diff options
| author | Kristopher Newsome <kristopher@corelight.com> | 2025-01-14 16:43:08 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-01-14 16:43:08 +0100 |
| commit | f727d74fc248ed29da403e5240816449f25d9836 (patch) | |
| tree | 5bdab438937602d62ed883f633c73ecf41909b8c | |
| parent | User: Update prompt for SSH key passphrase prompt (#84521) (diff) | |
| download | ansible-f727d74fc248ed29da403e5240816449f25d9836.tar.xz ansible-f727d74fc248ed29da403e5240816449f25d9836.zip | |
Allows iptables chain creation with wait parameter (#84491)
* Allows iptables chain creation with wait parameter
Fixes #84490
* Add the changelog fragment for 84490
| -rw-r--r-- | changelogs/fragments/84490-allow-iptables-chain-creation-with-wait.yml | 2 | ||||
| -rw-r--r-- | lib/ansible/modules/iptables.py | 6 | ||||
| -rw-r--r-- | test/units/modules/test_iptables.py | 8 |
3 files changed, 14 insertions, 2 deletions
diff --git a/changelogs/fragments/84490-allow-iptables-chain-creation-with-wait.yml b/changelogs/fragments/84490-allow-iptables-chain-creation-with-wait.yml new file mode 100644 index 0000000000..330c39f24f --- /dev/null +++ b/changelogs/fragments/84490-allow-iptables-chain-creation-with-wait.yml @@ -0,0 +1,2 @@ +bugfixes: + - iptables - Allows the wait paramater to be used with iptables chain creation (https://github.com/ansible/ansible/issues/84490) diff --git a/lib/ansible/modules/iptables.py b/lib/ansible/modules/iptables.py index 164b53960b..bcbd2d8ed0 100644 --- a/lib/ansible/modules/iptables.py +++ b/lib/ansible/modules/iptables.py @@ -614,7 +614,6 @@ def append_wait(rule, param, flag): def construct_rule(params): rule = [] - append_wait(rule, params['wait'], '-w') append_param(rule, params['protocol'], '-p', False) append_param(rule, params['source'], '-s', False) append_param(rule, params['destination'], '-d', False) @@ -701,6 +700,8 @@ def push_arguments(iptables_path, action, params, make_rule=True): cmd.extend([action, params['chain']]) if action == '-I' and params['rule_num']: cmd.extend([params['rule_num']]) + if params['wait']: + cmd.extend(['-w', params['wait']]) if make_rule: cmd.extend(construct_rule(params)) return cmd @@ -861,6 +862,7 @@ def main(): rule=' '.join(construct_rule(module.params)), state=module.params['state'], chain_management=module.params['chain_management'], + wait=module.params['wait'], ) ip_version = module.params['ip_version'] @@ -910,7 +912,7 @@ def main(): else: # Create the chain if there are no rule arguments - if (args['state'] == 'present') and not args['rule']: + if (args['state'] == 'present') and not args['rule'] and args['chain_management']: chain_is_present = check_chain_present( iptables_path, module, module.params ) diff --git a/test/units/modules/test_iptables.py b/test/units/modules/test_iptables.py index 2b93b4b62d..87bf3dfc33 100644 --- a/test/units/modules/test_iptables.py +++ b/test/units/modules/test_iptables.py @@ -1196,6 +1196,7 @@ def test_chain_creation(mocker): "chain": "FOOBAR", "state": "present", "chain_management": True, + "wait": 10, } ) @@ -1224,6 +1225,8 @@ def test_chain_creation(mocker): "filter", "-L", "FOOBAR", + "-w", + "10", ] second_cmd_args_list = run_command.call_args_list[1] @@ -1233,6 +1236,8 @@ def test_chain_creation(mocker): "filter", "-N", "FOOBAR", + "-w", + "10", ] commands_results = [ @@ -1257,6 +1262,7 @@ def test_chain_creation_check_mode(mocker): "chain": "FOOBAR", "state": "present", "chain_management": True, + "wait": 10, "_ansible_check_mode": True, } ) @@ -1285,6 +1291,8 @@ def test_chain_creation_check_mode(mocker): "filter", "-L", "FOOBAR", + "-w", + "10", ] commands_results = [ |