adding group parameter for win_firewall_rule (#55109)
* adding group parameter for win_firewall_rule * integration test fix * changing the version add to 2.9 * setting group optional * fix:setting required to optional
This commit is contained in:
parent
9786e2b559
commit
48eed0b6c8
3 changed files with 37 additions and 3 deletions
|
@ -117,6 +117,7 @@ $description = Get-AnsibleParam -obj $params -name "description" -type "str"
|
||||||
$direction = Get-AnsibleParam -obj $params -name "direction" -type "str" -validateset "in","out"
|
$direction = Get-AnsibleParam -obj $params -name "direction" -type "str" -validateset "in","out"
|
||||||
$action = Get-AnsibleParam -obj $params -name "action" -type "str" -validateset "allow","block"
|
$action = Get-AnsibleParam -obj $params -name "action" -type "str" -validateset "allow","block"
|
||||||
$program = Get-AnsibleParam -obj $params -name "program" -type "str"
|
$program = Get-AnsibleParam -obj $params -name "program" -type "str"
|
||||||
|
$group = Get-AnsibleParam -obj $params -name "group" -type "str"
|
||||||
$service = Get-AnsibleParam -obj $params -name "service" -type "str"
|
$service = Get-AnsibleParam -obj $params -name "service" -type "str"
|
||||||
$enabled = Get-AnsibleParam -obj $params -name "enabled" -type "bool" -aliases "enable"
|
$enabled = Get-AnsibleParam -obj $params -name "enabled" -type "bool" -aliases "enable"
|
||||||
$profiles = Get-AnsibleParam -obj $params -name "profiles" -type "list" -aliases "profile"
|
$profiles = Get-AnsibleParam -obj $params -name "profiles" -type "list" -aliases "profile"
|
||||||
|
@ -151,6 +152,7 @@ try {
|
||||||
# the default for enabled in module description is "true", but the actual COM object defaults to "false" when created
|
# the default for enabled in module description is "true", but the actual COM object defaults to "false" when created
|
||||||
if ($null -ne $enabled) { $new_rule.Enabled = $enabled } else { $new_rule.Enabled = $true }
|
if ($null -ne $enabled) { $new_rule.Enabled = $enabled } else { $new_rule.Enabled = $true }
|
||||||
if ($null -ne $description) { $new_rule.Description = $description }
|
if ($null -ne $description) { $new_rule.Description = $description }
|
||||||
|
if ($null -ne $group) { $new_rule.Grouping = $group }
|
||||||
if ($null -ne $program -and $program -ne "any") { $new_rule.ApplicationName = [System.Environment]::ExpandEnvironmentVariables($program) }
|
if ($null -ne $program -and $program -ne "any") { $new_rule.ApplicationName = [System.Environment]::ExpandEnvironmentVariables($program) }
|
||||||
if ($null -ne $service -and $program -ne "any") { $new_rule.ServiceName = $service }
|
if ($null -ne $service -and $program -ne "any") { $new_rule.ServiceName = $service }
|
||||||
if ($null -ne $protocol -and $protocol -ne "any") { $new_rule.Protocol = Parse-ProtocolType -protocol $protocol }
|
if ($null -ne $protocol -and $protocol -ne "any") { $new_rule.Protocol = Parse-ProtocolType -protocol $protocol }
|
||||||
|
@ -176,8 +178,8 @@ try {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
$fwPropertiesToCompare = @('Name','Description','Direction','Action','ApplicationName','ServiceName','Enabled','Profiles','LocalAddresses','RemoteAddresses','LocalPorts','RemotePorts','Protocol','InterfaceTypes', 'EdgeTraversalOptions', 'SecureFlags')
|
$fwPropertiesToCompare = @('Name','Description','Direction','Action','ApplicationName','Grouping','ServiceName','Enabled','Profiles','LocalAddresses','RemoteAddresses','LocalPorts','RemotePorts','Protocol','InterfaceTypes', 'EdgeTraversalOptions', 'SecureFlags')
|
||||||
$userPassedArguments = @($name, $description, $direction, $action, $program, $service, $enabled, $profiles, $localip, $remoteip, $localport, $remoteport, $protocol, $interfacetypes, $edge, $security)
|
$userPassedArguments = @($name, $description, $direction, $action, $program, $group, $service, $enabled, $profiles, $localip, $remoteip, $localport, $remoteport, $protocol, $interfacetypes, $edge, $security)
|
||||||
|
|
||||||
if ($state -eq "absent") {
|
if ($state -eq "absent") {
|
||||||
if ($null -eq $existingRule) {
|
if ($null -eq $existingRule) {
|
||||||
|
|
|
@ -34,6 +34,11 @@ options:
|
||||||
- The rule's display name.
|
- The rule's display name.
|
||||||
type: str
|
type: str
|
||||||
required: yes
|
required: yes
|
||||||
|
group:
|
||||||
|
description:
|
||||||
|
- The group name for the rule.
|
||||||
|
version_added: '2.9'
|
||||||
|
type: str
|
||||||
direction:
|
direction:
|
||||||
description:
|
description:
|
||||||
- Whether this rule is for inbound or outbound traffic.
|
- Whether this rule is for inbound or outbound traffic.
|
||||||
|
@ -128,4 +133,15 @@ EXAMPLES = r'''
|
||||||
profiles: private
|
profiles: private
|
||||||
state: present
|
state: present
|
||||||
enabled: yes
|
enabled: yes
|
||||||
|
|
||||||
|
- name: Firewall rule to be created for application group
|
||||||
|
win_firewall_rule:
|
||||||
|
name: SMTP
|
||||||
|
group: application
|
||||||
|
localport: 25
|
||||||
|
action: allow
|
||||||
|
direction: in
|
||||||
|
protocol: tcp
|
||||||
|
state: present
|
||||||
|
enabled: yes
|
||||||
'''
|
'''
|
||||||
|
|
|
@ -437,4 +437,20 @@
|
||||||
- name: Check that creating same firewall rule with expanded vars identified
|
- name: Check that creating same firewall rule with expanded vars identified
|
||||||
assert:
|
assert:
|
||||||
that:
|
that:
|
||||||
- add_firewall_rule_with_var_expand_path.changed == false
|
- add_firewall_rule_with_var_expand_path.changed == false
|
||||||
|
- name: Add firewall rule for application group
|
||||||
|
win_firewall_rule:
|
||||||
|
name: Rule for application group
|
||||||
|
enabled: yes
|
||||||
|
state: present
|
||||||
|
localport: 80
|
||||||
|
action: allow
|
||||||
|
direction: in
|
||||||
|
protocol: tcp
|
||||||
|
group: application
|
||||||
|
register: add_firewall_rule_with_group
|
||||||
|
|
||||||
|
- name: Check that creating firewall rule for application group succeeds with a change
|
||||||
|
assert:
|
||||||
|
that:
|
||||||
|
- add_firewall_rule_with_group.changed == true
|
||||||
|
|
Loading…
Reference in a new issue