def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"user_fsso_polling": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"adgrp": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"default-domain": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"ldap-server": {
"required": False,
"type": "str"
},
"logon-history": {
"required": False,
"type": "int"
},
"password": {
"required": False,
"type": "str"
},
"polling-frequency": {
"required": False,
"type": "int"
},
"port": {
"required": False,
"type": "int"
},
"server": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"user": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_user(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"firewall_local_in_policy": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"action": {
"required": False,
"type": "str",
"choices": ["accept", "deny"]
},
"comments": {
"required": False,
"type": "str"
},
"dstaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"ha-mgmt-intf-only": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"intf": {
"required": False,
"type": "str"
},
"policyid": {
"required": True,
"type": "int"
},
"schedule": {
"required": False,
"type": "str"
},
"service": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"srcaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_firewall(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"router_route_map": {
"required": False,
"type": "dict",
"default": None,
"options": {
"comments": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"rule": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["permit", "deny"]
},
"id": {
"required": True,
"type": "int"
},
"match_as_path": {
"required": False,
"type": "str"
},
"match_community": {
"required": False,
"type": "str"
},
"match_community_exact": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"match_flags": {
"required": False,
"type": "int"
},
"match_interface": {
"required": False,
"type": "str"
},
"match_ip_address": {
"required": False,
"type": "str"
},
"match_ip_nexthop": {
"required": False,
"type": "str"
},
"match_ip6_address": {
"required": False,
"type": "str"
},
"match_ip6_nexthop": {
"required": False,
"type": "str"
},
"match_metric": {
"required": False,
"type": "int"
},
"match_origin": {
"required": False,
"type": "str",
"choices": ["none", "egp", "igp", "incomplete"]
},
"match_route_type": {
"required": False,
"type": "str",
"choices": ["1", "2", "none"]
},
"match_tag": {
"required": False,
"type": "int"
},
"set_aggregator_as": {
"required": False,
"type": "int"
},
"set_aggregator_ip": {
"required": False,
"type": "str"
},
"set_aspath": {
"required": False,
"type": "list",
"options": {
"as": {
"required": True,
"type": "str"
}
}
},
"set_aspath_action": {
"required": False,
"type": "str",
"choices": ["prepend", "replace"]
},
"set_atomic_aggregate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"set_community": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set_community_additive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"set_community_delete": {
"required": False,
"type": "str"
},
"set_dampening_max_suppress": {
"required": False,
"type": "int"
},
"set_dampening_reachability_half_life": {
"required": False,
"type": "int"
},
"set_dampening_reuse": {
"required": False,
"type": "int"
},
"set_dampening_suppress": {
"required": False,
"type": "int"
},
"set_dampening_unreachability_half_life": {
"required": False,
"type": "int"
},
"set_extcommunity_rt": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set_extcommunity_soo": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set_flags": {
"required": False,
"type": "int"
},
"set_ip_nexthop": {
"required": False,
"type": "str"
},
"set_ip6_nexthop": {
"required": False,
"type": "str"
},
"set_ip6_nexthop_local": {
"required": False,
"type": "str"
},
"set_local_preference": {
"required": False,
"type": "int"
},
"set_metric": {
"required": False,
"type": "int"
},
"set_metric_type": {
"required": False,
"type": "str",
"choices": ["1", "2", "none"]
},
"set_origin": {
"required": False,
"type": "str",
"choices": ["none", "egp", "igp", "incomplete"]
},
"set_originator_id": {
"required": False,
"type": "str"
},
"set_route_tag": {
"required": False,
"type": "int"
},
"set_tag": {
"required": False,
"type": "int"
},
"set_weight": {
"required": False,
"type": "int"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_router(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_router(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"vpn_ipsec_manualkey_interface": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"addr_type": {
"required": False,
"type": "str",
"choices": ["4", "6"]
},
