Minor bug fixes - 1 (#61454)

This commit is contained in:
Miguel Angel Muñoz González 2019-08-28 19:59:21 +02:00 committed by Nilashish Chakraborty
parent 5e200f2d0a
commit 35c0782b50
48 changed files with 1093 additions and 229 deletions

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_antivirus_heuristic
short_description: Configure global heuristic options in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify antivirus feature and heuristic category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -243,7 +243,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -260,6 +260,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_antivirus_profile
short_description: Configure AntiVirus profiles in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify antivirus feature and profile category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
analytics_bl_filetype:
description:
- Only submit files matching this DLP file-pattern to FortiSandbox. Source dlp.filepattern.id.
@ -100,7 +114,7 @@ options:
- enable
analytics_max_upload:
description:
- Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes, default = 10).
- Maximum size of files that can be uploaded to FortiSandbox (1 - 395 MBytes).
type: int
analytics_wl_filetype:
description:
@ -1040,7 +1054,12 @@ def underscore_to_hyphen(data):
def antivirus_profile(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['antivirus_profile'] and data['antivirus_profile']:
state = data['antivirus_profile']['state']
else:
state = True
antivirus_profile_data = data['antivirus_profile']
filtered_data = underscore_to_hyphen(filter_antivirus_profile_data(antivirus_profile_data))
@ -1076,15 +1095,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"antivirus_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"analytics_bl_filetype": {"required": False, "type": "int"},
"analytics_db": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
@ -1310,6 +1331,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_antivirus_quarantine
short_description: Configure quarantine options in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify antivirus feature and quarantine category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -406,7 +406,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -470,6 +470,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_antivirus_settings
short_description: Configure AntiVirus settings in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify antivirus feature and settings category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -257,7 +257,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -277,6 +277,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_application_custom
short_description: Configure custom application signatures in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify application feature and custom category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
behavior:
description:
- Custom application signature behavior.
@ -269,7 +283,12 @@ def underscore_to_hyphen(data):
def application_custom(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['application_custom'] and data['application_custom']:
state = data['application_custom']['state']
else:
state = True
application_custom_data = data['application_custom']
filtered_data = underscore_to_hyphen(filter_application_custom_data(application_custom_data))
@ -305,15 +324,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"application_custom": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"behavior": {"required": False, "type": "str"},
"category": {"required": False, "type": "int"},
"comment": {"required": False, "type": "str"},
@ -332,6 +353,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_application_group
short_description: Configure firewall application groups in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify application feature and group category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
application:
description:
- Application ID list.
@ -261,7 +275,12 @@ def underscore_to_hyphen(data):
def application_group(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['application_group'] and data['application_group']:
state = data['application_group']['state']
else:
state = True
application_group_data = data['application_group']
filtered_data = underscore_to_hyphen(filter_application_group_data(application_group_data))
@ -297,15 +316,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"application_group": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"application": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"}
@ -326,6 +347,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_application_list
short_description: Configure application control lists in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify application feature and list category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
app_replacemsg:
description:
- Enable/disable replacement messages for blocked applications.
@ -202,7 +216,7 @@ options:
- attacker
quarantine_expiry:
description:
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m). Requires quarantine set to attacker.
type: str
quarantine_log:
description:
@ -520,7 +534,12 @@ def underscore_to_hyphen(data):
def application_list(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['application_list'] and data['application_list']:
state = data['application_list']['state']
else:
state = True
application_list_data = data['application_list']
filtered_data = underscore_to_hyphen(filter_application_list_data(application_list_data))
@ -556,15 +575,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"application_list": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"app_replacemsg": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"comment": {"required": False, "type": "str"},
@ -649,6 +670,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_application_name
short_description: Configure application signatures in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify application feature and name category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
behavior:
description:
- Application behavior.
@ -303,7 +317,12 @@ def underscore_to_hyphen(data):
def application_name(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['application_name'] and data['application_name']:
state = data['application_name']['state']
else:
state = True
application_name_data = data['application_name']
filtered_data = underscore_to_hyphen(filter_application_name_data(application_name_data))
@ -339,15 +358,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"application_name": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"behavior": {"required": False, "type": "str"},
"category": {"required": False, "type": "int"},
"id": {"required": False, "type": "int"},
@ -374,6 +395,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_application_rule_settings
short_description: Configure application rule settings in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify application feature and rule_settings category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
id:
description:
- Rule ID.
@ -221,7 +235,12 @@ def underscore_to_hyphen(data):
def application_rule_settings(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['application_rule_settings'] and data['application_rule_settings']:
state = data['application_rule_settings']['state']
else:
state = True
application_rule_settings_data = data['application_rule_settings']
filtered_data = underscore_to_hyphen(filter_application_rule_settings_data(application_rule_settings_data))
@ -257,15 +276,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"application_rule_settings": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"id": {"required": True, "type": "int"}
}
@ -275,6 +296,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_authentication_rule
short_description: Configure Authentication Rules in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify authentication feature and rule category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
active_auth_method:
description:
- Select an active authentication method. Source authentication.scheme.name.
@ -109,8 +123,7 @@ options:
type: str
protocol:
description:
- Select the protocol to use for authentication (default = http). Users connect to the FortiGate using this protocol and are asked to
authenticate.
- Select the protocol to use for authentication . Users connect to the FortiGate using this protocol and are asked to authenticate.
type: str
choices:
- http
@ -150,14 +163,14 @@ options:
- disable
transaction_based:
description:
- Enable/disable transaction based authentication (default = disable).
