def main():
mkeyname = 'id'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_snmp_community": {
"required": False,
"type": "dict",
"default": None,
"options": {
"events": {
"required":
False,
"type":
"list",
"choices": [
"cpu-high", "mem-low", "log-full", "intf-ip",
"vpn-tun-up", "vpn-tun-down", "ha-switch",
"ha-hb-failure", "ips-signature", "ips-anomaly",
"av-virus", "av-oversize", "av-pattern",
"av-fragmented", "fm-if-change", "fm-conf-change",
"bgp-established", "bgp-backward-transition",
"ha-member-up", "ha-member-down", "ent-conf-change",
"av-conserve", "av-bypass", "av-oversize-passed",
"av-oversize-blocked", "ips-pkg-update",
"ips-fail-open", "faz-disconnect", "wc-ap-up",
"wc-ap-down", "fswctl-session-up",
"fswctl-session-down", "load-balance-real-server-down",
"device-new", "per-cpu-high"
]
},
"hosts": {
"required": False,
"type": "list",
"options": {
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"host_type": {
"required": False,
"type": "str",
"choices": ["any", "query", "trap"]
},
"id": {
"required": True,
"type": "int"
},
"ip": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
}
}
},
"hosts6": {
"required": False,
"type": "list",
"options": {
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"host_type": {
"required": False,
"type": "str",
"choices": ["any", "query", "trap"]
},
"id": {
"required": True,
"type": "int"
},
"ipv6": {
"required": False,
"type": "str"
},
"source_ipv6": {
"required": False,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"query_v1_port": {
"required": False,
"type": "int"
},
"query_v1_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"query_v2c_port": {
"required": False,
"type": "int"
},
"query_v2c_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_v1_lport": {
"required": False,
"type": "int"
},
"trap_v1_rport": {
"required": False,
"type": "int"
},
"trap_v1_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_v2c_lport": {
"required": False,
"type": "int"
},
"trap_v2c_rport": {
"required": False,
"type": "int"
},
"trap_v2c_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_system_snmp(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_schedule_group": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"color": {"required": False, "type": "int"},
"member": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"name": {"required": True, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall_schedule(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall_schedule(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_address": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"allow_routing": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"associated_interface": {
"required": False,
"type": "str"
},
"cache_ttl": {
"required": False,
"type": "int"
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"country": {
"required": False,
"type": "str"
},
"end_ip": {
"required": False,
"type": "str"
},
"epg_name": {
"required": False,
"type": "str"
},
"filter": {
"required": False,
"type": "str"
},
"fqdn": {
"required": False,
"type": "str"
},
"list": {
"required": False,
"type": "list",
"options": {
"ip": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"obj_id": {
"required": False,
"type": "int"
},
"organization": {
"required": False,
"type": "str"
},
"policy_group": {
"required": False,
"type": "str"
},
"sdn": {
"required": False,
"type": "str",
"choices": ["aci", "aws", "azure", "nsx", "nuage"]
},
"sdn_tag": {
"required": False,
"type": "str"
},
"start_ip": {
"required": False,
"type": "str"
},
"subnet": {
"required": False,
"type": "str"
},
"subnet_name": {
"required": False,
"type": "str"
},
"tagging": {
"required": False,
"type": "list",
"options": {
"category": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"tags": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
},
"tenant": {
"required": False,
"type": "str"
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"ipmask", "iprange", "fqdn", "geography", "wildcard",
"wildcard-fqdn", "dynamic"
]
},
"uuid": {
"required": False,
"type": "str"
},
"visibility": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"wildcard": {
"required": False,
"type": "str"
},
"wildcard_fqdn": {
"required": False,
"type": "str"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"log_gui_display": {
"required": False,
"type": "dict",
"default": None,
"options": {
"fortiview_unscanned_apps": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"resolve_apps": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"resolve_hosts": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_log(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_lldp_network_policy": {
"required": False,
"type": "dict",
"default": None,
"options": {
"comment": {
"required": False,
"type": "str"
},
"guest": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
},
"guest_voice_signaling": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
},
"name": {
"required": True,
"type": "str"
},
"softphone": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
},
"streaming_video": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
},
"video_conferencing": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
},
"video_signaling": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
},
"voice": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
},
"voice_signaling": {
"required": False,
"type": "dict",
"options": {
"dscp": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tag": {
"required": False,
"type": "str",
"choices": ["none", "dot1q", "dot1p"]
},
"vlan": {
"required": False,
"type": "int"
}