"auth_alg": {
"required":
False,
"type":
"str",
"choices":
["null", "md5", "sha1", "sha256", "sha384", "sha512"]
},
"auth_key": {
"required": False,
"type": "str"
},
"enc_alg": {
"required": False,
"type": "str",
"choices": ["null", "des"]
},
"enc_key": {
"required": False,
"type": "str"
},
"interface": {
"required": False,
"type": "str"
},
"ip_version": {
"required": False,
"type": "str",
"choices": ["4", "6"]
},
"local_gw": {
"required": False,
"type": "str"
},
"local_gw6": {
"required": False,
"type": "str"
},
"local_spi": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"remote_gw": {
"required": False,
"type": "str"
},
"remote_gw6": {
"required": False,
"type": "str"
},
"remote_spi": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_ipsec(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_ipsec(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"endpoint_control_forticlient_registration_sync": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"peer-ip": {
"required": False,
"type": "str"
},
"peer-name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_endpoint_control(
module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"system_object_tagging": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"address": {
"required": False,
"type": "str",
"choices": ["disable", "mandatory", "optional"]
},
"category": {
"required": True,
"type": "str"
},
"color": {
"required": False,
"type": "int"
},
"device": {
"required": False,
"type": "str",
"choices": ["disable", "mandatory", "optional"]
},
"interface": {
"required": False,
"type": "str",
"choices": ["disable", "mandatory", "optional"]
},
"multiple": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tags": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_system(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"log_syslogd_override_filter": {
"required": False,
"type": "dict",
"options": {
"anomaly": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dns": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "str"
},
"filter-type": {
"required": False,
"type": "str",
"choices": ["include", "exclude"]
},
"forward-traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gtp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local-traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast-traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"netscan-discovery": {
"required": False,
"type": "str",
"choices": []
},
"netscan-vulnerability": {
"required": False,
"type": "str",
"choices": []
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"sniffer-traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_log_syslogd(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_fortianalyzer_override_filter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"anomaly": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dlp_archive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dns": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "str"
},
"filter_type": {
"required": False,
"type": "str",
"choices": ["include", "exclude"]
},
"forward_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gtp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"netscan_discovery": {
"required": False,
"type": "str"
},
"netscan_vulnerability": {
"required": False,
"type": "str"
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"sniffer_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_fortianalyzer(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_fortianalyzer(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"antivirus_quarantine": {
"required": False,
"type": "dict",
"options": {
"agelimit": {
"required": False,
"type": "int"
},
"destination": {
"required": False,
"type": "str",
"choices": ["NULL", "disk", "FortiAnalyzer"]
},
"drop-blocked": {
"required":
False,
"type":
"str",
"choices": [
"imap", "smtp", "pop3", "http", "ftp", "nntp", "imaps",
"smtps", "pop3s", "ftps", "mapi", "cifs", "mm1", "mm3",
"mm4", "mm7"
]
},
"drop-heuristic": {
"required":
False,
"type":
"str",
"choices": [
"imap", "smtp", "pop3", "http", "ftp", "nntp", "imaps",
"smtps", "pop3s", "https", "ftps", "mapi", "cifs",
"mm1", "mm3", "mm4", "mm7"
]
},
"drop-infected": {
"required":
False,
"type":
"str",
"choices": [
"imap", "smtp", "pop3", "http", "ftp", "nntp", "imaps",
"smtps", "pop3s", "https", "ftps", "mapi", "cifs",
"mm1", "mm3", "mm4", "mm7"
]
},
"lowspace": {
"required": False,
"type": "str",
"choices": ["drop-new", "ovrw-old"]
},
"maxfilesize": {
"required": False,
"type": "int"
},
"quarantine-quota": {
"required": False,
"type": "int"
},
"store-blocked": {
"required":
False,
"type":
"str",
"choices": [
