Vh 6LddlmZmZmZeZdZdZdZddl m Z m Z ddl m Z ddlmZmZddlmZ dd lZd Z dd lmZdd lmZd Zd Zd ZdZdZ dZ!dZ"dZ#dZ$dZ%dZ&dZ'dZ(dZ)dZ*dZ+dZ,dZ-dZ.dZ/e0dk(re/y y #e$rd ZY_wxYw#e$rd ZY]wxYw) )absolute_importdivisionprint_functionaf --- module: firewalld_info short_description: Gather information about firewalld description: - This module gathers information about firewalld rules. options: active_zones: description: Gather information about active zones. type: bool default: false zones: description: - Gather information about specific zones. - If only works if O(active_zones=false). required: false type: list elements: str requirements: - firewalld >= 0.2.11 - python-firewall - python-dbus author: - Hideki Saito (@saito-hideki) a - name: Gather information about active zones ansible.posix.firewalld_info: active_zones: true register: result - name: Print default zone for debugging ansible.builtin.debug: var: result.firewalld_info.default_zone - name: Gather information about specific zones ansible.posix.firewalld_info: zones: - public - external - internal register: result a active_zones: description: - Gather active zones only if turn it C(true). returned: success type: bool sample: false collected_zones: description: - A list of collected zones. returned: success type: list sample: [external, internal] undefined_zones: description: - A list of undefined zones in C(zones) option. - C(undefined_zones) will be ignored for gathering process. returned: success type: list sample: [foo, bar] firewalld_info: description: - Returns various information about firewalld configuration. returned: success type: complex contains: version: description: - The version information of firewalld. returned: success type: str sample: 0.8.2 default_zone: description: - The zone name of default zone. returned: success type: str sample: public zones: description: - A dict of zones to gather information. returned: success type: complex contains: zone: description: - The zone name registered in firewalld. returned: success type: complex sample: external contains: target: description: - A list of services in the zone. returned: success type: str sample: ACCEPT icmp_block_inversion: description: - The ICMP block inversion to block all ICMP requests. returned: success type: bool sample: false interfaces: description: - A list of network interfaces. returned: success type: list sample: - 'eth0' - 'eth1' sources: description: - A list of source network address. returned: success type: list sample: - '172.16.30.0/24' - '172.16.31.0/24' services: description: - A list of network services. returned: success type: list sample: - 'dhcp' - 'dns' - 'ssh' ports: description: - A list of network port with protocol. returned: success type: list sample: - - "22" - "tcp" - - "80" - "tcp" protocols: description: - A list of network protocol. returned: success type: list sample: - "icmp" - "ipv6-icmp" forward: description: - The network interface forwarding. - This parameter supports on python-firewall 0.9.0(or later) and is not collected in earlier versions. returned: success type: bool sample: false masquerade: description: - The network interface masquerading. returned: success type: bool sample: false forward_ports: description: - A list of forwarding port pair with protocol. returned: success type: list sample: - "icmp" - "ipv6-icmp" source_ports: description: - A list of network source port with protocol. returned: success type: list sample: - - "30000" - "tcp" - - "30001" - "tcp" icmp_blocks: description: - A list of