}
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_system_lldp(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'seq-num'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"router_policy": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"action": {"required": False, "type": "str",
"choices": ["deny",
"permit"]},
"comments": {"required": False, "type": "str"},
"dst": {"required": False, "type": "list",
"options": {
"subnet": {"required": True, "type": "str"}
}},
"dst_negate": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"dstaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"end_port": {"required": False, "type": "int"},
"end_source_port": {"required": False, "type": "int"},
"gateway": {"required": False, "type": "str"},
"input_device": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"internet_service_custom": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"internet_service_id": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"}
}},
"output_device": {"required": False, "type": "str"},
"protocol": {"required": False, "type": "int"},
"seq_num": {"required": False, "type": "int"},
"src": {"required": False, "type": "list",
"options": {
"subnet": {"required": True, "type": "str"}
}},
"src_negate": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"srcaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"start_port": {"required": False, "type": "int"},
"start_source_port": {"required": False, "type": "int"},
"status": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"tos": {"required": False, "type": "str"},
"tos_mask": {"required": False, "type": "str"}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_router(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"router_route_map": {
"required": False,
"type": "dict",
"default": None,
"options": {
"comments": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"rule": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["permit", "deny"]
},
"id": {
"required": True,
"type": "int"
},
"match_as_path": {
"required": False,
"type": "str"
},
"match_community": {
"required": False,
"type": "str"
},
"match_community_exact": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"match_flags": {
"required": False,
"type": "int"
},
"match_interface": {
"required": False,
"type": "str"
},
"match_ip_address": {
"required": False,
"type": "str"
},
"match_ip_nexthop": {
"required": False,
"type": "str"
},
"match_ip6_address": {
"required": False,
"type": "str"
},
"match_ip6_nexthop": {
"required": False,
"type": "str"
},
"match_metric": {
"required": False,
"type": "int"
},
"match_origin": {
"required": False,
"type": "str",
"choices": ["none", "egp", "igp", "incomplete"]
},
"match_route_type": {
"required": False,
"type": "str",
"choices": ["1", "2", "none"]
},
"match_tag": {
"required": False,
"type": "int"
},
"set_aggregator_as": {
"required": False,
"type": "int"
},
"set_aggregator_ip": {
"required": False,
"type": "str"
},
"set_aspath": {
"required": False,
"type": "list",
"options": {
"as": {
"required": True,
"type": "str"
}
}
},
"set_aspath_action": {
"required": False,
"type": "str",
"choices": ["prepend", "replace"]
},
"set_atomic_aggregate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"set_community": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set_community_additive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"set_community_delete": {
"required": False,
"type": "str"
},
"set_dampening_max_suppress": {
"required": False,
"type": "int"
},
"set_dampening_reachability_half_life": {
"required": False,
"type": "int"
},
"set_dampening_reuse": {
"required": False,
"type": "int"
},
"set_dampening_suppress": {
"required": False,
"type": "int"
},
"set_dampening_unreachability_half_life": {
"required": False,
"type": "int"
},
"set_extcommunity_rt": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set_extcommunity_soo": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set_flags": {
"required": False,
"type": "int"
},
"set_ip_nexthop": {
"required": False,
"type": "str"
},
"set_ip6_nexthop": {
"required": False,
"type": "str"
},
"set_ip6_nexthop_local": {
"required": False,
"type": "str"
},
"set_local_preference": {
"required": False,
"type": "int"
},
"set_metric": {
"required": False,
"type": "int"
},
"set_metric_type": {
"required": False,
"type": "str",
"choices": ["1", "2", "none"]
},
"set_origin": {
"required": False,
"type": "str",
"choices": ["none", "egp", "igp", "incomplete"]
},
"set_originator_id": {
"required": False,
"type": "str"
},
"set_route_tag": {
"required": False,
"type": "int"
},
"set_tag": {
"required": False,
"type": "int"
},
"set_weight": {
"required": False,
"type": "int"
}
}
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_router(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"wireless_controller_bonjour_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"comment": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"policy_list": {"required": False, "type": "list",
"options": {
"description": {"required": False, "type": "str"},
"from_vlan": {"required": False, "type": "str"},
"policy_id": {"required": False, "type": "int"},
"services": {"required": False, "type": "str",
"choices": ["all",
"airplay",
"afp",
"bit-torrent",
"ftp",
"ichat",
"itunes",
"printers",
"samba",
"scanners",
"ssh",
"chromecast"]},
"to_vlan": {"required": False, "type": "str"}
}}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_wireless_controller(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wanopt_content_delivery_network_rule": {
"required": False,
"type": "dict",
