wti.remote.cpm_iptables_config – Set network IPTables parameters in WTI OOB and PDU devices
Note
This plugin is part of the wti.remote collection (version 1.0.1).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install wti.remote
.
To use it in a playbook, specify: wti.remote.cpm_iptables_config
.
New in version 2.10: of wti.remote
Synopsis
- Set network IPTables parameters in WTI OOB and PDU devices
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
clear integer |
| Removes all the iptables for the protocol being defined before setting the newly defined entry. |
command list / elements=string / required | Actual iptables command to send to the WTI device. | |
cpm_password string / required | This is the Password of the WTI device to send the module. | |
cpm_url string / required | This is the URL of the WTI device to send the module. | |
cpm_username string / required | This is the Username of the WTI device to send the module. | |
index list / elements=string | Index in which command should be inserted. If not defined entry will start at position one. | |
protocol integer |
| The protocol that the iptables entry should be applied. 0 = ipv4, 1 = ipv6. |
use_https boolean |
| Designates to use an https connection or http connection. |
use_proxy boolean |
| Flag to control if the lookup will observe HTTP proxy environment variables when present. |
validate_certs boolean |
| If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. |
Notes
Note
- Use
groups/cpm
inmodule_defaults
to set common options used between CPM modules.
Examples
# Set Network IPTables Parameters - name: Set the an IPTables Parameter for a WTI device cpm_iptables_config: cpm_url: "nonexist.wti.com" cpm_username: "super" cpm_password: "super" use_https: true validate_certs: false command: "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT" # Sets multiple Network IPTables Parameters - name: Set the IPTables Parameters a WTI device cpm_iptables_config: cpm_url: "nonexist.wti.com" cpm_username: "super" cpm_password: "super" use_https: true validate_certs: false index: - 1 - 2 command: - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT" - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description | |
---|---|---|---|
data complex | always | The output JSON returned from the commands sent | |
iptables dictionary | always | Current k/v pairs of interface info for the WTI device after module execution. Sample: [{'eth0': {'ietf-ipv4': {'clear': 1, 'entries': [{'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT', 'index': '1'}, {'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT', 'index': '2'}]}}}] |
Authors
- Western Telematic Inc. (@wtinetworkgear)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/wti/remote/cpm_iptables_config_module.html