Adding comment support for iptables module

This commit is contained in:
Romain Brucker 2015-10-30 11:29:05 -05:00 committed by Matt Clay
parent 50905e5673
commit e4ce38fa0b

View file

@ -199,6 +199,10 @@ options:
rule also specifies one of the following protocols: tcp, udp, dccp or rule also specifies one of the following protocols: tcp, udp, dccp or
sctp." sctp."
required: false required: false
comment:
description:
- "This specifies a comment that will be added to the rule"
required: false
''' '''
EXAMPLES = ''' EXAMPLES = '''
@ -207,7 +211,7 @@ EXAMPLES = '''
become: yes become: yes
# Forward port 80 to 8600 # Forward port 80 to 8600
- iptables: table=nat chain=PREROUTING in_interface=eth0 protocol=tcp match=tcp destination_port=80 jump=REDIRECT to_ports=8600 - iptables: table=nat chain=PREROUTING in_interface=eth0 protocol=tcp match=tcp destination_port=80 jump=REDIRECT to_ports=8600 comment="Redirect web traffic to port 8600"
become: yes become: yes
''' '''
@ -220,6 +224,11 @@ def append_param(rule, param, flag, is_list):
if param is not None: if param is not None:
rule.extend([flag, param]) rule.extend([flag, param])
def append_comm(rule, param):
if param:
rule.extend(['-m'])
rule.extend(['comment'])
def construct_rule(params): def construct_rule(params):
rule = [] rule = []
@ -236,6 +245,8 @@ def construct_rule(params):
append_param(rule, params['source_port'], '--source-port', False) append_param(rule, params['source_port'], '--source-port', False)
append_param(rule, params['destination_port'], '--destination-port', False) append_param(rule, params['destination_port'], '--destination-port', False)
append_param(rule, params['to_ports'], '--to-ports', False) append_param(rule, params['to_ports'], '--to-ports', False)
append_comm(rule, params['comment'])
append_param(rule, params['comment'], '--comment', False)
return rule return rule
@ -284,6 +295,7 @@ def main():
source_port=dict(required=False, default=None, type='str'), source_port=dict(required=False, default=None, type='str'),
destination_port=dict(required=False, default=None, type='str'), destination_port=dict(required=False, default=None, type='str'),
to_ports=dict(required=False, default=None, type='str'), to_ports=dict(required=False, default=None, type='str'),
comment=dict(required=False, default=None, type='str'),
), ),
) )
args = dict( args = dict(