add security group tests

diff --git a/test/test-group1/100.fw b/test/test-group1/100.fw
new file mode 100644 (file)
index 0000000..bc0af4b
--- /dev/null
+++ b/test/test-group1/100.fw
@@ -0,0 +1,6 @@
+[RULES]
+
+IN ACCEPT - - - tcp 22 
+IN ACCEPT - - - tcp 80
+
+GROUP group2
\ No newline at end of file

diff --git a/test/test-group1/200.fw b/test/test-group1/200.fw
new file mode 100644 (file)
index 0000000..aa1dee8
--- /dev/null
+++ b/test/test-group1/200.fw
@@ -0,0 +1,4 @@
+[RULES]
+
+IN ACCEPT - - - tcp 22 
+IN ACCEPT - - - tcp 80

diff --git a/test/test-group1/cluster.fw b/test/test-group1/cluster.fw
new file mode 100644 (file)
index 0000000..c520a74
--- /dev/null
+++ b/test/test-group1/cluster.fw
@@ -0,0 +1,14 @@
+[OPTIONS]
+
+enable: 1
+
+[GROUP group1]
+
+IN ACCEPT 192.168.2.0/24 - tcp 22 
+IN REJECT 192.168.2.0/24 - tcp 80 
+OUT REJECT 192.168.2.0/24 - tcp 80 
+OUT REJECT - - tcp 443 
+
+[GROUP group2]
+
+IN ACCEPT 192.168.3.0/24 - tcp 22

diff --git a/test/test-group1/host.fw b/test/test-group1/host.fw
new file mode 100644 (file)
index 0000000..71d9236
--- /dev/null
+++ b/test/test-group1/host.fw
@@ -0,0 +1,7 @@
+[OPTIONS]
+
+enable: 1
+
+[RULES]
+
+GROUP group1

diff --git a/test/test-group1/tests b/test/test-group1/tests
new file mode 100644 (file)
index 0000000..d7413cc
--- /dev/null
+++ b/test/test-group1/tests
@@ -0,0 +1,8 @@
+{ from => 'host', source => '192.168.2.1', dport => 22, action => 'ACCEPT' }
+{ from => 'host', source => '192.168.2.1', dport => 443, action => 'REJECT' }
+{ from => 'host', source => '192.168.2.1', dport => 80, action => 'REJECT' }
+{ from => 'host', source => '127.0.0.1', dport => 80, action => 'ACCEPT' }
+
+{ to => 'host', source => '127.0.0.1', dport => 22, action => 'DROP' }
+{ to => 'host', source => '192.168.2.1', dport => 22, action => 'ACCEPT' }
+{ to => 'host', source => '192.168.2.1', dport => 80, action => 'REJECT' }