Bugfix for ufw to support "logging" properly:

It's a separate parameter so updated docs and set it as mutually exclusive param. Also due to an array construction typo it was not working in any situation (ufw LOGLEVEL was passed to cmd instead of ufw logging LOGLEVEL). Also fixed doc and parameters parsing typo ("choises" should be "choices")
2014-03-29 11:06:51 +02:00 · 2014-03-29 11:06:51 +02:00 · 74fa705e20
commit 74fa705e20
parent 44b563a40a
1 changed files with 13 additions and 8 deletions
--- a/system/ufw
+++ b/system/ufw
@ -1,6 +1,7 @@
 #!/usr/bin/python
 # -*- coding: utf-8 -*-

+# (c) 2014, Ahti Kitsik <ak@ahtik.com>
 # (c) 2014, Jarno Keskikangas <jarno.keskikangas@gmail.com>
 # (c) 2013, Aleksey Ovcharenko <aleksey.ovcharenko@gmail.com>
 # (c) 2013, James Martin <jmartin@basho.com>
@ -27,7 +28,7 @@ short_description: Manage firewall with UFW
 description:
    - Manage firewall with UFW.
 version_added: 1.6
-author: Aleksey Ovcharenko, Jarno Keskikangas
+author: Aleksey Ovcharenko, Jarno Keskikangas, Ahti Kitsik
 notes:
    - See C(man ufw) for more examples.
 requirements:
@ -65,12 +66,12 @@ options:
    description:
      - Add firewall rule
    required: false
-    choises: ['allow', 'deny', 'reject', 'limit']
+    choices: ['allow', 'deny', 'reject', 'limit']
  log:
    description:
      - Log new connections matched to this rule
    required: false
-    choises: ['yes', 'no']
+    choices: ['yes', 'no']
  from_ip:
    description:
      - Source IP address.
@ -111,7 +112,10 @@ options:

 EXAMPLES = '''
 # Allow everything and enable UFW
-ufw: state=enable policy=allow logging=on
+ufw: state=enabled policy=allow
+
+# Set logging
+ufw: logging=on

 # Sometimes it is desirable to let the sender know when traffic is
 # being denied, rather than simply ignoring it. In these cases, use
@ -163,8 +167,8 @@ def main():
        argument_spec = dict(
            state     = dict(default=None,  choices=['enabled', 'disabled', 'reloaded', 'reset']),
            default   = dict(default=None,  aliases=['policy'], choices=['allow', 'deny', 'reject']),
-            logging   = dict(default=None,  choises=['on', 'off', 'low', 'medium', 'high', 'full']),
-            direction = dict(default=None,  choises=['in', 'incoming', 'out', 'outgoing']),
+            logging   = dict(default=None,  choices=['on', 'off', 'low', 'medium', 'high', 'full']),
+            direction = dict(default=None,  choices=['in', 'incoming', 'out', 'outgoing']),
            delete    = dict(default=False, type='bool'),
            insert    = dict(default=None),
            rule      = dict(default=None,  choices=['allow', 'deny', 'reject', 'limit']),
@ -178,13 +182,14 @@ def main():
            app       = dict(default=None,  aliases=['name'])
        ),
        supports_check_mode = True,
-        mutually_exclusive = [['app', 'proto']]
+        mutually_exclusive = [['app', 'proto', 'logging']]
    )

    cmds = []

    def execute(cmd):
        cmd = ' '.join(map(itemgetter(-1), filter(itemgetter(0), cmd)))
+
        cmds.append(cmd)
        (rc, out, err) = module.run_command(cmd)

@ -217,7 +222,7 @@ def main():
            execute(cmd + [['-f'], [states[value]]])

        elif command == 'logging':
-            execute(cmd + [[command, value]])
+            execute(cmd + [[command], [value]])

        elif command == 'default':
            execute(cmd + [[command], [value], [params['direction']]])