blocking icmp protocol. returned: success type: list sample: - "echo-request" rich_rules: description: - A list of rich language rule. returned: success type: list sample: - "rule protocol value=\"icmp\" reject" - "rule priority=\"32767\" reject" ) AnsibleModulemissing_required_lib) to_native)respawn_moduleHAS_RESPAWN_UTIL) StrictVersionNTFc"tjSN) fw_configVERSIONp/home/dcms/DCMS/lib/python3.12/site-packages/ansible_collections/ansible/posix/plugins/modules/firewalld_info.py get_versionrs   rc>|jjSr )getActiveZoneskeysclients rget_active_zonesrs  " ' ' ))rc"|jSr )getZonesrs r get_all_zonesrs ?? rc"|jSr )getDefaultZoners rget_default_zoners  ""rc$|j|Sr )getZoneSettings)rzones rget_zone_settingsr#s  ! !$ ''rc"|jSr ) getTarget zone_settingss rget_zone_targetr(s  " " $$rc"|jSr )getIcmpBlockInversionr&s rget_zone_icmp_block_inversionr+s  . . 00rc"|jSr ) getInterfacesr&s rget_zone_interfacesr.  & & ((rc"|jSr ) getSourcesr&s rget_zone_sourcesr2  # # %%rc"|jSr ) getServicesr&s rget_zone_servicesr6 s  $ $ &&rc"|jSr )getPortsr&s rget_zone_portsr9s  ! ! ##rc"|jSr ) getProtocolsr&s rget_zone_protocolsr<  % % ''rc"|jSr ) getForwardr&s rget_zone_forwardr@r3rc"|jSr ) getMasquerader&s rget_zone_masqueraderCr/rc"|jSr )getForwardPortsr&s rget_zone_forward_portsrF!s  ( ( **rc"|jSr )getSourcePortsr&s rget_zone_source_portsrI%s  ' ' ))rc"|jSr ) getIcmpBlocksr&s rget_zone_icmp_blocksrL)r/rc"|jSr ) getRichRulesr&s rget_zone_rich_rulesrO-r=rcttdddtddd}t|d }t}td|jd ttt }tst st r td ts|jtd t s|jtdt} tj}t|d<t||d<t}t}t}|jd r t|}n|jdrt|} |jd} tt!| t!| z}tt!| t!|z }|r/|j#ddj%|zn t|}|D]} t} t'|| } t)| | d<t+| | d<t-| | d<t/| | d<t1| | d<t3| | d<t5| | d<t7| | d<t9| | d<t;| | d<t=| | d<t?| | d <tA|dtAd!k\rtC| | d"<| || <||d<|d%<|d&<||d'<||d(<|jNd)i|y#tD$r(}|jd#tG|zYd}~Sd}~wtHjJjL$r(}|jd$tG|zYd}~d}~wwxYw)*NFbool)requiredtypedefaultliststr)rRrSelements) active_zoneszonesT) argument_specsupports_check_moderX)changedrXcollected_zonesundefined_zoneswarningsfirewallz python-dbus)msgzpython-firewallversion default_zonerYzBPlease note: zone:(%s) have been ignored in the gathering process.,targeticmp_block_inversion interfacessourcesservicesports protocols masquerade forward_ports source_ports icmp_blocks rich_rulesz0.9.0forwardzzfirewalld probably not be running, Or the following method is not supported with your python-firewall version. (Error: %s)zdUnable to gather firewalld settings. You may need to run as the root user or use become. (Error: %s)r]r^firewalld_infor_r)(dictrparamsrUHAS_DBUS HAS_FIREWALLDr r fail_jsonr fw_clientFirewallClientrrrrsetappendjoinr#r(r+r.r2r6r9r<rCrFrIrLrOr r@AttributeErrorrdbus exceptions DBusException exit_json) module_argsmodulerrresultwarnr zones_info collect_zones ignore_zones all_zonesspecified_zonesr" zone_infor'es rmainr1ss5vuEE?K ! F VN ]]>2 F M.> z" 1-@A 12CDE 6D6J))+%0My!)9&)A~&V  v == (,V4M ]]7 #%f-I$mmG4O _!5I!FGMO 4s=7I IJL X[^[c[cdp[qqs*&1M! )DI-fd;M"1-"@Ih 0Mm0\I, -&9-&HIl ##3M#BIi $5m$DIj !!/ !>Ig %7 %FIk "&9-&HIl #)? )NIo &(=m(LIn %';M'JIm $&9-&HIl #^I67=;QQ'7 'F )$(Jt - ).#-w!.F  ,F -F F:Fv q`clmncop q q ?? ( (J9;DQ<H J JJs%G9K<< M0L(( M0M++M0__main__)1 __future__rrrrS __metaclass__ DOCUMENTATIONEXAMPLESRETURNansible.module_utils.basicrransible.module_utils._textr?ansible_collections.ansible.posix.plugins.module_utils._respawnr r >ansible_collections.ansible.posix.plugins.module_utils.versionr r~ru ImportErrorfirewall.clientrrxfirewall.configconfigrrvrrrrr#r(r+r.r2r6r9r<r@rCrFrIrLrOr__name__rrrrsCB  4 &[ zK0lXH''M *#(%1)&'$( &)+*)(`F zFoHMs"B B BBB#"B#