firewalld: Add methods for modifying services.

The methods to not have a `permanent` parameter because those operations are only allowed for the permanent configuration anyway.
2024-11-08 09:23:56 +00:00 · 2016-05-14 17:53:10 +02:00 · 2016-05-14 17:53:10 +02:00 · 5c1b8fc246
commit 5c1b8fc246
parent 59d8a3a5a1
1 changed files with 104 additions and 0 deletions
--- a/salt/modules/firewalld.py
+++ b/salt/modules/firewalld.py
@ -434,6 +434,110 @@ def remove_service(service, zone=None, permanent=True):
    return __firewall_cmd(cmd)


+def add_service_port(service, port):
+    '''
+    Add a new port to the specified service.
+
+    .. versionadded:: Boron
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' firewalld.add_service_port zone 80
+    '''
+    if service not in get_services(permanent=True):
+        raise CommandExecutionError('The service does not exist.')
+
+    cmd = '--permanent --service={0} --add-port={1}'.format(service, port)
+    return __firewall_cmd(cmd)
+
+
+def remove_service_port(service, port):
+    '''
+    Remove a port from the specified service.
+
+    .. versionadded:: Boron
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' firewalld.remove_service_port zone 80
+    '''
+    if service not in get_services(permanent=True):
+        raise CommandExecutionError('The service does not exist.')
+
+    cmd = '--permanent --service={0} --remove-port={1}'.format(service, port)
+    return __firewall_cmd(cmd)
+
+
+def get_service_ports(service):
+    '''
+    List ports of a service.
+
+    .. versionadded:: Boron
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' firewalld.get_service_ports zone
+    '''
+    cmd = '--permanent --service={0} --get-ports'.format(service)
+    return __firewall_cmd(cmd).split()
+
+
+def add_service_protocol(service, protocol):
+    '''
+    Add a new protocol to the specified service.
+
+    .. versionadded:: Boron
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' firewalld.add_service_protocol zone ssh
+    '''
+    cmd = '--permanent --service={0} --add-protocol={1}'.format(service,
+                                                                protocol)
+    return __firewall_cmd(cmd)
+
+
+def remove_service_protocol(service, protocol):
+    '''
+    Remove a protocol from the specified service.
+
+    .. versionadded:: Boron
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' firewalld.remove_service_protocol zone ssh
+    '''
+    cmd = '--permanent --service={0} --remove-protocol={1}'.format(service,
+                                                                   protocol)
+    return __firewall_cmd(cmd)
+
+
+def get_service_protocols(service):
+    '''
+    List protocols of a service.
+
+    .. versionadded:: Boron
+
+    CLI Example:
+
+    .. code-block:: bash
+
+        salt '*' firewalld.get_service_protocols zone
+    '''
+    cmd = '--permanent --service={0} --get-protocols'.format(service)
+    return __firewall_cmd(cmd).split()
+
+
 def get_masquerade(zone=None, permanent=True):
    '''
    Show if masquerading is enabled on a zone.