Browse Source
import re, don't pass through None protocol & fix completely broken ip regex
tags/v0.2.0
Mike Campbell
8 years ago
3 changed files with 7 additions and 2 deletions
+ 3
- 0
_modules/ufw.py
View File
| """ | """ | ||||
| Execution module for UFW. | Execution module for UFW. | ||||
| """ | """ | ||||
| import re | |||||
| def is_enabled(): | def is_enabled(): | ||||
| cmd = 'ufw status | grep "Status: active"' | cmd = 'ufw status | grep "Status: active"' | ||||
| out = __salt__['cmd.run'](cmd, python_shell=True) | out = __salt__['cmd.run'](cmd, python_shell=True) |
+ 2
- 2
_states/ufw.py
View File
| def _resolve(host): | def _resolve(host): | ||||
| # pure IP address / netmask IPv4 or IPv6 ? | |||||
| if re.match(r'^([0-9\.](::))+(/[0-9]+)?$', host): | |||||
| # let's just see if it starts with a number or a colon, for simplicity | |||||
| if re.match(r'^[0-9:]', host): | |||||
| return | return | ||||
| return socket.gethostbyname(host) | return socket.gethostbyname(host) |
+ 2
- 0
ufw/init.sls
View File
| ufw-svc-{{service_name}}-{{from_addr}}: | ufw-svc-{{service_name}}-{{from_addr}}: | ||||
| ufw.allowed: | ufw.allowed: | ||||
| {%- if protocol != None %} | |||||
| - protocol: {{protocol}} | - protocol: {{protocol}} | ||||
| {%- endif %} | |||||
| {%- if from_addr != None %} | {%- if from_addr != None %} | ||||
| - from_addr: {{from_addr}} | - from_addr: {{from_addr}} | ||||
| {%- endif %} | {%- endif %} |
Loading…