gateway: "192.168.40.252"
- name: Delete firewall address
fortiosconfig:
config: "firewall address"
action: "delete"
host: "{{ host }}"
username: "******"
password: "******"
vdom: "{{ vdom }}"
config_parameters:
wildcard-fqdn: "*.test.ansible.com"
name: "test-ansible"
type: "wildcard-fqdn"
'''
fos = FortiOSAPI()
formatter = logging.Formatter(
'%(asctime)s %(name)-12s %(levelname)-8s %(message)s')
logger = logging.getLogger('fortiosapi')
hdlr = logging.FileHandler('/var/tmp/ansible-fortiosconfig.log')
hdlr.setFormatter(formatter)
logger.addHandler(hdlr)
logger.setLevel(logging.DEBUG)
AVAILABLE_CONF = [
'system resource usage',
'system vdom-resource',
'alertemail setting',
'antivirus heuristic',
'antivirus profile',
'antivirus quarantine',
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"switch_controller_custom_command": {
"required": False,
"type": "dict",
"default": None,
"options": {
"command": {
"required": False,
"type": "str"
},
"command_name": {
"required": False,
"type": "str"
},
"description": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_pppoe_interface": {
"required": False,
"type": "dict",
"default": None,
"options": {
"ac_name": {
"required": False,
"type": "str"
},
"auth_type": {
"required": False,
"type": "str",
"choices": ["auto", "pap", "chap", "mschapv1", "mschapv2"]
},
"device": {
"required": False,
"type": "str"
},
"dial_on_demand": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"disc_retry_timeout": {
"required": False,
"type": "int"
},
"idle_timeout": {
"required": False,
"type": "int"
},
"ipunnumbered": {
"required": False,
"type": "str"
},
"ipv6": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"lcp_echo_interval": {
"required": False,
"type": "int"
},
"lcp_max_echo_fails": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"padt_retry_timeout": {
"required": False,
"type": "int"
},
"password": {
"required": False,
"type": "str"
},
"pppoe_unnumbered_negotiate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"service_name": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"system_storage": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"device": {
"required": False,
"type": "str"
},
"media-status": {
"required": False,
"type": "str",
"choices": ["enable", "disable", "fail"]
},
"name": {
"required": True,
"type": "str"
},
"order": {
"required": False,
"type": "int"
},
"partition": {
"required": False,
"type": "str"
},
"size": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"usage": {
"required": False,
"type": "str",
"choices": ["mix", "wanopt"]
},
"wanopt-mode": {
"required": False,
"type": "str",
"choices": ["mix", "wanopt", "webcache"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_system(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_interface_policy6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"address_type": {
"required": False,
"type": "str",
"choices": ["ipv4", "ipv6"]
},
"application_list": {
"required": False,
"type": "str"
},
"application_list_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"av_profile": {
"required": False,
"type": "str"
},
"av_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"comments": {
"required": False,
"type": "str"
},
"dlp_sensor": {
"required": False,
"type": "str"
},
"dlp_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dsri": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dstaddr6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"interface": {
"required": False,
"type": "str"
},
"ips_sensor": {
"required": False,
"type": "str"
},
"ips_sensor_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"label": {
"required": False,
"type": "str"
},
"logtraffic": {
"required": False,
"type": "str",
"choices": ["all", "utm", "disable"]
},
"policyid": {
"required": True,
"type": "int"
},
"scan_botnet_connections": {
"required": False,
"type": "str",
"choices": ["disable", "block", "monitor"]
},
"service6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"spamfilter_profile": {
"required": False,
"type": "str"
},
"spamfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"srcaddr6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"webfilter_profile": {
"required": False,
"type": "str"
},
"webfilter_profile_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"dlp_settings": {
"required": False,
"type": "dict",
"default": None,
"options": {
"cache_mem_percent": {
"required": False,
"type": "int"
},
"chunk_size": {
"required": False,
"type": "int"
},
"db_mode": {
"required":
False,
"type":
"str",
"choices": [
"stop-adding", "remove-modified-then-oldest",
"remove-oldest"
]
},
"size": {
"required": False,
"type": "int"
},
