Add support for setting Strict Outgoing Network Interface Binding (strictout)

changelogs/fragments/254_dns_resolver_strictout.yaml

@@ -0,0 +1,2 @@
+minor_changes:
+  - pfsense_dns_resolver -  Add ability to set Strict Outgoing Network Interface Binding (https://github.com/pfsensible/core/pull/254).

plugins/modules/pfsense_dns_resolver.py

@@ -63,6 +63,13 @@
     default: [ "all" ]
     type: list
     elements: str
+  strictout:
+    description:
+      - Strict Outgoing Network Interface Binding.
+      - Do not send recursive queries if none of the Outgoing Network Interfaces are available.
+    required: false
+    type: bool
+    version_added: 0.7.2
   system_domain_local_zone_type:
     description: The local-zone type used for the pfSense system domain.
     required: false
@@ -338,7 +345,7 @@
     tlsport=dict(default=None, type='int'),
     active_interface=dict(default=["all"], type='list', elements='str'),
     outgoing_interface=dict(default=["all"], type='list', elements='str'),
-    # TODO: Strict Outgoing Network interface Binding: check box option
+    strictout=dict(type='bool'),
     system_domain_local_zone_type=dict(default='transparent', choices=['deny', 'refuse', 'static', 'transparent', 'typetransparent', 'redirect', 'inform',
                                                                        'inform_deny', 'nodefault']),
     dnssec=dict(default=True, type='bool'),
@@ -455,6 +462,7 @@ def _params_to_obj(self):
             self._get_ansible_param_bool(obj, "forward_tls_upstream", value="")
             self._get_ansible_param_bool(obj, "prefetch", value="")
             self._get_ansible_param_bool(obj, "prefetchkey", value="")
+            self._get_ansible_param_bool(obj, "strictout", value="")
             self._get_ansible_param(obj, "msgcachesize")
             self._get_ansible_param(obj, "outgoing_num_tcp")
             self._get_ansible_param(obj, "incoming_num_tcp")
@@ -524,7 +532,7 @@ def _get_params_to_remove(self):
             return ["enable"]
         else:
             return ["hideidentity", "hideversion", "dnssecstripped", "forwarding", "regdhcp", "regdhcpstatic", "regovpnclients", "enablessl", "dnssec",
-                    "forward_tls_upstream", "prefetch", "prefetchkey"]
+                    "forward_tls_upstream", "prefetch", "prefetchkey", "strictout"]
 
     ##############################
     # run
@@ -564,6 +572,7 @@ def _log_fields(self, before=None):
         values += self.format_updated_cli_field(self.obj, before, 'tlsport', fvalue=self.fvalue_bool, add_comma=(values), log_none=False)
         values += self.format_updated_cli_field(self.obj, before, 'sslcertref', fvalue=self.fvalue_bool, add_comma=(values), log_none=False)
         values += self.format_updated_cli_field(self.obj, before, 'forwarding', fvalue=self.fvalue_bool, add_comma=(values), log_none=False)
+        values += self.format_updated_cli_field(self.obj, before, 'strictout', fvalue=self.fvalue_bool, add_comma=(values), log_none=False)
         values += self.format_updated_cli_field(self.obj, before, 'system_domain_local_zone_type', add_comma=(values), log_none=False)
         values += self.format_updated_cli_field(self.obj, before, 'regdhcp', fvalue=self.fvalue_bool, add_comma=(values), log_none=False)
         values += self.format_updated_cli_field(self.obj, before, 'regdhcpstatic', fvalue=self.fvalue_bool, add_comma=(values), log_none=False)

tests/unit/plugins/modules/test_pfsense_dns_resolver.py

@@ -39,6 +39,7 @@ def check_target_elt(self, obj, target_elt, target_idx=-1):
         # self.check_param_equal(obj, target_elt, 'active_interface')
         # self.check_param_equal(obj, target_elt, 'outgoing_interface')
         # self.check_param_equal(obj, target_elt, 'system_domain_local_zone_type')
+        self.check_param_bool(obj, target_elt, 'strictout')
         self.check_param_bool(obj, target_elt, 'dnssec', default=True)
         self.check_param_bool(obj, target_elt, 'forwarding')
         self.check_param_bool(obj, target_elt, 'forward_tls_upstream')