wti.remote.cpm_iptables_config – Set network IPTables parameters in WTI OOB and PDU devices

Note

This plugin is part of the wti.remote collection (version 1.0.1).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install wti.remote.

To use it in a playbook, specify: wti.remote.cpm_iptables_config.

New in version 2.10: of wti.remote

Synopsis

  • Set network IPTables parameters in WTI OOB and PDU devices

Parameters

Parameter Choices/Defaults Comments
clear
integer
    Choices:
  • 0
  • 1
Removes all the iptables for the protocol being defined before setting the newly defined entry.
command
list / elements=string / required
Actual iptables command to send to the WTI device.
cpm_password
string / required
This is the Password of the WTI device to send the module.
cpm_url
string / required
This is the URL of the WTI device to send the module.
cpm_username
string / required
This is the Username of the WTI device to send the module.
index
list / elements=string
Index in which command should be inserted. If not defined entry will start at position one.
protocol
integer
    Choices:
  • 0
  • 1
The protocol that the iptables entry should be applied. 0 = ipv4, 1 = ipv6.
use_https
boolean
    Choices:
  • no
  • yes
Designates to use an https connection or http connection.
use_proxy
boolean
    Choices:
  • no
  • yes
Flag to control if the lookup will observe HTTP proxy environment variables when present.
validate_certs
boolean
    Choices:
  • no
  • yes
If false, SSL certificates will not be validated. This should only be used
on personally controlled sites using self-signed certificates.

Notes

Note

  • Use groups/cpm in module_defaults to set common options used between CPM modules.

Examples

# Set Network IPTables Parameters
- name: Set the an IPTables Parameter for a WTI device
  cpm_iptables_config:
    cpm_url: "nonexist.wti.com"
    cpm_username: "super"
    cpm_password: "super"
    use_https: true
    validate_certs: false
    command: "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT"

# Sets multiple Network IPTables Parameters
- name: Set the IPTables Parameters a WTI device
  cpm_iptables_config:
    cpm_url: "nonexist.wti.com"
    cpm_username: "super"
    cpm_password: "super"
    use_https: true
    validate_certs: false
    index:
      - 1
      - 2
    command:
      - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT"
      - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
data
complex
always
The output JSON returned from the commands sent

iptables
dictionary
always
Current k/v pairs of interface info for the WTI device after module execution.

Sample:
[{'eth0': {'ietf-ipv4': {'clear': 1, 'entries': [{'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT', 'index': '1'}, {'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT', 'index': '2'}]}}}]


Authors

  • Western Telematic Inc. (@wtinetworkgear)

© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/wti/remote/cpm_iptables_config_module.html