"default": None,
"options": {
"category": {
"required": False,
"type": "str",
"choices": ["vcache", "youtube"]
},
"comment": {
"required": False,
"type": "str"
},
"host_domain_name_suffix": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"request_cache_control": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"response_cache_control": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"response_expires": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"rules": {
"required": False,
"type": "list",
"options": {
"content_id": {
"required": False,
"type": "dict",
"options": {
"end_direction": {
"required": False,
"type": "str",
"choices": ["forward", "backward"]
},
"end_skip": {
"required": False,
"type": "int"
},
"end_str": {
"required": False,
"type": "str"
},
"range_str": {
"required": False,
"type": "str"
},
"start_direction": {
"required": False,
"type": "str",
"choices": ["forward", "backward"]
},
"start_skip": {
"required": False,
"type": "int"
},
"start_str": {
"required": False,
"type": "str"
},
"target": {
"required":
False,
"type":
"str",
"choices": [
"path", "parameter", "referrer",
"youtube-map", "youtube-id",
"youku-id", "hls-manifest",
"dash-manifest", "hls-fragment",
"dash-fragment"
]
}
}
},
"match_entries": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
},
"pattern": {
"required": False,
"type": "list",
"options": {
"string": {
"required": True,
"type": "str"
}
}
},
"target": {
"required":
False,
"type":
"str",
"choices": [
"path", "parameter", "referrer",
"youtube-map", "youtube-id", "youku-id"
]
}
}
},
"match_mode": {
"required": False,
"type": "str",
"choices": ["all", "any"]
},
"name": {
"required": True,
"type": "str"
},
"skip_entries": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
},
"pattern": {
"required": False,
"type": "list",
"options": {
"string": {
"required": True,
"type": "str"
}
}
},
"target": {
"required":
False,
"type":
"str",
"choices": [
"path", "parameter", "referrer",
"youtube-map", "youtube-id", "youku-id"
]
}
}
},
"skip_rule_mode": {
"required": False,
"type": "str",
"choices": ["all", "any"]
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"text_response_vcache": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"updateserver": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"log_fortianalyzer3_setting": {
"required": False, "type": "dict", "default": None,
"options": {
"__change_ip": {"required": False, "type": "int"},
"certificate": {"required": False, "type": "str"},
"conn_timeout": {"required": False, "type": "int"},
"enc_algorithm": {"required": False, "type": "str",
"choices": ["high-medium",
"high",
"low",
"disable"]},
"faz_type": {"required": False, "type": "int"},
"hmac_algorithm": {"required": False, "type": "str",
"choices": ["sha256",
"sha1"]},
"ips_archive": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"mgmt_name": {"required": False, "type": "str"},
"monitor_failure_retry_period": {"required": False, "type": "int"},
"monitor_keepalive_period": {"required": False, "type": "int"},
"reliable": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"server": {"required": False, "type": "str"},
"source_ip": {"required": False, "type": "str"},
"status": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"upload_day": {"required": False, "type": "str"},
"upload_interval": {"required": False, "type": "str",
"choices": ["daily",
"weekly",
"monthly"]},
"upload_option": {"required": False, "type": "str",
"choices": ["store-and-upload",
"realtime",
"1-minute",
"5-minute"]},
"upload_time": {"required": False, "type": "str"}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_log_fortianalyzer3(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_interface_policy6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"address_type": {
"required": False,
"type": "str",
"choices": ["ipv4", "ipv6"]
},
"application_list": {
"required": False,
"type": "str"
},
"application_list_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"av_profile": {
"required": False,
"type": "str"
},
"av_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comments": {
"required": False,
"type": "str"
},
"dlp_sensor": {
"required": False,
"type": "str"
},
"dlp_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dsri": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dstaddr6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"interface": {
"required": False,
"type": "str"
},
"ips_sensor": {
"required": False,
"type": "str"
},
"ips_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"label": {
"required": False,
"type": "str"
},
"logtraffic": {
"required": False,
"type": "str",
"choices": ["all", "utm", "disable"]
},
"policyid": {
"required": True,
"type": "int"
},
"scan_botnet_connections": {
"required": False,
"type": "str",
"choices": ["disable", "block", "monitor"]
},
"service6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"spamfilter_profile": {
"required": False,
"type": "str"
},
"spamfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"srcaddr6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"webfilter_profile": {
"required": False,
"type": "str"
},
"webfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'id'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_dhcp6_server": {
"required": False,
"type": "dict",
"default": None,
"options": {
"dns_search_list": {
"required": False,
"type": "str",
"choices": ["delegated", "specify"]
},
"dns_server1": {
"required": False,
"type": "str"
},
"dns_server2": {
"required": False,
"type": "str"
},
"dns_server3": {
"required": False,
"type": "str"
},
"dns_service": {
