Note
This plugin is part of the wti.remote collection.
To install it use: ansible-galaxy collection install wti.remote
.
To use it in a playbook, specify: wti.remote.cpm_iptables_config
.
New in version 2.10: of wti.remote
Parameter | Choices/Defaults | Comments |
---|---|---|
clear integer |
| Removes all the iptables for the protocol being defined before setting the newly defined entry. |
command list / elements=string / required | Actual iptables command to send to the WTI device. | |
cpm_password string / required | This is the Password of the WTI device to send the module. | |
cpm_url string / required | This is the URL of the WTI device to send the module. | |
cpm_username string / required | This is the Username of the WTI device to send the module. | |
index list / elements=string | Index in which command should be inserted. If not defined entry will start at position one. | |
protocol integer |
| The protocol that the iptables entry should be applied. 0 = ipv4, 1 = ipv6. |
use_https boolean |
| Designates to use an https connection or http connection. |
use_proxy boolean |
| Flag to control if the lookup will observe HTTP proxy environment variables when present. |
validate_certs boolean |
| If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. |
Note
groups/cpm
in module_defaults
to set common options used between CPM modules.# Set Network IPTables Parameters - name: Set the an IPTables Parameter for a WTI device cpm_iptables_config: cpm_url: "nonexist.wti.com" cpm_username: "super" cpm_password: "super" use_https: true validate_certs: false command: "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT" # Sets multiple Network IPTables Parameters - name: Set the IPTables Parameters a WTI device cpm_iptables_config: cpm_url: "nonexist.wti.com" cpm_username: "super" cpm_password: "super" use_https: true validate_certs: false index: - 1 - 2 command: - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT" - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | |
---|---|---|---|
data complex | always | The output JSON returned from the commands sent | |
iptables dictionary | always | Current k/v pairs of interface info for the WTI device after module execution. Sample: [{'eth0': {'ietf-ipv4': {'clear': 1, 'entries': [{'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT', 'index': '1'}, {'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT', 'index': '2'}]}}}] |
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/wti/remote/cpm_iptables_config_module.html