def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_snmp_user": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_proto": {
"required": False,
"type": "str",
"choices": ["md5", "sha"]
},
"auth_pwd": {
"required": False,
"type": "str"
},
"events": {
"required":
False,
"type":
"list",
"choices": [
"cpu-high", "mem-low", "log-full", "intf-ip",
"vpn-tun-up", "vpn-tun-down", "ha-switch",
"ha-hb-failure", "ips-signature", "ips-anomaly",
"av-virus", "av-oversize", "av-pattern",
"av-fragmented", "fm-if-change", "fm-conf-change",
"bgp-established", "bgp-backward-transition",
"ha-member-up", "ha-member-down", "ent-conf-change",
"av-conserve", "av-bypass", "av-oversize-passed",
"av-oversize-blocked", "ips-pkg-update",
"ips-fail-open", "faz-disconnect", "wc-ap-up",
"wc-ap-down", "fswctl-session-up",
"fswctl-session-down", "load-balance-real-server-down",
"device-new", "per-cpu-high"
]
},
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"notify_hosts": {
"required": False,
"type": "list"
},
"notify_hosts6": {
"required": False,
"type": "list"
},
"priv_proto": {
"required": False,
"type": "str",
"choices": ["aes", "des", "aes256", "aes256cisco"]
},
"priv_pwd": {
"required": False,
"type": "str"
},
"queries": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"query_port": {
"required": False,
"type": "int"
},
"security_level": {
"required": False,
"type": "str",
"choices":
["no-auth-no-priv", "auth-no-priv", "auth-priv"]
},
"source_ip": {
"required": False,
"type": "str"
},
"source_ipv6": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"trap_lport": {
"required": False,
"type": "int"
},
"trap_rport": {
"required": False,
"type": "int"
},
"trap_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_snmp(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_snmp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wanopt_auth_group": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_method": {
"required": False,
"type": "str",
"choices": ["cert", "psk"]
},
"cert": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"peer": {
"required": False,
"type": "str"
},
"peer_accept": {
"required": False,
"type": "str",
"choices": ["any", "defined", "one"]
},
"psk": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_syslogd2_filter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"anomaly": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"dns": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"filter": {
"required": False,
"type": "str"
},
"filter_type": {
"required": False,
"type": "str",
"choices": ["include", "exclude"]
},
"forward_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"gtp": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"local_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"multicast_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"netscan_discovery": {
"required": False,
"type": "str"
},
"netscan_vulnerability": {
"required": False,
"type": "str"
},
"severity": {
"required":
False,
"type":
"str",
"choices": [
"emergency", "alert", "critical", "error", "warning",
"notification", "information", "debug"
]
},
"sniffer_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssh": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"voip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_syslogd2(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_syslogd2(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"wireless_controller_hotspot20_anqp_ip_address_type": {
"required": False,
"type": "dict",
"default": None,
"options": {
"ipv4_address_type": {
"required":
False,
"type":
"str",
"choices": [
"not-available", "public", "port-restricted",
"single-NATed-private", "double-NATed-private",
"port-restricted-and-single-NATed",
"port-restricted-and-double-NATed", "not-known"
]
},
"ipv6_address_type": {
"required": False,
"type": "str",
"choices": ["not-available", "available", "not-known"]
},
"name": {
"required": True,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller_hotspot20(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_cluster_sync": {
"required": False,
"type": "dict",
"default": None,
"options": {
"down_intfs_before_sess_sync": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"hb_interval": {
"required": False,
"type": "int"
},
"hb_lost_threshold": {
"required": False,
"type": "int"
},
"peerip": {
"required": False,
"type": "str"
},
"peervd": {
"required": False,
"type": "str"
},
"session_sync_filter": {
"required": False,
"type": "dict",
"options": {
"custom_service": {
"required": False,
"type": "list",
"options": {
"dst_port_range": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"src_port_range": {
"required": False,
"type": "str"
}
}
},
"dstaddr": {
"required": False,
"type": "str"
},
"dstaddr6": {
"required": False,
"type": "str"
},
"dstintf": {
"required": False,
"type": "str"
},
"srcaddr": {
"required": False,
"type": "str"
},
"srcaddr6": {
"required": False,