"storage_device": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_dlp(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_dlp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"spamfilter_dnsbl": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"entries": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["reject", "spam"]
},
"id": {
"required": True,
"type": "int"
},
"server": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_spamfilter(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"router_bfd": {
"required": False,
"type": "dict",
"options": {
"neighbor": {
"required": False,
"type": "list",
"options": {
"interface": {
"required": False,
"type": "str"
},
"ip": {
"required": True,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_router(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"wireless_controller_hotspot20_anqp_nai_realm": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"nai-list": {
"required": False,
"type": "list",
"options": {
"eap-method": {
"required": False,
"type": "list",
"options": {
"auth-param": {
"required": False,
"type": "str",
"choices": [],
"options": {
"id": {
"required":
False,
"type":
"str",
"choices": [
"non-eap-inner-auth",
"inner-auth-eap", "credential",
"tunneled-credential"
]
},
"index": {
"required": True,
"type": "int"
},
"val": {
"required":
False,
"type":
"str",
"choices": [
"eap-identity", "eap-md5",
"eap-tls", "eap-ttls",
"eap-peap", "eap-sim",
"eap-aka", "eap-aka-prime",
"non-eap-pap", "non-eap-chap",
"non-eap-mschap",
"non-eap-mschapv2", "cred-sim",
"cred-usim", "cred-nfc",
"cred-hardware-token",
"cred-softoken",
"cred-certificate",
"cred-user-pwd", "cred-none",
"cred-vendor-specific",
"tun-cred-sim",
"tun-cred-usim",
"tun-cred-nfc",
"tun-cred-hardware-token",
"tun-cred-softoken",
"tun-cred-certificate",
"tun-cred-user-pwd",
"tun-cred-anonymous",
"tun-cred-vendor-specific"
]
}
}
},
"index": {
"required": True,
"type": "int"
},
"method": {
"required":
False,
"type":
"str",
"choices": [
"eap-identity", "eap-md5", "eap-tls",
"eap-ttls", "eap-peap", "eap-sim",
"eap-aka", "eap-aka-prime"
]
}
}
},
"encoding": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"nai-realm": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_ssl_ssh_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"caname": {
"required": False,
"type": "str"
},
"comment": {
"required": False,
"type": "str"
},
"ftps": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"https": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required":
False,
"type":
"str",
"choices": [
"disable", "certificate-inspection",
"deep-inspection"
]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"imaps": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"mapi_over_https": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"pop3s": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"rpc_over_https": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"server_cert": {
"required": False,
"type": "str"
},
"server_cert_mode": {
"required": False,
"type": "str",
"choices": ["re-sign", "replace"]
},
"smtps": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"ssh": {
"required": False,
"type": "dict",
"options": {
"inspect_all": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"ports": {
"required": False,
"type": "int"
},
"ssh_algorithm": {
"required": False,
"type": "str",
"choices": ["compatible", "high-encryption"]
},
"ssh_policy_check": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ssh_tun_policy_check": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_version": {
"required": False,
"type": "str",
"choices": ["bypass", "block"]
}
}
},
"ssl": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"inspect_all": {
"required":
False,
"type":
"str",
"choices": [
"disable", "certificate-inspection",
"deep-inspection"
]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"ssl_anomalies_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ssl_exempt": {
"required": False,
"type": "list",
"options": {
"address": {
"required": False,
"type": "str"
},
"address6": {
"required": False,
"type": "str"
},
"fortiguard_category": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"regex": {
"required": False,
"type": "str"
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"fortiguard-category", "address", "address6",
"wildcard-fqdn", "regex"
]
},
"wildcard_fqdn": {
"required": False,
"type": "str"
}
}
},
"ssl_exemptions_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ssl_server": {
"required": False,
"type": "list",
"options": {
"ftps_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"https_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"id": {
"required": True,
"type": "int"
},
"imaps_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ip": {
"required": False,
"type": "str"
},