"imap", "smtp", "pop3", "http", "ftp", "nntp", "imaps",
"smtps", "pop3s", "ftps", "mapi", "cifs", "mm1", "mm3",
"mm4", "mm7"
]
},
"store-heuristic": {
"required":
False,
"type":
"str",
"choices": [
"imap", "smtp", "pop3", "http", "ftp", "nntp", "imaps",
"smtps", "pop3s", "https", "ftps", "mapi", "cifs",
"mm1", "mm3", "mm4", "mm7"
]
},
"store-infected": {
"required":
False,
"type":
"str",
"choices": [
"imap", "smtp", "pop3", "http", "ftp", "nntp", "imaps",
"smtps", "pop3s", "https", "ftps", "mapi", "cifs",
"mm1", "mm3", "mm4", "mm7"
]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_antivirus(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"firewall_ipmacbinding_setting": {
"required": False,
"type": "dict",
"options": {
"bindthroughfw": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"bindtofw": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"undefinedhost": {
"required": False,
"type": "str",
"choices": ["allow", "block"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_firewall_ipmacbinding(
module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"firewall_address": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"allow-routing": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"associated-interface": {
"required": False,
"type": "str"
},
"cache-ttl": {
"required": False,
"type": "int"
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"country": {
"required": False,
"type": "str"
},
"end-ip": {
"required": False,
"type": "str"
},
"epg-name": {
"required": False,
"type": "str"
},
"filter": {
"required": False,
"type": "str"
},
"fqdn": {
"required": False,
"type": "str"
},
"list": {
"required": False,
"type": "list",
"options": {
"ip": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"obj-id": {
"required": False,
"type": "str"
},
"organization": {
"required": False,
"type": "str"
},
"policy-group": {
"required": False,
"type": "str"
},
"sdn": {
"required":
False,
"type":
"str",
"choices":
["aci", "aws", "azure", "gcp", "nsx", "nuage", "oci"]
},
"sdn-tag": {
"required": False,
"type": "str"
},
"start-ip": {
"required": False,
"type": "str"
},
"subnet": {
"required": False,
"type": "str"
},
"subnet-name": {
"required": False,
"type": "str"
},
"tagging": {
"required": False,
"type": "list",
"options": {
"category": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"tags": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
},
"tenant": {
"required": False,
"type": "str"
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"ipmask", "iprange", "fqdn", "geography", "wildcard",
"wildcard-fqdn", "dynamic"
]
},
"uuid": {
"required": False,
"type": "str"
},
"visibility": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"wildcard": {
"required": False,
"type": "str"
},
"wildcard-fqdn": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_firewall(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_gre_tunnel": {
"required": False,
"type": "dict",
"default": None,
"options": {
"checksum_reception": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"checksum_transmission": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"dscp_copying": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"interface": {
"required": False,
"type": "str"
},
"ip_version": {
"required": False,
"type": "str",
"choices": ["4", "6"]
},
"keepalive_failtimes": {
"required": False,
"type": "int"
},
"keepalive_interval": {
"required": False,
"type": "int"
},
"key_inbound": {
"required": False,
"type": "int"
},
"key_outbound": {
"required": False,
"type": "int"
},
"local_gw": {
"required": False,
"type": "str"
},
"local_gw6": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"remote_gw": {
"required": False,
"type": "str"
},
"remote_gw6": {
"required": False,
"type": "str"
},
"sequence_number_reception": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"sequence_number_transmission": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_dhcp6_server": {
"required": False, "type": "dict", "default": None,
"options": {
"dns_search_list": {"required": False, "type": "str",
"choices": ["delegated", "specify"]},
"dns_server1": {"required": False, "type": "str"},
"dns_server2": {"required": False, "type": "str"},
"dns_server3": {"required": False, "type": "str"},
"dns_service": {"required": False, "type": "str",
"choices": ["delegated", "default", "specify"]},
"domain": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"interface": {"required": False, "type": "str"},
"ip_mode": {"required": False, "type": "str",
"choices": ["range", "delegated"]},
"ip_range": {"required": False, "type": "list",
"options": {
"end_ip": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"start_ip": {"required": False, "type": "str"}
