def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"application_name": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"behavior": {
"required": False,
"type": "str"
},
"category": {
"required": False,
"type": "int"
},
"id": {
"required": False,
"type": "int"
},
"metadata": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
},
"metaid": {
"required": False,
"type": "int"
},
"valueid": {
"required": False,
"type": "int"
}
}
},
"name": {
"required": True,
"type": "str"
},
"parameter": {
"required": False,
"type": "str"
},
"popularity": {
"required": False,
"type": "int"
},
"protocol": {
"required": False,
"type": "str"
},
"risk": {
"required": False,
"type": "int"
},
"sub_category": {
"required": False,
"type": "int"
},
"technology": {
"required": False,
"type": "str"
},
"vendor": {
"required": False,
"type": "str"
},
"weight": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_application(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_application(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"host": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"username": {
"required": False,
"type": "str"
},
"description": {
"required": False,
"type": "str"
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"config": {
"required": False,
"choices": CONFIG_CALLS + MONITOR_CALLS,
"type": "str"
},
"mkey": {
"required": False,
"type": "str"
},
"https": {
"required": False,
"type": "bool",
"default": "True"
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": "True"
},
"backup": {
"required": False,
"type": "str"
},
"scope": {
"required": True,
"type": "str"
},
"filename": {
"required": True,
"type": "str"
},
"commands": {
"required": False,
"type": "str"
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
else:
module.fail_json(**FAIL_SOCKET_MSG)
module.params['diff'] = False
try:
module.params['diff'] = module._diff
except BaseException:
logger.warning(
"Diff mode is only available on Ansible 2.1 and later versions")
pass
if module.params['backup']:
is_error, has_changed, result = fortigate_backup(fos, module.params)
else:
is_error, has_changed, result = fortigate_upload(fos, module.params)
if not is_error:
if module.params['diff']:
module.exit_json(changed=has_changed,
meta=result,
diff={'prepared': result['diff']})
else:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_geoip_override": {
"required": False, "type": "dict", "default": None,
"options": {
"country_id": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
"ip_range": {"required": False, "type": "list",
"options": {
"end_ip": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"start_ip": {"required": False, "type": "str"}
}},
"name": {"required": True, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"report_layout": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"body_item": {"required": False, "type": "list",
"options": {
"chart": {"required": False, "type": "str"},
"chart_options": {"required": False, "type": "str",
"choices": ["include-no-data",
"hide-title",
"show-caption"]},
"column": {"required": False, "type": "int"},
"content": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
"drill_down_items": {"required": False, "type": "str"},
"drill_down_types": {"required": False, "type": "str"},
"hide": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"id": {"required": True, "type": "int"},
"img_src": {"required": False, "type": "str"},
"list": {"required": False, "type": "list",
"options": {
"content": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"}
}},
"list_component": {"required": False, "type": "str",
"choices": ["bullet",
"numbered"]},
"misc_component": {"required": False, "type": "str",
"choices": ["hline",
"page-break",
"column-break",
"section-start"]},
"parameters": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"},
"name": {"required": False, "type": "str"},
"value": {"required": False, "type": "str"}
}},
"style": {"required": False, "type": "str"},
"table_caption_style": {"required": False, "type": "str"},
"table_column_widths": {"required": False, "type": "str"},
"table_even_row_style": {"required": False, "type": "str"},
"table_head_style": {"required": False, "type": "str"},
"table_odd_row_style": {"required": False, "type": "str"},
"text_component": {"required": False, "type": "str",
"choices": ["text",
"heading1",
"heading2",
"heading3"]},
"title": {"required": False, "type": "str"},
"top_n": {"required": False, "type": "int"},
"type": {"required": False, "type": "str",
"choices": ["text",
"image",
"chart",
"misc"]}
}},
"cutoff_option": {"required": False, "type": "str",
"choices": ["run-time",
"custom"]},
"cutoff_time": {"required": False, "type": "str"},
"day": {"required": False, "type": "str",
"choices": ["sunday",
"monday",
"tuesday",
"wednesday",
"thursday",
"friday",
"saturday"]},
"description": {"required": False, "type": "str"},
"email_recipients": {"required": False, "type": "str"},
"email_send": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"format": {"required": False, "type": "str",
