From: Jan Vansteenkiste <jan@vstone.eu>
Date: Thu, 23 Aug 2012 06:51:24 +0000 (+0200)
Subject: Generic generating command line options for negated rules
X-Git-Tag: 0.5.0~18^2~4
X-Git-Url: https://review.fuel-infra.org/gitweb?a=commitdiff_plain;h=a832949aa1d25c122df147f485b19457918ce3cf;p=puppet-modules%2Fpuppetlabs-firewall.git

Generic generating command line options for negated rules
---

diff --git a/lib/puppet/provider/firewall/iptables.rb b/lib/puppet/provider/firewall/iptables.rb
index 147c728..81f8b19 100644
--- a/lib/puppet/provider/firewall/iptables.rb
+++ b/lib/puppet/provider/firewall/iptables.rb
@@ -357,6 +357,12 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
         next
       end
 
+      ## Generic negating of rules
+      if resource_value =~ /!\s?(.*)/
+        resource_value = $1
+        args << "!"
+      end
+
       args << [resource_map[res]].flatten.first.split(' ')
 
       # For sport and dport, convert hyphens to colons since the type
@@ -374,10 +380,6 @@ Puppet::Type.type(:firewall).provide :iptables, :parent => Puppet::Provider::Fir
         one, two = resource_value.split(' ')
         args << one
         args << two
-      elsif res == :source or res == :destination
-        one, two = resource_value.split(' ')
-        args << one
-        args << two unless two == nil
       elsif resource_value.is_a?(Array)
         args << resource_value.join(',')
       elsif !resource_value.nil?