}},
"lease_time": {"required": False, "type": "int"},
"option1": {"required": False, "type": "str"},
"option2": {"required": False, "type": "str"},
"option3": {"required": False, "type": "str"},
"prefix_range": {"required": False, "type": "list",
"options": {
"end_prefix": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"prefix_length": {"required": False, "type": "int"},
"start_prefix": {"required": False, "type": "str"}
}},
"rapid_commit": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"status": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"subnet": {"required": False, "type": "str"},
"upstream_interface": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_dhcp6(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_dhcp6(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_multicast_policy": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"action": {
"required": False,
"type": "str",
"choices": ["accept", "deny"]
},
"dnat": {
"required": False,
"type": "str"
},
"dstaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"dstintf": {
"required": False,
"type": "str"
},
"end_port": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"logtraffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"protocol": {
"required": False,
"type": "int"
},
"snat": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"snat_ip": {
"required": False,
"type": "str"
},
"srcaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"srcintf": {
"required": False,
"type": "str"
},
"start_port": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_mobile_tunnel": {
"required": False,
"type": "dict",
"default": None,
"options": {
"hash_algorithm": {
"required": False,
"type": "str",
"choices": ["hmac-md5"]
},
"home_address": {
"required": False,
"type": "str"
},
"home_agent": {
"required": False,
"type": "str"
},
"lifetime": {
"required": False,
"type": "int"
},
"n_mhae_key": {
"required": False,
"type": "str"
},
"n_mhae_key_type": {
"required": False,
"type": "str",
"choices": ["ascii", "base64"]
},
"n_mhae_spi": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"network": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
},
"interface": {
"required": False,
"type": "str"
},
"prefix": {
"required": False,
"type": "str"
}
}
},
"reg_interval": {
"required": False,
"type": "int"
},
"reg_retry": {
"required": False,
"type": "int"
},
"renew_interval": {
"required": False,
"type": "int"
},
"roaming_interface": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"tunnel_mode": {
"required": False,
"type": "str",
"choices": ["gre"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"firewall_auth_portal": {
"required": False,
"type": "dict",
"default": None,
"options": {
"groups": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"identity_based_route": {
"required": False,
"type": "str"
},
"portal_addr": {
"required": False,
"type": "str"
},
"portal_addr6": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dlp_sensor": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"dlp_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"extended_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"filter": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["allow", "log-only", "block",
"quarantine-ip"]},
"archive": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"company_identifier": {"required": False, "type": "str"},
"expiry": {"required": False, "type": "str"},
"file_size": {"required": False, "type": "int"},
"file_type": {"required": False, "type": "int"},
"filter_by": {"required": False, "type": "str",
"choices": ["credit-card", "ssn", "regexp",
"file-type", "file-size", "fingerprint",
"watermark", "encrypted"]},
"fp_sensitivity": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"id": {"required": True, "type": "int"},
"match_percentage": {"required": False, "type": "int"},
"name": {"required": False, "type": "str"},
"proto": {"required": False, "type": "str",
"choices": ["smtp", "pop3", "imap",
"http-get", "http-post", "ftp",
"nntp", "mapi", "mm1",
"mm3", "mm4", "mm7"]},
"regexp": {"required": False, "type": "str"},
"severity": {"required": False, "type": "str",
"choices": ["info", "low", "medium",
"high", "critical"]},
"type": {"required": False, "type": "str",
"choices": ["file", "message"]}
}},
"flow_based": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"full_archive_proto": {"required": False, "type": "str",
"choices": ["smtp", "pop3", "imap",
"http-get", "http-post", "ftp",
"nntp", "mapi", "mm1",
"mm3", "mm4", "mm7"]},
"nac_quar_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"name": {"required": True, "type": "str"},