"choices": ["pdf"]},
"max_pdf_report": {"required": False, "type": "int"},
"name": {"required": True, "type": "str"},
"options": {"required": False, "type": "str",
"choices": ["include-table-of-content",
"auto-numbering-heading",
"view-chart-as-heading",
"show-html-navbar-before-heading",
"dummy-option"]},
"page": {"required": False, "type": "dict",
"options": {
"column_break_before": {"required": False, "type": "str",
"choices": ["heading1",
"heading2",
"heading3"]},
"footer": {"required": False, "type": "dict",
"options": {
"footer_item": {"required": False, "type": "list",
"options": {
"content": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"img_src": {"required": False, "type": "str"},
"style": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["text",
"image"]}
}},
"style": {"required": False, "type": "str"}
}},
"header": {"required": False, "type": "dict",
"options": {
"header_item": {"required": False, "type": "list",
"options": {
"content": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"img_src": {"required": False, "type": "str"},
"style": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["text",
"image"]}
}},
"style": {"required": False, "type": "str"}
}},
"options": {"required": False, "type": "str",
"choices": ["header-on-first-page",
"footer-on-first-page"]},
"page_break_before": {"required": False, "type": "str",
"choices": ["heading1",
"heading2",
"heading3"]},
"paper": {"required": False, "type": "str",
"choices": ["a4",
"letter"]}
}},
"schedule_type": {"required": False, "type": "str",
"choices": ["demand",
"daily",
"weekly"]},
"style_theme": {"required": False, "type": "str"},
"subtitle": {"required": False, "type": "str"},
"time": {"required": False, "type": "str"},
"title": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_report(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_report(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_fortiguard_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"enc_algorithm": {
"required": False,
"type": "str",
"choices": ["high-medium", "high", "low"]
},
"source_ip": {
"required": False,
"type": "str"
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"upload_day": {
"required": False,
"type": "str"
},
"upload_interval": {
"required": False,
"type": "str",
"choices": ["daily", "weekly", "monthly"]
},
"upload_option": {
"required":
False,
"type":
"str",
"choices":
["store-and-upload", "realtime", "1-minute", "5-minute"]
},
"upload_time": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_fortiguard(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_fortiguard(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_autoupdate_schedule": {
"required": False,
"type": "dict",
"default": None,
"options": {
"day": {
"required":
False,
"type":
"str",
"choices": [
"Sunday", "Monday", "Tuesday", "Wednesday", "Thursday",
"Friday", "Saturday"
]
},
"frequency": {
"required": False,
"type": "str",
"choices": ["every", "daily", "weekly"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"time": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_autoupdate(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_autoupdate(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"certificate_ca": {
"required": False, "type": "dict", "default": None,
"options": {
"auto_update_days": {"required": False, "type": "int"},
"auto_update_days_warning": {"required": False, "type": "int"},
"ca": {"required": False, "type": "str"},
"last_updated": {"required": False, "type": "int"},
"name": {"required": True, "type": "str"},
"range": {"required": False, "type": "str",
"choices": ["global",
"vdom"]},
"scep_url": {"required": False, "type": "str"},
"source": {"required": False, "type": "str",
"choices": ["factory",
"user",
"bundle"]},
"source_ip": {"required": False, "type": "str"},
"ssl_inspection_trusted": {"required": False, "type": "str",
"choices": ["enable",
"disable"]}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_certificate(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"wanopt_content_delivery_network_rule": {
"required": False, "type": "dict", "default": None,
"options": {
"category": {"required": False, "type": "str",
"choices": ["vcache",
"youtube"]},
"comment": {"required": False, "type": "str"},
"host_domain_name_suffix": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"name": {"required": True, "type": "str"},
"request_cache_control": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"response_cache_control": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"response_expires": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"rules": {"required": False, "type": "list",
"options": {
"content_id": {"required": False, "type": "dict",
"options": {
"end_direction": {"required": False, "type": "str",
"choices": ["forward",
"backward"]},
"end_skip": {"required": False, "type": "int"},
"end_str": {"required": False, "type": "str"},