"required": False,
"type": "str",
"choices": ["delegated", "default", "specify"]
},
"domain": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"interface": {
"required": False,
"type": "str"
},
"ip_mode": {
"required": False,
"type": "str",
"choices": ["range", "delegated"]
},
"ip_range": {
"required": False,
"type": "list",
"options": {
"end_ip": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"start_ip": {
"required": False,
"type": "str"
}
}
},
"lease_time": {
"required": False,
"type": "int"
},
"option1": {
"required": False,
"type": "str"
},
"option2": {
"required": False,
"type": "str"
},
"option3": {
"required": False,
"type": "str"
},
"prefix_range": {
"required": False,
"type": "list",
"options": {
"end_prefix": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"prefix_length": {
"required": False,
"type": "int"
},
"start_prefix": {
"required": False,
"type": "str"
}
}
},
"rapid_commit": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"subnet": {
"required": False,
"type": "str"
},
"upstream_interface": {
"required": False,
"type": "str"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_system_dhcp6(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"router_multicast": {
"required": False,
"type": "dict",
"default": None,
"options": {
"interface": {
"required": False,
"type": "list",
"options": {
"bfd": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_exclude_genid": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dr_priority": {
"required": False,
"type": "int"
},
"hello_holdtime": {
"required": False,
"type": "int"
},
"hello_interval": {
"required": False,
"type": "int"
},
"igmp": {
"required": False,
"type": "dict",
"options": {
"access_group": {
"required": False,
"type": "str"
},
"immediate_leave_group": {
"required": False,
"type": "str"
},
"last_member_query_count": {
"required": False,
"type": "int"
},
"last_member_query_interval": {
"required": False,
"type": "int"
},
"query_interval": {
"required": False,
"type": "int"
},
"query_max_response_time": {
"required": False,
"type": "int"
},
"query_timeout": {
"required": False,
"type": "int"
},
"router_alert_check": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"version": {
"required": False,
"type": "str",
"choices": ["3", "2", "1"]
}
}
},
"join_group": {
"required": False,
"type": "list",
"options": {
"address": {
"required": True,
"type": "str"
}
}
},
"multicast_flow": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"neighbour_filter": {
"required": False,
"type": "str"
},
"passive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"pim_mode": {
"required": False,
"type": "str",
"choices": ["sparse-mode", "dense-mode"]
},
"propagation_delay": {
"required": False,
"type": "int"
},
"rp_candidate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"rp_candidate_group": {
"required": False,
"type": "str"
},
"rp_candidate_interval": {
"required": False,
"type": "int"
},
"rp_candidate_priority": {
"required": False,
"type": "int"
},
"state_refresh_interval": {
"required": False,
"type": "int"
},
"static_group": {
"required": False,
"type": "str"
},
"ttl_threshold": {
"required": False,
"type": "int"
}
}
},
"multicast_routing": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"pim_sm_global": {
"required": False,
"type": "dict",
"options": {
"accept_register_list": {
"required": False,
"type": "str"
},
"accept_source_list": {
"required": False,
"type": "str"
},
"bsr_allow_quick_refresh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"bsr_candidate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"bsr_hash": {
"required": False,
"type": "int"
},
"bsr_interface": {
"required": False,
"type": "str"
},
"bsr_priority": {
"required": False,
"type": "int"
},
"cisco_crp_prefix": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_ignore_rp_set_priority": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_register_checksum": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cisco_register_checksum_group": {
"required": False,
"type": "str"
},
"join_prune_holdtime": {
"required": False,
"type": "int"
},
"message_interval": {
"required": False,
"type": "int"
},
"null_register_retries": {
"required": False,
"type": "int"
},
"register_rate_limit": {
"required": False,
"type": "int"
},
"register_rp_reachability": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"register_source": {
"required": False,
"type": "str",
"choices": ["disable", "interface", "ip-address"]
},
"register_source_interface": {
"required": False,
"type": "str"
},
"register_source_ip": {
"required": False,
"type": "str"
},
"register_supression": {
"required": False,
"type": "int"
},
"rp_address": {
"required": False,
"type": "list",
"options": {
"group": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"ip_address": {
"required": False,
"type": "str"
}
}
},
"rp_register_keepalive": {
"required": False,
"type": "int"
},
"spt_threshold": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"spt_threshold_group": {
"required": False,
"type": "str"
},
"ssm": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssm_range": {
"required": False,
"type": "str"
}
}
},
"route_limit": {
"required": False,
"type": "int"
},
"route_threshold": {
"required": False,
"type": "int"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_router(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"vpn_certificate_ca": {
"required": False, "type": "dict", "default": None,
"options": {
"auto_update_days": {"required": False, "type": "int"},
"auto_update_days_warning": {"required": False, "type": "int"},
"ca": {"required": False, "type": "str"},