"options": {"required": False, "type": "str"},
"replacemsg_group": {"required": False, "type": "str"},
"summary_proto": {"required": False, "type": "str",
"choices": ["smtp", "pop3", "imap",
"http-get", "http-post", "ftp",
"nntp", "mapi", "mm1",
"mm3", "mm4", "mm7"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_dlp(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_dlp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"webfilter_search_engine": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"charset": {"required": False, "type": "str",
"choices": ["utf-8", "gb2312"]},
"hostname": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"query": {"required": False, "type": "str"},
"safesearch": {"required": False, "type": "str",
"choices": ["disable", "url", "header"]},
"safesearch_str": {"required": False, "type": "str"},
"url": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"application_custom": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"behavior": {
"required": False,
"type": "str"
},
"category": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"id": {
"required": False,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"protocol": {
"required": False,
"type": "str"
},
"signature": {
"required": False,
"type": "str"
},
"tag": {
"required": True,
"type": "str"
},
"technology": {
"required": False,
"type": "str"
},
"vendor": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_application(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_application(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"vpn_ipsec_phase2": {
"required": False,
"type": "dict",
"default": None,
"options": {
"add_route": {
"required": False,
"type": "str",
"choices": ["phase1", "enable", "disable"]
},
"auto_negotiate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comments": {
"required": False,
"type": "str"
},
"dhcp_ipsec": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dhgrp": {
"required":
False,
"type":
"str",
"choices": [
"1", "2", "5", "14", "15", "16", "17", "18", "19",
"20", "21", "27", "28", "29", "30", "31"
]
},
"dst_addr_type": {
"required": False,
"type": "str",
"choices": ["subnet", "range", "ip", "name"]
},
"dst_end_ip": {
"required": False,
"type": "str"
},
"dst_end_ip6": {
"required": False,
"type": "str"
},
"dst_name": {
"required": False,
"type": "str"
},
"dst_name6": {
"required": False,
"type": "str"
},
"dst_port": {
"required": False,
"type": "int"
},
"dst_start_ip": {
"required": False,
"type": "str"
},
"dst_start_ip6": {
"required": False,
"type": "str"
},
"dst_subnet": {
"required": False,
"type": "str"
},
"dst_subnet6": {
"required": False,
"type": "str"
},
"encapsulation": {
"required": False,
"type": "str",
"choices": ["tunnel-mode", "transport-mode"]
},
"keepalive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"keylife_type": {
"required": False,
"type": "str",
"choices": ["seconds", "kbs", "both"]
},
"keylifekbs": {
"required": False,
"type": "int"
},
"keylifeseconds": {
"required": False,
"type": "int"
},
"l2tp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"pfs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"phase1name": {
"required": False,
"type": "str"
},
"proposal": {
"required":
False,
"type":
"str",
"choices": [
"null-md5", "null-sha1", "null-sha256", "null-sha384",
"null-sha512", "des-null", "des-md5", "des-sha1",
"des-sha256", "des-sha384", "des-sha512"
]
},
"protocol": {
"required": False,
"type": "int"
},
"replay": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"route_overlap": {
"required": False,
"type": "str",
"choices": ["use-old", "use-new", "allow"]
},
"selector_match": {
"required": False,
"type": "str",
"choices": ["exact", "subset", "auto"]
},
"single_source": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"src_addr_type": {
"required": False,
"type": "str",
"choices": ["subnet", "range", "ip", "name"]
},
"src_end_ip": {
"required": False,
"type": "str"
},
"src_end_ip6": {
"required": False,
"type": "str"
},
"src_name": {
"required": False,
"type": "str"
},
"src_name6": {
"required": False,
"type": "str"
},
"src_port": {
"required": False,
"type": "int"
},
"src_start_ip": {
"required": False,
"type": "str"
},
"src_start_ip6": {
"required": False,
"type": "str"
},
"src_subnet": {
"required": False,
"type": "str"
},
"src_subnet6": {
"required": False,
"type": "str"
},
"use_natip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_ipsec(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_ipsec(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
#foirtnetapikey == sn9js6kyddszn454Ggcf1fkjN3Gbqm
#pull policeys and address and compare them to see which ones are to be billed.
