Generic generating command line options for negated rules

author Jan Vansteenkiste <jan@vstone.eu>

Thu, 23 Aug 2012 06:51:24 +0000 (08:51 +0200)

committer Patrick Hemmer <patrick.hemmer@gmail.com>

Fri, 20 Dec 2013 20:11:29 +0000 (15:11 -0500)
author Jan Vansteenkiste <jan@vstone.eu>
Thu, 23 Aug 2012 06:51:24 +0000 (08:51 +0200)
committer Patrick Hemmer <patrick.hemmer@gmail.com>
Fri, 20 Dec 2013 20:11:29 +0000 (15:11 -0500)
diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb

index 147c728c809dae0ca448cf4b9b35c728a0a9e7df..81f8b1931b87d84a3000af69ff31142659ca1f8d 100644 (file)
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -357,6 +357,12 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
          next
        end
  
+      ## Generic negating of rules
+      if resource_value =~ /!\s?(.*)/
+        resource_value = $1
+        args << "!"
+      end
+
        args << [resource_map[res]].flatten.first.split(' ')
  
        # For sport and dport, convert hyphens to colons since the type
@@ -374,10 +380,6 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
          one, two = resource_value.split(' ')
          args << one
          args << two
-      elsif res == :source or res == :destination
-        one, two = resource_value.split(' ')
-        args << one
-        args << two unless two == nil
        elsif resource_value.is_a?(Array)
          args << resource_value.join(',')
        elsif !resource_value.nil?
author	Jan Vansteenkiste <jan@vstone.eu>
	Thu, 23 Aug 2012 06:51:24 +0000 (08:51 +0200)
committer	Patrick Hemmer <patrick.hemmer@gmail.com>
	Fri, 20 Dec 2013 20:11:29 +0000 (15:11 -0500)