iptables: Fixes invalid ip6tables option (#19657)

fixes #19656
8 years ago · a10209cbe9
parent 31526595c5
commit a10209cbe9
1 changed files with 10 additions and 1 deletions
--- a/lib/ansible/modules/system/iptables.py
+++ b/lib/ansible/modules/system/iptables.py
@ -23,6 +23,11 @@ BINS = dict(
    ipv6='ip6tables',
 )

+ICMP_TYPE_OPTIONS = dict(
+    ipv4='--icmp-type',
+    ipv6='--icmpv6-type',
+)
+
 ANSIBLE_METADATA = {'status': ['preview'],
                    'supported_by': 'core',
                    'version': '1.0'}
@ -403,7 +408,11 @@ def construct_rule(params):
    append_param(rule, params['uid_owner'], '--uid-owner', False)
    append_jump(rule, params['reject_with'], 'REJECT')
    append_param(rule, params['reject_with'], '--reject-with', False)
-    append_param(rule, params['icmp_type'], '--icmp-type', False)
+    append_param(
+        rule,
+        params['icmp_type'],
+        ICMP_TYPE_OPTIONS[params['ip_version']],
+        False)
    return rule