"last_updated": {"required": False, "type": "int"},
"name": {"required": True, "type": "str"},
"range": {"required": False, "type": "str",
"choices": ["global",
"vdom"]},
"scep_url": {"required": False, "type": "str"},
"source": {"required": False, "type": "str",
"choices": ["factory",
"user",
"bundle"]},
"source_ip": {"required": False, "type": "str"},
"ssl_inspection_trusted": {"required": False, "type": "str",
"choices": ["enable",
"disable"]}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_vpn_certificate(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"system_stp": {
"required": False,
"type": "dict",
"default": None,
"options": {
"config_revision": {
"required": False,
"type": "int"
},
"forward_delay": {
"required": False,
"type": "int"
},
"hello_time": {
"required": False,
"type": "int"
},
"max_age": {
"required": False,
"type": "int"
},
"max_hops": {
"required": False,
"type": "int"
},
"region_name": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str"
},
"switch_priority": {
"required":
False,
"type":
"str",
"choices": [
"0", "4096", "8192", "12288", "16384", "20480",
"24576", "28672", "32768", "36864", "40960", "45056",
"49152", "53248", "57344"
]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_system(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"wireless_controller_inter_controller": {
"required": False, "type": "dict", "default": None,
"options": {
"fast_failover_max": {"required": False, "type": "int"},
"fast_failover_wait": {"required": False, "type": "int"},
"inter_controller_key": {"required": False, "type": "str"},
"inter_controller_mode": {"required": False, "type": "str",
"choices": ["disable",
"l2-roaming",
"1+1"]},
"inter_controller_peer": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"},
"peer_ip": {"required": False, "type": "str"},
"peer_port": {"required": False, "type": "int"},
"peer_priority": {"required": False, "type": "str",
"choices": ["primary",
"secondary"]}
}},
"inter_controller_pri": {"required": False, "type": "str",
"choices": ["primary",
"secondary"]}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_wireless_controller(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'policyid'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_policy46": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"action": {"required": False, "type": "str",
"choices": ["accept",
"deny"]},
"comments": {"required": False, "type": "str"},
"dstaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"dstintf": {"required": False, "type": "str"},
"fixedport": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"ippool": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"logtraffic": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"logtraffic_start": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"per_ip_shaper": {"required": False, "type": "str"},
"permit_any_host": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"policyid": {"required": True, "type": "int"},
"poolname": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"schedule": {"required": False, "type": "str"},
"service": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"srcaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"srcintf": {"required": False, "type": "str"},
"status": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"tcp_mss_receiver": {"required": False, "type": "int"},
"tcp_mss_sender": {"required": False, "type": "int"},
"traffic_shaper": {"required": False, "type": "str"},
"traffic_shaper_reverse": {"required": False, "type": "str"},
"uuid": {"required": False, "type": "str"}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"switch_controller_vlan": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth": {
"required": False,
"type": "str",
"choices": ["radius", "usergroup"]
},
"color": {
"required": False,
"type": "int"
},
"comments": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"portal_message_override_group": {
"required": False,
"type": "str"
},
"portal_message_overrides": {
"required": False,
"type": "dict",
"options": {
"auth_disclaimer_page": {
"required": False,
"type": "str"
},
"auth_login_failed_page": {
"required": False,
"type": "str"
},
"auth_login_page": {
"required": False,
"type": "str"
},
"auth_reject_page": {
"required": False,
"type": "str"
}
}
},
"radius_server": {
"required": False,
"type": "str"
},
"security": {
"required": False,
"type": "str",
"choices": ["open", "captive-portal", "8021x"]
},
"selected_usergroups": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"usergroup": {
"required": False,
"type": "str"
},
"vdom": {
"required": False,
"type": "str"
},
"vlanid": {
"required": False,
"type": "int"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dlp_fp_doc_source": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"date": {"required": False, "type": "int"},
"file_path": {"required": False, "type": "str"},
"file_pattern": {"required": False, "type": "str"},
"keep_modified": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"name": {"required": True, "type": "str"},
"password": {"required": False, "type": "str"},
"period": {"required": False, "type": "str",
"choices": ["none",
"daily",
"weekly",
"monthly"]},
"remove_deleted": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"scan_on_creation": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"scan_subdirectories": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"sensitivity": {"required": False, "type": "str"},
"server": {"required": False, "type": "str"},
"server_type": {"required": False, "type": "str",
