mirror of
https://github.com/ansible-collections/community.general.git
synced 2024-09-14 20:13:21 +02:00
iptables: cleanup
This commit is contained in:
parent
f1c3eb1413
commit
a928198783
1 changed files with 12 additions and 19 deletions
|
@ -51,13 +51,13 @@ options:
|
||||||
default: filter
|
default: filter
|
||||||
choices: [ "filter", "nat", "mangle", "raw", "security" ]
|
choices: [ "filter", "nat", "mangle", "raw", "security" ]
|
||||||
state:
|
state:
|
||||||
description:
|
description:
|
||||||
- Whether the rule should be absent or present.
|
- Whether the rule should be absent or present.
|
||||||
required: false
|
required: false
|
||||||
default: present
|
default: present
|
||||||
choices: [ "present", "absent" ]
|
choices: [ "present", "absent" ]
|
||||||
ip_version:
|
ip_version:
|
||||||
description:
|
description:
|
||||||
- Which version of the IP protocol this rule should apply to.
|
- Which version of the IP protocol this rule should apply to.
|
||||||
required: false
|
required: false
|
||||||
default: ipv4
|
default: ipv4
|
||||||
|
@ -236,21 +236,15 @@ def append_param(rule, param, flag, is_list):
|
||||||
if param is not None:
|
if param is not None:
|
||||||
rule.extend([flag, param])
|
rule.extend([flag, param])
|
||||||
|
|
||||||
def append_comm(rule, param):
|
|
||||||
if param:
|
def append_csv(rule, param, flag):
|
||||||
rule.extend(['-m'])
|
if param is not None:
|
||||||
rule.extend(['comment'])
|
rule.extend([flag, ','.join(param)])
|
||||||
|
|
||||||
|
|
||||||
def append_conntrack(rule, param):
|
def append_match(rule, param, match):
|
||||||
if param:
|
if param:
|
||||||
rule.extend(['-m'])
|
rule.extend(['-m', match])
|
||||||
rule.extend(['state'])
|
|
||||||
|
|
||||||
def append_limit(rule, param):
|
|
||||||
if param:
|
|
||||||
rule.extend(['-m'])
|
|
||||||
rule.extend(['limit'])
|
|
||||||
|
|
||||||
|
|
||||||
def construct_rule(params):
|
def construct_rule(params):
|
||||||
|
@ -268,12 +262,11 @@ def construct_rule(params):
|
||||||
append_param(rule, params['source_port'], '--source-port', False)
|
append_param(rule, params['source_port'], '--source-port', False)
|
||||||
append_param(rule, params['destination_port'], '--destination-port', False)
|
append_param(rule, params['destination_port'], '--destination-port', False)
|
||||||
append_param(rule, params['to_ports'], '--to-ports', False)
|
append_param(rule, params['to_ports'], '--to-ports', False)
|
||||||
append_comm(rule, params['comment'])
|
append_match(rule, params['comment'], 'comment')
|
||||||
append_param(rule, params['comment'], '--comment', False)
|
append_param(rule, params['comment'], '--comment', False)
|
||||||
if params['ctstate']:
|
append_match(rule, params['ctstate'], 'state')
|
||||||
append_conntrack(rule, params['ctstate'])
|
append_csv(rule, params['ctstate'], '--state')
|
||||||
append_param(rule, ','.join(params['ctstate']), '--state', False)
|
append_match(rule, params['limit'], 'limit')
|
||||||
append_limit(rule, params['limit'])
|
|
||||||
append_param(rule, params['limit'], '--limit', False)
|
append_param(rule, params['limit'], '--limit', False)
|
||||||
return rule
|
return rule
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue