From 7dded0a0a411c2df7a0bcbcdc24da3ffef353efd Mon Sep 17 00:00:00 2001
From: omnom62 <75066712+omnom62@users.noreply.github.com>
Date: Tue, 28 Jan 2025 12:54:31 +1000
Subject: T7083 p2p removed (#378)
* T7083 p2p removed
---
changelogs/fragments/T7083_firewall_rules.yml | 3 ++
docs/vyos.vyos.vyos_firewall_rules_module.rst | 48 ----------------------
.../vyos/argspec/firewall_rules/firewall_rules.py | 18 --------
.../vyos/config/firewall_rules/firewall_rules.py | 27 ------------
.../vyos/facts/firewall_rules/firewall_rules.py | 18 --------
plugins/modules/vyos_firewall_rules.py | 18 --------
6 files changed, 3 insertions(+), 129 deletions(-)
create mode 100644 changelogs/fragments/T7083_firewall_rules.yml
diff --git a/changelogs/fragments/T7083_firewall_rules.yml b/changelogs/fragments/T7083_firewall_rules.yml
new file mode 100644
index 00000000..412b3abf
--- /dev/null
+++ b/changelogs/fragments/T7083_firewall_rules.yml
@@ -0,0 +1,3 @@
+---
+breaking_changes:
+ - firewall_rules - p2p -> the code and the corresponding documentation and configuration should be removed as deprecated since 1.2
diff --git a/docs/vyos.vyos.vyos_firewall_rules_module.rst b/docs/vyos.vyos.vyos_firewall_rules_module.rst
index 97f8b5e9..75536b89 100644
--- a/docs/vyos.vyos.vyos_firewall_rules_module.rst
+++ b/docs/vyos.vyos.vyos_firewall_rules_module.rst
@@ -892,54 +892,6 @@ Parameters
</td>
</tr>
- <tr>
- <td class="elbow-placeholder"></td>
- <td class="elbow-placeholder"></td>
- <td class="elbow-placeholder"></td>
- <td colspan="3">
- <div class="ansibleOptionAnchor" id="parameter-"></div>
- <b>p2p</b>
- <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
- <div style="font-size: small">
- <span style="color: purple">list</span>
- / <span style="color: purple">elements=dictionary</span>
- </div>
- </td>
- <td>
- </td>
- <td>
- <div>P2P application packets.</div>
- </td>
- </tr>
- <tr>
- <td class="elbow-placeholder"></td>
- <td class="elbow-placeholder"></td>
- <td class="elbow-placeholder"></td>
- <td class="elbow-placeholder"></td>
- <td colspan="2">
- <div class="ansibleOptionAnchor" id="parameter-"></div>
- <b>application</b>
- <a class="ansibleOptionLink" href="#parameter-" title="Permalink to this option"></a>
- <div style="font-size: small">
- <span style="color: purple">string</span>
- </div>
- </td>
- <td>
- <ul style="margin: 0; padding: 0"><b>Choices:</b>
- <li>all</li>
- <li>applejuice</li>
- <li>bittorrent</li>
- <li>directconnect</li>
- <li>edonkey</li>
- <li>gnutella</li>
- <li>kazaa</li>
- </ul>
- </td>
- <td>
- <div>Name of the application.</div>
- </td>
- </tr>
-
<tr>
<td class="elbow-placeholder"></td>
<td class="elbow-placeholder"></td>
diff --git a/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py
index 74fa9c12..6ae17585 100644
--- a/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py
+++ b/plugins/module_utils/network/vyos/argspec/firewall_rules/firewall_rules.py
@@ -217,24 +217,6 @@ class Firewall_rulesArgs(object): # pylint: disable=R0903
},
"type": "dict",
},
- "p2p": {
- "elements": "dict",
- "options": {
- "application": {
- "choices": [
- "all",
- "applejuice",
- "bittorrent",
- "directconnect",
- "edonkey",
- "gnutella",
- "kazaa",
- ],
- "type": "str",
- },
- },
- "type": "list",
- },
"packet_length": {
"elements": "dict",
"options": {"length": {"type": "str"}},
diff --git a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py
index 68ceff80..bacc4506 100644
--- a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py
+++ b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py
@@ -406,8 +406,6 @@ class Firewall_rules(ConfigBase):
and not self._is_del(l_set, h)
):
commands.append(self._add_r_base_attrib(rs_id, key, w, opr=opr))
- elif key == "p2p":
- commands.extend(self._add_p2p(key, w, h, cmd, opr))
elif key == "tcp":
commands.extend(self._add_tcp(key, w, h, cmd, opr))
elif key == "time":
@@ -430,31 +428,6 @@ class Firewall_rules(ConfigBase):
commands.extend(self._add_interface(key, w, h, cmd, opr))
return commands
- def _add_p2p(self, attr, w, h, cmd, opr):
- """
- This function forms the set/delete commands based on the 'opr' type
- for p2p applications attributes.
- :param want: desired config.
- :param have: target config.
- :return: generated commands list.
- """
- commands = []
- have = []
- if w:
- want = w.get(attr) or []
- if h:
- have = h.get(attr) or []
- if want:
- if opr:
- applications = list_diff_want_only(want, have)
- for app in applications:
- commands.append(cmd + (" " + attr + " " + app["application"]))
- elif not opr and have:
- applications = list_diff_want_only(want, have)
- for app in applications:
- commands.append(cmd + (" " + attr + " " + app["application"]))
- return commands
-
def _add_state(self, attr, w, h, cmd, opr):
"""
This function forms the command for 'state' attributes based on the 'opr'.
diff --git a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py
index 3da70891..c760e4dc 100644
--- a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py
+++ b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py
@@ -224,7 +224,6 @@ class Firewall_rulesFacts(object):
]
rule = self.parse_attr(conf, a_lst)
r_sub = {
- "p2p": self.parse_p2p(conf),
"tcp": self.parse_tcp(conf),
"icmp": self.parse_icmp(conf, "icmp"),
"time": self.parse_time(conf, "time"),
@@ -269,23 +268,6 @@ class Firewall_rulesFacts(object):
lengths.append(obj)
return lengths
- def parse_p2p(self, conf):
- """
- This function forms the regex to fetch the 'p2p' with in
- 'rules'
- :param conf: configuration data.
- :return: generated rule list configuration.
- """
- a_lst = []
- applications = findall(r"p2p (?:\'*)(\d+)(?:\'*)", conf, M)
- if applications:
- app_lst = []
- for r in set(applications):
- obj = {"application": r.strip("'")}
- app_lst.append(obj)
- a_lst = sorted(app_lst, key=lambda i: i["application"])
- return a_lst
-
def parse_src_or_dest(self, conf, attrib=None):
"""
This function triggers the parsing of 'source or
diff --git a/plugins/modules/vyos_firewall_rules.py b/plugins/modules/vyos_firewall_rules.py
index d8c7a1c9..850299ff 100644
--- a/plugins/modules/vyos_firewall_rules.py
+++ b/plugins/modules/vyos_firewall_rules.py
@@ -352,24 +352,6 @@ options:
- Packet type match.
type: str
choices: ['broadcast', 'multicast', 'host', 'other']
- p2p:
- description:
- - P2P application packets.
- type: list
- elements: dict
- suboptions:
- application:
- description:
- - Name of the application.
- type: str
- choices:
- - all
- - applejuice
- - bittorrent
- - directconnect
- - edonkey
- - gnutella
- - kazaa
protocol:
description:
- Protocol to match (protocol name in /etc/protocols or protocol number
--
cgit v1.2.3
From 2a152f3c28ee5c5bac99489a8cd056457e4467a4 Mon Sep 17 00:00:00 2001
From: omnom62 <75066712+omnom62@users.noreply.github.com>
Date: Fri, 31 Jan 2025 22:15:08 +1000
Subject: T6833 firewall_rules limit processing fixed (#382)
---
changelogs/fragments/T6833_fw_rules_limit.yaml | 3 +++
.../vyos/config/firewall_rules/firewall_rules.py | 2 +-
.../vyos/facts/firewall_rules/firewall_rules.py | 30 ++++++++++++++--------
3 files changed, 23 insertions(+), 12 deletions(-)
create mode 100644 changelogs/fragments/T6833_fw_rules_limit.yaml
diff --git a/changelogs/fragments/T6833_fw_rules_limit.yaml b/changelogs/fragments/T6833_fw_rules_limit.yaml
new file mode 100644
index 00000000..332001bd
--- /dev/null
+++ b/changelogs/fragments/T6833_fw_rules_limit.yaml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+ - firewall_rules - Fix limit parameter processing
diff --git a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py
index bacc4506..2942b191 100644
--- a/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py
+++ b/plugins/module_utils/network/vyos/config/firewall_rules/firewall_rules.py
@@ -778,7 +778,7 @@ class Firewall_rules(ConfigBase):
if opr and not (
h_limit
and self._is_w_same(rate, h_limit, "unit")
- and self.is_w_same(rate, h_limit, "number")
+ and self._is_w_same(rate, h_limit, "number")
):
commands.append(
cmd
diff --git a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py
index c760e4dc..a6b56345 100644
--- a/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py
+++ b/plugins/module_utils/network/vyos/facts/firewall_rules/firewall_rules.py
@@ -429,17 +429,6 @@ class Firewall_rulesFacts(object):
cfg_dict["rate"] = self.parse_rate(conf, "rate")
return cfg_dict
- def parse_rate(self, conf, attrib=None):
- """
- This function triggers the parsing of 'rate' attributes.