"choices": ["samba"]},
"tod_hour": {"required": False, "type": "int"},
"tod_min": {"required": False, "type": "int"},
"username": {"required": False, "type": "str"},
"vdom": {"required": False, "type": "str",
"choices": ["mgmt",
"current"]},
"weekday": {"required": False, "type": "str",
"choices": ["sunday",
"monday",
"tuesday",
"wednesday",
"thursday",
"friday",
"saturday"]}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_dlp(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"user_radius": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"accounting_server": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
},
"port": {
"required": False,
"type": "int"
},
"secret": {
"required": False,
"type": "str"
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"acct_all_servers": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"acct_interim_interval": {
"required": False,
"type": "int"
},
"all_usergroup": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"auth_type": {
"required": False,
"type": "str",
"choices":
["auto", "ms_chap_v2", "ms_chap", "chap", "pap"]
},
"class": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"h3c_compatibility": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"nas_ip": {
"required": False,
"type": "str"
},
"password_encoding": {
"required": False,
"type": "str",
"choices": ["auto", "ISO-8859-1"]
},
"password_renewal": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"radius_coa": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"radius_port": {
"required": False,
"type": "int"
},
"rsso": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"rsso_context_timeout": {
"required": False,
"type": "int"
},
"rsso_endpoint_attribute": {
"required":
False,
"type":
"str",
"choices": [
"User-Name", "NAS-IP-Address", "Framed-IP-Address",
"Framed-IP-Netmask", "Filter-Id", "Login-IP-Host",
"Reply-Message", "Callback-Number", "Callback-Id",
"Framed-Route", "Framed-IPX-Network", "Class",
"Called-Station-Id", "Calling-Station-Id",
"NAS-Identifier", "Proxy-State", "Login-LAT-Service",
"Login-LAT-Node", "Login-LAT-Group",
"Framed-AppleTalk-Zone", "Acct-Session-Id",
"Acct-Multi-Session-Id"
]
},
"rsso_endpoint_block_attribute": {
"required":
False,
"type":
"str",
"choices": [
"User-Name", "NAS-IP-Address", "Framed-IP-Address",
"Framed-IP-Netmask", "Filter-Id", "Login-IP-Host",
"Reply-Message", "Callback-Number", "Callback-Id",
"Framed-Route", "Framed-IPX-Network", "Class",
"Called-Station-Id", "Calling-Station-Id",
"NAS-Identifier", "Proxy-State", "Login-LAT-Service",
"Login-LAT-Node", "Login-LAT-Group",
"Framed-AppleTalk-Zone", "Acct-Session-Id",
"Acct-Multi-Session-Id"
]
},
"rsso_ep_one_ip_only": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"rsso_flush_ip_session": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"rsso_log_flags": {
"required":
False,
"type":
"str",
"choices": [
"protocol-error", "profile-missing",
"accounting-stop-missed", "accounting-event",
"endpoint-block", "radiusd-other", "none"
]
},
"rsso_log_period": {
"required": False,
"type": "int"
},
"rsso_radius_response": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"rsso_radius_server_port": {
"required": False,
"type": "int"
},
"rsso_secret": {
"required": False,
"type": "str"
},
"rsso_validate_request_secret": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"secondary_secret": {
"required": False,
"type": "str"
},
"secondary_server": {
"required": False,
"type": "str"
},
"secret": {
"required": False,
"type": "str"
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"sso_attribute": {
"required":
False,
"type":
"str",
"choices": [
"User-Name", "NAS-IP-Address", "Framed-IP-Address",
"Framed-IP-Netmask", "Filter-Id", "Login-IP-Host",
"Reply-Message", "Callback-Number", "Callback-Id",
"Framed-Route", "Framed-IPX-Network", "Class",
"Called-Station-Id", "Calling-Station-Id",
"NAS-Identifier", "Proxy-State", "Login-LAT-Service",
"Login-LAT-Node", "Login-LAT-Group",
"Framed-AppleTalk-Zone", "Acct-Session-Id",
"Acct-Multi-Session-Id"
]
},
"sso_attribute_key": {
"required": False,
"type": "str"
},
"sso_attribute_value_override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tertiary_secret": {
"required": False,
"type": "str"
},
"tertiary_server": {
"required": False,
"type": "str"
},
"timeout": {
"required": False,
"type": "int"
},
"use_management_vdom": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"username_case_sensitive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_user(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"log_fortianalyzer_override_filter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"anomaly": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dlp_archive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dns": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "str"
},
"filter_type": {
"required": False,
"type": "str",
"choices": ["include", "exclude"]
},
"forward_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gtp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"netscan_discovery": {
"required": False,
"type": "str"
},
"netscan_vulnerability": {
"required": False,
"type": "str"
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"sniffer_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_log_fortianalyzer(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"wireless_controller_hotspot20_anqp_nai_realm": {
"required": False, "type": "dict", "default": None,
"options": {
"nai_list": {"required": False, "type": "list",
"options": {
"eap_method": {"required": False, "type": "list",
"options": {