- Enable/disable transaction based authentication .
type: str
choices:
- enable
- disable
web_auth_cookie:
description:
- Enable/disable Web authentication cookies (default = disable).
- Enable/disable Web authentication cookies .
type: str
choices:
- enable
@ -308,7 +321,12 @@ def underscore_to_hyphen(data):
def authentication_rule(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['authentication_rule'] and data['authentication_rule']:
state = data['authentication_rule']['state']
else:
state = True
authentication_rule_data = data['authentication_rule']
filtered_data = underscore_to_hyphen(filter_authentication_rule_data(authentication_rule_data))
@ -344,15 +362,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"authentication_rule": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"active_auth_method": {"required": False, "type": "str"},
"comments": {"required": False, "type": "str"},
"ip_based": {"required": False, "type": "str",
@ -384,6 +404,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_authentication_scheme
short_description: Configure Authentication Schemes in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify authentication feature and scheme category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
domain_controller:
description:
- Domain controller setting. Source user.domain-controller.name.
@ -97,7 +111,7 @@ options:
type: str
fsso_guest:
description:
- Enable/disable user fsso-guest authentication (default = disable).
- Enable/disable user fsso-guest authentication .
type: str
choices:
- enable
@ -108,7 +122,7 @@ options:
type: str
method:
description:
- Authentication methods (default = basic).
- Authentication methods .
type: str
choices:
- ntlm
@ -126,14 +140,14 @@ options:
type: str
negotiate_ntlm:
description:
- Enable/disable negotiate authentication for NTLM (default = disable).
- Enable/disable negotiate authentication for NTLM .
type: str
choices:
- enable
- disable
require_tfa:
description:
- Enable/disable two-factor authentication (default = disable).
- Enable/disable two-factor authentication .
type: str
choices:
- enable
@ -295,7 +309,12 @@ def underscore_to_hyphen(data):
def authentication_scheme(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['authentication_scheme'] and data['authentication_scheme']:
state = data['authentication_scheme']['state']
else:
state = True
authentication_scheme_data = data['authentication_scheme']
filtered_data = underscore_to_hyphen(filter_authentication_scheme_data(authentication_scheme_data))
@ -331,15 +350,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"authentication_scheme": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"domain_controller": {"required": False, "type": "str"},
"fsso_agent_for_ntlm": {"required": False, "type": "str"},
"fsso_guest": {"required": False, "type": "str",
@ -367,6 +388,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_authentication_setting
short_description: Configure authentication setting in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify authentication feature and setting category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -97,7 +97,7 @@ options:
type: str
captive_portal_port:
description:
- Captive portal port number (1 - 65535, default = 0).
- Captive portal port number (1 - 65535).
type: int
captive_portal_type:
description:
@ -279,7 +279,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -303,6 +303,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_dlp_filepattern
short_description: Configure file patterns used by DLP blocking in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify dlp feature and filepattern category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comment:
description:
- Optional comments.
@ -318,7 +332,12 @@ def underscore_to_hyphen(data):
def dlp_filepattern(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['dlp_filepattern'] and data['dlp_filepattern']:
state = data['dlp_filepattern']['state']
else:
state = True
dlp_filepattern_data = data['dlp_filepattern']
filtered_data = underscore_to_hyphen(filter_dlp_filepattern_data(dlp_filepattern_data))
@ -354,15 +373,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dlp_filepattern": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"entries": {"required": False, "type": "list",
"options": {
@ -401,6 +422,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -27,7 +27,7 @@ module: fortios_dlp_fp_doc_source
short_description: Create a DLP fingerprint database by allowing the FortiGate to access a file server containing files from which to create fingerprints in
Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify dlp feature and fp_doc_source category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -77,7 +77,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -88,6 +91,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
date:
description:
- Day of the month on which to scan the server (1 - 31).
@ -163,7 +177,7 @@ options:
- samba
tod_hour:
description:
- Hour of the day on which to scan the server (0 - 23, default = 1).
- Hour of the day on which to scan the server (0 - 23).
type: int
tod_min:
description:
@ -343,7 +357,12 @@ def underscore_to_hyphen(data):
def dlp_fp_doc_source(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['dlp_fp_doc_source'] and data['dlp_fp_doc_source']:
state = data['dlp_fp_doc_source']['state']
else:
state = True
dlp_fp_doc_source_data = data['dlp_fp_doc_source']
filtered_data = underscore_to_hyphen(filter_dlp_fp_doc_source_data(dlp_fp_doc_source_data))
@ -379,15 +398,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dlp_fp_doc_source": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"date": {"required": False, "type": "int"},
"file_path": {"required": False, "type": "str"},
"file_pattern": {"required": False, "type": "str"},
@ -425,6 +446,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -27,7 +27,7 @@ module: fortios_dlp_fp_sensitivity
short_description: Create self-explanatory DLP sensitivity levels to be used when setting sensitivity under config fp-doc-source in Fortinet's FortiOS and
FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify dlp feature and fp_sensitivity category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -77,7 +77,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -88,6 +91,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
name:
description:
- DLP Sensitivity Levels.