#list of policey ids that are billable
#a ip that isn't owned my vault gets billed
from fortiosapi import FortiOSAPI
from pprint import pprint
import requests
from requests.auth import HTTPBasicAuth
import json
fgt = FortiOSAPI()
device = {
'host': '127.0.0.1:8081',
'username': '******',
'password': '******',
}
fgt.login(**device)
address_name = 'SSLVPN_TUNNEL_ADDR1'
filter = 'filter=name==' + address_name
#out = fgt.get('firewall', 'address', parameters=filter)
out1 = fgt.get('firewall', 'policy')
#pprint(out)
#pprint(out.values())
#pprint('*********************************************************************************')
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"firewall_address6_template": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"ip6": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"subnet-segment": {
"required": False,
"type": "list",
"options": {
"bits": {
"required": False,
"type": "int"
},
"exclusive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"values": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
},
"value": {
"required": False,
"type": "str"
}
}
}
}
},
"subnet-segment-count": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_firewall(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"router_ospf6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"abr_type": {
"required": False,
"type": "str",
"choices": ["cisco", "ibm", "standard"]
},
"area": {
"required": False,
"type": "list",
"options": {
"default_cost": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "str"
},
"nssa_default_information_originate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"nssa_default_information_originate_metric": {
"required": False,
"type": "int"
},
"nssa_default_information_originate_metric_type": {
"required": False,
"type": "str",
"choices": ["1", "2"]
},
"nssa_redistribution": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"nssa_translator_role": {
"required": False,
"type": "str",
"choices": ["candidate", "never", "always"]
},
"range": {
"required": False,
"type": "list",
"options": {
"advertise": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"id": {
"required": True,
"type": "int"
},
"prefix6": {
"required": False,
"type": "str"
}
}
},
"stub_type": {
"required": False,
"type": "str",
"choices": ["no-summary", "summary"]
},
"type": {
"required": False,
"type": "str",
"choices": ["regular", "nssa", "stub"]
},
"virtual_link": {
"required": False,
"type": "list",
"options": {
"dead_interval": {
"required": False,
"type": "int"
},
"hello_interval": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"peer": {
"required": False,
"type": "str"
},
"retransmit_interval": {
"required": False,
"type": "int"
},
"transmit_delay": {
"required": False,
"type": "int"
}
}
}
}
},
"auto_cost_ref_bandwidth": {
"required": False,
"type": "int"
},
"bfd": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"default_information_metric": {
"required": False,
"type": "int"
},
"default_information_metric_type": {
"required": False,
"type": "str",
"choices": ["1", "2"]
},
"default_information_originate": {
"required": False,
"type": "str",
"choices": ["enable", "always", "disable"]
},
"default_information_route_map": {
"required": False,
"type": "str"
},
"default_metric": {
"required": False,
"type": "int"
},
"log_neighbour_changes": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ospf6_interface": {
"required": False,
"type": "list",
"options": {
"area_id": {
"required": False,
"type": "str"
},
"bfd": {
"required": False,
"type": "str",
"choices": ["global", "enable", "disable"]
},
"cost": {
"required": False,
"type": "int"
},
"dead_interval": {
"required": False,
"type": "int"
},
"hello_interval": {
"required": False,
"type": "int"
},
"interface": {
"required": False,
"type": "str"
},
"mtu": {
"required": False,
"type": "int"
},
"mtu_ignore": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"neighbor": {
"required": False,
"type": "list",
"options": {
"cost": {
"required": False,
"type": "int"
},
"ip6": {
"required": True,
"type": "str"
},
"poll_interval": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
}
}
},
"network_type": {
"required":
False,
"type":
"str",
"choices": [
"broadcast", "point-to-point", "non-broadcast",
"point-to-multipoint",
"point-to-multipoint-non-broadcast"
]
},
"priority": {
"required": False,
"type": "int"
},
"retransmit_interval": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"transmit_delay": {
"required": False,
"type": "int"
}
}
},
"passive_interface": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"redistribute": {
"required": False,
"type": "list",
"options": {
"metric": {
"required": False,
"type": "int"
},
"metric_type": {
"required": False,
"type": "str",
"choices": ["1", "2"]
},
"name": {
"required": True,
"type": "str"
},
"routemap": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"router_id": {
"required": False,
"type": "str"
},
"spf_timers": {
"required": False,
"type": "str"
},
"summary_address": {
"required": False,
"type": "list",
"options": {
"advertise": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"id": {
"required": True,
"type": "int"
},
"prefix6": {
"required": False,
"type": "str"
},
"tag": {
"required": False,