"range_str": {"required": False, "type": "str"},
"start_direction": {"required": False, "type": "str",
"choices": ["forward",
"backward"]},
"start_skip": {"required": False, "type": "int"},
"start_str": {"required": False, "type": "str"},
"target": {"required": False, "type": "str",
"choices": ["path",
"parameter",
"referrer",
"youtube-map",
"youtube-id",
"youku-id",
"hls-manifest",
"dash-manifest",
"hls-fragment",
"dash-fragment"]}
}},
"match_entries": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"},
"pattern": {"required": False, "type": "list",
"options": {
"string": {"required": True, "type": "str"}
}},
"target": {"required": False, "type": "str",
"choices": ["path",
"parameter",
"referrer",
"youtube-map",
"youtube-id",
"youku-id"]}
}},
"match_mode": {"required": False, "type": "str",
"choices": ["all",
"any"]},
"name": {"required": True, "type": "str"},
"skip_entries": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"},
"pattern": {"required": False, "type": "list",
"options": {
"string": {"required": True, "type": "str"}
}},
"target": {"required": False, "type": "str",
"choices": ["path",
"parameter",
"referrer",
"youtube-map",
"youtube-id",
"youku-id"]}
}},
"skip_rule_mode": {"required": False, "type": "str",
"choices": ["all",
"any"]}
}},
"status": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"text_response_vcache": {"required": False, "type": "str",
"choices": ["enable",
"disable"]},
"updateserver": {"required": False, "type": "str",
"choices": ["enable",
"disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_address6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"cache_ttl": {
"required": False,
"type": "int"
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"end_ip": {
"required": False,
"type": "str"
},
"fqdn": {
"required": False,
"type": "str"
},
"host": {
"required": False,
"type": "str"
},
"host_type": {
"required": False,
"type": "str",
"choices": ["any", "specific"]
},
"ip6": {
"required": False,
"type": "str"
},
"list": {
"required": False,
"type": "list",
"options": {
"ip": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"obj_id": {
"required": False,
"type": "str"
},
"sdn": {
"required": False,
"type": "str"
},
"start_ip": {
"required": False,
"type": "str"
},
"subnet_segment": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
},
"type": {
"required": False,
"type": "str",
"choices": ["any", "specific"]
},
"value": {
"required": False,
"type": "str"
}
}
},
"tagging": {
"required": False,
"type": "list",
"options": {
"category": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"tags": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
},
"template": {
"required": False,
"type": "str"
},
"type": {
"required":
False,
"type":
"str",
"choices":
["ipprefix", "iprange", "fqdn", "dynamic", "template"]
},
"uuid": {
"required": False,
"type": "str"
},
"visibility": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ssh_host_key": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"hostname": {"required": False, "type": "str"},
"ip": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"nid": {"required": False, "type": "str",
"choices": ["256", "384", "521"]},
"port": {"required": False, "type": "int"},
"public_key": {"required": False, "type": "str"},
"status": {"required": False, "type": "str",
"choices": ["trusted", "revoked"]},
"type": {"required": False, "type": "str",
"choices": ["RSA", "DSA", "ECDSA",
"ED25519", "RSA-CA", "DSA-CA",
"ECDSA-CA", "ED25519-CA"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall_ssh(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall_ssh(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_hotspot20_anqp_nai_realm": {
"required": False,
"type": "dict",
"default": None,
"options": {
"nai_list": {
"required": False,
"type": "list",
"options": {
"eap_method": {
"required": False,
"type": "list",
"options": {
"auth_param": {
"required": False,
"type": "str",
"options": {
"id": {
"required":
False,
"type":
"str",
"choices": [
"non-eap-inner-auth",
"inner-auth-eap", "credential",
"tunneled-credential"
]
},
"index": {
"required": True,
"type": "int"
},
"val": {
"required":
False,
"type":
"str",
"choices": [
"eap-identity", "eap-md5",
"eap-tls", "eap-ttls",
"eap-peap", "eap-sim",
"eap-aka", "eap-aka-prime",
"non-eap-pap", "non-eap-chap",
"non-eap-mschap",
"non-eap-mschapv2", "cred-sim",
"cred-usim", "cred-nfc",
"cred-hardware-token",
"cred-softoken",
"cred-certificate",
"cred-user-pwd", "cred-none",
"cred-vendor-specific",
"tun-cred-sim",
"tun-cred-usim",
"tun-cred-nfc",
"tun-cred-hardware-token",
"tun-cred-softoken",
"tun-cred-certificate",
"tun-cred-user-pwd",
"tun-cred-anonymous",
"tun-cred-vendor-specific"
]
}
}
},
"index": {
"required": True,
"type": "int"
},
"method": {
"required":
False,
"type":
"str",
"choices": [
"eap-identity", "eap-md5", "eap-tls",
"eap-ttls", "eap-peap", "eap-sim",
"eap-aka", "eap-aka-prime"
]
}
}
},
"encoding": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"nai_realm": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_password_policy_guest_admin": {
