Merge pull request #1228 from romainrbr/iptables-ctstate-to-state

Editing iptable module to use -m state --state instead of -m conntrack --ctstate
This commit is contained in:
Brian Coca 2015-11-17 09:32:20 -08:00
commit 7da1f8d4ca

View file

@ -246,7 +246,7 @@ def append_comm(rule, param):
def append_conntrack(rule, param): def append_conntrack(rule, param):
if param: if param:
rule.extend(['-m']) rule.extend(['-m'])
rule.extend(['conntrack']) rule.extend(['state'])
def append_limit(rule, param): def append_limit(rule, param):
if param: if param:
@ -273,7 +273,7 @@ def construct_rule(params):
append_param(rule, params['comment'], '--comment', False) append_param(rule, params['comment'], '--comment', False)
if params['ctstate']: if params['ctstate']:
append_conntrack(rule, params['ctstate']) append_conntrack(rule, params['ctstate'])
append_param(rule, ','.join(params['ctstate']), '--ctstate', False) append_param(rule, ','.join(params['ctstate']), '--state', False)
append_limit(rule, params['limit']) append_limit(rule, params['limit'])
append_param(rule, params['limit'], '--limit', False) append_param(rule, params['limit'], '--limit', False)
return rule return rule