Merge pull request #55683 from Ch3LL/bp_50343

Master Port #50343
saltstack · Dec 21, 2019 · 2fc9a75 · 2fc9a75
2 parents c6871f7 + 27e298f
commit 2fc9a75
Show file tree

Hide file tree

Showing 2 changed files with 12 additions and 45 deletions.
diff --git a/salt/modules/firewalld.py b/salt/modules/firewalld.py
@@ -13,7 +13,6 @@
 # Import Salt Libs
 from salt.exceptions import CommandExecutionError
 import salt.utils.path
-import salt.utils.versions
 
 log = logging.getLogger(__name__)
 
@@ -618,8 +617,7 @@ def remove_masquerade(zone=None, permanent=True):
     return __firewall_cmd(cmd)
 
 
-# TODO: remove force_masquerade parameter in future release
-def add_port(zone, port, permanent=True, force_masquerade=None):
+def add_port(zone, port, permanent=True, force_masquerade=False):
     '''
     Allow specific ports in a zone.
 
@@ -630,19 +628,11 @@ def add_port(zone, port, permanent=True, force_masquerade=None):
     .. code-block:: bash
 
         salt '*' firewalld.add_port internal 443/tcp
-    '''
-
-    # Previously, masquerading was always enabled here
-    # This will be deprecated in a future release
-    if force_masquerade is None:
-        force_masquerade = True
-        salt.utils.versions.warn_until(
-            'Neon',
-            'add_port function will no longer force enable masquerading '
-            'in future releases. Use add_masquerade to enable masquerading.')
 
-    # (DEPRECATED) Force enable masquerading
-    # TODO: remove in future release
+    force_masquerade
+        when a zone is created ensure masquerade is also enabled
+        on that zone.
+    '''
     if force_masquerade and not get_masquerade(zone):
         add_masquerade(zone)
 
@@ -694,8 +684,7 @@ def list_ports(zone, permanent=True):
     return __firewall_cmd(cmd).split()
 
 
-# TODO: remove force_masquerade parameter in future release
-def add_port_fwd(zone, src, dest, proto='tcp', dstaddr='', permanent=True, force_masquerade=None):
+def add_port_fwd(zone, src, dest, proto='tcp', dstaddr='', permanent=True, force_masquerade=False):
     '''
     Add port forwarding.
 
@@ -706,19 +695,11 @@ def add_port_fwd(zone, src, dest, proto='tcp', dstaddr='', permanent=True, force
     .. code-block:: bash
 
         salt '*' firewalld.add_port_fwd public 80 443 tcp
-    '''
-
-    # Previously, masquerading was always enabled here
-    # This will be deprecated in a future release
-    if force_masquerade is None:
-        force_masquerade = True
-        salt.utils.versions.warn_until(
-            'Neon',
-            'add_port_fwd function will no longer force enable masquerading '
-            'in future releases. Use add_masquerade to enable masquerading.')
 
-    # (DEPRECATED) Force enable masquerading
-    # TODO: remove in future release
+    force_masquerade
+        when a zone is created ensure masquerade is also enabled
+        on that zone.
+    '''
     if force_masquerade and not get_masquerade(zone):
         add_masquerade(zone)
 

diff --git a/salt/states/firewalld.py b/salt/states/firewalld.py
@@ -84,7 +84,6 @@
 from salt.exceptions import CommandExecutionError
 from salt.output import nested
 import salt.utils.path
-import salt.utils.versions
 
 log = logging.getLogger(__name__)
 
@@ -163,9 +162,7 @@ def present(name,
             port_fwd=None,
             prune_port_fwd=False,
             services=None,
-            # TODO: prune_services=False in future release
-            # prune_services=False,
-            prune_services=None,
+            prune_services=False,
             interfaces=None,
             prune_interfaces=False,
             sources=None,
@@ -206,7 +203,7 @@ def present(name,
     services : None
         List of services to add to the zone.
 
-    prune_services : True
+    prune_services : False
         If ``True``, remove all but the specified services from the zone.
         .. note:: Currently defaults to True for compatibility, but will be changed to False in a future release.
 
@@ -228,15 +225,6 @@ def present(name,
     prune_rich_rules : False
         If ``True``, remove all but the specified rich rules from the zone.
     '''
-
-    # if prune_services == None, set to True and log a deprecation warning
-    if prune_services is None:
-        prune_services = True
-        salt.utils.versions.warn_until(
-            'Neon',
-            'The \'prune_services\' argument default is currently True, '
-            'but will be changed to False in the Neon release.')
-
     ret = _present(name, block_icmp, prune_block_icmp, default, masquerade, ports, prune_ports,
             port_fwd, prune_port_fwd, services, prune_services, interfaces, prune_interfaces,
             sources, prune_sources, rich_rules, prune_rich_rules)
@@ -513,7 +501,6 @@ def _present(name,
         for port in new_ports:
             if not __opts__['test']:
                 try:
-                    # TODO: force_masquerade to be removed in future release
                     __salt__['firewalld.add_port'](name, port, permanent=True, force_masquerade=False)
                 except CommandExecutionError as err:
                     ret['comment'] = 'Error: {0}'.format(err)
@@ -562,7 +549,6 @@ def _present(name,
         for fwd in new_port_fwd:
             if not __opts__['test']:
                 try:
-                    # TODO: force_masquerade to be removed in future release
                     __salt__['firewalld.add_port_fwd'](name, fwd.srcport,
                         fwd.destport, fwd.protocol, fwd.destaddr, permanent=True,
                         force_masquerade=False)