def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_replacemsg_device_detection_portal": {
"required": False,
"type": "dict",
"default": None,
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_replacemsg(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_replacemsg(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_vdom_property": {
"required": False, "type": "dict", "default": None,
"options": {
"custom_service": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
"dialup_tunnel": {"required": False, "type": "str"},
"firewall_address": {"required": False, "type": "str"},
"firewall_addrgrp": {"required": False, "type": "str"},
"firewall_policy": {"required": False, "type": "str"},
"ipsec_phase1": {"required": False, "type": "str"},
"ipsec_phase1_interface": {"required": False, "type": "str"},
"ipsec_phase2": {"required": False, "type": "str"},
"ipsec_phase2_interface": {"required": False, "type": "str"},
"log_disk_quota": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"onetime_schedule": {"required": False, "type": "str"},
"proxy": {"required": False, "type": "str"},
"recurring_schedule": {"required": False, "type": "str"},
"service_group": {"required": False, "type": "str"},
"session": {"required": False, "type": "str"},
"snmp_index": {"required": False, "type": "int"},
"sslvpn": {"required": False, "type": "str"},
"user": {"required": False, "type": "str"},
"user_group": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_interface_policy": {
"required": False,
"type": "dict",
"default": None,
"options": {
"address_type": {
"required": False,
"type": "str",
"choices": ["ipv4", "ipv6"]
},
"application_list": {
"required": False,
"type": "str"
},
"application_list_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"av_profile": {
"required": False,
"type": "str"
},
"av_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comments": {
"required": False,
"type": "str"
},
"dlp_sensor": {
"required": False,
"type": "str"
},
"dlp_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dsri": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dstaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"interface": {
"required": False,
"type": "str"
},
"ips_sensor": {
"required": False,
"type": "str"
},
"ips_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"label": {
"required": False,
"type": "str"
},
"logtraffic": {
"required": False,
"type": "str",
"choices": ["all", "utm", "disable"]
},
"policyid": {
"required": True,
"type": "int"
},
"scan_botnet_connections": {
"required": False,
"type": "str",
"choices": ["disable", "block", "monitor"]
},
"service": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"spamfilter_profile": {
"required": False,
"type": "str"
},
"spamfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"srcaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"webfilter_profile": {
"required": False,
"type": "str"
},
"webfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_password_policy_guest_admin": {
"required": False,
"type": "dict",
"default": None,
"options": {
"apply_to": {
"required": False,
"type": "str",
"choices": ["guest-admin-password"]
},
"change_4_characters": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"expire_day": {
"required": False,
"type": "int"
},
"expire_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"min_lower_case_letter": {
"required": False,
"type": "int"
},
"min_non_alphanumeric": {
"required": False,
"type": "int"
},
"min_number": {
"required": False,
"type": "int"
},
"min_upper_case_letter": {
"required": False,
"type": "int"
},
"minimum_length": {
"required": False,
"type": "int"
},
"reuse_password": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"web_proxy_forward_server_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"affinity": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"group_down_option": {
"required": False,
"type": "str",
"choices": ["block", "pass"]
},
"ldb_method": {
"required": False,
"type": "str",
"choices": ["weighted", "least-session"]
},
"name": {
"required": True,
"type": "str"
},
"server_list": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
},
"weight": {
"required": False,
"type": "int"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_web_proxy(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_web_proxy(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
try:
from ansible.modules.network.fortios import fortios_user_device_category
except ImportError:
pytest.skip("Could not load required modules for testing",
allow_module_level=True)
@pytest.fixture(autouse=True)
def connection_mock(mocker):
connection_class_mock = mocker.patch(
'ansible.modules.network.fortios.fortios_user_device_category.Connection'
)
return connection_class_mock
fos_instance = FortiOSHandler(connection_mock)
def test_user_device_category_creation(mocker):
schema_method_mock = mocker.patch(
'ansible.module_utils.network.fortios.fortios.FortiOSHandler.schema')
set_method_result = {
'status': 'success',
'http_method': 'POST',
'http_status': 200
}
set_method_mock = mocker.patch(
'ansible.module_utils.network.fortios.fortios.FortiOSHandler.set',
return_value=set_method_result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"ips_rule": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"action": {
"required": False,
"type": "str",
"choices": ["pass", "block"]
},
"application": {
"required": False,
"type": "str"
},
"date": {
"required": False,
"type": "int"
},
"group": {
"required": False,
"type": "str"
},
"location": {
"required": False,
"type": "str"
},
"log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"log_packet": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"metadata": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
},
"metaid": {
"required": False,
"type": "int"
},
"valueid": {
"required": False,
"type": "int"
}
}
},
"name": {
"required": True,
"type": "str"
},
"os": {
"required": False,
"type": "str"
},
"rev": {
"required": False,
"type": "int"
},
"rule_id": {
"required": False,
"type": "int"
},
"service": {
"required": False,
"type": "str"
},
"severity": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_ips(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_ips(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_dhcp6_server": {
"required": False,
"type": "dict",
