import re, don't pass through None protocol & fix completely broken ip regex

_modules/ufw.py

@@ -1,6 +1,9 @@
 """
 Execution module for UFW.
 """
+
+import re
+
 def is_enabled():
     cmd = 'ufw status | grep "Status: active"'
     out = __salt__['cmd.run'](cmd, python_shell=True)

_states/ufw.py

@@ -20,8 +20,8 @@ def _changed(name, msg, **changes):
 
 
 def _resolve(host):
-    # pure IP address / netmask IPv4 or IPv6 ?
-    if re.match(r'^([0-9\.](::))+(/[0-9]+)?$', host):
+    # let's just see if it starts with a number or a colon, for simplicity
+    if re.match(r'^[0-9:]', host):
         return
 
     return socket.gethostbyname(host)

ufw/init.sls

@@ -38,7 +38,9 @@ ufw-default-outgoing:
 
 ufw-svc-{{service_name}}-{{from_addr}}:
   ufw.allowed:
+    {%- if protocol != None %}
     - protocol: {{protocol}}
+    {%- endif %}
     {%- if from_addr != None %}
     - from_addr: {{from_addr}}
     {%- endif %}