- :param conf: configuration.
- :param attrib: 'rate'
- :return: generated config dictionary.
- """
- a_lst = ["unit", "number"]
- cfg_dict = self.parse_attr(conf, a_lst, match=attrib)
- return cfg_dict
-
def parse_attr(self, conf, attr_list, match=None):
"""
This function peforms the following:
@@ -472,6 +461,7 @@ class Firewall_rulesFacts(object):
if attrib == 'log':
out = search(r"^.*\d+" + " (log$)", conf, M)
if out:
+
val = out.group(1).strip("'")
if self.is_num(attrib):
val = int(val)
@@ -519,3 +509,21 @@ class Firewall_rulesFacts(object):
"""
num_set = ("time", "code", "type", "count", "burst", "number")
return True if attrib in num_set else False
+
+ def parse_rate(self, conf, match):
+ """
+ This function triggers the parsing of 'rate' attributes.
+ :param conf: configuration.
+ :param attrib: 'rate'
+ :return: generated config dictionary.
+ """
+ config = {}
+
+ out = search(r"^.*" + match + " (.+)", conf, M)
+ if out:
+ val = out.group(1).strip("'")
+ if "/" in val: # number/unit
+ (number, unit) = val.split("/")
+ config['number'] = number
+ config['unit'] = unit
+ return config
--
cgit v1.2.3
From f7f5fb5aa303c9aa35b4a65b23ddeec4ab1c6dfd Mon Sep 17 00:00:00 2001
From: Vijayakumar A <36878324+kumvijaya@users.noreply.github.com>
Date: Fri, 31 Jan 2025 19:25:12 +0530
Subject: T7114 fix codeowners (#383)
---
CODEOWNERS | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/CODEOWNERS b/CODEOWNERS
index 712446b8..8ec5e38f 100644
--- a/CODEOWNERS
+++ b/CODEOWNERS
@@ -1 +1 @@
-* @vyos/ansible-collection-maintainers
\ No newline at end of file
+* @vyos/vyos-ansible-collection-maintainers
--
cgit v1.2.3
From 563ee2480aeb3378ea05e1bed4d042afeb9b6e69 Mon Sep 17 00:00:00 2001
From: omnom62 <75066712+omnom62@users.noreply.github.com>
Date: Sat, 1 Feb 2025 00:45:48 +1000
Subject: Fixed static_routes integration tests (#380)
- Merge latest
---
.../T7015_static_routes_integration_tests.yaml | 3 +++
.../vyos_static_routes/tests/cli/_populate.yaml | 22 +++++++++++-----------
2 files changed, 14 insertions(+), 11 deletions(-)
create mode 100644 changelogs/fragments/T7015_static_routes_integration_tests.yaml
diff --git a/changelogs/fragments/T7015_static_routes_integration_tests.yaml b/changelogs/fragments/T7015_static_routes_integration_tests.yaml
new file mode 100644
index 00000000..001c9294
--- /dev/null
+++ b/changelogs/fragments/T7015_static_routes_integration_tests.yaml
@@ -0,0 +1,3 @@
+---
+minor_changes:
+ - static_routes - Fixed for v1.3- and 1.4+
diff --git a/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml b/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml
index fdd6b1ac..52d760da 100644
--- a/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml
+++ b/tests/integration/targets/vyos_static_routes/tests/cli/_populate.yaml
@@ -2,15 +2,15 @@
- ansible.builtin.include_tasks: _remove_config.yaml
- name: Setup
+ vyos.vyos.vyos_config:
+ lines:
+ - set protocols static route 192.0.2.32/28 next-hop '192.0.2.10'
+ - set protocols static route 192.0.2.32/28 next-hop '192.0.2.9'
+ - set protocols static route 192.0.2.32/28 blackhole
+ - set protocols static route 192.0.2.32/28
+ - set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1'
+ - set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2'
+ - set protocols static route6 2001:db8:1000::/36 blackhole distance '2'
+ - set protocols static route6 2001:db8:1000::/36
vars:
- lines: >-
- "set protocols static route 192.0.2.32/28 next-hop '192.0.2.10'\n
- set protocols static route 192.0.2.32/28 next-hop '192.0.2.9'\n
- set protocols static route 192.0.2.32/28 blackhole\n
- set protocols static route 192.0.2.32/28\n
- set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::1'\n
- set protocols static route6 2001:db8:1000::/36 next-hop '2001:db8:2000:2::2'\n
- set protocols static route6 2001:db8:1000::/36 blackhole distance '2'\n
- set protocols static route6 2001:db8:1000::/36"
- ansible.netcommon.cli_config:
- config: "{{ lines }}"
+ ansible_connection: ansible.netcommon.network_cli
--
cgit v1.2.3