carroarmato0/ansible.posix
1
0
Fork 0
mirror of https://github.com/ansible-collections/ansible.posix.git synced 2026-03-10 03:25:22 +01:00
Code Issues Projects Releases Packages Wiki Activity

Compare commits

base: carroarmato0:a0ef478a0975fe6d7de8e34538391c8ac4819ec1
Branches Tags
carroarmato0:main
carroarmato0:stable-2
carroarmato0:stable-1
carroarmato0:2.1.0
carroarmato0:2.0.0
carroarmato0:1.6.2
carroarmato0:1.6.1
carroarmato0:1.6.0
carroarmato0:1.5.4
carroarmato0:1.5.2
carroarmato0:1.5.1
carroarmato0:1.5.0
carroarmato0:1.4.0
carroarmato0:1.3.0
carroarmato0:1.2.0
carroarmato0:1.1.1
carroarmato0:1.1.0
carroarmato0:1.0.0
carroarmato0:0.1.3
carroarmato0:0.1.2
carroarmato0:0.1.1
...
compare: carroarmato0:9b87415d77786d914746d52cd4a2ab98e09eb32b
Branches Tags
carroarmato0:main
carroarmato0:stable-2
carroarmato0:stable-1
carroarmato0:2.1.0
carroarmato0:2.0.0
carroarmato0:1.6.2
carroarmato0:1.6.1
carroarmato0:1.6.0
carroarmato0:1.5.4
carroarmato0:1.5.2
carroarmato0:1.5.1
carroarmato0:1.5.0
carroarmato0:1.4.0
carroarmato0:1.3.0
carroarmato0:1.2.0
carroarmato0:1.1.1
carroarmato0:1.1.0
carroarmato0:1.0.0
carroarmato0:0.1.3
carroarmato0:0.1.2
carroarmato0:0.1.1

17 commits
a0ef478a09 ... 9b87415d77

Author SHA1 Message Date
Gerlof Fokkema
9b87415d77
Merge bd72a5865a into f41f08e9e3 2024-07-17 15:26:20 -07:00
softwarefactory-project-zuul[bot]
f41f08e9e3
Merge pull request #555 from Akasurde/ci_fix 
Update CI pipelines

SUMMARY
Signed-off-by: Abhijeet Kasurde akasurde@redhat.com
ISSUE TYPE

Bugfix Pull Request

Reviewed-by: Matt Clay
 2024-07-15 18:41:50 +00:00
Abhijeet Kasurde
41fc0901d9 Remove unecessary changes to CI scripts 2024-07-15 10:25:20 -07:00
Abhijeet Kasurde
738a839ce5 Remove unecessary changes to CI scripts 2024-07-15 10:22:43 -07:00
Abhijeet Kasurde
c07ebc2f9c Update Ubuntu 2404 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-15 09:40:13 -07:00
Abhijeet Kasurde
7bf56953cb Update Ubuntu 2004 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-13 08:52:46 -07:00
Abhijeet Kasurde
7b9eb8d56e Update Ubuntu 2004 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-13 08:35:59 -07:00
Abhijeet Kasurde
c29e8c213b Update Fedora 40 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-13 08:23:29 -07:00
Abhijeet Kasurde
39a9e79985 Update Ubuntu 2004 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 16:31:01 -07:00
Abhijeet Kasurde
d80fde7ea0 Update Ubuntu 2004 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 16:26:41 -07:00
Abhijeet Kasurde
271119d196 Update Ubuntu 2204 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 16:24:56 -07:00
Abhijeet Kasurde
af6b90981a Add Python version for Ubuntu and Fedora 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 16:06:40 -07:00
Abhijeet Kasurde
0ea18d208f remove RHEL9.3@3.11 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 15:58:43 -07:00
Abhijeet Kasurde
d2f1cc063a CI fixes 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 15:27:56 -07:00
Abhijeet Kasurde
55fb80cf5e CI fixes 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 15:16:36 -07:00
Abhijeet Kasurde
3bff8d22a5 Update CI pipelines 
Signed-off-by: Abhijeet Kasurde <akasurde@redhat.com>
 2024-07-12 14:43:14 -07:00
Gerlof Fokkema
bd72a5865a Firewalld: Add functionality to set forwarding. Fixes #529. 2024-06-11 16:48:16 +02:00
3 changed files with 89 additions and 58 deletions
Show stats Expand all files Collapse all files