"type": "int"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_router(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_router(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_replacemsg_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"admin": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"alertmail": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"auth": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"comment": {
"required": False,
"type": "str"
},
"custom_message": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"device_detection_portal": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"ec": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"fortiguard_wf": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"ftp": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"group_type": {
"required": False,
"type": "str",
"choices": ["default", "utm", "auth", "ec"]
},
"http": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"icap": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"mail": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"nac_quar": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"nntp": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"spam": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"sslvpn": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"traffic_quota": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"utm": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
},
"webproxy": {
"required": False,
"type": "list",
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"vpn_ssl_web_host_check_software": {
"required": False,
"type": "dict",
"default": None,
"options": {
"check_item_list": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["require", "deny"]
},
"id": {
"required": True,
"type": "int"
},
"md5s": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "str"
}
}
},
"target": {
"required": False,
"type": "str"
},
"type": {
"required": False,
"type": "str",
"choices": ["file", "registry", "process"]
},
"version": {
"required": False,
"type": "str"
}
}
},
"guid": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"os_type": {
"required": False,
"type": "str",
"choices": ["windows", "macos"]
},
"type": {
"required": False,
"type": "str",
"choices": ["av", "fw"]
},
"version": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_ssl_web(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_ssl_web(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wanopt_auth_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_method": {
"required": False,
"type": "str",
"choices": ["cert", "psk"]
},
"cert": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"peer": {
"required": False,
"type": "str"
},
"peer_accept": {
"required": False,
"type": "str",
"choices": ["any", "defined", "one"]
},
"psk": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_vdom_netflow": {
"required": False,
"type": "dict",
"default": None,
"options": {
"collector_ip": {
"required": False,
"type": "str"
},
"collector_port": {
"required": False,
"type": "int"
},
"source_ip": {
"required": False,
"type": "str"
},
"vdom_netflow": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_profile_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"application_list": {
"required": False,
"type": "str"
},
"av_profile": {
"required": False,
"type": "str"
},
"dlp_sensor": {
"required": False,
"type": "str"
},
"dnsfilter_profile": {
"required": False,
"type": "str"
},
"icap_profile": {
"required": False,
"type": "str"
},
"ips_sensor": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"profile_protocol_options": {
"required": False,
"type": "str"
},
"spamfilter_profile": {
"required": False,
"type": "str"
},
"ssh_filter_profile": {
"required": False,
"type": "str"
},
"ssl_ssh_profile": {
"required": False,
"type": "str"
},
"voip_profile": {
"required": False,
"type": "str"
},
"waf_profile": {
"required": False,
"type": "str"
},
"webfilter_profile": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"spamfilter_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"external": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"flow_based": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gmail": {
"required": False,
"type": "dict",
"options": {
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"imap": {
"required": False,
"type": "dict",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "tag"]
},
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tag_msg": {
"required": False,
"type": "str"
},
"tag_type": {
"required": False,
"type": "list",
"choices": ["subject", "header", "spaminfo"]
}
}
},
"mapi": {
"required": False,
"type": "dict",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "discard"]
},
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"msn_hotmail": {
"required": False,
"type": "dict",
"options": {
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"name": {
"required": True,
"type": "str"
},
"options": {
"required":
False,
"type":
"list",
"choices": [
"bannedword", "spambwl", "spamfsip", "spamfssubmit",
"spamfschksum", "spamfsurl", "spamhelodns",
"spamraddrdns", "spamrbl", "spamhdrcheck",
"spamfsphish"
]
},
"pop3": {
"required": False,
"type": "dict",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "tag"]
},
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tag_msg": {
"required": False,
"type": "str"
},
"tag_type": {
"required": False,
