def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_schedule_recurring": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"color": {"required": False, "type": "int"},
"day": {"required": False, "type": "str",
"choices": ["sunday", "monday", "tuesday",
"wednesday", "thursday", "friday",
"saturday", "none"]},
"end": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"start": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall_schedule(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall_schedule(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_virtual_wire_pair": {
"required": False, "type": "dict", "default": None,
"options": {
"member": {"required": False, "type": "list",
"options": {
"interface_name": {"required": False, "type": "str"}
}},
"name": {"required": True, "type": "str"},
"vlan_filter": {"required": False, "type": "str"},
"wildcard_vlan": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"system_probe_response": {
"required": False, "type": "dict", "default": None,
"options": {
"http_probe_value": {"required": False, "type": "str"},
"mode": {"required": False, "type": "str",
"choices": ["none", "http-probe", "twamp"]},
"password": {"required": False, "type": "str"},
"port": {"required": False, "type": "int"},
"security_mode": {"required": False, "type": "str",
"choices": ["none", "authentication"]},
"timeout": {"required": False, "type": "int"},
"ttl_mode": {"required": False, "type": "str",
"choices": ["reinit", "decrease", "retain"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"ftp_proxy_explicit": {
"required": False, "type": "dict", "default": None,
"options": {
"incoming_ip": {"required": False, "type": "str"},
"incoming_port": {"required": False, "type": "str"},
"outgoing_ip": {"required": False, "type": "str"},
"sec_default_action": {"required": False, "type": "str",
"choices": ["accept", "deny"]},
"status": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_ftp_proxy(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_ftp_proxy(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"system_netflow": {
"required": False, "type": "dict", "default": None,
"options": {
"active_flow_timeout": {"required": False, "type": "int"},
"collector_ip": {"required": False, "type": "str"},
"collector_port": {"required": False, "type": "int"},
"inactive_flow_timeout": {"required": False, "type": "int"},
"source_ip": {"required": False, "type": "str"},
"template_tx_counter": {"required": False, "type": "int"},
"template_tx_timeout": {"required": False, "type": "int"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"wanopt_settings": {
"required": False, "type": "dict", "default": None,
"options": {
"auto_detect_algorithm": {"required": False, "type": "str",
"choices": ["simple", "diff-req-resp"]},
"host_id": {"required": False, "type": "str"},
"tunnel_ssl_algorithm": {"required": False, "type": "str",
"choices": ["low"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"antivirus_settings": {
"required": False, "type": "dict", "default": None,
"options": {
"default_db": {"required": False, "type": "str",
"choices": ["normal", "extended", "extreme"]},
"grayware": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"override_timeout": {"required": False, "type": "int"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_antivirus(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_antivirus(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"log_memory_global_setting": {
"required": False, "type": "dict", "default": None,
"options": {
"full_final_warning_threshold": {"required": False, "type": "int"},
"full_first_warning_threshold": {"required": False, "type": "int"},
"full_second_warning_threshold": {"required": False, "type": "int"},
"max_size": {"required": False, "type": "int"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_memory(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_memory(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"alertemail_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"admin_login_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"alert_interval": {
"required": False,
"type": "int"
},
"amc_interface_bypass_mode": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"antivirus_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"configuration_changes_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"critical_interval": {
"required": False,
"type": "int"
},
"debug_interval": {
"required": False,
"type": "int"
},
"email_interval": {
"required": False,
"type": "int"
},
"emergency_interval": {
"required": False,
"type": "int"
},
"error_interval": {
"required": False,
"type": "int"
},
"FDS_license_expiring_days": {
"required": False,
"type": "int"
},
"FDS_license_expiring_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"FDS_update_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter_mode": {
"required": False,
"type": "str",
"choices": ["category", "threshold"]
},
"FIPS_CC_errors": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"firewall_authentication_failure_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"fortiguard_log_quota_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"FSSO_disconnect_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"HA_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"information_interval": {
"required": False,
"type": "int"
},
"IPS_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"IPsec_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_disk_usage": {
"required": False,
"type": "int"
},
"log_disk_usage_warning": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mailto1": {
"required": False,
"type": "str"
},
"mailto2": {
"required": False,
"type": "str"
},
"mailto3": {