"type": "str"
},
"srcintf": {
"required": False,
"type": "str"
}
}
},
"slave_add_ike_routes": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sync_id": {
"required": False,
"type": "int"
},
"syncvd": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_ssl_ssh_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"caname": {
"required": False,
"type": "str"
},
"comment": {
"required": False,
"type": "str"
},
"ftps": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"https": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required":
False,
"type":
"str",
"choices": [
"disable", "certificate-inspection",
"deep-inspection"
]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"imaps": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"mapi_over_https": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": True,
"type": "str"
},
"pop3s": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"rpc_over_https": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"server_cert": {
"required": False,
"type": "str"
},
"server_cert_mode": {
"required": False,
"type": "str",
"choices": ["re-sign", "replace"]
},
"smtps": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ports": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"ssh": {
"required": False,
"type": "dict",
"options": {
"inspect_all": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"ports": {
"required": False,
"type": "int"
},
"ssh_algorithm": {
"required": False,
"type": "str",
"choices": ["compatible", "high-encryption"]
},
"ssh_policy_check": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ssh_tun_policy_check": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["disable", "deep-inspection"]
},
"unsupported_version": {
"required": False,
"type": "str",
"choices": ["bypass", "block"]
}
}
},
"ssl": {
"required": False,
"type": "dict",
"options": {
"allow_invalid_server_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"inspect_all": {
"required":
False,
"type":
"str",
"choices": [
"disable", "certificate-inspection",
"deep-inspection"
]
},
"unsupported_ssl": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"untrusted_cert": {
"required": False,
"type": "str",
"choices": ["allow", "block", "ignore"]
}
}
},
"ssl_anomalies_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ssl_exempt": {
"required": False,
"type": "list",
"options": {
"address": {
"required": False,
"type": "str"
},
"address6": {
"required": False,
"type": "str"
},
"fortiguard_category": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"regex": {
"required": False,
"type": "str"
},
"type": {
"required":
False,
"type":
"str",
"choices": [
"fortiguard-category", "address", "address6",
"wildcard-fqdn", "regex"
]
},
"wildcard_fqdn": {
"required": False,
"type": "str"
}
}
},
"ssl_exemptions_log": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ssl_server": {
"required": False,
"type": "list",
"options": {
"ftps_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"https_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"id": {
"required": True,
"type": "int"
},
"imaps_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ip": {
"required": False,
"type": "str"
},
"pop3s_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"smtps_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
},
"ssl_other_client_cert_request": {
"required": False,
"type": "str",
"choices": ["bypass", "inspect", "block"]
}
}
},
"untrusted_caname": {
"required": False,
"type": "str"
},
"use_ssl_server": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"whitelist": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"ssh_filter_profile": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"block": {"required": False, "type": "str",
"choices": ["x11", "shell", "exec",
"port-forward", "tun-forward", "sftp",
"unknown"]},
"default_command_log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"log": {"required": False, "type": "str",
"choices": ["x11", "shell", "exec",
"port-forward", "tun-forward", "sftp",
"unknown"]},
"name": {"required": True, "type": "str"},
"shell_commands": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["block", "allow"]},
"alert": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"id": {"required": True, "type": "int"},
"log": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"pattern": {"required": False, "type": "str"},
"severity": {"required": False, "type": "str",
"choices": ["low", "medium", "high",
"critical"]},
"type": {"required": False, "type": "str",
"choices": ["simple", "regex"]}
}}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_ssh_filter(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_ssh_filter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"endpoint_control_settings": {
"required": False,
"type": "dict",
"default": None,
"options": {
"download_custom_link": {
"required": False,
"type": "str"
},
"download_location": {
"required": False,