"default": None,
"options": {
"dns_search_list": {
"required": False,
"type": "str",
"choices": ["delegated", "specify"]
},
"dns_server1": {
"required": False,
"type": "str"
},
"dns_server2": {
"required": False,
"type": "str"
},
"dns_server3": {
"required": False,
"type": "str"
},
"dns_service": {
"required": False,
"type": "str",
"choices": ["delegated", "default", "specify"]
},
"domain": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"interface": {
"required": False,
"type": "str"
},
"ip_mode": {
"required": False,
"type": "str",
"choices": ["range", "delegated"]
},
"ip_range": {
"required": False,
"type": "list",
"options": {
"end_ip": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"start_ip": {
"required": False,
"type": "str"
}
}
},
"lease_time": {
"required": False,
"type": "int"
},
"option1": {
"required": False,
"type": "str"
},
"option2": {
"required": False,
"type": "str"
},
"option3": {
"required": False,
"type": "str"
},
"prefix_range": {
"required": False,
"type": "list",
"options": {
"end_prefix": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"prefix_length": {
"required": False,
"type": "int"
},
"start_prefix": {
"required": False,
"type": "str"
}
}
},
"rapid_commit": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"subnet": {
"required": False,
"type": "str"
},
"upstream_interface": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_dhcp6(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_dhcp6(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_mobile_tunnel": {
"required": False, "type": "dict", "default": None,
"options": {
"hash_algorithm": {"required": False, "type": "str",
"choices": ["hmac-md5"]},
"home_address": {"required": False, "type": "str"},
"home_agent": {"required": False, "type": "str"},
"lifetime": {"required": False, "type": "int"},
"n_mhae_key": {"required": False, "type": "str"},
"n_mhae_key_type": {"required": False, "type": "str",
"choices": ["ascii", "base64"]},
"n_mhae_spi": {"required": False, "type": "int"},
"name": {"required": True, "type": "str"},
"network": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"},
"interface": {"required": False, "type": "str"},
"prefix": {"required": False, "type": "str"}
}},
"reg_interval": {"required": False, "type": "int"},
"reg_retry": {"required": False, "type": "int"},
"renew_interval": {"required": False, "type": "int"},
"roaming_interface": {"required": False, "type": "str"},
"status": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"tunnel_mode": {"required": False, "type": "str",
"choices": ["gre"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"dlp_sensor": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"dlp_log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"extended_log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "list",
"options": {
"action": {
"required":
False,
"type":
"str",
"choices":
["allow", "log-only", "block", "quarantine-ip"]
},
"archive": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"company_identifier": {
"required": False,
"type": "str"
},
"expiry": {
"required": False,
"type": "str"
},
"file_size": {
"required": False,
"type": "int"
},
"file_type": {
"required": False,
"type": "int"
},
"filter_by": {
"required":
False,
"type":
"str",
"choices": [
"credit-card", "ssn", "regexp", "file-type",
"file-size", "fingerprint", "watermark",
"encrypted"
]
},
"fp_sensitivity": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"match_percentage": {
"required": False,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"proto": {
"required":
False,
"type":
"str",
"choices": [
"smtp", "pop3", "imap", "http-get",
"http-post", "ftp", "nntp", "mapi", "mm1",
"mm3", "mm4", "mm7"
]
},
"regexp": {
"required": False,
"type": "str"
},
"severity": {
"required":
False,
"type":
"str",
"choices":
["info", "low", "medium", "high", "critical"]
},
"type": {
"required": False,
"type": "str",
"choices": ["file", "message"]
}
}
},
"flow_based": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"full_archive_proto": {
"required":
False,
"type":
"str",
"choices": [
"smtp", "pop3", "imap", "http-get", "http-post", "ftp",
"nntp", "mapi", "mm1", "mm3", "mm4", "mm7"
]
},
"nac_quar_log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"options": {
"required": False,
"type": "str"
},
"replacemsg_group": {
"required": False,
"type": "str"
},
"summary_proto": {
"required":
False,
"type":
"str",
"choices": [
"smtp", "pop3", "imap", "http-get", "http-post", "ftp",
"nntp", "mapi", "mm1", "mm3", "mm4", "mm7"
]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_dlp(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_dlp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_policy46": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"action": {"required": False, "type": "str",
"choices": ["accept", "deny"]},
"comments": {"required": False, "type": "str"},
"dstaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"dstintf": {"required": False, "type": "str"},
"fixedport": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"ippool": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"logtraffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"per_ip_shaper": {"required": False, "type": "str"},
"permit_any_host": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"policyid": {"required": True, "type": "int"},
"poolname": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"schedule": {"required": False, "type": "str"},
"service": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"srcaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"srcintf": {"required": False, "type": "str"},
"status": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"tcp_mss_receiver": {"required": False, "type": "int"},
"tcp_mss_sender": {"required": False, "type": "int"},
"traffic_shaper": {"required": False, "type": "str"},
"traffic_shaper_reverse": {"required": False, "type": "str"},
"uuid": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_csf": {
"required": False,
"type": "dict",
"default": None,
"options": {
"configuration_sync": {
"required": False,
"type": "str",
"choices": ["default", "local"]
},
"fabric_device": {
"required": False,
"type": "list",
"options": {
"device_ip": {
"required": False,
"type": "str"
},
"device_type": {
"required": False,
"type": "str",
"choices": ["fortimail"]