@ -222,7 +236,12 @@ def underscore_to_hyphen(data):
def dlp_fp_sensitivity(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['dlp_fp_sensitivity'] and data['dlp_fp_sensitivity']:
state = data['dlp_fp_sensitivity']['state']
else:
state = True
dlp_fp_sensitivity_data = data['dlp_fp_sensitivity']
filtered_data = underscore_to_hyphen(filter_dlp_fp_sensitivity_data(dlp_fp_sensitivity_data))
@ -258,15 +277,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dlp_fp_sensitivity": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"name": {"required": True, "type": "str"}
}
@ -276,6 +297,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_dlp_sensor
short_description: Configure DLP sensors in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify dlp feature and sensor category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comment:
description:
- Comment.
@ -437,7 +451,12 @@ def underscore_to_hyphen(data):
def dlp_sensor(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['dlp_sensor'] and data['dlp_sensor']:
state = data['dlp_sensor']['state']
else:
state = True
dlp_sensor_data = data['dlp_sensor']
filtered_data = underscore_to_hyphen(filter_dlp_sensor_data(dlp_sensor_data))
@ -473,15 +492,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dlp_sensor": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"dlp_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
@ -546,6 +567,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_dlp_settings
short_description: Designate logical storage for DLP fingerprint database in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify dlp feature and settings category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -264,7 +264,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -285,6 +285,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_dnsfilter_domain_filter
short_description: Configure DNS domain filters in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify dnsfilter feature and domain_filter category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comment:
description:
- Optional comments.
@ -276,7 +290,12 @@ def underscore_to_hyphen(data):
def dnsfilter_domain_filter(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['dnsfilter_domain_filter'] and data['dnsfilter_domain_filter']:
state = data['dnsfilter_domain_filter']['state']
else:
state = True
dnsfilter_domain_filter_data = data['dnsfilter_domain_filter']
filtered_data = underscore_to_hyphen(filter_dnsfilter_domain_filter_data(dnsfilter_domain_filter_data))
@ -312,15 +331,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dnsfilter_domain_filter": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"entries": {"required": False, "type": "list",
"options": {
@ -343,6 +364,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_dnsfilter_profile
short_description: Configure DNS domain filter profiles in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify dnsfilter feature and profile category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
block_action:
description:
- Action to take for blocked domains.
@ -363,7 +377,12 @@ def underscore_to_hyphen(data):
def dnsfilter_profile(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['dnsfilter_profile'] and data['dnsfilter_profile']:
state = data['dnsfilter_profile']['state']
else:
state = True
dnsfilter_profile_data = data['dnsfilter_profile']
filtered_data = underscore_to_hyphen(filter_dnsfilter_profile_data(dnsfilter_profile_data))
@ -399,15 +418,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dnsfilter_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"block_action": {"required": False, "type": "str",
"choices": ["block", "redirect"]},
"block_botnet": {"required": False, "type": "str",
@ -455,6 +476,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_endpoint_control_client
short_description: Configure endpoint control client lists in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify endpoint_control feature and client category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
ad_groups:
description:
- Endpoint client AD logon groups.
@ -247,7 +261,12 @@ def underscore_to_hyphen(data):
def endpoint_control_client(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['endpoint_control_client'] and data['endpoint_control_client']:
state = data['endpoint_control_client']['state']
else:
state = True
endpoint_control_client_data = data['endpoint_control_client']
filtered_data = underscore_to_hyphen(filter_endpoint_control_client_data(endpoint_control_client_data))
@ -283,15 +302,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"endpoint_control_client": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"ad_groups": {"required": False, "type": "str"},
"ftcl_uid": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
@ -306,6 +327,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_endpoint_control_forticlient_ems
short_description: Configure FortiClient Enterprise Management Server (EMS) entries in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify endpoint_control feature and forticlient_ems category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
address:
description:
- Firewall address name. Source firewall.address.name.
@ -108,11 +122,11 @@ options:
type: str
https_port:
description:
- "FortiClient EMS HTTPS access port number. (1 - 65535, default: 443)."
- "FortiClient EMS HTTPS access port number. (1 - 65535)."
type: int
listen_port:
description:
- "FortiClient EMS telemetry listen port number. (1 - 65535, default: 8013)."
- "FortiClient EMS telemetry listen port number. (1 - 65535)."
type: int
name:
description:
@ -132,7 +146,7 @@ options:
type: str
upload_port:
description:
- "FortiClient EMS telemetry upload port number. (1 - 65535, default: 8014)."
- "FortiClient EMS telemetry upload port number. (1 - 65535)."
type: int
'''
@ -275,7 +289,12 @@ def underscore_to_hyphen(data):
def endpoint_control_forticlient_ems(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['endpoint_control_forticlient_ems'] and data['endpoint_control_forticlient_ems']:
state = data['endpoint_control_forticlient_ems']['state']
else:
state = True
endpoint_control_forticlient_ems_data = data['endpoint_control_forticlient_ems']
filtered_data = underscore_to_hyphen(filter_endpoint_control_forticlient_ems_data(endpoint_control_forticlient_ems_data))
@ -311,15 +330,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"endpoint_control_forticlient_ems": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"address": {"required": False, "type": "str"},
"admin_password": {"required": False, "type": "str"},
"admin_type": {"required": False, "type": "str",
@ -340,6 +361,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_endpoint_control_forticlient_registration_sync
short_description: Configure FortiClient registration synchronization settings in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify endpoint_control feature and forticlient_registration_sync category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
peer_ip:
description:
- IP address of the peer FortiGate for endpoint license synchronization.
