From b3d2ce0e181d3420cb5f9f8e0c898bf029ba56c7 Mon Sep 17 00:00:00 2001 From: Jason Ertel Date: Fri, 12 Jun 2020 13:52:24 -0400 Subject: [PATCH] support applying the firewall state directly from so-firewall --- salt/common/tools/sbin/so-firewall | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/salt/common/tools/sbin/so-firewall b/salt/common/tools/sbin/so-firewall index d87fd847e..c0acc7c98 100755 --- a/salt/common/tools/sbin/so-firewall +++ b/salt/common/tools/sbin/so-firewall @@ -15,6 +15,7 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see . +import subprocess import sys import yaml @@ -23,7 +24,10 @@ portgroupsFilename = "/opt/so/saltstack/local/salt/firewall/portgroups.local.yam supportedProtocols = ['tcp', 'udp'] def showUsage(args): - print('Usage: {} [ARGS...]'.format(sys.argv[0])) + print('Usage: {} [OPTIONS] [ARGS...]'.format(sys.argv[0])) + print(' Options:') + print(' --apply - After updating the firewall configuration files, apply the new firewall state') + print('') print(' Available commands:') print(' help - Prints this usage information.') print(' includedhosts - Lists the IPs included in the given group. Args: ') @@ -259,8 +263,18 @@ def removehost(args): showUsage(args) return removeIp(args[0], args[1], 'delete') +def apply(): + proc = subprocess.run(['salt-call', 'state.apply', 'firewall', 'queue=True']) + return proc.returncode + def main(): + options = [] args = sys.argv[1:] + for option in args: + if option.startswith("--"): + options.append(option) + args.remove(option) + if len(args) == 0: showUsage(None) @@ -280,6 +294,11 @@ def main(): cmd = commands.get(args[0], showUsage) code = cmd(args[1:]) + + + if code == 0 and "--apply" in options: + code = apply() + sys.exit(code) if __name__ == "__main__":