"auth_param": {"required": False, "type": "str",
"options": {
"id": {"required": False, "type": "str",
"choices": ["non-eap-inner-auth",
"inner-auth-eap",
"credential",
"tunneled-credential"]},
"index": {"required": True, "type": "int"},
"val": {"required": False, "type": "str",
"choices": ["eap-identity",
"eap-md5",
"eap-tls",
"eap-ttls",
"eap-peap",
"eap-sim",
"eap-aka",
"eap-aka-prime",
"non-eap-pap",
"non-eap-chap",
"non-eap-mschap",
"non-eap-mschapv2",
"cred-sim",
"cred-usim",
"cred-nfc",
"cred-hardware-token",
"cred-softoken",
"cred-certificate",
"cred-user-pwd",
"cred-none",
"cred-vendor-specific",
"tun-cred-sim",
"tun-cred-usim",
"tun-cred-nfc",
"tun-cred-hardware-token",
"tun-cred-softoken",
"tun-cred-certificate",
"tun-cred-user-pwd",
"tun-cred-anonymous",
"tun-cred-vendor-specific"]}
}},
"index": {"required": True, "type": "int"},
"method": {"required": False, "type": "str",
"choices": ["eap-identity",
"eap-md5",
"eap-tls",
"eap-ttls",
"eap-peap",
"eap-sim",
"eap-aka",
"eap-aka-prime"]}
}},
"encoding": {"required": False, "type": "str",
"choices": ["disable",
"enable"]},
"nai_realm": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"}
}},
"name": {"required": True, "type": "str"}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_ssl_server": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"add_header_x_forwarded_proto": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ip": {
"required": False,
"type": "str"
},
"mapped_port": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"port": {
"required": False,
"type": "int"
},
"ssl_algorithm": {
"required": False,
"type": "str",
"choices": ["high", "medium", "low"]
},
"ssl_cert": {
"required": False,
"type": "str"
},
"ssl_client_renegotiation": {
"required": False,
"type": "str",
"choices": ["allow", "deny", "secure"]
},
"ssl_dh_bits": {
"required": False,
"type": "str",
"choices": ["768", "1024", "1536", "2048"]
},
"ssl_max_version": {
"required": False,
"type": "str",
"choices": ["tls-1.0", "tls-1.1", "tls-1.2"]
},
"ssl_min_version": {
"required": False,
"type": "str",
"choices": ["tls-1.0", "tls-1.1", "tls-1.2"]
},
"ssl_mode": {
"required": False,
"type": "str",
"choices": ["half", "full"]
},
"ssl_send_empty_frags": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"url_rewrite": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"router_multicast6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"interface": {
"required": False,
"type": "list",
"options": {
"hello_holdtime": {
"required": False,
"type": "int"
},
"hello_interval": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
}
}
},
"multicast_pmtu": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast_routing": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"pim_sm_global": {
"required": False,
"type": "dict",
"options": {
"register_rate_limit": {
"required": False,
"type": "int"
},
"rp_address": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
},
"ip6_address": {
"required": False,
"type": "str"
}
}
}
}
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_router(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_internet_service_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"member": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"name": {
"required": True,
"type": "str"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'id'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"extender_controller_extender": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"aaa_shared_secret": {
"required": False,
"type": "str"
},
"access_point_name": {
"required": False,
"type": "str"
},
"admin": {
"required": False,
"type": "str",
"choices": ["disable", "discovered", "enable"]
},
"at_dial_script": {
"required": False,
"type": "str"
},
"billing_start_day": {
"required": False,
"type": "int"
},
"cdma_aaa_spi": {
"required": False,
"type": "str"
},
"cdma_ha_spi": {
"required": False,
"type": "str"
},
"cdma_nai": {
"required": False,
"type": "str"
},
"conn_status": {
"required": False,
"type": "int"
},
"description": {
"required": False,
"type": "str"
},
"dial_mode": {
"required": False,
"type": "str",
"choices": ["dial-on-demand", "always-connect"]
},
"dial_status": {
"required": False,
"type": "int"
},
"ext_name": {
"required": False,
"type": "str"
},
"ha_shared_secret": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "str"
},
"ifname": {
"required": False,
"type": "str"
},
"initiated_update": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mode": {
"required": False,
"type": "str",
"choices": ["standalone", "redundant"]
},
"modem_passwd": {
"required": False,
"type": "str"
},
"modem_type": {
"required": False,
"type": "str",
"choices": ["cdma", "gsm/lte", "wimax"]
},
"multi_mode": {
"required":
False,
"type":
"str",
"choices":
["auto", "auto-3g", "force-lte", "force-3g", "force-2g"]
},
"ppp_auth_protocol": {
"required": False,
"type": "str",
"choices": ["auto", "pap", "chap"]
},
"ppp_echo_request": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ppp_password": {
"required": False,
"type": "str"
},
"ppp_username": {
"required": False,
"type": "str"
},
"primary_ha": {
"required": False,
"type": "str"
},
"quota_limit_mb": {
"required": False,
"type": "int"
},
"redial": {
"required":
False,
"type":
"str",
"choices": [
"none", "1", "2", "3", "4", "5", "6", "7", "8", "9",
"10"
]
},
"redundant_intf": {
"required": False,
"type": "str"
},
"roaming": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"role": {
"required": False,
"type": "str",
"choices": ["none", "primary", "secondary"]
},
"secondary_ha": {
"required": False,
"type": "str"
},