@ -225,7 +239,12 @@ def underscore_to_hyphen(data):
def endpoint_control_forticlient_registration_sync(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['endpoint_control_forticlient_registration_sync'] and data['endpoint_control_forticlient_registration_sync']:
state = data['endpoint_control_forticlient_registration_sync']['state']
else:
state = True
endpoint_control_forticlient_registration_sync_data = data['endpoint_control_forticlient_registration_sync']
filtered_data = underscore_to_hyphen(filter_endpoint_control_forticlient_registration_sync_data(endpoint_control_forticlient_registration_sync_data))
@ -261,15 +280,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"endpoint_control_forticlient_registration_sync": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"peer_ip": {"required": False, "type": "str"},
"peer_name": {"required": False, "type": "str"}
@ -280,6 +301,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_endpoint_control_profile
short_description: Configure FortiClient endpoint control profiles in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify endpoint_control feature and profile category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
description:
description:
- Description.
@ -559,7 +573,7 @@ options:
- info
forticlient_vuln_scan_enforce_grace:
description:
- FortiClient vulnerability scan enforcement grace period (0 - 30 days, default = 1).
- FortiClient vulnerability scan enforcement grace period (0 - 30 days).
type: int
forticlient_vuln_scan_exempt:
description:
@ -892,7 +906,12 @@ def underscore_to_hyphen(data):
def endpoint_control_profile(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['endpoint_control_profile'] and data['endpoint_control_profile']:
state = data['endpoint_control_profile']['state']
else:
state = True
endpoint_control_profile_data = data['endpoint_control_profile']
filtered_data = underscore_to_hyphen(filter_endpoint_control_profile_data(endpoint_control_profile_data))
@ -928,15 +947,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"endpoint_control_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"description": {"required": False, "type": "str"},
"device_groups": {"required": False, "type": "list",
"options": {
@ -1121,6 +1142,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_endpoint_control_settings
short_description: Configure endpoint control settings in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify endpoint_control feature and settings category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -92,7 +92,7 @@ options:
- custom
forticlient_avdb_update_interval:
description:
- Period of time between FortiClient AntiVirus database updates (0 - 24 hours, default = 8).
- Period of time between FortiClient AntiVirus database updates (0 - 24 hours).
type: int
forticlient_dereg_unsupported_client:
description:
@ -103,11 +103,11 @@ options:
- disable
forticlient_ems_rest_api_call_timeout:
description:
- FortiClient EMS call timeout in milliseconds (500 - 30000 milliseconds, default = 5000).
- FortiClient EMS call timeout in milliseconds (500 - 30000 milliseconds).
type: int
forticlient_keepalive_interval:
description:
- Interval between two KeepAlive messages from FortiClient (20 - 300 sec, default = 60).
- Interval between two KeepAlive messages from FortiClient (20 - 300 sec).
type: int
forticlient_offline_grace:
description:
@ -118,7 +118,7 @@ options:
- disable
forticlient_offline_grace_interval:
description:
- Grace period for offline registered FortiClient (60 - 600 sec, default = 120).
- Grace period for offline registered FortiClient (60 - 600 sec).
type: int
forticlient_reg_key:
description:
@ -137,7 +137,7 @@ options:
type: int
forticlient_sys_update_interval:
description:
- Interval between two system update messages from FortiClient (30 - 1440 min, default = 720).
- Interval between two system update messages from FortiClient (30 - 1440 min).
type: int
forticlient_user_avatar:
description:
@ -148,7 +148,7 @@ options:
- disable
forticlient_warning_interval:
description:
- Period of time between FortiClient portal warnings (0 - 24 hours, default = 1).
- Period of time between FortiClient portal warnings (0 - 24 hours).
type: int
'''
@ -323,7 +323,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -357,6 +357,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_extender_controller_extender
short_description: Extender controller configuration in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify extender_controller feature and extender category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
aaa_shared_secret:
description:
- AAA shared secret.
@ -465,7 +479,12 @@ def underscore_to_hyphen(data):
def extender_controller_extender(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['extender_controller_extender'] and data['extender_controller_extender']:
state = data['extender_controller_extender']['state']
else:
state = True
extender_controller_extender_data = data['extender_controller_extender']
filtered_data = underscore_to_hyphen(filter_extender_controller_extender_data(extender_controller_extender_data))
@ -501,15 +520,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"extender_controller_extender": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"aaa_shared_secret": {"required": False, "type": "str"},
"access_point_name": {"required": False, "type": "str"},
"admin": {"required": False, "type": "str",
@ -571,6 +592,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_DoS_policy
short_description: Configure IPv4 DoS policies in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and DoS_policy category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
anomaly:
description:
- Anomaly name.
@ -120,7 +134,7 @@ options:
- attacker
quarantine_expiry:
description:
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m). Requires quarantine set to attacker.
type: str
quarantine_log:
description:
@ -142,8 +156,8 @@ options:
type: int
threshold(default):
description:
- Number of detected instances per minute which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a
different threshold value assigned to it.
- Number of detected instances per minute which triggers action (1 - 2147483647). Note that each anomaly has a different threshold
value assigned to it.
type: int
comments:
description:
@ -349,7 +363,12 @@ def underscore_to_hyphen(data):
def firewall_DoS_policy(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_DoS_policy'] and data['firewall_DoS_policy']:
state = data['firewall_DoS_policy']['state']
else:
state = True
firewall_DoS_policy_data = data['firewall_DoS_policy']
filtered_data = underscore_to_hyphen(filter_firewall_DoS_policy_data(firewall_DoS_policy_data))
@ -385,15 +404,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_DoS_policy": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"anomaly": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
@ -436,6 +457,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_DoS_policy6
short_description: Configure IPv6 DoS policies in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and DoS_policy6 category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
anomaly:
description:
- Anomaly name.