"pop3s_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"smtps_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ssl_other_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
}
}
},
"untrusted_caname": {
"required": False,
"type": "str"
},
"use_ssl_server": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"whitelist": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"firewall_schedule_recurring": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"color": {
"required": False,
"type": "int"
},
"day": {
"required":
False,
"type":
"str",
"choices": [
"sunday", "monday", "tuesday", "wednesday", "thursday",
"friday", "saturday", "none"
]
},
"end": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"start": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_firewall_schedule(
module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_webtrends_filter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"anomaly": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dns": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "str"
},
"filter_type": {
"required": False,
"type": "str",
"choices": ["include", "exclude"]
},
"forward_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gtp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"netscan_discovery": {
"required": False,
"type": "str"
},
"netscan_vulnerability": {
"required": False,
"type": "str"
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"sniffer_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_webtrends(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_webtrends(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"webfilter_urlfilter": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"entries": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["exempt", "block", "allow",
"monitor"]},
"dns_address_family": {"required": False, "type": "str",
"choices": ["ipv4", "ipv6", "both"]},
"exempt": {"required": False, "type": "str",
"choices": ["av", "web-content", "activex-java-cookie",
"dlp", "fortiguard", "range-block",
"pass", "all"]},
"id": {"required": True, "type": "int"},
"referrer_host": {"required": False, "type": "str"},
"status": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"type": {"required": False, "type": "str",
"choices": ["simple", "regex", "wildcard"]},
"url": {"required": False, "type": "str"},
"web_proxy_profile": {"required": False, "type": "str"}
}},
"id": {"required": True, "type": "int"},
"ip_addr_block": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"name": {"required": False, "type": "str"},
"one_arm_ips_urlfilter": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"webfilter_fortiguard": {
"required": False,
"type": "dict",
"options": {
"cache-mem-percent": {
"required": False,
"type": "int"
},
"cache-mode": {
"required": False,
"type": "str",
"choices": ["ttl", "db-ver"]
},
"cache-prefix-match": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"close-ports": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ovrd-auth-https": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ovrd-auth-port": {
"required": False,
"type": "int"
},
"ovrd-auth-port-http": {
"required": False,
"type": "int"
},
"ovrd-auth-port-https": {
"required": False,
"type": "int"
},
"ovrd-auth-port-warning": {
"required": False,
"type": "int"
},
"request-packet-size-limit": {
"required": False,
"type": "int"
},
"warn-auth-https": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_webfilter(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"dnsfilter_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"block_action": {
"required": False,
"type": "str",
"choices": ["block", "redirect"]
},
"block_botnet": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"comment": {
"required": False,
"type": "str"
},
"domain_filter": {
"required": False,
"type": "dict",
"options": {
"domain_filter_table": {
"required": False,
"type": "int"
}
}
},
"external_ip_blocklist": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"ftgd_dns": {
"required": False,
"type": "dict",
"options": {
"filters": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["block", "monitor"]
},
"category": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"options": {
"required": False,
"type": "str",
"choices": ["error-allow", "ftgd-disable"]
}
}
},
"log_all_domain": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"redirect_portal": {
"required": False,
"type": "str"
},
"safe_search": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"sdns_domain_log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sdns_ftgd_err_log": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"youtube_restrict": {
"required": False,
"type": "str",