60
.azure-pipelines/azure-pipelines.yml
View file

@ -98,19 +98,6 @@ stages:
test: sanity test: sanity
- name: Units - name: Units
test: units test: units
- stage: Sanity_2_14
displayName: Ansible 2.14 sanity
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
nameFormat: "{0}"
testFormat: 2.14/{0}
targets:
- name: Sanity
test: sanity
- name: Units
test: units
## Docker ## Docker
- stage: Docker_devel - stage: Docker_devel
displayName: Docker devel displayName: Docker devel
@ -120,12 +107,12 @@ stages:
parameters: parameters:
testFormat: devel/linux/{0}/1 testFormat: devel/linux/{0}/1
targets: targets:
- name: Fedora 39 - name: Fedora 40
test: fedora39 test: fedora40
- name: Ubuntu 20.04
test: ubuntu2004
- name: Ubuntu 22.04 - name: Ubuntu 22.04
test: ubuntu2204 test: ubuntu2204
- name: Ubuntu 24.04
test: ubuntu2404
- stage: Docker_2_17 - stage: Docker_2_17
displayName: Docker 2.17 displayName: Docker 2.17
dependsOn: [] dependsOn: []
@ -175,24 +162,6 @@ stages:
test: ubuntu2004 test: ubuntu2004
- name: Ubuntu 22.04 - name: Ubuntu 22.04
test: ubuntu2204 test: ubuntu2204
- stage: Docker_2_14
displayName: Docker 2.14
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.14/linux/{0}/1
targets:
- name: CentOS 7
test: centos7
- name: Fedora 36
test: fedora36
- name: openSUSE 15 py3
test: opensuse15
- name: Ubuntu 20.04
test: ubuntu2004
- name: Ubuntu 22.04
test: ubuntu2204
## Remote ## Remote
- stage: Remote_devel - stage: Remote_devel
@ -203,8 +172,8 @@ stages:
parameters: parameters:
testFormat: devel/{0}/1 testFormat: devel/{0}/1
targets: targets:
- name: RHEL 9.3 - name: RHEL 9.4
test: rhel/9.3 test: rhel/9.4
- name: FreeBSD 13.3 - name: FreeBSD 13.3
test: freebsd/13.3 test: freebsd/13.3
- stage: Remote_2_17 - stage: Remote_2_17
@ -250,29 +219,12 @@ stages:
test: rhel/9.1 test: rhel/9.1
- name: FreeBSD 13.2 - name: FreeBSD 13.2
test: freebsd/13.2 test: freebsd/13.2
- stage: Remote_2_14
displayName: Remote 2.14
dependsOn: []
jobs:
- template: templates/matrix.yml
parameters:
testFormat: 2.14/{0}/1
targets:
- name: RHEL 7.9
test: rhel/7.9
- name: RHEL 8.6
test: rhel/8.6
- name: FreeBSD 13.2
test: freebsd/13.2
## Finally ## Finally
- stage: Summary - stage: Summary
condition: succeededOrFailed() condition: succeededOrFailed()
dependsOn: dependsOn:
- Sanity_2_14
- Remote_2_14
- Docker_2_14
- Sanity_2_15 - Sanity_2_15
- Remote_2_15 - Remote_2_15
- Docker_2_15 - Docker_2_15

