Skip to content

Commit

Permalink
[pfsense_nat_outbound] Use bool_values; Set root; targetip -> target …
Browse files Browse the repository at this point in the history 
…for pfSense 2.7.1 pf+ 23.09; Add diff support
  • Loading branch information
@opoplawski
opoplawski committed Jan 21, 2024
1 parent 63050dc commit 0c926e7
Showing 1 changed file with 18 additions and 20 deletions.
38 changes: 18 additions & 20 deletions plugins/module_utils/nat_outbound.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,6 +41,14 @@
["state", "present", ["interface", "source", "destination"]]
]

# Booleans that map to different values
NAT_OUTBOUND_BOOL_VALUES = dict(
disabled=(None, ''),
staticnatport=(None, ''),
nonat=(None, ''),
nosync=(None, ''),
)


def p2o_after(self, name, params, obj):
self.after = params[name]
Expand Down Expand Up @@ -82,23 +90,14 @@ def get_argument_spec():
# init
#
def __init__(self, module, pfsense=None):
super(PFSenseNatOutboundModule, self).__init__(module, pfsense, arg_route=NAT_OUTBOUND_ARG_ROUTE)
super(PFSenseNatOutboundModule, self).__init__(module, pfsense, root='nat/outbound', create_root=True, arg_route=NAT_OUTBOUND_ARG_ROUTE,
bool_values=NAT_OUTBOUND_BOOL_VALUES)
self.name = "pfsense_nat_outbound"

self.after = None
self.before = None
self.position_changed = False

nat_elt = self.pfsense.get_element('nat')
if nat_elt is None:
nat_elt = self.pfsense.new_element('nat')
self.pfsense.root.append(nat_elt)

self.root_elt = nat_elt.find('outbound')
if self.root_elt is None:
self.root_elt = self.pfsense.new_element('outbound')
nat_elt.append(self.root_elt)

##############################
# params processing
#
Expand Down Expand Up @@ -194,8 +193,6 @@ def _parse_ports(self, obj, ports, field_port, param):
def _parse_translated_address(self, obj):
""" validate param address field and returns it as a dict """
obj['target'] = ''
obj['targetip'] = ''
obj['targetip_subnet'] = ''

if self.params.get('address') is None or self.params['address'] == '':
return
Expand All @@ -216,16 +213,14 @@ def _parse_translated_address(self, obj):
if obj['poolopts'] != '' and not obj['poolopts'].startswith('round-robin'):
self.module.fail_json(msg='Only Round Robin pool options may be chosen when selecting an alias.')
elif self.pfsense.is_ipv4_address(address):
obj['target'] = 'other-subnet'
obj['targetip'] = address
obj['targetip_subnet'] = '32'
obj['target'] = address
obj['target_subnet'] = '32'
else:
(addr, part) = self.pfsense.parse_ip_network(address, False, False)
if addr is None:
self.module.fail_json(msg='Cannot parse address %s, not IP or alias' % (address))
obj['target'] = 'other-subnet'
obj['targetip'] = addr
obj['targetip_subnet'] = str(part)
obj['target'] = addr
obj['target_subnet'] = str(part)

self._parse_ports(obj, ports, 'natport', param)

Expand All @@ -250,12 +245,15 @@ def _validate_params(self):
def _copy_and_add_target(self):
""" create the XML target_elt """
self.pfsense.copy_dict_to_element(self.obj, self.target_elt)
self.diff['after'] = self.obj
self._insert(self.target_elt)

def _copy_and_update_target(self):
""" update the XML target_elt """
before = self.pfsense.element_to_dict(self.target_elt)
self.diff['before'] = before
changed = self.pfsense.copy_dict_to_element(self.obj, self.target_elt)
self.diff['after'] = self.pfsense.element_to_dict(self.target_elt)
if self._remove_deleted_params():
changed = True

Expand Down Expand Up @@ -472,7 +470,7 @@ def _obj_to_log_fields(self, rule):
res['interface'] = self.pfsense.get_interface_display_name(rule['interface'])

if rule['target'] == 'other-subnet':
res['address'] = rule['targetip'] + '/' + rule['targetip_subnet']
res['address'] = rule['target'] + '/' + rule['target_subnet']
else:
res['address'] = rule['target']
if 'natport' in rule and rule['natport'] != '':
Expand Down

0 comments on commit 0c926e7

Please sign in to comment.