wti.remote.cpm_iptables_config – Set network IPTables parameters in WTI OOB and PDU devices

Note

This plugin is part of the wti.remote collection (version 1.0.1).

To install it use: ansible-galaxy collection install wti.remote.

To use it in a playbook, specify: wti.remote.cpm_iptables_config.

New in version 2.10: of wti.remote

Synopsis

  • Set network IPTables parameters in WTI OOB and PDU devices

Parameters

Parameter Choices/Defaults Comments
clear
integer
    Choices:
  • 0
  • 1
Removes all the iptables for the protocol being defined before setting the newly defined entry.
command
list / elements=string / required
Actual iptables command to send to the WTI device.
cpm_password
string / required
This is the Password of the WTI device to send the module.
cpm_url
string / required
This is the URL of the WTI device to send the module.
cpm_username
string / required
This is the Username of the WTI device to send the module.
index
list / elements=string
Index in which command should be inserted. If not defined entry will start at position one.
protocol
integer
    Choices:
  • 0
  • 1
The protocol that the iptables entry should be applied. 0 = ipv4, 1 = ipv6.
use_https
boolean
    Choices:
  • no
  • yes ←
Designates to use an https connection or http connection.
use_proxy
boolean
    Choices:
  • no ←
  • yes
Flag to control if the lookup will observe HTTP proxy environment variables when present.
validate_certs
boolean
    Choices:
  • no
  • yes ←
If false, SSL certificates will not be validated. This should only be used
on personally controlled sites using self-signed certificates.

Notes

Note

  • Use groups/cpm in module_defaults to set common options used between CPM modules.

Examples

# Set Network IPTables Parameters
- name: Set the an IPTables Parameter for a WTI device
  cpm_iptables_config:
    cpm_url: "nonexist.wti.com"
    cpm_username: "super"
    cpm_password: "super"
    use_https: true
    validate_certs: false
    command: "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT"

# Sets multiple Network IPTables Parameters
- name: Set the IPTables Parameters a WTI device
  cpm_iptables_config:
    cpm_url: "nonexist.wti.com"
    cpm_username: "super"
    cpm_password: "super"
    use_https: true
    validate_certs: false
    index:
      - 1
      - 2
    command:
      - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT"
      - "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
data
complex
always
The output JSON returned from the commands sent
 
iptables
dictionary
always
Current k/v pairs of interface info for the WTI device after module execution.

Sample:
[{'eth0': {'ietf-ipv4': {'clear': 1, 'entries': [{'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT', 'index': '1'}, {'entry': 'iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT', 'index': '2'}]}}}]


Authors

  • Western Telematic Inc. (@wtinetworkgear)