"required": False,
"type": "str"
},
"notification_interval": {
"required": False,
"type": "int"
},
"PPP_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"ssh_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sslvpn_authentication_errors_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"username": {
"required": False,
"type": "str"
},
"violation_traffic_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"warning_interval": {
"required": False,
"type": "int"
},
"webfilter_logs": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_alertemail(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_alertemail(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_internet_service": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"database": {"required": False, "type": "str",
"choices": ["isdb", "irdb"]},
"direction": {"required": False, "type": "str",
"choices": ["src", "dst", "both"]},
"entry": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"},
"ip_number": {"required": False, "type": "int"},
"ip_range_number": {"required": False, "type": "int"},
"port": {"required": False, "type": "int"},
"protocol": {"required": False, "type": "int"}
}},
"icon_id": {"required": False, "type": "int"},
"id": {"required": True, "type": "int"},
"name": {"required": False, "type": "str"},
"offset": {"required": False, "type": "int"},
"reputation": {"required": False, "type": "int"},
"sld_id": {"required": False, "type": "int"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"webfilter_fortiguard": {
"required": False, "type": "dict", "default": None,
"options": {
"cache_mem_percent": {"required": False, "type": "int"},
"cache_mode": {"required": False, "type": "str",
"choices": ["ttl", "db-ver"]},
"cache_prefix_match": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"close_ports": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"ovrd_auth_https": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"ovrd_auth_port": {"required": False, "type": "int"},
"ovrd_auth_port_http": {"required": False, "type": "int"},
"ovrd_auth_port_https": {"required": False, "type": "int"},
"ovrd_auth_port_warning": {"required": False, "type": "int"},
"request_packet_size_limit": {"required": False, "type": "int"},
"warn_auth_https": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_ssl_server": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"add_header_x_forwarded_proto": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ip": {
"required": False,
"type": "str"
},
"mapped_port": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"port": {
"required": False,
"type": "int"
},
"ssl_algorithm": {
"required": False,
"type": "str",
"choices": ["high", "medium", "low"]
},
"ssl_cert": {
"required": False,
"type": "str"
},
"ssl_client_renegotiation": {
"required": False,
"type": "str",
"choices": ["allow", "deny", "secure"]
},
"ssl_dh_bits": {
"required": False,
"type": "str",
"choices": ["768", "1024", "1536", "2048"]
},
"ssl_max_version": {
"required": False,
"type": "str",
"choices": ["tls-1.0", "tls-1.1", "tls-1.2"]
},
"ssl_min_version": {
"required": False,
"type": "str",
"choices": ["tls-1.0", "tls-1.1", "tls-1.2"]
},
"ssl_mode": {
"required": False,
"type": "str",
"choices": ["half", "full"]
},
"ssl_send_empty_frags": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"url_rewrite": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_hotspot20_h2qp_osu_provider": {
"required": False,
"type": "dict",
"default": None,
"options": {
"friendly_name": {
"required": False,
"type": "list",
"options": {
"friendly_name": {
"required": False,
"type": "str"
},
"index": {
"required": True,
"type": "int"
},
"lang": {
"required": False,
"type": "str"
}
}
},
"icon": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"osu_method": {
"required": False,
"type": "str",
"choices": ["oma-dm", "soap-xml-spp", "reserved"]
},
"osu_nai": {
"required": False,
"type": "str"
},
"server_uri": {
"required": False,
"type": "str"
},
"service_description": {
"required": False,
"type": "list",
"options": {
"lang": {
"required": False,
"type": "str"
},
"service_description": {
"required": False,
"type": "str"
},
"service_id": {
"required": False,
"type": "int"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"antivirus_quarantine": {
"required": False, "type": "dict", "default": None,
"options": {
"agelimit": {"required": False, "type": "int"},
"destination": {"required": False, "type": "str",
"choices": ["NULL", "disk", "FortiAnalyzer"]},
"drop_blocked": {"required": False, "type": "str",
"choices": ["imap", "smtp", "pop3",
"http", "ftp", "nntp",
"imaps", "smtps", "pop3s",
"ftps", "mapi", "cifs",
"mm1", "mm3", "mm4",
"mm7"]},
"drop_heuristic": {"required": False, "type": "str",
"choices": ["imap", "smtp", "pop3",
"http", "ftp", "nntp",
"imaps", "smtps", "pop3s",
"https", "ftps", "mapi",
"cifs", "mm1", "mm3",
"mm4", "mm7"]},
"drop_infected": {"required": False, "type": "str",
"choices": ["imap", "smtp", "pop3",
"http", "ftp", "nntp",
"imaps", "smtps", "pop3s",
"https", "ftps", "mapi",
"cifs", "mm1", "mm3",
"mm4", "mm7"]},
"lowspace": {"required": False, "type": "str",
"choices": ["drop-new", "ovrw-old"]},
"maxfilesize": {"required": False, "type": "int"},
"quarantine_quota": {"required": False, "type": "int"},
"store_blocked": {"required": False, "type": "str",
"choices": ["imap", "smtp", "pop3",
"http", "ftp", "nntp",
"imaps", "smtps", "pop3s",
"ftps", "mapi", "cifs",
"mm1", "mm3", "mm4",
"mm7"]},
"store_heuristic": {"required": False, "type": "str",
"choices": ["imap", "smtp", "pop3",
"http", "ftp", "nntp",
"imaps", "smtps", "pop3s",
"https", "ftps", "mapi",
"cifs", "mm1", "mm3",
"mm4", "mm7"]},
"store_infected": {"required": False, "type": "str",
