arista.eos.eos_acl_interfaces 模块 – ACL 接口资源模块
注意
此模块是 arista.eos 集合 (版本 10.0.1) 的一部分。
如果您使用的是 ansible 软件包,则可能已经安装了此集合。它不包含在 ansible-core 中。要检查它是否已安装,请运行 ansible-galaxy collection list。
要安装它,请使用: ansible-galaxy collection install arista.eos。
要在 playbook 中使用它,请指定: arista.eos.eos_acl_interfaces。
arista.eos 1.0.0 中的新增功能
概要
此模块管理在运行 EOS 软件的设备上添加和删除访问控制列表 (ACL) 与接口的关联。
参数
参数 |
注释 |
|---|---|
接口的 ACL 选项字典。 |
|
指定附加到接口的 ACL。 |
|
指定为提供的 AFI 的 ACL。 |
|
指定将应用 ACL 的数据包方向。 选项
|
|
指定接口的 IPv4/IPv6 ACL 的名称。 |
|
指定要在该接口上配置的 ACL 的 AFI。 选项
|
|
接口的名称/标识符。 |
|
默认情况下,模块将连接到远程设备并检索当前运行配置,将其用作与源内容进行比较的基础。有时,不希望任务为 playbook 中的每个任务获取当前运行配置。running_config 参数允许实现者传入用作比较基础配置的配置。此选项的值应是从设备执行命令后收到的输出 |
|
配置应保留的状态。 选项
|
示例
# Using Merged
# Before state:
# -------------
#
# eos#sh running-config | include interface|access-group
# interface Ethernet1
# interface Ethernet2
# interface Ethernet3
- name: Merge module attributes of given access-groups
arista.eos.eos_acl_interfaces:
config:
- name: Ethernet2
access_groups:
- afi: ipv4
acls:
name: acl01
direction: in
- afi: ipv6
acls:
name: acl03
direction: out
state: merged
# Commands Fired:
# ---------------
#
# interface Ethernet2
# ip access-group acl01 in
# ipv6 access-group acl03 out
# After state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Loopback888
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 in
# ipv6 access-group acl03 out
# interface Ethernet3
# Using Replaced
# Before state:
# -------------
#
# eos#sh running-config | include interface|access-group
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 in
# ipv6 access-group acl03 out
# interface Ethernet3
# ip access-group acl01 in
- name: Replace module attributes of given access-groups
arista.eos.eos_acl_interfaces:
config:
- name: Ethernet2
access_groups:
- afi: ipv4
acls:
name: acl01
direction: out
state: replaced
# Commands Fired:
# ---------------
#
# interface Ethernet2
# no ip access-group acl01 in
# no ipv6 access-group acl03 out
# ip access-group acl01 out
# After state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Loopback888
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 out
# interface Ethernet3
# ip access-group acl01 in
# Using Overridden
# Before state:
# -------------
#
# eos#sh running-config | include interface|access-group
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 in
# ipv6 access-group acl03 out
# interface Ethernet3
# ip access-group acl01 in
- name: Override module attributes of given access-groups
arista.eos.eos_acl_interfaces:
config:
- name: Ethernet2
access_groups:
- afi: ipv4
acls:
name: acl01
direction: out
state: overridden
# Commands Fired:
# ---------------
#
# interface Ethernet2
# no ip access-group acl01 in
# no ipv6 access-group acl03 out
# ip access-group acl01 out
# interface Ethernet3
# no ip access-group acl01 in
# After state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Loopback888
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 out
# interface Ethernet3
# Using Deleted
# Before state:
# -------------
#
# eos#sh running-config | include interface|access-group
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 in
# ipv6 access-group acl03 out
# interface Ethernet3
# ip access-group acl01 out
- name: Delete module attributes of given access-groups
arista.eos.eos_acl_interfaces:
config:
- name: Ethernet2
access_groups:
- afi: ipv4
acls:
name: acl01
direction: in
- afi: ipv6
acls:
name: acl03
direction: out
state: deleted
# Commands Fired:
# ---------------
#
# interface Ethernet2
# no ip access-group acl01 in
# no ipv6 access-group acl03 out
# After state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Loopback888
# interface Ethernet1
# interface Ethernet2
# interface Ethernet3
# ip access-group acl01 out
# Before state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 in
# ipv6 access-group acl03 out
# interface Ethernet3
# ip access-group acl01 out
- name: Delete module attributes of given access-groups from ALL Interfaces
arista.eos.eos_acl_interfaces:
config:
state: deleted
# Commands Fired:
# ---------------
#
# interface Ethernet2
# no ip access-group acl01 in
# no ipv6 access-group acl03 out
# interface Ethernet3
# no ip access-group acl01 out
# After state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Loopback888
# interface Ethernet1
# interface Ethernet2
# interface Ethernet3
# Before state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 in
# ipv6 access-group acl03 out
# interface Ethernet3
# ip access-group acl01 out
- name: Delete acls under afi
arista.eos.eos_acl_interfaces:
config:
- name: Ethernet3
access_groups:
- afi: ipv4
- name: Ethernet2
access_groups:
- afi: ipv6
state: deleted
# Commands Fired:
# ---------------
#
# interface Ethernet2
# no ipv6 access-group acl03 out
# interface Ethernet3
# no ip access-group acl01 out
# After state:
# -------------
#
# eos#sh running-config | include interface| access-group
# interface Loopback888
# interface Ethernet1
# interface Ethernet2
# ip access-group acl01 in
# interface Ethernet3
返回值
常见的返回值已在 此处 记录,以下是此模块独有的字段
键 |
描述 |
|---|---|
生成的配置模型调用。 返回:已更改时 示例: |
|
模型调用之前的配置。 返回:始终返回 示例: |
|
推送到远程设备的命令集。 返回:始终返回 示例: |