@ -120,7 +134,7 @@ options:
- attacker
quarantine_expiry:
description:
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.
- Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m). Requires quarantine set to attacker.
type: str
quarantine_log:
description:
@ -142,8 +156,8 @@ options:
type: int
threshold(default):
description:
- Number of detected instances per minute which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a
different threshold value assigned to it.
- Number of detected instances per minute which triggers action (1 - 2147483647). Note that each anomaly has a different threshold
value assigned to it.
type: int
comments:
description:
@ -349,7 +363,12 @@ def underscore_to_hyphen(data):
def firewall_DoS_policy6(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_DoS_policy6'] and data['firewall_DoS_policy6']:
state = data['firewall_DoS_policy6']['state']
else:
state = True
firewall_DoS_policy6_data = data['firewall_DoS_policy6']
filtered_data = underscore_to_hyphen(filter_firewall_DoS_policy6_data(firewall_DoS_policy6_data))
@ -385,15 +404,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_DoS_policy6": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"anomaly": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
@ -436,6 +457,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_address
short_description: Configure IPv4 addresses in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and address category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
allow_routing:
description:
- Enable/disable use of this address in the static route configuration.
@ -416,7 +430,12 @@ def underscore_to_hyphen(data):
def firewall_address(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_address'] and data['firewall_address']:
state = data['firewall_address']['state']
else:
state = True
firewall_address_data = data['firewall_address']
filtered_data = underscore_to_hyphen(filter_firewall_address_data(firewall_address_data))
@ -452,15 +471,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_address": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"allow_routing": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"associated_interface": {"required": False, "type": "str"},
@ -515,6 +536,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_address6
short_description: Configure IPv6 firewall addresses in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and address6 category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,13 +90,24 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
cache_ttl:
description:
- Minimal TTL of individual IPv6 addresses in FQDN cache.
type: int
color:
description:
- Integer value to determine the color of the icon in the GUI (range 1 to 32, default = 0, which sets the value to 1).
- Integer value to determine the color of the icon in the GUI (range 1 to 32).
type: int
comment:
description:
@ -202,7 +216,7 @@ options:
type: str
type:
description:
- Type of IPv6 address object (default = ipprefix).
- Type of IPv6 address object .
type: str
choices:
- ipprefix
@ -386,7 +400,12 @@ def underscore_to_hyphen(data):
def firewall_address6(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_address6'] and data['firewall_address6']:
state = data['firewall_address6']['state']
else:
state = True
firewall_address6_data = data['firewall_address6']
filtered_data = underscore_to_hyphen(filter_firewall_address6_data(firewall_address6_data))
@ -422,15 +441,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_address6": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"cache_ttl": {"required": False, "type": "int"},
"color": {"required": False, "type": "int"},
"comment": {"required": False, "type": "str"},
@ -480,6 +501,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_address6_template
short_description: Configure IPv6 address templates in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and address6_template category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
ip6:
description:
- IPv6 address prefix.
@ -281,7 +295,12 @@ def underscore_to_hyphen(data):
def firewall_address6_template(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_address6_template'] and data['firewall_address6_template']:
state = data['firewall_address6_template']['state']
else:
state = True
firewall_address6_template_data = data['firewall_address6_template']
filtered_data = underscore_to_hyphen(filter_firewall_address6_template_data(firewall_address6_template_data))
@ -317,15 +336,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_address6_template": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"ip6": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"subnet_segment": {"required": False, "type": "list",
@ -350,6 +371,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_addrgrp
short_description: Configure IPv4 address groups in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and addrgrp category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
allow_routing:
description:
- Enable/disable use of this group in the static route configuration.
@ -298,7 +312,12 @@ def underscore_to_hyphen(data):
def firewall_addrgrp(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_addrgrp'] and data['firewall_addrgrp']:
state = data['firewall_addrgrp']['state']
else:
state = True
firewall_addrgrp_data = data['firewall_addrgrp']
filtered_data = underscore_to_hyphen(filter_firewall_addrgrp_data(firewall_addrgrp_data))
@ -334,15 +353,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_addrgrp": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"allow_routing": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"color": {"required": False, "type": "int"},
@ -372,6 +393,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_addrgrp6
short_description: Configure IPv6 address groups in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and addrgrp6 category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,9 +90,20 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
color:
description:
- Integer value to determine the color of the icon in the GUI (1 - 32, default = 0, which sets the value to 1).
- Integer value to determine the color of the icon in the GUI (1 - 32).
type: int
comment:
description:
@ -290,7 +304,12 @@ def underscore_to_hyphen(data):
def firewall_addrgrp6(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_addrgrp6'] and data['firewall_addrgrp6']:
state = data['firewall_addrgrp6']['state']
else:
state = True
firewall_addrgrp6_data = data['firewall_addrgrp6']
filtered_data = underscore_to_hyphen(filter_firewall_addrgrp6_data(firewall_addrgrp6_data))
@ -326,15 +345,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_addrgrp6": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"color": {"required": False, "type": "int"},
"comment": {"required": False, "type": "str"},
"member": {"required": False, "type": "list",
@ -362,6 +383,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_auth_portal
short_description: Configure firewall authentication portals in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and auth_portal category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -263,7 +263,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -285,6 +285,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_central_snat_map
short_description: Configure central SNAT policies in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and central_snat_map category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comments:
description:
- Comment.