"choices": ["imap", "smtp", "pop3",
"http", "ftp", "nntp",
"imaps", "smtps", "pop3s",
"https", "ftps", "mapi",
"cifs", "mm1", "mm3",
"mm4", "mm7"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_antivirus(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_antivirus(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"webfilter_urlfilter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"entries": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["exempt", "block", "allow", "monitor"]
},
"dns_address_family": {
"required": False,
"type": "str",
"choices": ["ipv4", "ipv6", "both"]
},
"exempt": {
"required":
False,
"type":
"str",
"choices": [
"av", "web-content", "activex-java-cookie",
"dlp", "fortiguard", "range-block", "pass",
"all"
]
},
"id": {
"required": True,
"type": "int"
},
"referrer_host": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"type": {
"required": False,
"type": "str",
"choices": ["simple", "regex", "wildcard"]
},
"url": {
"required": False,
"type": "str"
},
"web_proxy_profile": {
"required": False,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"ip_addr_block": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": False,
"type": "str"
},
"one_arm_ips_urlfilter": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_webfilter(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_email_server": {
"required": False,
"type": "dict",
"default": None,
"options": {
"authenticate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"password": {
"required": False,
"type": "str"
},
"port": {
"required": False,
"type": "int"
},
"reply_to": {
"required": False,
"type": "str"
},
"security": {
"required": False,
"type": "str",
"choices": ["none", "starttls", "smtps"]
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"source_ip6": {
"required": False,
"type": "str"
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"type": {
"required": False,
"type": "str",
"choices": ["custom"]
},
"username": {
"required": False,
"type": "str"
},
"validate_server": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"switch_controller_global": {
"required": False,
"type": "dict",
"default": None,
"options": {
"allow_multiple_interfaces": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"default_virtual_switch_vlan": {
"required": False,
"type": "str"
},
"disable_discovery": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"https_image_push": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"log_mac_limit_violations": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"mac_aging_interval": {
"required": False,
"type": "int"
},
"mac_retention_period": {
"required": False,
"type": "int"
},
"mac_violation_timer": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_hotspot20_h2qp_conn_capability": {
"required": False,
"type": "dict",
"default": None,
"options": {
"esp_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"ftp_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"http_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"icmp_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"ikev2_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"ikev2_xx_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"name": {
"required": True,
"type": "str"
},
"pptp_vpn_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"ssh_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"tls_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"voip_tcp_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
},
"voip_udp_port": {
"required": False,
"type": "str",
"choices": ["closed", "open", "unknown"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"user_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_concurrent_override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"auth_concurrent_value": {
"required": False,
"type": "int"
},
"authtimeout": {
"required": False,
"type": "int"
},
"company": {
"required": False,
"type": "str",
"choices": ["optional", "mandatory", "disabled"]
},
"email": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"expire": {
"required": False,
"type": "int"
},
"expire_type": {
"required": False,
"type": "str",
"choices": ["immediately", "first-successful-login"]
},
"group_type": {
"required": False,
"type": "str",
"choices": ["firewall", "fsso-service", "rsso", "guest"]
},
"guest": {
"required": False,
"type": "list",
"options": {
"comment": {
"required": False,
"type": "str"
},
"company": {
"required": False,
"type": "str"
},
"email": {
"required": False,
"type": "str"
},
"expiration": {
"required": False,
"type": "str"
},
"mobile_phone": {
"required": False,
"type": "str"
},
"name": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str"
},
"sponsor": {
"required": False,
"type": "str"
},
"user_id": {
"required": False,
"type": "str"
}
}
},
"http_digest_realm": {
"required": False,
"type": "str"
},
"id": {
"required": False,
"type": "int"
},
"match": {
"required": False,
"type": "list",
"options": {
"group_name": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"server_name": {
"required": False,
"type": "str"
}
}
},
"max_accounts": {
"required": False,
"type": "int"
},
"member": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"mobile_phone": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"multiple_guest_add": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"name": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"choices": ["auto-generate", "specify", "disable"]
},
"sms_custom_server": {
"required": False,
"type": "str"
},
"sms_server": {
"required": False,
"type": "str",
"choices": ["fortiguard", "custom"]
},
"sponsor": {
"required": False,
"type": "str",
"choices": ["optional", "mandatory", "disabled"]
},
"sso_attribute_value": {
"required": False,
"type": "str"