"required": False,
"type": "dict",
"default": None,
"options": {
"apply_to": {
"required": False,
"type": "str",
"choices": ["guest-admin-password"]
},
"change_4_characters": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"expire_day": {
"required": False,
"type": "int"
},
"expire_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"min_lower_case_letter": {
"required": False,
"type": "int"
},
"min_non_alphanumeric": {
"required": False,
"type": "int"
},
"min_number": {
"required": False,
"type": "int"
},
"min_upper_case_letter": {
"required": False,
"type": "int"
},
"minimum_length": {
"required": False,
"type": "int"
},
"reuse_password": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"dnsfilter_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"block_action": {"required": False, "type": "str",
"choices": ["block", "redirect"]},
"block_botnet": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"comment": {"required": False, "type": "str"},
"domain_filter": {"required": False, "type": "dict",
"options": {
"domain_filter_table": {"required": False, "type": "int"}
}},
"external_ip_blocklist": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"ftgd_dns": {"required": False, "type": "dict",
"options": {
"filters": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["block", "monitor"]},
"category": {"required": False, "type": "int"},
"id": {"required": True, "type": "int"},
"log": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}},
"options": {"required": False, "type": "str",
"choices": ["error-allow", "ftgd-disable"]}
}},
"log_all_domain": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"name": {"required": True, "type": "str"},
"redirect_portal": {"required": False, "type": "str"},
"safe_search": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"sdns_domain_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"sdns_ftgd_err_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"youtube_restrict": {"required": False, "type": "str",
"choices": ["strict", "moderate"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_dnsfilter(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_dnsfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"system_netflow": {
"required": False,
"type": "dict",
"default": None,
"options": {
"active_flow_timeout": {
"required": False,
"type": "int"
},
"collector_ip": {
"required": False,
"type": "str"
},
"collector_port": {
"required": False,
"type": "int"
},
"inactive_flow_timeout": {
"required": False,
"type": "int"
},
"source_ip": {
"required": False,
"type": "str"
},
"template_tx_counter": {
"required": False,
"type": "int"
},
"template_tx_timeout": {
"required": False,
"type": "int"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_system(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"firewall_auth_portal": {
"required": False,
"type": "dict",
"default": None,
"options": {
"groups": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"identity_based_route": {
"required": False,
"type": "str"
},
"portal_addr": {
"required": False,
"type": "str"
},
"portal_addr6": {
"required": False,
"type": "str"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"alertemail_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"admin_login_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"alert_interval": {
"required": False,
"type": "int"
},
"amc_interface_bypass_mode": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"antivirus_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"configuration_changes_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"critical_interval": {
"required": False,
"type": "int"
},
"debug_interval": {
"required": False,
"type": "int"
},
"email_interval": {
"required": False,
"type": "int"
},
"emergency_interval": {
"required": False,
"type": "int"
},
"error_interval": {
"required": False,
"type": "int"
},
"FDS_license_expiring_days": {
"required": False,
"type": "int"
},
"FDS_license_expiring_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"FDS_update_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter_mode": {
"required": False,
"type": "str",
"choices": ["category", "threshold"]
},
"FIPS_CC_errors": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"firewall_authentication_failure_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"fortiguard_log_quota_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"FSSO_disconnect_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"HA_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"information_interval": {
"required": False,
"type": "int"
},
"IPS_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"IPsec_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_disk_usage": {
"required": False,
"type": "int"
},
"log_disk_usage_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mailto1": {
"required": False,
"type": "str"
},
"mailto2": {
"required": False,
