From 37ef39d0fa1a86039b94b51c491653ea40a72f64 Mon Sep 17 00:00:00 2001 From: Jarno Keskikangas Date: Sun, 9 Mar 2014 12:55:58 +0200 Subject: [PATCH] Recognize rule changes even if ufw is in disabled state. See http://askubuntu.com/questions/30781/see-configured-rules-even-when-inactive for the details. --- library/system/ufw | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/library/system/ufw b/library/system/ufw index e343f93428..5ac20978ec 100644 --- a/library/system/ufw +++ b/library/system/ufw @@ -203,8 +203,9 @@ def main(): # Ensure ufw is available ufw_bin = module.get_bin_path('ufw', True) - # Save the pre state in order to recognize changes reliably + # Save the pre state and rules in order to recognize changes (_, pre_state, _) = module.run_command(ufw_bin + ' status verbose') + (_, pre_rules, _) = module.run_command("grep '^### tuple' /lib/ufw/user*.rules") # Execute commands for (command, value) in commands.iteritems(): @@ -244,7 +245,8 @@ def main(): # Get the new state (_, post_state, _) = module.run_command(ufw_bin + ' status verbose') - changed = pre_state != post_state + (_, post_rules, _) = module.run_command("grep '^### tuple' /lib/ufw/user*.rules") + changed = (pre_state != post_state) or (pre_rules != post_rules) return module.exit_json(changed=changed, commands=cmds, msg=post_state.rstrip())