"choices": ["strict", "moderate"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_dnsfilter(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_dnsfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"vpn_certificate_local": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auto_regenerate_days": {
"required": False,
"type": "int"
},
"auto_regenerate_days_warning": {
"required": False,
"type": "int"
},
"ca_identifier": {
"required": False,
"type": "str"
},
"certificate": {
"required": False,
"type": "str"
},
"cmp_path": {
"required": False,
"type": "str"
},
"cmp_regeneration_method": {
"required": False,
"type": "str",
"choices": ["keyupate", "renewal"]
},
"cmp_server": {
"required": False,
"type": "str"
},
"cmp_server_cert": {
"required": False,
"type": "str"
},
"comments": {
"required": False,
"type": "str"
},
"csr": {
"required": False,
"type": "str"
},
"enroll_protocol": {
"required": False,
"type": "str",
"choices": ["none", "scep", "cmpv2"]
},
"ike_localid": {
"required": False,
"type": "str"
},
"ike_localid_type": {
"required": False,
"type": "str",
"choices": ["asn1dn", "fqdn"]
},
"last_updated": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"name_encoding": {
"required": False,
"type": "str",
"choices": ["printable", "utf8"]
},
"password": {
"required": False,
"type": "str"
},
"private_key": {
"required": False,
"type": "str"
},
"range": {
"required": False,
"type": "str",
"choices": ["global", "vdom"]
},
"scep_password": {
"required": False,
"type": "str"
},
"scep_url": {
"required": False,
"type": "str"
},
"source": {
"required": False,
"type": "str",
"choices": ["factory", "user", "bundle"]
},
"source_ip": {
"required": False,
"type": "str"
},
"state": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_certificate(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_certificate(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"firewall_vip46": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"arp-reply": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"extip": {
"required": False,
"type": "str"
},
"extport": {
"required": False,
"type": "str"
},
"id": {
"required": False,
"type": "int"
},
"ldb-method": {
"required":
False,
"type":
"str",
"choices": [
"static", "round-robin", "weighted", "least-session",
"least-rtt", "first-alive"
]
},
"mappedip": {
"required": False,
"type": "str"
},
"mappedport": {
"required": False,
"type": "str"
},
"monitor": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"portforward": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"protocol": {
"required": False,
"type": "str",
"choices": ["tcp", "udp"]
},
"realservers": {
"required": False,
"type": "list",
"options": {
"client-ip": {
"required": False,
"type": "str"
},
"healthcheck": {
"required": False,
"type": "str",
"choices": ["disable", "enable", "vip"]
},
"holddown-interval": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"ip": {
"required": False,
"type": "str"
},
"max-connections": {
"required": False,
"type": "int"
},
"monitor": {
"required": False,
"type": "str"
},
"port": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["active", "standby", "disable"]
},
"weight": {
"required": False,
"type": "int"
}
}
},
"server-type": {
"required": False,
"type": "str",
"choices": ["http", "tcp", "udp", "ip"]
},
"src-filter": {
"required": False,
"type": "list",
"options": {
"range": {
"required": True,
"type": "str"
}
}
},
"type": {
"required": False,
"type": "str",
"choices": ["static-nat", "server-load-balance"]
},
"uuid": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_firewall(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_shaping_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"comment": {"required": False, "type": "str"},
"default_class_id": {"required": False, "type": "int"},
"profile_name": {"required": False, "type": "str"},
"shaping_entries": {"required": False, "type": "list",
"options": {
"class_id": {"required": False, "type": "int"},
"guaranteed_bandwidth_percentage": {"required": False, "type": "int"},
"id": {"required": True, "type": "int"},
"maximum_bandwidth_percentage": {"required": False, "type": "int"},
"priority": {"required": False, "type": "str",
"choices": ["high", "medium", "low"]}
}}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"user_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_concurrent_override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"auth_concurrent_value": {
"required": False,
"type": "int"
},
"authtimeout": {
"required": False,
"type": "int"
},
"company": {
"required": False,
"type": "str",
"choices": ["optional", "mandatory", "disabled"]
},
"email": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"expire": {
"required": False,
"type": "int"
},
"expire_type": {
"required": False,
