feat(config): Add iptables connection state options

examples/config.ini.example

@@ -3,7 +3,9 @@ target = ACCEPT
 addr =
 ports = 80, 443
 proto = tcp
-do_config_check = true
+state = NEW
+do_ipv6 = false
+firewalld_direct_file_abs = /etc/firewalld/direct.xml
 restart_firewalld_after_change = true
 
 [anyone-can-access-website]

update-firewall-source.py

@@ -49,12 +49,14 @@ class CONST(object):
     # an empty string. An example config.ini file may give a sane config example value here, removing that value
     # still results in a valid file.
     CFG_KNOWN_DEFAULTS = [
-        {"key": "target", "value": "ACCEPT", "is_global": False},
+        {"key": "target", "value": "ACCEPT", "is_global": False, "empty_ok": False},
-        {"key": "addr", "value": "", "is_global": False},
+        {"key": "addr", "value": "", "is_global": False, "empty_ok": True},
-        {"key": "ports", "value": "80, 443", "is_global": False},
+        {"key": "ports", "value": "80, 443", "is_global": False, "empty_ok": True},
-        {"key": "proto", "value": "tcp", "is_global": False},
+        {"key": "proto", "value": "tcp", "is_global": False, "empty_ok": True},
-        {"key": "do_config_check", "value": "true", "is_global": True},
+        {"key": "state", "value": "NEW", "is_global": False, "empty_ok": True},
-        {"key": "restart_firewalld_after_change", "value": "true", "is_global": True}
+        {"key": "do_ipv6", "value": "false", "is_global": False, "empty_ok": False},
+        {"key": "firewalld_direct_abs", "value": "/etc/firewalld/direct.xml", "is_global": True, "empty_ok": False},
+        {"key": "restart_firewalld_after_change", "value": "true", "is_global": True, "empty_ok": False}
     ]
     # In all sections other than 'default' the following settings are known and accepted. We ignore other settings.
     # Per CFG_KNOWN_DEFAULTS above most '[DEFAULT]' options are accepted by virtue of being defaults and overridable.