mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-24 21:14:00 -07:00 
			
		
		
		
	(cherry picked from commit 909e9fe950)
Co-authored-by: quidame <quidame@poivron.org>
	
	
This commit is contained in:
		
					parent
					
						
							
								c242993291
							
						
					
				
			
			
				commit
				
					
						e6b84acd1e
					
				
			
		
					 1 changed files with 13 additions and 5 deletions
				
			
		|  | @ -304,7 +304,7 @@ def write_state(b_path, lines, changed): | |||
|     return changed | ||||
| 
 | ||||
| 
 | ||||
| def initialize_from_null_state(initializer, initcommand, table): | ||||
| def initialize_from_null_state(initializer, initcommand, fallbackcmd, table): | ||||
|     ''' | ||||
|     This ensures iptables-state output is suitable for iptables-restore to roll | ||||
|     back to it, i.e. iptables-save output is not empty. This also works for the | ||||
|  | @ -315,8 +315,14 @@ def initialize_from_null_state(initializer, initcommand, table): | |||
| 
 | ||||
|     commandline = list(initializer) | ||||
|     commandline += ['-t', table] | ||||
|     (rc, out, err) = module.run_command(commandline, check_rc=True) | ||||
|     dummy = module.run_command(commandline, check_rc=True) | ||||
|     (rc, out, err) = module.run_command(initcommand, check_rc=True) | ||||
|     if '*%s' % table not in out.splitlines(): | ||||
|         # The last resort. | ||||
|         iptables_input = '*%s\n:OUTPUT ACCEPT\nCOMMIT\n' % table | ||||
|         dummy = module.run_command(fallbackcmd, data=iptables_input, check_rc=True) | ||||
|         (rc, out, err) = module.run_command(initcommand, check_rc=True) | ||||
| 
 | ||||
|     return rc, out, err | ||||
| 
 | ||||
| 
 | ||||
|  | @ -401,6 +407,7 @@ def main(): | |||
|     INITCOMMAND = [bin_iptables_save] | ||||
|     INITIALIZER = [bin_iptables, '-L', '-n'] | ||||
|     TESTCOMMAND = [bin_iptables_restore, '--test'] | ||||
|     FALLBACKCMD = [bin_iptables_restore] | ||||
| 
 | ||||
|     if counters: | ||||
|         COMMANDARGS.append('--counters') | ||||
|  | @ -425,6 +432,7 @@ def main(): | |||
|         INITIALIZER.extend(['--modprobe', modprobe]) | ||||
|         INITCOMMAND.extend(['--modprobe', modprobe]) | ||||
|         TESTCOMMAND.extend(['--modprobe', modprobe]) | ||||
|         FALLBACKCMD.extend(['--modprobe', modprobe]) | ||||
| 
 | ||||
|     SAVECOMMAND = list(COMMANDARGS) | ||||
|     SAVECOMMAND.insert(0, bin_iptables_save) | ||||
|  | @ -458,15 +466,15 @@ def main(): | |||
|             for t in TABLES: | ||||
|                 if '*%s' % t in state_to_restore: | ||||
|                     if len(stdout) == 0 or '*%s' % t not in stdout.splitlines(): | ||||
|                         (rc, stdout, stderr) = initialize_from_null_state(INITIALIZER, INITCOMMAND, t) | ||||
|                         (rc, stdout, stderr) = initialize_from_null_state(INITIALIZER, INITCOMMAND, FALLBACKCMD, t) | ||||
|         elif len(stdout) == 0: | ||||
|             (rc, stdout, stderr) = initialize_from_null_state(INITIALIZER, INITCOMMAND, 'filter') | ||||
|             (rc, stdout, stderr) = initialize_from_null_state(INITIALIZER, INITCOMMAND, FALLBACKCMD, 'filter') | ||||
| 
 | ||||
|     elif state == 'restored' and '*%s' % table not in state_to_restore: | ||||
|         module.fail_json(msg="Table %s to restore not defined in %s" % (table, path)) | ||||
| 
 | ||||
|     elif len(stdout) == 0 or '*%s' % table not in stdout.splitlines(): | ||||
|         (rc, stdout, stderr) = initialize_from_null_state(INITIALIZER, INITCOMMAND, table) | ||||
|         (rc, stdout, stderr) = initialize_from_null_state(INITIALIZER, INITCOMMAND, FALLBACKCMD, table) | ||||
| 
 | ||||
|     initial_state = filter_and_format_state(stdout) | ||||
|     if initial_state is None: | ||||
|  |  | |||
		Loading…
	
	Add table
		Add a link
		
	
		Reference in a new issue