"type": "str",
"choices": ["immediately", "first-successful-login"]
},
"group_type": {
"required": False,
"type": "str",
"choices": ["firewall", "fsso-service", "rsso", "guest"]
},
"guest": {
"required": False,
"type": "list",
"options": {
"comment": {
"required": False,
"type": "str"
},
"company": {
"required": False,
"type": "str"
},
"email": {
"required": False,
"type": "str"
},
"expiration": {
"required": False,
"type": "str"
},
"mobile_phone": {
"required": False,
"type": "str"
},
"name": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str"
},
"sponsor": {
"required": False,
"type": "str"
},
"user_id": {
"required": False,
"type": "str"
}
}
},
"http_digest_realm": {
"required": False,
"type": "str"
},
"id": {
"required": False,
"type": "int"
},
"match": {
"required": False,
"type": "list",
"options": {
"group_name": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"server_name": {
"required": False,
"type": "str"
}
}
},
"max_accounts": {
"required": False,
"type": "int"
},
"member": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"mobile_phone": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"multiple_guest_add": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"name": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"choices": ["auto-generate", "specify", "disable"]
},
"sms_custom_server": {
"required": False,
"type": "str"
},
"sms_server": {
"required": False,
"type": "str",
"choices": ["fortiguard", "custom"]
},
"sponsor": {
"required": False,
"type": "str",
"choices": ["optional", "mandatory", "disabled"]
},
"sso_attribute_value": {
"required": False,
"type": "str"
},
"user_id": {
"required": False,
"type": "str",
"choices": ["email", "auto-generate", "specify"]
},
"user_name": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"system_nat64": {
"required": False,
"type": "dict",
"options": {
"always-synthesize-aaaa-record": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"generate-ipv6-fragment-header": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"nat64-prefix": {
"required": False,
"type": "str"
},
"secondary-prefix": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
},
"nat64-prefix": {
"required": False,
"type": "str"
}
}
},
"secondary-prefix-status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_system(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"switch_controller_qos_ip_dscp_map": {
"required": False,
"type": "dict",
"default": None,
"options": {
"description": {
"required": False,
"type": "str"
},
"map": {
"required": False,
"type": "list",
"options": {
"cos_queue": {
"required": False,
"type": "int"
},
"diffserv": {
"required":
False,
"type":
"str",
"choices": [
"CS0", "CS1", "AF11", "AF12", "AF13", "CS2",
"AF21", "AF22", "AF23", "CS3", "AF31", "AF32",
"AF33", "CS4", "AF41", "AF42", "AF43", "CS5",
"EF", "CS6", "CS7"
]
},
"ip_precedence": {
"required":
False,
"type":
"str",
"choices": [
"network-control", "internetwork-control",
"critic-ecp", "flashoverride", "flash",
"immediate", "priority", "routine"
]
},
"name": {
"required": True,
"type": "str"
},
"value": {
"required": False,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_switch_controller_qos(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_switch_controller_qos(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
class FortiOS6Driver(NetworkDriver):
"""Napalm driver for FortiGate FortiOS 6.x."""
def __init__(self,
hostname,
username,
password,
timeout=60,
optional_args=None):
"""Constructor."""
self.device = None
self.hostname = hostname
self.username = username
self.password = password
self.timeout = timeout
if optional_args is None:
optional_args = {}
else:
self.transport = optional_args.get("transport", "https")
self.port = optional_args.get('port', 443)
self.device = FortiOSAPI()
def open(self):
"""Implement the NAPALM method open (mandatory)"""
try:
self.device.login(host=self.hostname,
username=self.username,
password=self.password)
except ConnectionError:
print('Connection Error')
def close(self):
"""Implement the NAPALM method close (mandatory)"""
self.device.logout()
def get_facts(self):
facts = {}
system_global = self.device.get('system', 'global')
print(system_global)
system_dns = self.device.get('system', 'dns')['results']
print(system_dns)
facts['hostname'] = system_global['results']['hostname']
facts['fqdn'] = facts['hostname'] + '.' + system_dns['domain']
facts['vendor'] = 'Fortinet'
facts['model'] = None # Unable to get from API
facts['serial_number'] = system_global['serial']
facts['os_version'] = system_global['version']
facts['uptime'] = None # Unable to get from API
facts['interface_list'] = None
return facts
def is_alive(self):
"""Returns a flag with the state of the connection."""
