cmueller/ansible
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity

Recognize rule changes even if ufw is in disabled state.

Browse source 
See http://askubuntu.com/questions/30781/see-configured-rules-even-when-inactive
for the details.
This commit is contained in:
Jarno Keskikangas 2014-03-09 12:55:58 +02:00
parent 4d5340587e
commit 37ef39d0fa
1 changed files with 4 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
library/system/ufw
View file

@ -203,8 +203,9 @@ def main():
# Ensure ufw is available # Ensure ufw is available
ufw_bin = module.get_bin_path('ufw', True) ufw_bin = module.get_bin_path('ufw', True)
# Save the pre state in order to recognize changes reliably # Save the pre state and rules in order to recognize changes
(_, pre_state, _) = module.run_command(ufw_bin + ' status verbose') (_, pre_state, _) = module.run_command(ufw_bin + ' status verbose')
(_, pre_rules, _) = module.run_command("grep '^### tuple' /lib/ufw/user*.rules")
# Execute commands # Execute commands
for (command, value) in commands.iteritems(): for (command, value) in commands.iteritems():
@ -244,7 +245,8 @@ def main():
# Get the new state # Get the new state
(_, post_state, _) = module.run_command(ufw_bin + ' status verbose') (_, post_state, _) = module.run_command(ufw_bin + ' status verbose')
changed = pre_state != post_state (_, post_rules, _) = module.run_command("grep '^### tuple' /lib/ufw/user*.rules")
changed = (pre_state != post_state) or (pre_rules != post_rules)
return module.exit_json(changed=changed, commands=cmds, msg=post_state.rstrip()) return module.exit_json(changed=changed, commands=cmds, msg=post_state.rstrip())