},
"user_id": {
"required": False,
"type": "str",
"choices": ["email", "auto-generate", "specify"]
},
"user_name": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"system_accprofile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"admintimeout": {
"required": False,
"type": "int"
},
"admintimeout_override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"authgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"comments": {
"required": False,
"type": "str"
},
"ftviewgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"fwgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write", "custom"]
},
"fwgrp_permission": {
"required": False,
"type": "dict",
"options": {
"address": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"policy": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"schedule": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"service": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
}
}
},
"loggrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write", "custom"]
},
"loggrp_permission": {
"required": False,
"type": "dict",
"options": {
"config": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"data_access": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"report_access": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"threat_weight": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
}
}
},
"name": {
"required": True,
"type": "str"
},
"netgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write", "custom"]
},
"netgrp_permission": {
"required": False,
"type": "dict",
"options": {
"cfg": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"packet_capture": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"route_cfg": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
}
}
},
"scope": {
"required": False,
"type": "str",
"choices": ["vdom", "global"]
},
"secfabgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"sysgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write", "custom"]
},
"sysgrp_permission": {
"required": False,
"type": "dict",
"options": {
"admin": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"cfg": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"mnt": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"upd": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
}
}
},
"utmgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write", "custom"]
},
"utmgrp_permission": {
"required": False,
"type": "dict",
"options": {
"antivirus": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"application_control": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"data_loss_prevention": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"dnsfilter": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"endpoint_control": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"icap": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"ips": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"spamfilter": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"waf": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"webfilter": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
}
}
},
"vpngrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"wanoptgrp": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
},
"wifi": {
"required": False,
"type": "str",
"choices": ["none", "read", "read-write"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"firewall_ssl_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"abbreviate_handshake": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cert_cache_capacity": {
"required": False,
"type": "int"
},
"cert_cache_timeout": {
"required": False,
"type": "int"
},
"kxp_queue_threshold": {
"required": False,
"type": "int"
},
"no_matching_cipher_action": {
"required": False,
"type": "str",
"choices": ["bypass", "drop"]
},
"proxy_connect_timeout": {
"required": False,
"type": "int"
},
"session_cache_capacity": {
"required": False,
"type": "int"
},
"session_cache_timeout": {
"required": False,
"type": "int"
},
"ssl_dh_bits": {
"required": False,
"type": "str",
"choices": ["768", "1024", "1536", "2048"]
},
"ssl_queue_threshold": {
"required": False,
"type": "int"
},
"ssl_send_empty_frags": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall_ssl(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall_ssl(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_hotspot20_anqp_ip_address_type": {
"required": False,
"type": "dict",
"default": None,
"options": {
"ipv4_address_type": {
"required":
False,
"type":
"str",
"choices": [
"not-available", "public", "port-restricted",
"single-NATed-private", "double-NATed-private",
"port-restricted-and-single-NATed",
"port-restricted-and-double-NATed", "not-known"
]
},
"ipv6_address_type": {
"required": False,
"type": "str",
"choices": ["not-available", "available", "not-known"]
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_DoS_policy": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"anomaly": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["pass", "block"]
},
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"quarantine": {
"required": False,
"type": "str",
"choices": ["none", "attacker"]
},
"quarantine_expiry": {
"required": False,
"type": "str"
},
"quarantine_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"threshold": {
"required": False,
"type": "int"
},
"threshold(default)": {
"required": False,
"type": "int"
}
}
},
"comments": {
"required": False,
"type": "str"
},
"dstaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"interface": {
"required": False,
"type": "str"
},
"policyid": {
"required": True,
"type": "int"
},
"service": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"srcaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"wireless_controller_global": {
