diff options
| author | Gaige B Paulsen <gaige@cluetrust.com> | 2025-02-01 19:27:36 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2025-02-01 19:27:36 -0500 |
| commit | 8b52367a05885ad11f3aae41f2e1228261d8db7e (patch) | |
| tree | aea7bad8626b8530821a3457d175dfb1311d60d9 | |
| parent | 5e12a15b2ed6dfa4cc598153b00d240bf64d6fa2 (diff) | |
| parent | 563ee2480aeb3378ea05e1bed4d042afeb9b6e69 (diff) | |
| download | vyos.vyos-dependabot/github_actions/actions/setup-python-5.tar.gz vyos.vyos-dependabot/github_actions/actions/setup-python-5.zip | |
Merge branch 'main' into dependabot/github_actions/actions/setup-python-5dependabot/github_actions/actions/setup-python-5
10 files changed, 41 insertions, 153 deletions
@@ -1 +1 @@ -* @vyos/ansible-collection-maintainers
\ No newline at end of file +* @vyos/vyos-ansible-collection-maintainers diff --git a/changelogs/fragments/T6833_fw_rules_limit.yaml b/changelogs/fragments/T6833_fw_rules_limit.yaml new file mode 100644 index 00000000..332001bd --- /dev/null +++ b/changelogs/fragments/T6833_fw_rules_limit.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: + - firewall_rules - Fix limit parameter processing diff --git a/changelogs/fragments/T7015_static_routes_integration_tests.yaml b/changelogs/fragments/T7015_static_routes_integration_tests.yaml new file mode 100644 index 00000000..001c9294 --- /dev/null +++ b/changelogs/fragments/T7015_static_routes_integration_tests.yaml @@ -0,0 +1,3 @@ +--- +minor_changes: + - static_routes - Fixed for v1.3- and 1.4+ diff --git a/changelogs/fragments/T7083_firewall_rules.yml b/changelogs/fragments/T7083_firewall_rules.yml new file mode 100644 index 00000000..412b3abf --- /dev/null +++ b/changelogs/fragments/T7083_firewall_rules.yml @@ -0,0 +1,3 @@ +--- +breaking_changes: + - firewall_rules - p2p -> the code and the corresponding documentation and configuration should be removed as deprecated since 1.2 diff --git a/docs/vyos.vyos.vyos_firewall_rules_module.rst b/docs/vyos.vyos.vyos_firewall_rules_module.rst index 97f8b5e9..75536b89 100644 --- a/docs/vyos.vyos.vyos_firewall_rules_module.rst +++ b/docs/vyos.vyos.vyos_firewall_rules_module.rst @@ -898,54 +898,6 @@ Parameters <td class="elbow-placeholder"></td> <td colspan="3"> <div class="ansibleOptionAnchor" id="parameter-"></div> - <b>p2p</b> - <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> - <div style="font-size: small"> - <span style="color: purple">list</span> - / <span style="color: purple">elements=dictionary</span> - </div> - </td> - <td> - </td> - <td> - <div>P2P application packets.</div> - </td> - </tr> - <tr> - <td class="elbow-placeholder"></td> - <td class="elbow-placeholder"></td> - <td class="elbow-placeholder"></td> - <td class="elbow-placeholder"></td> - <td colspan="2"> - <div class="ansibleOptionAnchor" id="parameter-"></div> - <b>application</b> - <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> - <div style="font-size: small"> - <span style="color: purple">string</span> - </div> - </td> - <td> - <ul style="margin: 0; padding: 0"><b>Choices:</b> - <li>all</li> - <li>applejuice</li> - <li>bittorrent</li> - <li>directconnect</li> - <li>edonkey</li> - <li>gnutella</li> - <li>kazaa</li> - </ul> - </td> - <td> - <div>Name of the application.</div> - </td> - </tr> - - <tr> - <td class="elbow-placeholder"></td> - <td class="elbow-placeholder"></td> - <td class="elbow-placeholder"></td> - <td colspan="3"> - <div class="ansibleOptionAnchor" id="parameter-"></div> <b>packet_length</b> <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a> <div style="font-size: small"> diff --git a/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py index 74fa9c12..6ae17585 100644 --- a/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py +++ b/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py @@ -217,24 +217,6 @@ class Firewall_rulesArgs(object): # pylint: disable=R0903 }, "type": "dict", }, - "p2p": { - "elements": "dict", - "options": { - "application": { - "choices": [ - "all", - "applejuice", - "bittorrent", - "directconnect", - "edonkey", - "gnutella", - "kazaa", - ], - "type": "str", - }, - }, - "type": "list", - }, "packet_length": { "elements": "dict", "options": {"length": {"type": "str"}}, diff --git a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py index 68ceff80..2942b191 100644 --- a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py +++ b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py @@ -406,8 +406,6 @@ class Firewall_rules(ConfigBase): and not self._is_del(l_set, h) ): commands.append(self._add_r_base_attrib(rs_id, key, w, opr=opr)) - elif key == "p2p": - commands.extend(self._add_p2p(key, w, h, cmd, opr)) elif key == "tcp": commands.extend(self._add_tcp(key, w, h, cmd, opr)) elif key == "time": @@ -430,31 +428,6 @@ class Firewall_rules(ConfigBase): commands.extend(self._add_interface(key, w, h, cmd, opr)) return commands - def _add_p2p(self, attr, w, h, cmd, opr): - """ - This function forms the set/delete commands based on the 'opr' type - for p2p applications attributes. - :param want: desired config. - :param have: target config. - :return: generated commands list. - """ - commands = [] - have = [] - if w: - want = w.get(attr) or [] - if h: - have = h.get(attr) or [] - if want: - if opr: - applications = list_diff_want_only(want, have) - for app in applications: - commands.append(cmd + (" " + attr + " " + app["application"])) - elif not opr and have: - applications = list_diff_want_only(want, have) - for app in applications: - commands.append(cmd + (" " + attr + " " + app["application"])) - return commands - def _add_state(self, attr, w, h, cmd, opr): """ This function forms the command for 'state' attributes based on the 'opr'. @@ -805,7 +778,7 @@ class Firewall_rules(ConfigBase): if opr and not ( h_limit and self._is_w_same(rate, h_limit, "unit") - and self.is_w_same(rate, h_limit, "number") + and self._is_w_same(rate, h_limit, "number") ): commands.append( cmd diff --git a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py index 3da70891..a6b56345 100644 --- a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py +++ b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py @@ -224,7 +224,6 @@ class Firewall_rulesFacts(object): ] rule = self.parse_attr(conf, a_lst) r_sub = { - "p2p": self.parse_p2p(conf), "tcp": self.parse_tcp(conf), "icmp": self.parse_icmp(conf, "icmp"), "time": self.parse_time(conf, "time"), @@ -269,23 +268,6 @@ class Firewall_rulesFacts(object): lengths.append(obj) return lengths - def parse_p2p(self, conf): - """ - This function forms the regex to fetch the 'p2p' with in - 'rules' - :param conf: configuration data. - :return: generated rule list configuration. - """ - a_lst = [] - applications = findall(r"p2p (?:\'*)(\d+)(?:\'*)", conf, M) - if applications: - app_lst = [] - for r in set(applications): - obj = {"application": r.strip("'")} - app_lst.append(obj) - a_lst = sorted(app_lst, key=lambda i: i["application"]) - return a_lst - def parse_src_or_dest(self, conf, attrib=None): """ This function triggers the parsing of 'source or @@ -447,17 +429,6 @@ class Firewall_rulesFacts(object): cfg_dict["rate"] = self.parse_rate(conf, "rate") return cfg_dict - def parse_rate(self, conf, attrib=None): - """ - This function triggers the parsing of 'rate' attributes. - :param conf: configuration. - :param attrib: 'rate' - :return: generated config dictionary. - """ - a_lst = ["unit", "number"] - cfg_dict = self.parse_attr(conf, a_lst, match=attrib) - return cfg_dict - def parse_attr(self, conf, attr_list, match=None): """ This function peforms the following: @@ -490,6 +461,7 @@ class Firewall_rulesFacts(object): if attrib == 'log': out = search(r"^.*\d+" + " (log$)", conf, M) if out: + val = out.group(1).strip("'") if self.is_num(attrib): val = int(val) @@ -537,3 +509,21 @@ class Firewall_rulesFacts(object): """ num_set = ("time", "code", "type", "count", "burst", "number") return True if attrib in num_set else False + + def parse_rate(self, conf, match): + """ + This function triggers the parsing of 'rate' attributes. + :param conf: configuration. + :param attrib: 'rate' + :return: generated config dictionary. + """ + config = {} + + out = search(r"^.*" + match + " (.+)", conf, M) + if out: + val = out.group(1).strip("'") + if "/" in val: # number/unit + (number, unit) = val.split("/") + config['number'] = number + config['unit'] = unit + return config diff --git a/plugins/modules/vyos_firewall_rules.py b/plugins/modules/vyos_firewall_rules.py index d8c7a1c9..850299ff 100644 --- a/plugins/modules/vyos_firewall_rules.py +++ b/plugins/modules/vyos_firewall_rules.py @@ -352,24 +352,6 @@ options: - Packet type match. type: str choices: ['broadcast', 'multicast', 'host', 'other'] - p2p: - description: - - P2P application packets. - type: list - elements: dict - suboptions: - application: - description: - - Name of the application. - type: str - choices: - - all - - applejuice - - bittorrent - - directconnect - - edonkey - - gnutella - - kazaa protocol: description: - Protocol to match (protocol name in /etc/protocols or protocol number diff --git a/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml b/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml index fdd6b1ac..52d760da 100644 --- a/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml +++ b/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml @@ -2,15 +2,15 @@ - ansible.builtin.include_tasks: _remove_config.yaml - name: Setup + vyos.vyos.vyos_config: + lines: + - set protocols static route 192.0.2.32/28 next-hop '192.0.2.10' + - set protocols static route 192.0.2.32/28 next-hop '192.0.2.9' + - set protocols static route 192.0.2.32/28 blackhole + - set protocols static route 192.0.2.32/28 + - set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1' + - set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2' + - set protocols static route6 2001:db8:1000::/36 blackhole distance '2' + - set protocols static route6 2001:db8:1000::/36 vars: - lines: >- - "set protocols static route 192.0.2.32/28 next-hop '192.0.2.10'\n - set protocols static route 192.0.2.32/28 next-hop '192.0.2.9'\n - set protocols static route 192.0.2.32/28 blackhole\n - set protocols static route 192.0.2.32/28\n - set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1'\n - set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2'\n - set protocols static route6 2001:db8:1000::/36 blackhole distance '2'\n - set protocols static route6 2001:db8:1000::/36" - ansible.netcommon.cli_config: - config: "{{ lines }}" + ansible_connection: ansible.netcommon.network_cli |