1 files changed, 217 insertions, 0 deletions

diff --git a/tests/integration/targets/vyos_firewall_global/vars/main.yaml b/tests/integration/targets/vyos_firewall_global/vars/main.yaml
new file mode 100644
index 0000000..4a1e7a8
--- /dev/null
+++ b/tests/integration/targets/vyos_firewall_global/vars/main.yaml
@@ -0,0 +1,217 @@
+---
+merged:
+  before: []
+  commands:
+    - set firewall group address-group MGMT-HOSTS address 192.0.1.1
+    - set firewall group address-group MGMT-HOSTS address 192.0.1.3
+    - set firewall group address-group MGMT-HOSTS address 192.0.1.5
+    - set firewall group address-group MGMT-HOSTS description 'This group has the
+      Management hosts address list'
+    - set firewall group address-group MGMT-HOSTS
+    - set firewall group network-group MGMT network 192.0.1.0/24
+    - set firewall group network-group MGMT description 'This group has the Management
+      network addresses'
+    - set firewall group network-group MGMT
+    - set firewall ip-src-route 'enable'
+    - set firewall receive-redirects 'disable'
+    - set firewall send-redirects 'enable'
+    - set firewall config-trap 'enable'
+    - set firewall state-policy established action 'accept'
+    - set firewall state-policy established log 'enable'
+    - set firewall state-policy invalid action 'reject'
+    - set firewall broadcast-ping 'enable'
+    - set firewall all-ping 'enable'
+    - set firewall log-martians 'enable'
+    - set firewall twa-hazards-protection 'enable'
+    - set firewall syn-cookies 'enable'
+    - set firewall source-validation 'strict'
+  after:
+    config_trap: true
+    group:
+      address_group:
+        - members:
+            - address: 192.0.1.1
+            - address: 192.0.1.3
+            - address: 192.0.1.5
+          description: This group has the Management hosts address list
+          name: MGMT-HOSTS
+      network_group:
+        - members:
+            - address: 192.0.1.0/24
+          description: This group has the Management network addresses
+          name: MGMT
+    log_martians: true
+    ping:
+      all: true
+      broadcast: true
+    route_redirects:
+      - afi: ipv4
+        icmp_redirects:
+          receive: false
+          send: true
+        ip_src_route: true
+    syn_cookies: true
+    state_policy:
+      - action: accept
+        connection_type: established
+        log: true
+      - action: reject
+        connection_type: invalid
+    twa_hazards_protection: true
+    validation: strict
+populate:
+  validation: strict
+  config_trap: true
+  log_martians: true
+  syn_cookies: true
+  twa_hazards_protection: true
+  ping:
+    all: true
+    broadcast: true
+  state_policy:
+    - connection_type: established
+      action: accept
+      log: true
+    - connection_type: invalid
+      action: reject
+  route_redirects:
+    - afi: ipv4
+      ip_src_route: true
+      icmp_redirects:
+        send: true
+        receive: false
+  group:
+    address_group:
+      - name: MGMT-HOSTS
+        description: This group has the Management hosts address list
+        members:
+          - address: 192.0.1.1
+          - address: 192.0.1.3
+          - address: 192.0.1.5
+    network_group:
+      - name: MGMT
+        description: This group has the Management network addresses
+        members:
+          - address: 192.0.1.0/24
+replaced:
+  commands:
+    - delete firewall group address-group MGMT-HOSTS
+    - set firewall group address-group SALES-HOSTS address 192.0.2.1
+    - set firewall group address-group SALES-HOSTS address 192.0.2.2
+    - set firewall group address-group SALES-HOSTS address 192.0.2.3
+    - set firewall group address-group SALES-HOSTS description 'Sales office hosts
+      address list'
+    - set firewall group address-group SALES-HOSTS
+    - set firewall group address-group ENG-HOSTS address 192.0.3.1
+    - set firewall group address-group ENG-HOSTS address 192.0.3.2
+    - set firewall group address-group ENG-HOSTS description 'Sales office hosts address
+      list'
+    - set firewall group address-group ENG-HOSTS
+  after:
+    config_trap: true
+    group:
+      address_group:
+        - members:
+            - address: 192.0.3.1
+            - address: 192.0.3.2
+          description: Sales office hosts address list
+          name: ENG-HOSTS
+        - members:
+            - address: 192.0.2.1
+            - address: 192.0.2.2
+            - address: 192.0.2.3
+          description: Sales office hosts address list
+          name: SALES-HOSTS
+      network_group:
+        - members:
+            - address: 192.0.1.0/24
+          description: This group has the Management network addresses
+          name: MGMT
+    log_martians: true
+    ping:
+      all: true
+      broadcast: true
+    route_redirects:
+      - afi: ipv4
+        icmp_redirects:
+          receive: false
+          send: true
+        ip_src_route: true
+    state_policy:
+      - action: accept
+        connection_type: established
+        log: true
+      - action: reject
+        connection_type: invalid
+    syn_cookies: true
+    twa_hazards_protection: true
+    validation: strict
+rendered:
+  commands:
+    - set firewall group address-group SALES-HOSTS address 192.0.2.1
+    - set firewall group address-group SALES-HOSTS address 192.0.2.2
+    - set firewall group address-group SALES-HOSTS address 192.0.2.3
+    - set firewall group address-group SALES-HOSTS description 'Sales office hosts
+      address list'
+    - set firewall group address-group SALES-HOSTS
+    - set firewall group address-group ENG-HOSTS address 192.0.3.1
+    - set firewall group address-group ENG-HOSTS address 192.0.3.2
+    - set firewall group address-group ENG-HOSTS description 'Sales office hosts address
+      list'
+    - set firewall group address-group ENG-HOSTS
+    - set firewall group network-group MGMT network 192.0.1.0/24
+    - set firewall group network-group MGMT description 'This group has the Management
+      network addresses'
+    - set firewall group network-group MGMT
+    - set firewall ip-src-route 'enable'
+    - set firewall receive-redirects 'disable'
+    - set firewall send-redirects 'enable'
+    - set firewall config-trap 'enable'
+    - set firewall state-policy established action 'accept'
+    - set firewall state-policy established log 'enable'
+    - set firewall state-policy invalid action 'reject'
+    - set firewall broadcast-ping 'enable'
+    - set firewall all-ping 'enable'
+    - set firewall log-martians 'enable'
+    - set firewall twa-hazards-protection 'enable'
+    - set firewall syn-cookies 'enable'
+    - set firewall source-validation 'strict'
+deleted:
+  commands:
+    - 'delete firewall '
+  after: []
+round_trip:
+  after:
+    validation: strict
+    config_trap: false
+    log_martians: false
+    syn_cookies: false
+    twa_hazards_protection: false
+    ping:
+      all: false
+      broadcast: false
+    state_policy:
+      - connection_type: established
+        action: accept
+        log: true
+      - connection_type: invalid
+        action: reject
+    route_redirects:
+      - afi: ipv4
+        ip_src_route: true
+        icmp_redirects:
+          send: true
+          receive: false
+    group:
+      address_group:
+        - name: MGMT-HOSTS
+          description: This group has the Management hosts address list
+          members:
+            - address: 192.0.1.1
+            - address: 192.0.1.3
+            - address: 192.0.1.5
+      network_group:
+        - name: MGMT
+          description: This group has the Management network addresses
+          members:
+            - address: 192.0.1.0/24