"type": "str"
},
"mailto3": {
"required": False,
"type": "str"
},
"notification_interval": {
"required": False,
"type": "int"
},
"PPP_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"ssh_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sslvpn_authentication_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"username": {
"required": False,
"type": "str"
},
"violation_traffic_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"warning_interval": {
"required": False,
"type": "int"
},
"webfilter_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_alertemail(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"alertemail_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"admin_login_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"alert_interval": {
"required": False,
"type": "int"
},
"amc_interface_bypass_mode": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"antivirus_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"configuration_changes_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"critical_interval": {
"required": False,
"type": "int"
},
"debug_interval": {
"required": False,
"type": "int"
},
"email_interval": {
"required": False,
"type": "int"
},
"emergency_interval": {
"required": False,
"type": "int"
},
"error_interval": {
"required": False,
"type": "int"
},
"FDS_license_expiring_days": {
"required": False,
"type": "int"
},
"FDS_license_expiring_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"FDS_update_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter_mode": {
"required": False,
"type": "str",
"choices": ["category", "threshold"]
},
"FIPS_CC_errors": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"firewall_authentication_failure_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"fortiguard_log_quota_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"FSSO_disconnect_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"HA_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"information_interval": {
"required": False,
"type": "int"
},
"IPS_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"IPsec_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_disk_usage": {
"required": False,
"type": "int"
},
"log_disk_usage_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mailto1": {
"required": False,
"type": "str"
},
"mailto2": {
"required": False,
"type": "str"
},
"mailto3": {
"required": False,
"type": "str"
},
"notification_interval": {
"required": False,
"type": "int"
},
"PPP_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"ssh_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sslvpn_authentication_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"username": {
"required": False,
"type": "str"
},
"violation_traffic_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"warning_interval": {
"required": False,
"type": "int"
},
"webfilter_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_alertemail(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_alertemail(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"ips_global": {
"required": False,
"type": "dict",
"default": None,
"options": {
"anomaly_mode": {
"required": False,
"type": "str",
"choices": ["periodical", "continuous"]
},
"database": {
"required": False,
"type": "str",
"choices": ["regular", "extended"]
},
"deep_app_insp_db_limit": {
"required": False,
"type": "int"
},
"deep_app_insp_timeout": {
"required": False,
"type": "int"
},
"engine_count": {
"required": False,
"type": "int"
},
"exclude_signatures": {
"required": False,
"type": "str",
"choices": ["none", "industrial"]
},
"fail_open": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"intelligent_mode": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"session_limit_mode": {
"required": False,
"type": "str",
"choices": ["accurate", "heuristic"]
},
"skype_client_public_ipaddr": {
"required": False,
"type": "str"
},
"socket_size": {
"required": False,
"type": "int"
},
"sync_session_ttl": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"traffic_submit": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_ips(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ssh_host_key": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"hostname": {"required": False, "type": "str"},
"ip": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"nid": {"required": False, "type": "str",
"choices": ["256",
"384",
"521"]},
"port": {"required": False, "type": "int"},
"public_key": {"required": False, "type": "str"},
"status": {"required": False, "type": "str",
"choices": ["trusted",
"revoked"]},
"type": {"required": False, "type": "str",
"choices": ["RSA",
"DSA",
"ECDSA",
"ED25519",
"RSA-CA",
"DSA-CA",
"ECDSA-CA",
"ED25519-CA"]}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_firewall_ssh(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_snmp_community": {
"required": False,
"type": "dict",
"default": None,
"options": {
"events": {
"required":
False,
"type":
"str",
"choices": [