},
"login": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str"
}
}
},
"fixed_key": {
"required": False,
"type": "str"
},
"group_name": {
"required": False,
"type": "str"
},
"group_password": {
"required": False,
"type": "str"
},
"management_ip": {
"required": False,
"type": "str"
},
"management_port": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trusted_list": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["accept", "deny"]
},
"downstream_authorization": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ha_members": {
"required": False,
"type": "str"
},
"serial": {
"required": True,
"type": "str"
}
}
},
"upstream_ip": {
"required": False,
"type": "str"
},
"upstream_port": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"log_threat_weight": {
"required": False, "type": "dict", "default": None,
"options": {
"application": {"required": False, "type": "list",
"options": {
"category": {"required": False, "type": "int"},
"id": {"required": True, "type": "int"},
"level": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]}
}},
"blocked_connection": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"failed_connection": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"geolocation": {"required": False, "type": "list",
"options": {
"country": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"level": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]}
}},
"ips": {"required": False, "type": "dict",
"options": {
"critical_severity": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"high_severity": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"info_severity": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"low_severity": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"medium_severity": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]}
}},
"level": {"required": False, "type": "dict",
"options": {
"critical": {"required": False, "type": "int"},
"high": {"required": False, "type": "int"},
"low": {"required": False, "type": "int"},
"medium": {"required": False, "type": "int"}
}},
"malware": {"required": False, "type": "dict",
"options": {
"botnet_connection": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"command_blocked": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"content_disarm": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"mimefragmented": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"oversized": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"switch_proto": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"virus_blocked": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"virus_file_type_executable": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"virus_infected": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"virus_outbreak_prevention": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"virus_scan_error": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]}
}},
"status": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"url_block_detected": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]},
"web": {"required": False, "type": "list",
"options": {
"category": {"required": False, "type": "int"},
"id": {"required": True, "type": "int"},
"level": {"required": False, "type": "str",
"choices": ["disable", "low", "medium",
"high", "critical"]}
}}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"switch_controller_mac_sync_settings": {
"required": False,
"type": "dict",
"default": None,
"options": {
"mac_sync_interval": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_snmp_community": {
"required": False,
"type": "dict",
"default": None,
"options": {
"events": {
"required":
False,
"type":
"str",
"choices": [
"cpu-high", "mem-low", "log-full", "intf-ip",
"vpn-tun-up", "vpn-tun-down", "ha-switch",
"ha-hb-failure", "ips-signature", "ips-anomaly",
"av-virus", "av-oversize", "av-pattern",
"av-fragmented", "fm-if-change", "fm-conf-change",
"bgp-established", "bgp-backward-transition",
"ha-member-up", "ha-member-down", "ent-conf-change",
"av-conserve", "av-bypass", "av-oversize-passed",
"av-oversize-blocked", "ips-pkg-update",
"ips-fail-open", "faz-disconnect", "wc-ap-up",
"wc-ap-down", "fswctl-session-up",
"fswctl-session-down", "load-balance-real-server-down",
"device-new", "per-cpu-high"
]
},
"hosts": {
"required": False,
"type": "list",
"options": {
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"host_type": {
"required": False,
"type": "str",
"choices": ["any", "query", "trap"]
},
"id": {
"required": True,
"type": "int"
},
"ip": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
}
}
},
"hosts6": {
"required": False,
"type": "list",
"options": {
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"host_type": {
"required": False,
"type": "str",
"choices": ["any", "query", "trap"]
},
"id": {
"required": True,
"type": "int"
},
"ipv6": {
"required": False,
"type": "str"
},
"source_ipv6": {
"required": False,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"query_v1_port": {
"required": False,
"type": "int"
},
"query_v1_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"query_v2c_port": {
"required": False,
"type": "int"
},
"query_v2c_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_v1_lport": {
"required": False,
"type": "int"
},
"trap_v1_rport": {
"required": False,
"type": "int"
},
"trap_v1_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_v2c_lport": {
"required": False,
"type": "int"
},
"trap_v2c_rport": {
"required": False,
"type": "int"
},
"trap_v2c_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_snmp(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_snmp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"switch_controller_global": {
"required": False,
"type": "dict",
"default": None,
"options": {
"allow_multiple_interfaces": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"default_virtual_switch_vlan": {
"required": False,
"type": "str"
},
"disable_discovery": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"https_image_push": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"log_mac_limit_violations": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mac_aging_interval": {
"required": False,
"type": "int"
},
"mac_retention_period": {
"required": False,
"type": "int"
},
"mac_violation_timer": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
