Revert icmp_block_inversion as tests don't pass

REFERENCE.md

@@ -1198,7 +1198,7 @@ not work, and will generate an error. This is a limitation of firewalld itself,
 
 #### Examples
 
-##### Create a zone called `restricted` allowing only `echo-request` icmp types
+##### Create a zone called `restricted`
 
 ```puppet
 firewalld_zone { 'restricted':
@@ -1209,8 +1209,7 @@ firewalld_zone { 'restricted':
   purge_rich_rules     => true,
   purge_services       => true,
   purge_ports          => true,
-  icmp_blocks          => 'echo-request'
-  icmp_block_inversion => true,
+  icmp_blocks          => 'router-advertisement'
 }
 ```
 
@@ -1226,12 +1225,6 @@ The basic property that the resource should be in.
 
 Default value: `present`
 
-##### `icmp_block_inversion`
-
-Valid values: `true`, `false`
-
-Can be set to true or false, specifies whether to set icmp_block_inversion from the zone
-
 ##### `icmp_blocks`
 
 Specify the icmp-blocks for the zone. Can be a single string specifying one icmp type,

lib/puppet/provider/firewalld_zone/firewall_cmd.rb

@@ -23,7 +23,6 @@ def create
     self.sources = (@resource[:sources]) if @resource[:sources]
     self.interfaces = @resource[:interfaces]
     self.icmp_blocks = (@resource[:icmp_blocks]) if @resource[:icmp_blocks]
-    self.icmp_block_inversion = (@resource[:icmp_block_inversion]) if @resource[:icmp_block_inversion]
     self.description = (@resource[:description]) if @resource[:description]
     self.short = (@resource[:short]) if @resource[:short]
   end
@@ -156,25 +155,6 @@ def icmp_blocks=(new_icmp_blocks)
     end
   end
 
-  def icmp_block_inversion
-    if execute_firewall_cmd(['--query-icmp-block-inversion'], @resource[:name]).chomp == 'no'
-      :false
-    else
-      :true
-    end
-  end
-
-  def icmp_block_inversion=(bool)
-    case bool
-    when :true
-      debug("adding icmp block inversion for zone #{@resource[:name]}")
-      execute_firewall_cmd(['--add-icmp-block-inversion'], @resource[:name])
-    when :false
-      debug("removing icmp block inversion for zone #{@resource[:name]}")
-      execute_firewall_cmd(['--remove-icmp-block-inversion'], @resource[:name])
-    end
-  end
-
   # rubocop:disable Style/AccessorMethodName
   def get_rules
     perm = execute_firewall_cmd(['--list-rich-rules']).split(%r{\n})

lib/puppet/type/firewalld_zone.rb

@@ -19,7 +19,7 @@
     Note that setting `ensure => 'absent'` to the built in firewalld zones will
     not work, and will generate an error. This is a limitation of firewalld itself, not the module.
 
-    @example Create a zone called `restricted` allowing only `echo-request` icmp types
+    @example Create a zone called `restricted`
       firewalld_zone { 'restricted':
         ensure               => present,
         target               => '%%REJECT%%',
@@ -28,8 +28,7 @@
         purge_rich_rules     => true,
         purge_services       => true,
         purge_ports          => true,
-        icmp_blocks          => 'echo-request'
-        icmp_block_inversion => true,
+        icmp_blocks          => 'router-advertisement'
       }
   DOC
 
@@ -126,12 +125,6 @@ def insync?(is)
     end
   end
 
-  newproperty(:icmp_block_inversion) do
-    desc 'Can be set to true or false, specifies whether to set icmp_block_inversion from the zone'
-    newvalue(:true)
-    newvalue(:false)
-  end
-
   newproperty(:purge_rich_rules) do
     desc "When set to true any rich_rules associated with this zone
           that are not managed by Puppet will be removed.

spec/unit/puppet/provider/firewalld_zone_spec.rb

@@ -31,7 +31,6 @@
         resource.expects(:[]).with(:sources).returns(nil).at_least_once
         resource.expects(:[]).with(:interfaces).returns(['eth0']).at_least_once
         resource.expects(:[]).with(:icmp_blocks).returns(nil).at_least_once
-        resource.expects(:[]).with(:icmp_block_inversion).returns(false).at_least_once
         resource.expects(:[]).with(:description).returns(nil).at_least_once
         resource.expects(:[]).with(:short).returns('little description').at_least_once
         provider.expects(:execute_firewall_cmd).with(['--list-interfaces'])
@@ -51,7 +50,6 @@
         resource.expects(:[]).with(:sources).returns(nil).at_least_once
         resource.expects(:[]).with(:interfaces).returns(['eth0']).at_least_once
         resource.expects(:[]).with(:icmp_blocks).returns(nil).at_least_once
-        resource.expects(:[]).with(:icmp_block_inversion).returns(false).at_least_once
         resource.expects(:[]).with(:description).returns(nil).at_least_once
         resource.expects(:[]).with(:short).returns('little description').at_least_once
         provider.expects(:execute_firewall_cmd).with(['--list-interfaces'])

spec/unit/puppet/type/firewalld_zone_spec.rb

@@ -18,7 +18,7 @@
           end
         end
 
-        %i[target icmp_blocks icmp_block_inversion sources purge_rich_rules purge_services purge_ports].each do |param|
+        %i[target icmp_blocks sources purge_rich_rules purge_services purge_ports].each do |param|
           it "has a #{param} parameter" do
             expect(described_class.attrtype(param)).to eq(:property)
           end
@@ -37,7 +37,6 @@
           target: '%%REJECT%%',
           interfaces: ['eth0'],
           icmp_blocks: %w[redirect router-advertisment],
-          icmp_block_inversion: true,
           sources: ['192.168.2.2', '10.72.1.100']
         )
       end
@@ -70,7 +69,6 @@
         provider.expects(:execute_firewall_cmd).with(['--set-target', '%%REJECT%%'])
 
         provider.expects(:icmp_blocks=).with(%w[redirect router-advertisment])
-        provider.expects(:icmp_block_inversion=).with(:true)
 
         provider.expects(:sources).returns([])
         provider.expects(:execute_firewall_cmd).with(['--add-source', '192.168.2.2'])
@@ -120,11 +118,6 @@
         provider.sources = ['valy']
       end
 
-      it 'sets icmp_block_inversion' do
-        provider.expects(:execute_firewall_cmd).with(['--query-icmp-block-inversion'], 'restricted').returns('no')
-        provider.expects(:execute_firewall_cmd).with(['--add-icmp-block-inversion'], 'restricted')
-      end
-
       it 'gets icmp_blocks' do
         # shouldn't this list the zone?
         provider.expects(:execute_firewall_cmd).with(['--list-icmp-blocks']).returns('val')