@ -325,7 +339,12 @@ def underscore_to_hyphen(data):
def firewall_central_snat_map(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_central_snat_map'] and data['firewall_central_snat_map']:
state = data['firewall_central_snat_map']['state']
else:
state = True
firewall_central_snat_map_data = data['firewall_central_snat_map']
filtered_data = underscore_to_hyphen(filter_firewall_central_snat_map_data(firewall_central_snat_map_data))
@ -361,15 +380,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_central_snat_map": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comments": {"required": False, "type": "str"},
"dst_addr": {"required": False, "type": "list",
"options": {
@ -407,6 +428,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_dnstranslation
short_description: Configure DNS translation in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and dnstranslation category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
dst:
description:
- IPv4 address or subnet on the external network to substitute for the resolved address in DNS query replies. Can be single IP address or
@ -239,7 +253,12 @@ def underscore_to_hyphen(data):
def firewall_dnstranslation(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_dnstranslation'] and data['firewall_dnstranslation']:
state = data['firewall_dnstranslation']['state']
else:
state = True
firewall_dnstranslation_data = data['firewall_dnstranslation']
filtered_data = underscore_to_hyphen(filter_firewall_dnstranslation_data(firewall_dnstranslation_data))
@ -275,15 +294,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_dnstranslation": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dst": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"netmask": {"required": False, "type": "str"},
@ -296,6 +317,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_identity_based_route
short_description: Configure identity based routing in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and identity_based_route category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comments:
description:
- Comments.
@ -107,7 +121,7 @@ options:
type: str
gateway:
description:
- "IPv4 address of the gateway (Format: xxx.xxx.xxx.xxx , Default: 0.0.0.0)."
- "IPv4 address of the gateway (Format: xxx.xxx.xxx.xxx )."
type: str
groups:
description:
@ -262,7 +276,12 @@ def underscore_to_hyphen(data):
def firewall_identity_based_route(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_identity_based_route'] and data['firewall_identity_based_route']:
state = data['firewall_identity_based_route']['state']
else:
state = True
firewall_identity_based_route_data = data['firewall_identity_based_route']
filtered_data = underscore_to_hyphen(filter_firewall_identity_based_route_data(firewall_identity_based_route_data))
@ -298,15 +317,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_identity_based_route": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comments": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"rule": {"required": False, "type": "list",
@ -327,6 +348,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_interface_policy
short_description: Configure IPv4 interface policies in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and interface_policy category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
address_type:
description:
- Policy address type (IPv4 or IPv6).
@ -169,7 +183,7 @@ options:
type: str
logtraffic:
description:
- "Logging type to be used in this policy (Options: all | utm | disable, Default: utm)."
- "Logging type to be used in this policy (Options: all | utm | disable)."
type: str
choices:
- all
@ -402,7 +416,12 @@ def underscore_to_hyphen(data):
def firewall_interface_policy(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_interface_policy'] and data['firewall_interface_policy']:
state = data['firewall_interface_policy']['state']
else:
state = True
firewall_interface_policy_data = data['firewall_interface_policy']
filtered_data = underscore_to_hyphen(filter_firewall_interface_policy_data(firewall_interface_policy_data))
@ -438,15 +457,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_interface_policy": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"address_type": {"required": False, "type": "str",
"choices": ["ipv4", "ipv6"]},
"application_list": {"required": False, "type": "str"},
@ -499,6 +520,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_interface_policy6
short_description: Configure IPv6 interface policies in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and interface_policy6 category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
address_type:
description:
- Policy address type (IPv4 or IPv6).
@ -169,7 +183,7 @@ options:
type: str
logtraffic:
description:
- "Logging type to be used in this policy (Options: all | utm | disable, Default: utm)."
- "Logging type to be used in this policy (Options: all | utm | disable)."
type: str
choices:
- all
@ -402,7 +416,12 @@ def underscore_to_hyphen(data):
def firewall_interface_policy6(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_interface_policy6'] and data['firewall_interface_policy6']:
state = data['firewall_interface_policy6']['state']
else:
state = True
firewall_interface_policy6_data = data['firewall_interface_policy6']
filtered_data = underscore_to_hyphen(filter_firewall_interface_policy6_data(firewall_interface_policy6_data))
@ -438,15 +457,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_interface_policy6": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"address_type": {"required": False, "type": "str",
"choices": ["ipv4", "ipv6"]},
"application_list": {"required": False, "type": "str"},
@ -499,6 +520,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_internet_service
short_description: Show Internet Service application in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and internet_service category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
database:
description:
- Database name this Internet Service belongs to.
@ -298,7 +312,12 @@ def underscore_to_hyphen(data):
def firewall_internet_service(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_internet_service'] and data['firewall_internet_service']:
state = data['firewall_internet_service']['state']
else:
state = True
firewall_internet_service_data = data['firewall_internet_service']
filtered_data = underscore_to_hyphen(filter_firewall_internet_service_data(firewall_internet_service_data))
@ -334,15 +353,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_internet_service": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"database": {"required": False, "type": "str",
"choices": ["isdb", "irdb"]},
"direction": {"required": False, "type": "str",
@ -369,6 +390,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_internet_service_custom
short_description: Configure custom Internet Services in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and internet_service_custom category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comment:
description:
- Comment.
