE._replace( dst='169.254.255.254/255.255.255.255', target='ACCEPT', protocol='tcp', matches=( ('comment', (('comment', ('scribed',)),)), ('tcp', (('dport', ('1463',)),)), ), ), EMPTY_RULE._replace( dst='169.254.255.254/255.255.255.255', target='ACCEPT', protocol='udp', matches=( ('comment', (('comment', ('metrics-relay',)),)), ('udp', (('dport', ('8125',)),)), ), ), EMPTY_RULE._replace( dst='169.254.255.254/255.255.255.255', target='ACCEPT', protocol='tcp', matches=( ('comment', (('comment', ('sensu',)),)), ('tcp', (('dport', ('3030',)),)), ), ), EMPTY_RULE._replace(target='PAASTA-DNS'), )
def test_ensure_common_chain(): with mock.patch.object(iptables, "ensure_chain", autospec=True) as m: firewall._ensure_common_chain() (call, ) = m.call_args_list args, _ = call assert args[0] == "PAASTA-COMMON" assert args[1] == ( EMPTY_RULE._replace(target="ACCEPT", matches=(("conntrack", (("ctstate", ("ESTABLISHED", )), )), )), EMPTY_RULE._replace( dst="169.254.255.254/255.255.255.255", target="ACCEPT", protocol="tcp", matches=( ("comment", (("comment", ("scribed", )), )), ("tcp", (("dport", ("1463", )), )), ), ), EMPTY_RULE._replace( dst="169.254.255.254/255.255.255.255", target="ACCEPT", protocol="udp", matches=( ("comment", (("comment", ("metrics-relay", )), )), ("udp", (("dport", ("8125", )), )), ), ), EMPTY_RULE._replace( dst="169.254.255.254/255.255.255.255", target="ACCEPT", protocol="tcp", matches=( ("comment", (("comment", ("sensu", )), )), ("tcp", (("dport", ("3030", )), )), ), ), EMPTY_RULE._replace(target="PAASTA-DNS"), )