"type": "list",
"choices": ["subject", "header", "spaminfo"]
}
}
},
"replacemsg_group": {
"required": False,
"type": "str"
},
"smtp": {
"required": False,
"type": "dict",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "tag", "discard"]
},
"hdrip": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"local_override": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tag_msg": {
"required": False,
"type": "str"
},
"tag_type": {
"required": False,
"type": "list",
"choices": ["subject", "header", "spaminfo"]
}
}
},
"spam_bwl_table": {
"required": False,
"type": "int"
},
"spam_bword_table": {
"required": False,
"type": "int"
},
"spam_bword_threshold": {
"required": False,
"type": "int"
},
"spam_filtering": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"spam_iptrust_table": {
"required": False,
"type": "int"
},
"spam_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"spam_log_fortiguard_response": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"spam_mheader_table": {
"required": False,
"type": "int"
},
"spam_rbl_table": {
"required": False,
"type": "int"
},
"yahoo_mail": {
"required": False,
"type": "dict",
"options": {
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_spamfilter(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_spamfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"router_ospf6": {
"required": False,
"type": "dict",
"options": {
"abr-type": {
"required": False,
"type": "str",
"choices": ["cisco", "ibm", "standard"]
},
"area": {
"required": False,
"type": "list",
"options": {
"default-cost": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "str"
},
"nssa-default-information-originate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"nssa-default-information-originate-metric": {
"required": False,
"type": "int"
},
"nssa-default-information-originate-metric-type": {
"required": False,
"type": "str",
"choices": ["1", "2"]
},
"nssa-redistribution": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"nssa-translator-role": {
"required": False,
"type": "str",
"choices": ["candidate", "never", "always"]
},
"range": {
"required": False,
"type": "list",
"options": {
"advertise": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"id": {
"required": True,
"type": "int"
},
"prefix6": {
"required": False,
"type": "str"
}
}
},
"stub-type": {
"required": False,
"type": "str",
"choices": ["no-summary", "summary"]
},
"type": {
"required": False,
"type": "str",
"choices": ["regular", "nssa", "stub"]
},
"virtual-link": {
"required": False,
"type": "list",
"options": {
"dead-interval": {
"required": False,
"type": "int"
},
"hello-interval": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"peer": {
"required": False,
"type": "str"
},
"retransmit-interval": {
"required": False,
"type": "int"
},
"transmit-delay": {
"required": False,
"type": "int"
}
}
}
}
},
"auto-cost-ref-bandwidth": {
"required": False,
"type": "int"
},
"bfd": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"default-information-metric": {
"required": False,
"type": "int"
},
"default-information-metric-type": {
"required": False,
"type": "str",
"choices": ["1", "2"]
},
"default-information-originate": {
"required": False,
"type": "str",
"choices": ["enable", "always", "disable"]
},
"default-information-route-map": {
"required": False,
"type": "str"
},
"default-metric": {
"required": False,
"type": "int"
},
"log-neighbour-changes": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ospf6-interface": {
"required": False,
"type": "list",
"options": {
"area-id": {
"required": False,
"type": "str"
},
"bfd": {
"required": False,
"type": "str",
"choices": ["global", "enable", "disable"]
},
"cost": {
"required": False,
"type": "int"
},
"dead-interval": {
"required": False,
"type": "int"
},
"hello-interval": {
"required": False,
"type": "int"
},
"interface": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"neighbor": {
"required": False,
"type": "list",
"options": {
"cost": {
"required": False,
"type": "int"
},
"ip6": {
"required": True,
"type": "str"
},
"poll-interval": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "int"
}
}
},
"network-type": {
"required":
False,
"type":
"str",
"choices": [
"broadcast", "point-to-point", "non-broadcast",
"point-to-multipoint",
"point-to-multipoint-non-broadcast"
]
},
"priority": {
"required": False,
"type": "int"
},
"retransmit-interval": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"transmit-delay": {
"required": False,
"type": "int"
}
}
},
"passive-interface": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"redistribute": {
"required": False,
"type": "list",
"options": {
"metric": {
"required": False,
"type": "int"
},
"metric-type": {
"required": False,
"type": "str",
"choices": ["1", "2"]
},
"name": {
"required": True,
"type": "str"
},
"routemap": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"router-id": {
"required": False,
"type": "str"
},
"spf-timers": {
"required": False,
"type": "str"
},
"summary-address": {
"required": False,
"type": "list",
"options": {
"advertise": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"id": {
"required": True,
"type": "int"
},
"prefix6": {
"required": False,
"type": "str"
},
"tag": {
"required": False,
"type": "int"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_router(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
