Sfoglia il codice sorgente

Handle test mode when adding rules

tags/v0.2.0
Alexandre Anriot 6 anni fa
parent
commit
fcc8a36a4c
2 ha cambiato i file con 13 aggiunte e 5 eliminazioni
  1. +5
    -1
      _modules/ufw.py
  2. +8
    -4
      _states/ufw.py

+ 5
- 1
_modules/ufw.py Vedi File

@@ -26,6 +26,10 @@ def set_enabled(enabled):
__salt__['cmd.run'](cmd)

def add_rule(rule):
cmd = "ufw " + rule
if __opts__['test']:
cmd = "ufw --dry-run " + rule
else:
cmd = "ufw " + rule
out = __salt__['cmd.run'](cmd, python_shell=True)
return out


+ 8
- 4
_states/ufw.py Vedi File

@@ -143,9 +143,6 @@ def allowed(name, app=None, interface=None, protocol=None,
rule = _as_rule("allow", app=app, interface=interface, protocol=protocol,
from_addr=from_addr, from_port=from_port, to_addr=to_addr, to_port=to_port, comment=comment)

if __opts__['test']:
return _test(name, "{0}: {1}".format(name, rule))

try:
out = __salt__['ufw.add_rule'](rule)
except (CommandExecutionError, CommandNotFoundError) as e:
@@ -154,10 +151,17 @@ def allowed(name, app=None, interface=None, protocol=None,
changes = False
for line in out.split('\n'):
if line.startswith("Skipping"):
continue
if __opts__['test']:
return _unchanged(name, "{0} was already allowed".format(name))
break
else:
continue
if line.startswith("Rule added") or line.startswith("Rules updated"):
changes = True
break
if __opts__['test']:
return _test(name, "{0} would have been allowed".format(name))
break
return _error(name, line)

if changes:

Loading…
Annulla
Salva