@ -333,7 +347,12 @@ def underscore_to_hyphen(data):
def firewall_internet_service_custom(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_internet_service_custom'] and data['firewall_internet_service_custom']:
state = data['firewall_internet_service_custom']['state']
else:
state = True
firewall_internet_service_custom_data = data['firewall_internet_service_custom']
filtered_data = underscore_to_hyphen(filter_firewall_internet_service_custom_data(firewall_internet_service_custom_data))
@ -369,15 +388,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_internet_service_custom": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"disable_entry": {"required": False, "type": "list",
"options": {
@ -416,6 +437,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_internet_service_group
short_description: Configure group of Internet Service in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and internet_service_group category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comment:
description:
- Comment.
@ -239,7 +253,12 @@ def underscore_to_hyphen(data):
def firewall_internet_service_group(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_internet_service_group'] and data['firewall_internet_service_group']:
state = data['firewall_internet_service_group']['state']
else:
state = True
firewall_internet_service_group_data = data['firewall_internet_service_group']
filtered_data = underscore_to_hyphen(filter_firewall_internet_service_group_data(firewall_internet_service_group_data))
@ -275,15 +294,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_internet_service_group": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"member": {"required": False, "type": "list",
"options": {
@ -298,6 +319,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_ip_translation
short_description: Configure firewall IP-translation in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and ip_translation category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,17 +90,28 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
endip:
description:
- "Final IPv4 address (inclusive) in the range of the addresses to be translated (format xxx.xxx.xxx.xxx, default: 0.0.0.0)."
- "Final IPv4 address (inclusive) in the range of the addresses to be translated (format xxx.xxx.xxx.xxx)."
type: str
map_startip:
description:
- "Address to be used as the starting point for translation in the range (format xxx.xxx.xxx.xxx, default: 0.0.0.0)."
- "Address to be used as the starting point for translation in the range (format xxx.xxx.xxx.xxx)."
type: str
startip:
description:
- "First IPv4 address (inclusive) in the range of the addresses to be translated (format xxx.xxx.xxx.xxx, default: 0.0.0.0)."
- "First IPv4 address (inclusive) in the range of the addresses to be translated (format xxx.xxx.xxx.xxx)."
type: str
transid:
description:
@ -244,7 +258,12 @@ def underscore_to_hyphen(data):
def firewall_ip_translation(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_ip_translation'] and data['firewall_ip_translation']:
state = data['firewall_ip_translation']['state']
else:
state = True
firewall_ip_translation_data = data['firewall_ip_translation']
filtered_data = underscore_to_hyphen(filter_firewall_ip_translation_data(firewall_ip_translation_data))
@ -280,15 +299,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ip_translation": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"endip": {"required": False, "type": "str"},
"map_startip": {"required": False, "type": "str"},
"startip": {"required": False, "type": "str"},
@ -303,6 +324,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_ipmacbinding_setting
short_description: Configure IP to MAC binding settings in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall_ipmacbinding feature and setting category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -95,7 +95,7 @@ options:
- disable
undefinedhost:
description:
- Select action to take on packets with IP/MAC addresses not in the binding list.
- Select action to take on packets with IP/MAC addresses not in the binding list .
type: str
choices:
- allow
@ -258,7 +258,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -279,6 +279,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_ipmacbinding_table
short_description: Configure IP to MAC address pairs in the IP/MAC binding table in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall_ipmacbinding feature and table category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
ip:
description:
- "IPv4 address portion of the pair (format: xxx.xxx.xxx.xxx)."
@ -97,7 +111,7 @@ options:
type: str
name:
description:
- Name of the pair (optional, default = no name).
- Name of the pair (optional).
type: str
seq_num:
description:
@ -244,7 +258,12 @@ def underscore_to_hyphen(data):
def firewall_ipmacbinding_table(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_ipmacbinding_table'] and data['firewall_ipmacbinding_table']:
state = data['firewall_ipmacbinding_table']['state']
else:
state = True
firewall_ipmacbinding_table_data = data['firewall_ipmacbinding_table']
filtered_data = underscore_to_hyphen(filter_firewall_ipmacbinding_table_data(firewall_ipmacbinding_table_data))
@ -280,15 +299,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ipmacbinding_table": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"ip": {"required": False, "type": "str"},
"mac": {"required": False, "type": "str"},
"name": {"required": False, "type": "str"},
@ -303,6 +324,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_ippool
short_description: Configure IPv4 IP pools in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and ippool category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,13 +90,24 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
arp_intf:
description:
- Select an interface from available options that will reply to ARP requests. (If blank, any is selected). Source system.interface.name.
type: str
arp_reply:
description:
- Enable/disable replying to ARP requests when an IP Pool is added to a policy.
- Enable/disable replying to ARP requests when an IP Pool is added to a policy .
type: str
choices:
- disable
@ -301,7 +315,12 @@ def underscore_to_hyphen(data):
def firewall_ippool(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_ippool'] and data['firewall_ippool']:
state = data['firewall_ippool']['state']
else:
state = True
firewall_ippool_data = data['firewall_ippool']
filtered_data = underscore_to_hyphen(filter_firewall_ippool_data(firewall_ippool_data))
@ -337,15 +356,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ippool": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"arp_intf": {"required": False, "type": "str"},
"arp_reply": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
@ -372,6 +393,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_ippool6
short_description: Configure IPv6 IP pools in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and ippool6 category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,13 +90,24 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
comments:
description:
- Comment.
type: str
endip:
description:
- "Final IPv6 address (inclusive) in the range for the address pool (format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, Default: ::)."