is_alive = False
# Only consider device alive after logged in and successful response
try:
is_alive = self.device.get('system', 'status')['http_status']
except NotLogged:
# except fortiosapi.exceptions.NotLogged:
is_alive = True
print('cool')
# except ConnectTimeout:
# pass
except Exception as e:
print(e.__class__)
print(e.__class__ == NotLogged)
print('Unknown Error')
if is_alive:
return {'is_alive': True}
else:
return {'is_alive': False}
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"firewall_ipmacbinding_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"bindthroughfw": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"bindtofw": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"undefinedhost": {
"required": False,
"type": "str",
"choices": ["allow", "block"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall_ipmacbinding(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall_ipmacbinding(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"report_chart": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"background": {
"required": False,
"type": "str"
},
"category": {
"required":
False,
"type":
"str",
"choices": [
"misc", "traffic", "event", "virus", "webfilter",
"attack", "spam", "dlp", "app-ctrl", "vulnerability"
]
},
"category_series": {
"required": False,
"type": "dict",
"options": {
"databind": {
"required": False,
"type": "str"
},
"font_size": {
"required": False,
"type": "int"
}
}
},
"color_palette": {
"required": False,
"type": "str"
},
"column": {
"required": False,
"type": "list",
"options": {
"detail_unit": {
"required": False,
"type": "str"
},
"detail_value": {
"required": False,
"type": "str"
},
"footer_unit": {
"required": False,
"type": "str"
},
"footer_value": {
"required": False,
"type": "str"
},
"header_value": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"mapping": {
"required": False,
"type": "list",
"options": {
"displayname": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"op": {
"required":
False,
"type":
"str",
"choices": [
"none", "greater", "greater-equal",
"less", "less-equal", "equal",
"between"
]
},
"value_type": {
"required": False,
"type": "str",
"choices": ["integer", "string"]
},
"value1": {
"required": False,
"type": "str"
},
"value2": {
"required": False,
"type": "str"
}
}
}
}
},
"comments": {
"required": False,
"type": "str"
},
"dataset": {
"required": False,
"type": "str"
},
"dimension": {
"required": False,
"type": "str",
"choices": ["2D", "3D"]
},
"drill_down_charts": {
"required": False,
"type": "list",
"options": {
"chart_name": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
},
"favorite": {
"required": False,
"type": "str",
"choices": ["no", "yes"]
},
"graph_type": {
"required": False,
"type": "str",
"choices": ["none", "bar", "pie", "line", "flow"]
},
"legend": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"legend_font_size": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"period": {
"required": False,
"type": "str",
"choices": ["last24h", "last7d"]
},
"policy": {
"required": False,
"type": "int"
},
"style": {
"required": False,
"type": "str",
"choices": ["auto", "manual"]
},
"title": {
"required": False,
"type": "str"
},
"title_font_size": {
"required": False,
"type": "int"
},
"type": {
"required": False,
"type": "str",
"choices": ["graph", "table"]
},
"value_series": {
"required": False,
"type": "dict",
"options": {
"databind": {
"required": False,
"type": "str"
}
}
},
"x_series": {
"required": False,
"type": "dict",
"options": {
"caption": {
"required": False,
"type": "str"
},
"caption_font_size": {
"required": False,
"type": "int"
},
"databind": {
"required": False,
"type": "str"
},
"font_size": {
"required": False,
"type": "int"
},
"is_category": {
"required": False,
"type": "str",
"choices": ["yes", "no"]
},
"label_angle": {
"required": False,
"type": "str",
"choices": ["45-degree", "vertical", "horizontal"]
},
"scale_direction": {
"required": False,
"type": "str",
"choices": ["decrease", "increase"]
},
"scale_format": {
"required":
False,
"type":
"str",
"choices": [
"YYYY-MM-DD-HH-MM", "YYYY-MM-DD HH",
"YYYY-MM-DD", "YYYY-MM", "YYYY", "HH-MM",
"MM-DD"
]
},
"scale_step": {
"required": False,
"type": "int"
},
"scale_unit": {
"required": False,
"type": "str",
"choices":
["minute", "hour", "day", "month", "year"]
},
"unit": {
"required": False,
"type": "str"
}
}
},
"y_series": {
"required": False,
"type": "dict",
"options": {
"caption": {
"required": False,
"type": "str"
},
"caption_font_size": {
"required": False,
"type": "int"
},
"databind": {
"required": False,
"type": "str"
},
"extra_databind": {
"required": False,
"type": "str"
},
"extra_y": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"extra_y_legend": {
"required": False,
"type": "str"
},
"font_size": {
"required": False,
"type": "int"
},
"group": {
"required": False,
"type": "str"
},
"label_angle": {
