diff options
author | Kevin M. Gallagher <kevingallagher@gmail.com> | 2018-03-01 04:24:02 -0800 |
---|---|---|
committer | John R Barker <john@johnrbarker.com> | 2018-03-01 12:24:02 +0000 |
commit | 3a6f0fbb9c698b9440f1c21c973822d1b8883124 (patch) | |
tree | 803b9eabb07b012158dbaaec8fd804667ce3861b | |
parent | 9db509db809cdf4be771419afc5cd5a15d7902cf (diff) | |
download | ansible-3a6f0fbb9c698b9440f1c21c973822d1b8883124.tar.gz |
Allow inversion of uid_owner match in iptables module (#36073)
Fixes #20747 and updates documentation for uid_owner in iptables.py
-rw-r--r-- | lib/ansible/modules/system/iptables.py | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/ansible/modules/system/iptables.py b/lib/ansible/modules/system/iptables.py index a5d0bea3f0..73b3fdc0ec 100644 --- a/lib/ansible/modules/system/iptables.py +++ b/lib/ansible/modules/system/iptables.py @@ -238,7 +238,9 @@ options: version_added: "2.1" uid_owner: description: - - Specifies the UID or username to use in match by owner rule. + - Specifies the UID or username to use in match by owner rule. From + Ansible 2.6 when the C(!) argument is prepended then the it inverts + the rule to apply instead to all users except that one specified. version_added: "2.1" reject_with: description: @@ -437,6 +439,7 @@ def construct_rule(params): append_param(rule, params['limit'], '--limit', False) append_param(rule, params['limit_burst'], '--limit-burst', False) append_match(rule, params['uid_owner'], 'owner') + append_match_flag(rule, params['uid_owner'], '--uid-owner', True) append_param(rule, params['uid_owner'], '--uid-owner', False) if params['jump'] is None: append_jump(rule, params['reject_with'], 'REJECT') |