"cpu-high", "mem-low", "log-full", "intf-ip",
"vpn-tun-up", "vpn-tun-down", "ha-switch",
"ha-hb-failure", "ips-signature", "ips-anomaly",
"av-virus", "av-oversize", "av-pattern",
"av-fragmented", "fm-if-change", "fm-conf-change",
"bgp-established", "bgp-backward-transition",
"ha-member-up", "ha-member-down", "ent-conf-change",
"av-conserve", "av-bypass", "av-oversize-passed",
"av-oversize-blocked", "ips-pkg-update",
"ips-fail-open", "faz-disconnect", "wc-ap-up",
"wc-ap-down", "fswctl-session-up",
"fswctl-session-down", "load-balance-real-server-down",
"device-new", "per-cpu-high"
]
},
"hosts": {
"required": False,
"type": "list",
"options": {
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"host_type": {
"required": False,
"type": "str",
"choices": ["any", "query", "trap"]
},
"id": {
"required": True,
"type": "int"
},
"ip": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
}
}
},
"hosts6": {
"required": False,
"type": "list",
"options": {
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"host_type": {
"required": False,
"type": "str",
"choices": ["any", "query", "trap"]
},
"id": {
"required": True,
"type": "int"
},
"ipv6": {
"required": False,
"type": "str"
},
"source_ipv6": {
"required": False,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"query_v1_port": {
"required": False,
"type": "int"
},
"query_v1_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"query_v2c_port": {
"required": False,
"type": "int"
},
"query_v2c_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_v1_lport": {
"required": False,
"type": "int"
},
"trap_v1_rport": {
"required": False,
"type": "int"
},
"trap_v1_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_v2c_lport": {
"required": False,
"type": "int"
},
"trap_v2c_rport": {
"required": False,
"type": "int"
},
"trap_v2c_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_snmp(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_snmp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'id'
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"extender_controller_extender": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"aaa_shared_secret": {
"required": False,
"type": "str"
},
"access_point_name": {
"required": False,
"type": "str"
},
"admin": {
"required": False,
"type": "str",
"choices": ["disable", "discovered", "enable"]
},
"at_dial_script": {
"required": False,
"type": "str"
},
"billing_start_day": {
"required": False,
"type": "int"
},
"cdma_aaa_spi": {
"required": False,
"type": "str"
},
"cdma_ha_spi": {
"required": False,
"type": "str"
},
"cdma_nai": {
"required": False,
"type": "str"
},
"conn_status": {
"required": False,
"type": "int"
},
"description": {
"required": False,
"type": "str"
},
"dial_mode": {
"required": False,
"type": "str",
"choices": ["dial-on-demand", "always-connect"]
},
"dial_status": {
"required": False,
"type": "int"
},
"ext_name": {
"required": False,
"type": "str"
},
"ha_shared_secret": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "str"
},
"ifname": {
"required": False,
"type": "str"
},
"initiated_update": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mode": {
"required": False,
"type": "str",
"choices": ["standalone", "redundant"]
},
"modem_passwd": {
"required": False,
"type": "str"
},
"modem_type": {
"required": False,
"type": "str",
"choices": ["cdma", "gsm/lte", "wimax"]
},
"multi_mode": {
"required":
False,
"type":
"str",
"choices":
["auto", "auto-3g", "force-lte", "force-3g", "force-2g"]
},
"ppp_auth_protocol": {
"required": False,
"type": "str",
"choices": ["auto", "pap", "chap"]
},
"ppp_echo_request": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ppp_password": {
"required": False,
"type": "str"
},
"ppp_username": {
"required": False,
"type": "str"
},
"primary_ha": {
"required": False,
"type": "str"
},
"quota_limit_mb": {
"required": False,
"type": "int"
},
"redial": {
"required":
False,
"type":
"str",
"choices": [
"none", "1", "2", "3", "4", "5", "6", "7", "8", "9",
"10"
]
},
"redundant_intf": {
"required": False,
"type": "str"
},
"roaming": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"role": {
"required": False,
"type": "str",
"choices": ["none", "primary", "secondary"]
},
"secondary_ha": {
"required": False,
"type": "str"
},
"sim_pin": {
"required": False,
"type": "str"
},
"vdom": {
"required": False,
"type": "int"
},
"wimax_auth_protocol": {
"required": False,
"type": "str",
"choices": ["tls", "ttls"]
},
"wimax_carrier": {
"required": False,
"type": "str"
},
"wimax_realm": {
"required": False,
"type": "str"
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_extender_controller(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"log_fortianalyzer3_filter": {
"required": False, "type": "dict", "default": None,
"options": {
"anomaly": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"dlp_archive": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"dns": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"filter": {"required": False, "type": "str"},