"required": False,
"type": "str",
"choices": ["45-degree", "vertical", "horizontal"]
},
"unit": {
"required": False,
"type": "str"
},
"y_legend": {
"required": False,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_report(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_report(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"router_auth_path": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"device": {
"required": False,
"type": "str"
},
"gateway": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
versions_check_result = None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_router(module.params, fos)
versions_check_result = connection.get_system_version()
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_router(module.params, fos)
fos.logout()
if versions_check_result and versions_check_result['matched'] is False:
module.warn(
"Ansible has detected version mismatch between FortOS system and galaxy, see more details by specifying option -vvv"
)
if not is_error:
if versions_check_result and versions_check_result['matched'] is False:
module.exit_json(changed=has_changed,
version_check_warning=versions_check_result,
meta=result)
else:
module.exit_json(changed=has_changed, meta=result)
else:
if versions_check_result and versions_check_result['matched'] is False:
module.fail_json(msg="Error in repo",
version_check_warning=versions_check_result,
meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_session_ttl": {
"required": False,
"type": "dict",
"default": None,
"options": {
"default": {
"required": False,
"type": "str"
},
"port": {
"required": False,
"type": "list",
"options": {
"end_port": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"protocol": {
"required": False,
"type": "int"
},
"start_port": {
"required": False,
"type": "int"
},
"timeout": {
"required": False,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"firewall_policy64": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"action": {
"required": False,
"type": "str",
"choices": ["accept", "deny"]
},
"comments": {
"required": False,
"type": "str"
},
"dstaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"dstintf": {
"required": False,
"type": "str"
},
"fixedport": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ippool": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"logtraffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"per-ip-shaper": {
"required": False,
"type": "str"
},
"permit-any-host": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"policyid": {
"required": True,
"type": "int"
},
"poolname": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"schedule": {
"required": False,
"type": "str"
},
"service": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"srcaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"srcintf": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tcp-mss-receiver": {
"required": False,
"type": "int"
},
"tcp-mss-sender": {
"required": False,
"type": "int"
},
"traffic-shaper": {
"required": False,
"type": "str"
},
"traffic-shaper-reverse": {
"required": False,
"type": "str"
},
"uuid": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_firewall(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": True,
"type": "str"
},
"username": {
"required": True,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": "False"
},
"router_route_map": {
"required": False,
"type": "dict",
"options": {
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"comments": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"rule": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["permit", "deny"]
},
"id": {
"required": True,
"type": "int"
},
"match-as-path": {
"required": False,
"type": "str"
},
"match-community": {
"required": False,
"type": "str"
},
"match-community-exact": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"match-flags": {
"required": False,
"type": "int"
},
"match-interface": {
"required": False,
"type": "str"
},
"match-ip-address": {
"required": False,
"type": "str"
},
"match-ip-nexthop": {
"required": False,
"type": "str"
},
"match-ip6-address": {
"required": False,
"type": "str"
},
"match-ip6-nexthop": {
"required": False,
"type": "str"
},
"match-metric": {
"required": False,
"type": "int"
},
"match-origin": {
"required": False,
"type": "str",
"choices": ["none", "egp", "igp", "incomplete"]
},
"match-route-type": {
"required": False,
"type": "str",
"choices": ["1", "2", "none"]
},
"match-tag": {
"required": False,
"type": "int"
},
"set-aggregator-as": {
"required": False,
"type": "int"
},
"set-aggregator-ip": {
"required": False,
"type": "str"
},
"set-aspath": {
"required": False,
"type": "list",
"options": {
"as": {
"required": True,
"type": "str"
}
}
},
"set-aspath-action": {
"required": False,
"type": "str",
"choices": ["prepend", "replace"]
},