"required": False,
"type": "dict",
"default": None,
"options": {
"ap_log_server": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ap_log_server_ip": {
"required": False,
"type": "str"
},
"ap_log_server_port": {
"required": False,
"type": "int"
},
"control_message_offload": {
"required":
False,
"type":
"str",
"choices": [
"ebp-frame", "aeroscout-tag", "ap-list", "sta-list",
"sta-cap-list", "stats", "aeroscout-mu"
]
},
"data_ethernet_II": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"discovery_mc_addr": {
"required": False,
"type": "str"
},
"fiapp_eth_type": {
"required": False,
"type": "int"
},
"image_download": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ipsec_base_ip": {
"required": False,
"type": "str"
},
"link_aggregation": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"location": {
"required": False,
"type": "str"
},
"max_clients": {
"required": False,
"type": "int"
},
"max_retransmit": {
"required": False,
"type": "int"
},
"mesh_eth_type": {
"required": False,
"type": "int"
},
"name": {
"required": False,
"type": "str"
},
"rogue_scan_mac_adjacency": {
"required": False,
"type": "int"
},
"wtp_share": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_fortiguard": {
"required": False,
"type": "dict",
"default": None,
"options": {
"antispam_cache": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"antispam_cache_mpercent": {
"required": False,
"type": "int"
},
"antispam_cache_ttl": {
"required": False,
"type": "int"
},
"antispam_expiration": {
"required": False,
"type": "int"
},
"antispam_force_off": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"antispam_license": {
"required": False,
"type": "int"
},
"antispam_timeout": {
"required": False,
"type": "int"
},
"auto_join_forticloud": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ddns_server_ip": {
"required": False,
"type": "str"
},
"ddns_server_port": {
"required": False,
"type": "int"
},
"load_balance_servers": {
"required": False,
"type": "int"
},
"outbreak_prevention_cache": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"outbreak_prevention_cache_mpercent": {
"required": False,
"type": "int"
},
"outbreak_prevention_cache_ttl": {
"required": False,
"type": "int"
},
"outbreak_prevention_expiration": {
"required": False,
"type": "int"
},
"outbreak_prevention_force_off": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"outbreak_prevention_license": {
"required": False,
"type": "int"
},
"outbreak_prevention_timeout": {
"required": False,
"type": "int"
},
"port": {
"required": False,
"type": "str",
"choices": ["53", "8888", "80"]
},
"sdns_server_ip": {
"required": False,
"type": "str"
},
"sdns_server_port": {
"required": False,
"type": "int"
},
"service_account_id": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"source_ip6": {
"required": False,
"type": "str"
},
"update_server_location": {
"required": False,
"type": "str",
"choices": ["usa", "any"]
},
"webfilter_cache": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"webfilter_cache_ttl": {
"required": False,
"type": "int"
},
"webfilter_expiration": {
"required": False,
"type": "int"
},
"webfilter_force_off": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"webfilter_license": {
"required": False,
"type": "int"
},
"webfilter_timeout": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_hotspot20_hs_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"access_network_asra": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"access_network_esr": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"access_network_internet": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"access_network_type": {
"required":
False,
"type":
"str",
"choices": [
"private-network", "private-network-with-guest-access",
"chargeable-public-network", "free-public-network",
"personal-device-network",
"emergency-services-only-network",
"test-or-experimental", "wildcard"
]
},
"access_network_uesa": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"anqp_domain_id": {
"required": False,
"type": "int"
},
"bss_transition": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"conn_cap": {
"required": False,
"type": "str"
},
"deauth_request_timeout": {
"required": False,
"type": "int"
},
"dgaf": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"domain_name": {
"required": False,
"type": "str"
},
"gas_comeback_delay": {
"required": False,
"type": "int"
},
"gas_fragmentation_limit": {
"required": False,
"type": "int"
},
"hessid": {
"required": False,
"type": "str"
},
"ip_addr_type": {
"required": False,
"type": "str"
},
"l2tif": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"nai_realm": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"network_auth": {
"required": False,
"type": "str"
},
"oper_friendly_name": {
"required": False,
"type": "str"
},
"osu_provider": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"osu_ssid": {
"required": False,
"type": "str"
},
"pame_bi": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"proxy_arp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"qos_map": {
"required": False,
"type": "str"
},
"roaming_consortium": {
"required": False,
"type": "str"
},
"venue_group": {
"required":
False,
"type":
"str",
"choices": [
"unspecified", "assembly", "business", "educational",
"factory", "institutional", "mercantile",
"residential", "storage", "utility", "vehicular",
"outdoor"
]
},
"venue_name": {
"required": False,
"type": "str"
},
"venue_type": {
"required":
False,
"type":
"str",
"choices": [
"unspecified", "arena", "stadium",
"passenger-terminal", "amphitheater", "amusement-park",
"place-of-worship", "convention-center", "library",
"museum", "restaurant", "theater", "bar",
"coffee-shop", "zoo-or-aquarium", "emergency-center",
