diff options
Diffstat (limited to 'docs/vyos.vyos.vyos_firewall_rules_module.rst')
| -rw-r--r-- | docs/vyos.vyos.vyos_firewall_rules_module.rst | 80 |
1 files changed, 66 insertions, 14 deletions
diff --git a/docs/vyos.vyos.vyos_firewall_rules_module.rst b/docs/vyos.vyos.vyos_firewall_rules_module.rst index ad363b4e..97f8b5e9 100644 --- a/docs/vyos.vyos.vyos_firewall_rules_module.rst +++ b/docs/vyos.vyos.vyos_firewall_rules_module.rst @@ -5,7 +5,7 @@ vyos.vyos.vyos_firewall_rules ***************************** -**FIREWALL rules resource module** +**Firewall rules resource module** Version added: 1.0.0 @@ -110,7 +110,8 @@ Parameters <div>Default action for rule-set.</div> <div>drop (Drop if no prior rules are hit (default))</div> <div>reject (Drop and notify source if no prior rules are hit)</div> - <div>accept (Accept if no prior rules are hit) - jump (Jump to another rule-set, 1.4+)</div> + <div>accept (Accept if no prior rules are hit)</div> + <div>jump (Jump to another rule-set, 1.4+)</div> </td> </tr> <tr> @@ -667,6 +668,8 @@ Parameters </td> <td> <div>Inbound ip sec packets.</div> + <div>VyOS 1.4 and older match-ipsec/match-none</div> + <div>VyOS 1.5 and later require -in/-out suffixes</div> </td> </tr> <tr> @@ -808,7 +811,7 @@ Parameters </ul> </td> <td> - <div>Log matching packets.</div> + <div>Option to log packets matching rule.</div> </td> </tr> <tr> @@ -1827,7 +1830,7 @@ Notes ----- .. note:: - - Tested against VyOS 1.1.8 (helium). + - Tested against VyOS 1.3.8. - This module works with connection ``ansible.netcommon.network_cli``. See `the VyOS OS Platform Options <../network/user_guide/platform_vyos.html>`_. @@ -2500,7 +2503,6 @@ Examples description: Rule 502 is configured by Ansible ipsec: match-ipsec state: overridden - # # # ------------------------- @@ -2636,6 +2638,7 @@ Examples # - name: Gather listed firewall rules with provided configurations vyos.vyos.vyos_firewall_rules: + config: state: gathered # # @@ -2784,7 +2787,6 @@ Examples invalid: false related: true state: rendered - # # # ------------------------- @@ -2820,7 +2822,7 @@ Examples # Using parsed # # - - name: Parsed the provided input commands. + - name: Parse the commands for provided configuration vyos.vyos.vyos_firewall_rules: running_config: "set firewall group address-group 'inbound' @@ -2892,11 +2894,10 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late </td> <td>when changed</td> <td> - <div>The resulting configuration model invocation.</div> + <div>The resulting configuration after module execution.</div> <br/> <div style="font-size: smaller"><b>Sample:</b></div> - <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format - of the parameters above.</div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div> </td> </tr> <tr> @@ -2908,13 +2909,12 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late <span style="color: purple">dictionary</span> </div> </td> - <td>always</td> + <td>when <em>state</em> is <code>merged</code>, <code>replaced</code>, <code>overridden</code>, <code>deleted</code> or <code>purged</code></td> <td> - <div>The configuration prior to the model invocation.</div> + <div>The configuration prior to the module execution.</div> <br/> <div style="font-size: smaller"><b>Sample:</b></div> - <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">The configuration returned will always be in the same format - of the parameters above.</div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div> </td> </tr> <tr> @@ -2934,6 +2934,57 @@ Common return values are documented `here <https://docs.ansible.com/ansible/late <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">["set firewall name Downlink default-action 'accept'", "set firewall name Downlink description 'IPv4 INBOUND rule set'", "set firewall name Downlink rule 501 action 'accept'", "set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible'", "set firewall name Downlink rule 502 ipsec 'match-ipsec'"]</div> </td> </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>gathered</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when <em>state</em> is <code>gathered</code></td> + <td> + <div>Facts about the network resource gathered from the remote device as structured data.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>parsed</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when <em>state</em> is <code>parsed</code></td> + <td> + <div>The device native config provided in <em>running_config</em> option parsed into structured data as per module argspec.</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">This output will always be in the same format as the module argspec.</div> + </td> + </tr> + <tr> + <td colspan="1"> + <div class="ansibleOptionAnchor" id="return-"></div> + <b>rendered</b> + <a class="ansibleOptionLink" href="#return-" title="Permalink to this return value"></a> + <div style="font-size: small"> + <span style="color: purple">list</span> + </div> + </td> + <td>when <em>state</em> is <code>rendered</code></td> + <td> + <div>The provided configuration in the task rendered in device-native format (offline).</div> + <br/> + <div style="font-size: smaller"><b>Sample:</b></div> + <div style="font-size: smaller; color: blue; word-wrap: break-word; word-break: break-all;">["set firewall name Downlink default-action 'accept'", "set firewall name Downlink description 'IPv4 INBOUND rule set'", "set firewall name Downlink rule 501 action 'accept'", "set firewall name Downlink rule 502 description 'Rule 502 is configured by Ansible'", "set firewall name Downlink rule 502 ipsec 'match-ipsec'"]</div> + </td> + </tr> </table> <br/><br/> @@ -2946,3 +2997,4 @@ Authors ~~~~~~~ - Rohit Thakur (@rohitthakur2590) +- Gaige B. Paulsen (@gaige) |