"set-atomic-aggregate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"set-community": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set-community-additive": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"set-community-delete": {
"required": False,
"type": "str"
},
"set-dampening-max-suppress": {
"required": False,
"type": "int"
},
"set-dampening-reachability-half-life": {
"required": False,
"type": "int"
},
"set-dampening-reuse": {
"required": False,
"type": "int"
},
"set-dampening-suppress": {
"required": False,
"type": "int"
},
"set-dampening-unreachability-half-life": {
"required": False,
"type": "int"
},
"set-extcommunity-rt": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set-extcommunity-soo": {
"required": False,
"type": "list",
"options": {
"community": {
"required": True,
"type": "str"
}
}
},
"set-flags": {
"required": False,
"type": "int"
},
"set-ip-nexthop": {
"required": False,
"type": "str"
},
"set-ip6-nexthop": {
"required": False,
"type": "str"
},
"set-ip6-nexthop-local": {
"required": False,
"type": "str"
},
"set-local-preference": {
"required": False,
"type": "int"
},
"set-metric": {
"required": False,
"type": "int"
},
"set-metric-type": {
"required": False,
"type": "str",
"choices": ["1", "2", "none"]
},
"set-origin": {
"required": False,
"type": "str",
"choices": ["none", "egp", "igp", "incomplete"]
},
"set-originator-id": {
"required": False,
"type": "str"
},
"set-route-tag": {
"required": False,
"type": "int"
},
"set-tag": {
"required": False,
"type": "int"
},
"set-weight": {
"required": False,
"type": "int"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
global fos
fos = FortiOSAPI()
is_error, has_changed, result = fortios_router(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_wtp_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"name": {
"required": True,
"type": "str"
},
"platform_type": {
"required":
False,
"type":
"str",
"choices": [
"AP-11N", "220B", "210B", "222B", "112B", "320B",
"11C", "14C", "223B", "28C", "320C", "221C", "25D",
"222C", "224D", "214B", "21D", "24D", "112D", "223C",
"321C", "C220C", "C225C", "C23JD", "C24JE", "S321C",
"S322C", "S323C", "S311C", "S313C", "S321CR", "S322CR",
"S323CR", "S421E", "S422E", "S423E", "421E", "423E",
"221E", "222E", "223E", "224E", "S221E", "S223E",
"U421E", "U422EV", "U423E", "U221EV", "U223EV",
"U24JEV", "U321EV", "U323EV"
]
},
"wtps": {
"required": False,
"type": "list",
"options": {
"wtp_id": {
"required": False,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": True, "type": "str"},
"username": {"required": True, "type": "str"},
"password": {"required": False, "type": "str", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"webfilter_url": {
"required": False, "type": "dict",
"options": {
"state": {"required": True, "type": "str"},
"id": {"required": True, "type": "str"},
"name": {"required": True, "type": "str"},
"comment": {"required": False, "type": "str", "default": ""},
"one-arm-ips-urlfilter": {"required": False, "type": "str", "default": "disable",
"choices": ["enable", "disable"]},
"ip-addr-block": {"required": False, "type": "str", "default": "disable",
"choices": ["enable", "disable"]},
"entries": {
"required": False, "type": "list", "default": [],
"options": {
"id": {"required": True, "type": "integer"},
"url": {"required": True, "type": "string"},
"type": {"required": True, "type": "string", "choices": ["simple", "regex", "wildcard"]},
"action": {"required": True, "type": "string",
"choices": ["exempt", "block", "allow", "monitor"]},
"status": {"required": True, "type": "string", "choices": ["enable", "disable"]},
"exempt": {"required": True, "type": "string",
"choices": ["av", "web-content", "activex-java-cookie", "dlp", "fortiguard",
"range-block", "pass", "all"]},
"web-proxy-profile": {"required": True, "type": "string"},
"referrer-host": {"required": True, "type": "string"}
}
}
}
},
"webfilter_content": {
"required": False, "type": "dict",
"options": {
"state": {"required": True, "type": "str"},
"id": {"required": True, "type": "str"},
"name": {"required": True, "type": "str"},
"comment": {"required": False, "type": "str", "default": ""},
"entries": {
"required": False, "type": "list", "default": [],
"options": {
"name": {"required": True, "type": "string"},
"pattern-type": {"required": True, "type": "string", "choices": ["wildcard", "regexp"]},
"status": {"required": True, "type": "string", "choices": ["enable", "disable"]},
"lang": {"required": True, "type": "string",
"choices": ["western", "simch", "trach", "japanese", "korean", "french", "thai",
"spanish", "cyrillic"]},
"score": {"required": True, "type": "integer"},
"action": {"required": True, "type": "string", "choices": ["block", "exempt"]},
}
}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
is_error, has_changed, result = fortios_webfilter(module.params, fos)
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)