"filter_type": {"required": False, "type": "str",
"choices": ["include", "exclude"]},
"forward_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"gtp": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"local_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"multicast_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"netscan_discovery": {"required": False, "type": "str"},
"netscan_vulnerability": {"required": False, "type": "str"},
"severity": {"required": False, "type": "str",
"choices": ["emergency", "alert", "critical",
"error", "warning", "notification",
"information", "debug"]},
"sniffer_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"ssh": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"voip": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_fortianalyzer3(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_fortianalyzer3(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"ips_sensor": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"block_malicious_url": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"comment": {
"required": False,
"type": "str"
},
"entries": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "block", "reset", "default"]
},
"application": {
"required": False,
"type": "str"
},
"exempt_ip": {
"required": False,
"type": "list",
"options": {
"dst_ip": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"src_ip": {
"required": False,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"location": {
"required": False,
"type": "str"
},
"log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"log_attack_context": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"log_packet": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"os": {
"required": False,
"type": "str"
},
"protocol": {
"required": False,
"type": "str"
},
"quarantine": {
"required": False,
"type": "str",
"choices": ["none", "attacker"]
},
"quarantine_expiry": {
"required": False,
"type": "str"
},
"quarantine_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"rate_count": {
"required": False,
"type": "int"
},
"rate_duration": {
"required": False,
"type": "int"
},
"rate_mode": {
"required": False,
"type": "str",
"choices": ["periodical", "continuous"]
},
"rate_track": {
"required":
False,
"type":
"str",
"choices": [
"none", "src-ip", "dest-ip", "dhcp-client-mac",
"dns-domain"
]
},
"rule": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"severity": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable", "default"]
}
}
},
"extended_log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "block", "reset", "default"]
},
"application": {
"required": False,
"type": "str"
},
"location": {
"required": False,
"type": "str"
},
"log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"log_packet": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"name": {
"required": True,
"type": "str"
},
"os": {
"required": False,
"type": "str"
},
"protocol": {
"required": False,
"type": "str"
},
"quarantine": {
"required": False,
"type": "str",
"choices": ["none", "attacker"]
},
"quarantine_expiry": {
"required": False,
"type": "int"
},
"quarantine_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"severity": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable", "default"]
}
}
},
"name": {
"required": True,
"type": "str"
},
"override": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "block", "reset"]
},
"exempt_ip": {
"required": False,
"type": "list",
"options": {
"dst_ip": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"src_ip": {
"required": False,
"type": "str"
}
}
},
"log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"log_packet": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"quarantine": {
"required": False,
"type": "str",
"choices": ["none", "attacker"]
},
"quarantine_expiry": {
"required": False,
"type": "int"
},
"quarantine_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"rule_id": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
}
}
},
"replacemsg_group": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_ips(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_ips(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = 'name'
fields = {
"access_token": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_gre_tunnel": {
"required": False, "type": "dict", "default": None,
"options": {
"checksum_reception": {"required": False, "type": "str",
"choices": ["disable",
"enable"]},
"checksum_transmission": {"required": False, "type": "str",
"choices": ["disable",
"enable"]},
"dscp_copying": {"required": False, "type": "str",
"choices": ["disable",
"enable"]},
"interface": {"required": False, "type": "str"},
"ip_version": {"required": False, "type": "str",
"choices": ["4",
"6"]},
"keepalive_failtimes": {"required": False, "type": "int"},
"keepalive_interval": {"required": False, "type": "int"},
"key_inbound": {"required": False, "type": "int"},
"key_outbound": {"required": False, "type": "int"},
"local_gw": {"required": False, "type": "str"},
