Fix the interface handling code to allow permanent and non-permanent operations.

Also avoid using add_interface because it breaks in cases where the interface is already bound to a different zone.
This commit is contained in:
Kevin Hildebrand 2016-05-02 11:16:07 -04:00
parent 3a7e4b5834
commit 9f2bc2853d

View file

@ -213,6 +213,18 @@ def remove_source(zone, source):
# interface handling # interface handling
# #
def get_interface(zone, interface): def get_interface(zone, interface):
if interface in fw.getInterfaces(zone):
return True
else:
return False
def change_zone_of_interface(zone, interface):
fw.changeZoneOfInterface(zone, interface)
def remove_interface(zone, interface):
fw.removeInterface(zone, interface)
def get_interface_permanent(zone, interface):
fw_zone = fw.config().getZoneByName(zone) fw_zone = fw.config().getZoneByName(zone)
fw_settings = fw_zone.getSettings() fw_settings = fw_zone.getSettings()
if interface in fw_settings.getInterfaces(): if interface in fw_settings.getInterfaces():
@ -220,13 +232,20 @@ def get_interface(zone, interface):
else: else:
return False return False
def add_interface(zone, interface): def change_zone_of_interface_permanent(zone, interface):
fw_zone = fw.config().getZoneByName(zone) fw_zone = fw.config().getZoneByName(zone)
fw_settings = fw_zone.getSettings() fw_settings = fw_zone.getSettings()
fw_settings.addInterface(interface) old_zone_name = fw.config().getZoneOfInterface(interface)
fw_zone.update(fw_settings) if old_zone_name != zone:
if old_zone_name:
old_zone_obj = fw.config().getZoneByName(old_zone_name)
old_zone_settings = old_zone_obj.getSettings()
old_zone_settings.removeInterface(interface) # remove from old
old_zone_obj.update(old_zone_settings)
fw_settings.addInterface(interface) # add to new
fw_zone.update(fw_settings)
def remove_interface(zone, interface): def remove_interface_permanent(zone, interface):
fw_zone = fw.config().getZoneByName(zone) fw_zone = fw.config().getZoneByName(zone)
fw_settings = fw_zone.getSettings() fw_settings = fw_zone.getSettings()
fw_settings.removeInterface(interface) fw_settings.removeInterface(interface)
@ -535,23 +554,44 @@ def main():
msgs.append("Changed rich_rule %s to %s" % (rich_rule, desired_state)) msgs.append("Changed rich_rule %s to %s" % (rich_rule, desired_state))
if interface != None: if interface != None:
is_enabled = get_interface(zone, interface) if permanent:
if desired_state == "enabled": is_enabled = get_interface_permanent(zone, interface)
if is_enabled == False: msgs.append('Permanent operation')
if module.check_mode: if desired_state == "enabled":
module.exit_json(changed=True) if is_enabled == False:
if module.check_mode:
module.exit_json(changed=True)
add_interface(zone, interface) change_zone_of_interface_permanent(zone, interface)
changed=True changed=True
msgs.append("Added %s to zone %s" % (interface, zone)) msgs.append("Changed %s to zone %s" % (interface, zone))
elif desired_state == "disabled": elif desired_state == "disabled":
if is_enabled == True: if is_enabled == True:
if module.check_mode: if module.check_mode:
module.exit_json(changed=True) module.exit_json(changed=True)
remove_interface(zone, interface) remove_interface_permanent(zone, interface)
changed=True changed=True
msgs.append("Removed %s from zone %s" % (interface, zone)) msgs.append("Removed %s from zone %s" % (interface, zone))
if immediate or not permanent:
is_enabled = get_interface(zone, interface)
msgs.append('Non-permanent operation')
if desired_state == "enabled":
if is_enabled == False:
if module.check_mode:
module.exit_json(changed=True)
change_zone_of_interface(zone, interface)
changed=True
msgs.append("Changed %s to zone %s" % (interface, zone))
elif desired_state == "disabled":
if is_enabled == True:
if module.check_mode:
module.exit_json(changed=True)
remove_interface(zone, interface)
changed=True
msgs.append("Removed %s from zone %s" % (interface, zone))
if masquerade != None: if masquerade != None: