diff options
Diffstat (limited to 'plugins')
| -rw-r--r-- | plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py | 24 | ||||
| -rw-r--r-- | plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py | 3 |
2 files changed, 17 insertions, 10 deletions
diff --git a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py index 1f1536c..22973bd 100644 --- a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py +++ b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py @@ -176,7 +176,7 @@ class Firewall_rules(ConfigBase): # already have (to be replaced by our desired # configuration's rule set). wanted_rule_set = self.search_r_sets_in_have( - want, rs["name"], "r_list" + want, rs["name"], "r_list", h["afi"] ) if wanted_rule_set is not None: # Remove the rules that we already have if the wanted @@ -205,7 +205,9 @@ class Firewall_rules(ConfigBase): for h in have: r_sets = self._get_r_sets(h) for rs in r_sets: - w = self.search_r_sets_in_have(want, rs["name"], "r_list") + w = self.search_r_sets_in_have( + want, rs["name"], "r_list", h["afi"] + ) if not w: commands.append( self._compute_command( @@ -230,7 +232,9 @@ class Firewall_rules(ConfigBase): for w in want: r_sets = self._get_r_sets(w) for rs in r_sets: - h = self.search_r_sets_in_have(have, rs["name"], "r_list") + h = self.search_r_sets_in_have( + have, rs["name"], "r_list", w["afi"] + ) commands.extend(self._add_r_sets(w["afi"], rs, h)) return commands @@ -248,7 +252,7 @@ class Firewall_rules(ConfigBase): if r_sets: for rs in r_sets: h = self.search_r_sets_in_have( - have, rs["name"], "r_list" + have, rs["name"], "r_list", w["afi"] ) if h: commands.append( @@ -842,12 +846,13 @@ class Firewall_rules(ConfigBase): ) return commands - def search_r_sets_in_have(self, have, w_name, type="rule_sets"): + def search_r_sets_in_have(self, have, w_name, type="rule_sets", afi=None): """ This function returns the rule-set/rule if it is present in target config. :param have: target config. :param w_name: rule-set name. :param type: rule_sets/rule/r_list. + :param afi: address family (when type is r_list). :return: rule-set/rule. """ if have: @@ -859,10 +864,11 @@ class Firewall_rules(ConfigBase): return r elif type == "r_list": for h in have: - r_sets = self._get_r_sets(h) - for rs in r_sets: - if rs[key] == w_name: - return rs + if h["afi"] == afi: + r_sets = self._get_r_sets(h) + for rs in r_sets: + if rs[key] == w_name: + return rs else: for rs in have: if rs[key] == w_name: diff --git a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py index 8e29dbd..f1c080f 100644 --- a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py +++ b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py @@ -100,7 +100,8 @@ class Firewall_rulesFacts(object): r_v4 = [] r_v6 = [] for r in set(rules): - rule_regex = r" %s .+$" % r.strip("'") + name_key = "ipv6-name" if type == "ipv6" else "name" + rule_regex = r" %s %s .+$" % (name_key, r.strip("'")) cfg = findall(rule_regex, data, M) fr = self.render_config(cfg, r.strip("'")) fr["name"] = r.strip("'") |