82
plugins/modules/firewalld.py
View file

@ -108,6 +108,10 @@ options:
- The amount of time in seconds the rule should be in effect for when non-permanent. - The amount of time in seconds the rule should be in effect for when non-permanent.
type: int type: int
default: 0 default: 0
forward:
description:
- The forward setting you would like to enable/disable to/from zones within firewalld.
type: str
masquerade: masquerade:
description: description:
- The masquerade setting you would like to enable/disable to/from zones within firewalld. - The masquerade setting you would like to enable/disable to/from zones within firewalld.
@ -198,6 +202,12 @@ EXAMPLES = r'''
permanent: true permanent: true
state: enabled state: enabled
- ansible.posix.firewalld:
forward: true
state: enabled
permanent: true
zone: internal
- ansible.posix.firewalld: - ansible.posix.firewalld:
masquerade: true masquerade: true
state: enabled state: enabled
@ -405,6 +415,49 @@ class ProtocolTransaction(FirewallTransaction):
self.update_fw_settings(fw_zone, fw_settings) self.update_fw_settings(fw_zone, fw_settings)
class ForwardTransaction(FirewallTransaction):
"""
ForwardTransaction
"""
def __init__(self, module, action_args=None, zone=None, desired_state=None, permanent=False, immediate=False):
super(ForwardTransaction, self).__init__(
module, action_args=action_args, desired_state=desired_state, zone=zone, permanent=permanent, immediate=immediate
)
self.enabled_msg = "Added forward to zone %s" % self.zone
self.disabled_msg = "Removed forward from zone %s" % self.zone
def get_enabled_immediate(self):
if self.fw.queryForward(self.zone) is True:
return True
else:
return False
def get_enabled_permanent(self):
fw_zone, fw_settings = self.get_fw_zone_settings()
if fw_settings.queryForward() is True:
return True
else:
return False
def set_enabled_immediate(self):
self.fw.addForward(self.zone)
def set_enabled_permanent(self):
fw_zone, fw_settings = self.get_fw_zone_settings()
fw_settings.setForward(True)
self.update_fw_settings(fw_zone, fw_settings)
def set_disabled_immediate(self):
self.fw.removeForward(self.zone)
def set_disabled_permanent(self):
fw_zone, fw_settings = self.get_fw_zone_settings()
fw_settings.setForward(False)
self.update_fw_settings(fw_zone, fw_settings)
class MasqueradeTransaction(FirewallTransaction): class MasqueradeTransaction(FirewallTransaction):
""" """
MasqueradeTransaction MasqueradeTransaction
@ -821,6 +874,7 @@ def main():
state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']), state=dict(type='str', required=True, choices=['absent', 'disabled', 'enabled', 'present']),
timeout=dict(type='int', default=0), timeout=dict(type='int', default=0),
interface=dict(type='str'), interface=dict(type='str'),
forward=dict(type='str'),
masquerade=dict(type='str'), masquerade=dict(type='str'),
offline=dict(type='bool', default=False), offline=dict(type='bool', default=False),
target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']), target=dict(type='str', choices=['default', 'ACCEPT', 'DROP', '%%REJECT%%']),
@ -833,7 +887,7 @@ def main():
), ),
mutually_exclusive=[ mutually_exclusive=[
['icmp_block', 'icmp_block_inversion', 'service', 'protocol', 'port', 'port_forward', 'rich_rule', ['icmp_block', 'icmp_block_inversion', 'service', 'protocol', 'port', 'port_forward', 'rich_rule',
'interface', 'masquerade', 'source', 'target'] 'interface', 'forward', 'masquerade', 'source', 'target']
], ],
) )
@ -842,6 +896,7 @@ def main():
immediate = module.params['immediate'] immediate = module.params['immediate']
timeout = module.params['timeout'] timeout = module.params['timeout']
interface = module.params['interface'] interface = module.params['interface']
forward = module.params['forward']
masquerade = module.params['masquerade'] masquerade = module.params['masquerade']
offline = module.params['offline'] offline = module.params['offline']
@ -905,7 +960,7 @@ def main():
modification = False modification = False
if any([icmp_block, icmp_block_inversion, service, protocol, port, port_forward, rich_rule, if any([icmp_block, icmp_block_inversion, service, protocol, port, port_forward, rich_rule,
interface, masquerade, source, target]): interface, forward, masquerade, source, target]):
modification = True modification = True
if modification and desired_state in ['absent', 'present'] and target is None: if modification and desired_state in ['absent', 'present'] and target is None:
module.fail_json( module.fail_json(
@ -1072,6 +1127,29 @@ def main():
changed, transaction_msgs = transaction.run() changed, transaction_msgs = transaction.run()
msgs = msgs + transaction_msgs msgs = msgs + transaction_msgs
if forward is not None:
# Type of forward will be changed to boolean in a future release.
forward_status = False
try:
forward_status = boolean(forward, False)
except TypeError:
module.warn('The value of the forward option is "%s". '
'The type of the option will be changed from string to boolean in a future release. '
'To avoid unexpected behavior, please change the value to boolean.' % forward)
expected_state = 'enabled' if (desired_state == 'enabled') == forward_status else 'disabled'
transaction = ForwardTransaction(
module,
action_args=(),
zone=zone,
desired_state=expected_state,
permanent=permanent,
immediate=immediate,
)
changed, transaction_msgs = transaction.run()
msgs = msgs + transaction_msgs
if masquerade is not None: if masquerade is not None:
# Type of masquerade will be changed to boolean in a future release. # Type of masquerade will be changed to boolean in a future release.
masquerade_status = True masquerade_status = True

5
tests/integration/targets/firewalld/tasks/source_test_cases.yml
View file

@ -83,5 +83,6 @@
ansible.builtin.assert: ansible.builtin.assert:
that: that:
- result is not changed - result is not changed
- "result.msg == - >
'parameters are mutually exclusive: icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|masquerade|source|target'" result.msg == 'parameters are mutually exclusive:
icmp_block|icmp_block_inversion|service|protocol|port|port_forward|rich_rule|interface|forward|masquerade|source|target'