"local_gw6": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"remote_gw": {"required": False, "type": "str"},
"remote_gw6": {"required": False, "type": "str"},
"sequence_number_reception": {"required": False, "type": "str",
"choices": ["disable",
"enable"]},
"sequence_number_transmission": {"required": False, "type": "str",
"choices": ["disable",
"enable"]}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token', module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_system(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn("Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv")
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"switch_controller_quarantine": {
"required": False,
"type": "dict",
"default": None,
"options": {
"quarantine": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"targets": {
"required": False,
"type": "list",
"options": {
"description": {
"required": False,
"type": "str"
},
"entry_id": {
"required": False,
"type": "int"
},
"mac": {
"required": True,
"type": "str"
},
"tag": {
"required": False,
"type": "list",
"options": {
"tags": {
"required": True,
"type": "str"
}
}
}
}
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"switch_controller_lldp_settings": {
"required": False,
"type": "dict",
"default": None,
"options": {
"fast_start_interval": {
"required": False,
"type": "int"
},
"management_interface": {
"required": False,
"type": "str",
"choices": ["internal", "mgmt"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tx_hold": {
"required": False,
"type": "int"
},
"tx_interval": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_replacemsg_mail": {
"required": False,
"type": "dict",
"default": None,
"options": {
"buffer": {
"required": False,
"type": "str"
},
"format": {
"required": False,
"type": "str",
"choices": ["none", "text", "html", "wml"]
},
"header": {
"required": False,
"type": "str",
"choices": ["none", "http", "8bit"]
},
"msg_type": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_replacemsg(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_replacemsg(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"wireless_controller_global": {
"required": False,
"type": "dict",
"default": None,
"options": {
"ap_log_server": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ap_log_server_ip": {
"required": False,
"type": "str"
},
"ap_log_server_port": {
"required": False,
"type": "int"
},
"control_message_offload": {
"required":
False,
"type":
"str",
"choices": [
"ebp-frame", "aeroscout-tag", "ap-list", "sta-list",
"sta-cap-list", "stats", "aeroscout-mu"
]
},
"data_ethernet_II": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"discovery_mc_addr": {
"required": False,
"type": "str"
},
"fiapp_eth_type": {
"required": False,
"type": "int"
},
"image_download": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ipsec_base_ip": {
"required": False,
"type": "str"
},
"link_aggregation": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"location": {
"required": False,
"type": "str"
},
"max_clients": {
"required": False,
"type": "int"
},
"max_retransmit": {
"required": False,
"type": "int"
},
"mesh_eth_type": {
"required": False,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"rogue_scan_mac_adjacency": {
"required": False,
"type": "int"
},
"wtp_share": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"ips_settings": {
"required": False,
"type": "dict",
"default": None,
"options": {
"ips_packet_quota": {
"required": False,
"type": "int"
},
"packet_log_history": {
"required": False,
"type": "int"
},
"packet_log_memory": {
"required": False,
"type": "int"
},
"packet_log_post_attack": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_ips(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_ips(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
mkeyname = None
fields = {
"access_token": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"log_fortiguard_override_filter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"anomaly": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cifs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dlp_archive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dns": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "str"
},
"filter_type": {
"required": False,
"type": "str",
"choices": ["include", "exclude"]
},
"forward_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gtp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"sniffer_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssl": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
check_legacy_fortiosapi()
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
versions_check_result = None
if module._socket_path:
connection = Connection(module._socket_path)
if 'access_token' in module.params:
connection.set_option('access_token',
module.params['access_token'])
fos = FortiOSHandler(connection, module, mkeyname)
is_error, has_changed, result = fortios_log_fortiguard(
module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