"doctor-office", "bank", "fire-station",
"police-station", "post-office", "professional-office",
"research-facility", "attorney-office",
"primary-school", "secondary-school",
"university-or-college", "factory", "hospital",
"long-term-care-facility", "rehab-center",
"group-home", "prison-or-jail", "retail-store",
"grocery-market", "auto-service-station",
"shopping-mall", "gas-station", "private",
"hotel-or-motel", "dormitory", "boarding-house",
"automobile", "airplane", "bus", "ferry",
"ship-or-boat", "train", "motor-bike",
"muni-mesh-network", "city-park", "rest-area",
"traffic-control", "bus-stop", "kiosk"
]
},
"wan_metrics": {
"required": False,
"type": "str"
},
"wnm_sleep_mode": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"log_syslogd2_filter": {
"required": False, "type": "dict", "default": None,
"options": {
"anomaly": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"dns": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"filter": {"required": False, "type": "str"},
"filter_type": {"required": False, "type": "str",
"choices": ["include", "exclude"]},
"forward_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"gtp": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"local_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"multicast_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"netscan_discovery": {"required": False, "type": "str"},
"netscan_vulnerability": {"required": False, "type": "str"},
"severity": {"required": False, "type": "str",
"choices": ["emergency", "alert", "critical",
"error", "warning", "notification",
"information", "debug"]},
"sniffer_traffic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"ssh": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"voip": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_syslogd2(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_syslogd2(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_address": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"allow_routing": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"associated_interface": {"required": False, "type": "str"},
"cache_ttl": {"required": False, "type": "int"},
"color": {"required": False, "type": "int"},
"comment": {"required": False, "type": "str"},
"country": {"required": False, "type": "str"},
"end_ip": {"required": False, "type": "str"},
"epg_name": {"required": False, "type": "str"},
"filter": {"required": False, "type": "str"},
"fqdn": {"required": False, "type": "str"},
"list": {"required": False, "type": "list",
"options": {
"ip": {"required": True, "type": "str"}
}},
"name": {"required": True, "type": "str"},
"obj_id": {"required": False, "type": "str"},
"organization": {"required": False, "type": "str"},
"policy_group": {"required": False, "type": "str"},
"sdn": {"required": False, "type": "str",
"choices": ["aci", "aws", "azure",
"gcp", "nsx", "nuage",
"oci", "openstack"]},
"sdn_tag": {"required": False, "type": "str"},
"start_ip": {"required": False, "type": "str"},
"subnet": {"required": False, "type": "str"},
"subnet_name": {"required": False, "type": "str"},
"tagging": {"required": False, "type": "list",
"options": {
"category": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"tags": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}}
}},
"tenant": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["ipmask", "iprange", "fqdn",
"geography", "wildcard", "wildcard-fqdn",
"dynamic"]},
"uuid": {"required": False, "type": "str"},
"visibility": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"wildcard": {"required": False, "type": "str"},
"wildcard_fqdn": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_fortimanager": {
"required": False,
"type": "dict",
"default": None,
"options": {
"central_management": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"central_mgmt_auto_backup": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"central_mgmt_schedule_config_restore": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"central_mgmt_schedule_script_restore": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ip": {
"required": False,
"type": "str"
},
"ipsec": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"vdom": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"router_policy": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"action": {"required": False, "type": "str",
"choices": ["deny", "permit"]},
"comments": {"required": False, "type": "str"},
"dst": {"required": False, "type": "list",
"options": {
"subnet": {"required": True, "type": "str"}
}},
"dst_negate": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"dstaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"end_port": {"required": False, "type": "int"},
"end_source_port": {"required": False, "type": "int"},
"gateway": {"required": False, "type": "str"},
"input_device": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"output_device": {"required": False, "type": "str"},
"protocol": {"required": False, "type": "int"},
"seq_num": {"required": False, "type": "int"},
"src": {"required": False, "type": "list",
"options": {
"subnet": {"required": True, "type": "str"}
}},
"src_negate": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"srcaddr": {"required": False, "type": "list",
"options": {
"name": {"required": True, "type": "str"}
}},
"start_port": {"required": False, "type": "int"},
"start_source_port": {"required": False, "type": "int"},
"status": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"tos": {"required": False, "type": "str"},
"tos_mask": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_router(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_router(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
