wti.remote.cpm_iptables_config lookup – Set network IPTables parameters in WTI OOB and PDU devices
Note
This lookup plugin is part of the wti.remote collection (version 1.0.4).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install wti.remote
.
To use it in a playbook, specify: wti.remote.cpm_iptables_config
.
New in version 2.10.0: of wti.remote
Parameters
Parameter |
Comments |
---|---|
Removes all the iptables for the protocol being defined before setting the newly defined entry. Choices:
|
|
Actual iptables command to send to the WTI device. |
|
This is the Password of the WTI device to send the module. |
|
This is the URL of the WTI device to send the module. |
|
This is the Username of the WTI device to send the module. |
|
Index in which command should be inserted. If not defined entry will start at position one. |
|
The protocol that the iptables entry should be applied. 0 = ipv4, 1 = ipv6. Choices:
|
|
Designates to use an https connection or http connection. Choices:
|
|
Flag to control if the lookup will observe HTTP proxy environment variables when present. Choices:
|
|
If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates. Choices:
|
Examples
# Set Network IPTables Parameters
- name: Set the an IPTables Parameter for a WTI device
cpm_iptables_config:
cpm_url: "nonexist.wti.com"
cpm_username: "super"
cpm_password: "super"
use_https: true
validate_certs: false
command: "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT"
# Sets multiple Network IPTables Parameters
- name: Set the IPTables Parameters a WTI device
cpm_iptables_config:
cpm_url: "nonexist.wti.com"
cpm_username: "super"
cpm_password: "super"
use_https: true
validate_certs: false
index:
- 1
- 2
command:
- "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 443 -j ACCEPT"
- "iptables -A INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j ACCEPT"
Return Values
Common return values are documented here, the following are the fields unique to this lookup:
Key |
Description |
---|---|
The output JSON returned from the commands sent Returned: always |
|
Current k/v pairs of interface info for the WTI device after module execution. Returned: always Sample: [{“eth0”: {“ietf-ipv4”: {“clear”: 1, “entries”: [{“entry”: “iptables -A INPUT -p tcp -m state –state NEW -m tcp –dport 443 -j ACCEPT”, “index”: “1”}, {“entry”: “iptables -A INPUT -p tcp -m state –state NEW -m tcp –dport 22 -j ACCEPT”, “index”: “2”}]}}}] |
Authors
Western Telematic Inc. (@wtinetworkgear)
Hint
Configuration entries for each entry type have a low to high priority order. For example, a variable that is lower in the list will override a variable that is higher up.