- "Final IPv6 address (inclusive) in the range for the address pool (format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx)."
type: str
name:
description:
@ -102,7 +116,7 @@ options:
type: str
startip:
description:
- "First IPv6 address (inclusive) in the range for the address pool (format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx, Default: ::)."
- "First IPv6 address (inclusive) in the range for the address pool (format xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx)."
type: str
'''
@ -237,7 +251,12 @@ def underscore_to_hyphen(data):
def firewall_ippool6(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_ippool6'] and data['firewall_ippool6']:
state = data['firewall_ippool6']['state']
else:
state = True
firewall_ippool6_data = data['firewall_ippool6']
filtered_data = underscore_to_hyphen(filter_firewall_ippool6_data(firewall_ippool6_data))
@ -273,15 +292,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ippool6": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comments": {"required": False, "type": "str"},
"endip": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
@ -294,6 +315,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_ipv6_eh_filter
short_description: Configure IPv6 extension header filter in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and ipv6_eh_filter category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -81,21 +81,21 @@ options:
suboptions:
auth:
description:
- Enable/disable blocking packets with the Authentication header.
- Enable/disable blocking packets with the Authentication header .
type: str
choices:
- enable
- disable
dest_opt:
description:
- Enable/disable blocking packets with Destination Options headers.
- Enable/disable blocking packets with Destination Options headers .
type: str
choices:
- enable
- disable
fragment:
description:
- Enable/disable blocking packets with the Fragment header.
- Enable/disable blocking packets with the Fragment header .
type: str
choices:
- enable
@ -106,21 +106,21 @@ options:
type: int
hop_opt:
description:
- Enable/disable blocking packets with the Hop-by-Hop Options header.
- Enable/disable blocking packets with the Hop-by-Hop Options header .
type: str
choices:
- enable
- disable
no_next:
description:
- Enable/disable blocking packets with the No Next header.
- Enable/disable blocking packets with the No Next header
type: str
choices:
- enable
- disable
routing:
description:
- Enable/disable blocking packets with Routing headers.
- Enable/disable blocking packets with Routing headers .
type: str
choices:
- enable
@ -294,7 +294,7 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
@ -323,6 +323,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None

View file

@ -26,7 +26,7 @@ DOCUMENTATION = '''
module: fortios_firewall_ldb_monitor
short_description: Configure server load balancing health monitors in Fortinet's FortiOS and FortiGate.
description:
- This module is able to configure a FortiGate or FortiOS device by allowing the
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify firewall feature and ldb_monitor category.
Examples include all parameters and values need to be adjusted to datasources before usage.
Tested with FOS v6.0.5
@ -76,7 +76,10 @@ options:
state:
description:
- Indicates whether to create or remove the object.
This attribute was present already in previous version in a deeper level.
It has been moved out to this outer level.
type: str
required: false
choices:
- present
- absent
@ -87,6 +90,17 @@ options:
default: null
type: dict
suboptions:
state:
description:
- B(Deprecated)
- Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
- HORIZONTALLINE
- Indicates whether to create or remove the object.
type: str
required: false
choices:
- present
- absent
http_get:
description:
- URL used to send a GET request to check the health of an HTTP server.
@ -97,11 +111,11 @@ options:
type: str
http_max_redirects:
description:
- The maximum number of HTTP redirects to be allowed (0 - 5, default = 0).
- The maximum number of HTTP redirects to be allowed (0 - 5).
type: int
interval:
description:
- Time between health checks (5 - 65635 sec, default = 10).
- Time between health checks (5 - 65635 sec).
type: int
name:
description:
@ -110,17 +124,15 @@ options:
type: str
port:
description:
- Service port used to perform the health check. If 0, health check monitor inherits port configured for the server (0 - 65635, default =
0).
- Service port used to perform the health check. If 0, health check monitor inherits port configured for the server (0 - 65635).
type: int
retry:
description:
- Number health check attempts before the server is considered down (1 - 255, default = 3).
- Number health check attempts before the server is considered down (1 - 255).
type: int
timeout:
description:
- Time to wait to receive response to a health check from a server. Reaching the timeout means the health check failed (1 - 255 sec,
default = 2).
- Time to wait to receive response to a health check from a server. Reaching the timeout means the health check failed (1 - 255 sec).
type: int
type:
description:
@ -270,7 +282,12 @@ def underscore_to_hyphen(data):
def firewall_ldb_monitor(data, fos):
vdom = data['vdom']
state = data['state']
if 'state' in data and data['state']:
state = data['state']
elif 'state' in data['firewall_ldb_monitor'] and data['firewall_ldb_monitor']:
state = data['firewall_ldb_monitor']['state']
else:
state = True
firewall_ldb_monitor_data = data['firewall_ldb_monitor']
filtered_data = underscore_to_hyphen(filter_firewall_ldb_monitor_data(firewall_ldb_monitor_data))
@ -306,15 +323,17 @@ def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ldb_monitor": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"http_get": {"required": False, "type": "str"},
"http_match": {"required": False, "type": "str"},
"http_max_redirects": {"required": False, "type": "int"},
@ -334,6 +353,7 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None