"sim_pin": {
"required": False,
"type": "str"
},
"vdom": {
"required": False,
"type": "int"
},
"wimax_auth_protocol": {
"required": False,
"type": "str",
"choices": ["tls", "ttls"]
},
"wimax_carrier": {
"required": False,
"type": "str"
},
"wimax_realm": {
"required": False,
"type": "str"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_extender_controller(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"log_syslogd_override_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"certificate": {
"required": False,
"type": "str"
},
"custom_field_name": {
"required": False,
"type": "list",
"options": {
"custom": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
}
}
},
"enc_algorithm": {
"required": False,
"type": "str",
"choices": ["high-medium", "high", "low", "disable"]
},
"facility": {
"required":
False,
"type":
"str",
"choices": [
"kernel", "user", "mail", "daemon", "auth", "syslog",
"lpr", "news", "uucp", "cron", "authpriv", "ftp",
"ntp", "audit", "alert", "clock", "local0", "local1",
"local2", "local3", "local4", "local5", "local6",
"local7"
]
},
"format": {
"required": False,
"type": "str",
"choices": ["default", "csv", "cef"]
},
"mode": {
"required": False,
"type": "str",
"choices": ["udp", "legacy-reliable", "reliable"]
},
"override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"port": {
"required": False,
"type": "int"
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_log_syslogd(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'policyid'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_interface_policy6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"address_type": {
"required": False,
"type": "str",
"choices": ["ipv4", "ipv6"]
},
"application_list": {
"required": False,
"type": "str"
},
"application_list_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"av_profile": {
"required": False,
"type": "str"
},
"av_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comments": {
"required": False,
"type": "str"
},
"dlp_sensor": {
"required": False,
"type": "str"
},
"dlp_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dsri": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dstaddr6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"emailfilter_profile": {
"required": False,
"type": "str"
},
"emailfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"interface": {
"required": False,
"type": "str"
},
"ips_sensor": {
"required": False,
"type": "str"
},
"ips_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"label": {
"required": False,
"type": "str"
},
"logtraffic": {
"required": False,
"type": "str",
"choices": ["all", "utm", "disable"]
},
"policyid": {
"required": True,
"type": "int"
},
"service6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"srcaddr6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"webfilter_profile": {
"required": False,
"type": "str"
},
"webfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_ddns": {
"required": False, "type": "dict", "default": None,
"options": {
"bound_ip": {"required": False, "type": "str"},
"clear_text": {"required": False, "type": "str",
"choices": ["disable",
"enable"]},
"ddns_auth": {"required": False, "type": "str",
"choices": ["disable",
"tsig"]},
"ddns_domain": {"required": False, "type": "str"},
"ddns_key": {"required": False, "type": "str"},
"ddns_keyname": {"required": False, "type": "str"},
"ddns_password": {"required": False, "type": "str"},
"ddns_server": {"required": False, "type": "str",
"choices": ["dyndns.org",
"dyns.net",
"tzo.com",
"vavic.com",
"dipdns.net",
"now.net.cn",
"dhs.org",
"easydns.com",
"genericDDNS",
"FortiGuardDDNS",
"noip.com"]},
"ddns_server_ip": {"required": False, "type": "str"},
"ddns_sn": {"required": False, "type": "str"},
"ddns_ttl": {"required": False, "type": "int"},
"ddns_username": {"required": False, "type": "str"},
"ddns_zone": {"required": False, "type": "str"},
"ddnsid": {"required": True, "type": "int"},
"monitor_interface": {"required": False, "type": "list",
"options": {
"interface_name": {"required": False, "type": "str"}
}},
"ssl_certificate": {"required": False, "type": "str"},
"update_interval": {"required": False, "type": "int"},
"use_public_ip": {"required": False, "type": "str",
"choices": ["disable",
"enable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_dns_database": {
"required": False,
"type": "dict",
"default": None,
"options": {
"allow_transfer": {
"required": False,
"type": "str"
},
"authoritative": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"contact": {
"required": False,
"type": "str"
},
"dns_entry": {
"required": False,
"type": "list",
"options": {
"canonical_name": {
"required": False,
"type": "str"
},
"hostname": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"ip": {
"required": False,
"type": "str"
},
"ipv6": {
"required": False,
"type": "str"
},
"preference": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ttl": {
"required": False,
"type": "int"
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"A", "NS", "CNAME", "MX", "AAAA", "PTR",
"PTR_V6"
]
}
}
},
"domain": {
"required": False,
"type": "str"
},
"forwarder": {
"required": False,
"type": "str"
},
"ip_master": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"primary_name": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ttl": {
"required": False,
"type": "int"
},
"type": {
"required": False,
"type": "str",
"choices": ["master", "slave"]
},
"view": {
"required": False,
"type": "str",
"choices": ["shadow", "public"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_system(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
