From 0c926e713ffad83581995e32112661e7bef6b3fe Mon Sep 17 00:00:00 2001 From: Orion Poplawski Date: Sat, 20 Jan 2024 22:07:05 -0700 Subject: [PATCH] [pfsense_nat_outbound] Use bool_values; Set root; targetip -> target for pfSense 2.7.1 pf+ 23.09; Add diff support --- plugins/module_utils/nat_outbound.py | 38 +++++++++++++--------------- 1 file changed, 18 insertions(+), 20 deletions(-) diff --git a/plugins/module_utils/nat_outbound.py b/plugins/module_utils/nat_outbound.py index 5389f12f..e0038e6b 100644 --- a/plugins/module_utils/nat_outbound.py +++ b/plugins/module_utils/nat_outbound.py @@ -41,6 +41,14 @@ ["state", "present", ["interface", "source", "destination"]] ] +# Booleans that map to different values +NAT_OUTBOUND_BOOL_VALUES = dict( + disabled=(None, ''), + staticnatport=(None, ''), + nonat=(None, ''), + nosync=(None, ''), +) + def p2o_after(self, name, params, obj): self.after = params[name] @@ -82,23 +90,14 @@ def get_argument_spec(): # init # def __init__(self, module, pfsense=None): - super(PFSenseNatOutboundModule, self).__init__(module, pfsense, arg_route=NAT_OUTBOUND_ARG_ROUTE) + super(PFSenseNatOutboundModule, self).__init__(module, pfsense, root='nat/outbound', create_root=True, arg_route=NAT_OUTBOUND_ARG_ROUTE, + bool_values=NAT_OUTBOUND_BOOL_VALUES) self.name = "pfsense_nat_outbound" self.after = None self.before = None self.position_changed = False - nat_elt = self.pfsense.get_element('nat') - if nat_elt is None: - nat_elt = self.pfsense.new_element('nat') - self.pfsense.root.append(nat_elt) - - self.root_elt = nat_elt.find('outbound') - if self.root_elt is None: - self.root_elt = self.pfsense.new_element('outbound') - nat_elt.append(self.root_elt) - ############################## # params processing # @@ -194,8 +193,6 @@ def _parse_ports(self, obj, ports, field_port, param): def _parse_translated_address(self, obj): """ validate param address field and returns it as a dict """ obj['target'] = '' - obj['targetip'] = '' - obj['targetip_subnet'] = '' if self.params.get('address') is None or self.params['address'] == '': return @@ -216,16 +213,14 @@ def _parse_translated_address(self, obj): if obj['poolopts'] != '' and not obj['poolopts'].startswith('round-robin'): self.module.fail_json(msg='Only Round Robin pool options may be chosen when selecting an alias.') elif self.pfsense.is_ipv4_address(address): - obj['target'] = 'other-subnet' - obj['targetip'] = address - obj['targetip_subnet'] = '32' + obj['target'] = address + obj['target_subnet'] = '32' else: (addr, part) = self.pfsense.parse_ip_network(address, False, False) if addr is None: self.module.fail_json(msg='Cannot parse address %s, not IP or alias' % (address)) - obj['target'] = 'other-subnet' - obj['targetip'] = addr - obj['targetip_subnet'] = str(part) + obj['target'] = addr + obj['target_subnet'] = str(part) self._parse_ports(obj, ports, 'natport', param) @@ -250,12 +245,15 @@ def _validate_params(self): def _copy_and_add_target(self): """ create the XML target_elt """ self.pfsense.copy_dict_to_element(self.obj, self.target_elt) + self.diff['after'] = self.obj self._insert(self.target_elt) def _copy_and_update_target(self): """ update the XML target_elt """ before = self.pfsense.element_to_dict(self.target_elt) + self.diff['before'] = before changed = self.pfsense.copy_dict_to_element(self.obj, self.target_elt) + self.diff['after'] = self.pfsense.element_to_dict(self.target_elt) if self._remove_deleted_params(): changed = True @@ -472,7 +470,7 @@ def _obj_to_log_fields(self, rule): res['interface'] = self.pfsense.get_interface_display_name(rule['interface']) if rule['target'] == 'other-subnet': - res['address'] = rule['targetip'] + '/' + rule['targetip_subnet'] + res['address'] = rule['target'] + '/' + rule['target_subnet'] else: res['address'] = rule['target'] if 'natport' in rule and rule['natport'] != '':