"type": "str",
"choices": ["fortiguard", "custom"]
},
"forticlient_avdb_update_interval": {
"required": False,
"type": "int"
},
"forticlient_dereg_unsupported_client": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"forticlient_ems_rest_api_call_timeout": {
"required": False,
"type": "int"
},
"forticlient_keepalive_interval": {
"required": False,
"type": "int"
},
"forticlient_offline_grace": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"forticlient_offline_grace_interval": {
"required": False,
"type": "int"
},
"forticlient_reg_key": {
"required": False,
"type": "str"
},
"forticlient_reg_key_enforce": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"forticlient_reg_timeout": {
"required": False,
"type": "int"
},
"forticlient_sys_update_interval": {
"required": False,
"type": "int"
},
"forticlient_user_avatar": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"forticlient_warning_interval": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_endpoint_control(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_endpoint_control(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"spamfilter_bwl": {
"required": False, "type": "dict", "default": None,
"options": {
"comment": {"required": False, "type": "str"},
"entries": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["reject", "spam", "clear"]},
"addr_type": {"required": False, "type": "str",
"choices": ["ipv4", "ipv6"]},
"email_pattern": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"ip4_subnet": {"required": False, "type": "str"},
"ip6_subnet": {"required": False, "type": "str"},
"pattern_type": {"required": False, "type": "str",
"choices": ["wildcard", "regexp"]},
"status": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"type": {"required": False, "type": "str",
"choices": ["ip", "email"]}
}},
"id": {"required": True, "type": "int"},
"name": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_spamfilter(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_spamfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": True,
"type": "str",
"choices": ["present", "absent"]
},
"system_vxlan": {
"required": False,
"type": "dict",
"default": None,
"options": {
"dstport": {
"required": False,
"type": "int"
},
"interface": {
"required": False,
"type": "str"
},
"ip_version": {
"required":
False,
"type":
"str",
"choices": [
"ipv4-unicast", "ipv6-unicast", "ipv4-multicast",
"ipv6-multicast"
]
},
"multicast_ttl": {
"required": False,
"type": "int"
},
"name": {
"required": True,
"type": "str"
},
"remote_ip": {
"required": False,
"type": "list",
"options": {
"ip": {
"required": True,
"type": "str"
}
}
},
"remote_ip6": {
"required": False,
"type": "list",
"options": {
"ip6": {
"required": True,
"type": "str"
}
}
},
"vni": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"dlp_filepattern": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"entries": {
"required": False,
"type": "list",
"options": {
"file_type": {
"required":
False,
"type":
"str",
"choices": [
"7z", "arj", "cab", "lzh", "rar", "tar", "zip",
"bzip", "gzip", "bzip2", "xz", "bat", "msc",
"uue", "mime", "base64", "binhex", "elf",
"exe", "hta", "html", "jad", "class", "cod",
"javascript", "msoffice", "msofficex", "fsg",
"upx", "petite", "aspack", "sis", "hlp",
"activemime", "jpeg", "gif", "tiff", "png",
"bmp", "ignored", "unknown", "mpeg", "mov",
"mp3", "wma", "wav", "pdf", "avi", "rm",
"torrent", "hibun", "msi", "mach-o", "dmg",
".net", "xar", "chm", "iso", "crx"
]
},
"filter_type": {
"required": False,
"type": "str",
"choices": ["pattern", "type"]
},
"pattern": {
"required": True,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_dlp(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_dlp(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_service_custom": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"app_category": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"app_service_type": {
"required": False,
"type": "str",
"choices": ["disable", "app-id", "app-category"]
},
"application": {
"required": False,
"type": "list",
"options": {
"id": {
"required": True,
"type": "int"
}
}
},
"category": {
"required": False,
"type": "str"
},
"check_reset_range": {
"required": False,
"type": "str",
"choices": ["disable", "strict", "default"]
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"fqdn": {
"required": False,
"type": "str"
},
"helper": {
"required":
False,
"type":
"str",
"choices": [
"auto", "disable", "ftp", "tftp", "ras", "h323", "tns",
"mms", "sip", "pptp", "rtsp", "dns-udp", "dns-tcp",
"pmap", "rsh", "dcerpc", "mgcp", "gtp-c", "gtp-u",
"gtp-b"
]
},
"icmpcode": {
"required": False,
"type": "int"
},
"icmptype": {
"required": False,
"type": "int"
},
"iprange": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"protocol": {
"required":
False,
"type":
"str",
"choices": [
"TCP/UDP/SCTP", "ICMP", "ICMP6", "IP", "HTTP", "FTP",
"CONNECT", "SOCKS-TCP", "SOCKS-UDP", "ALL"
]
},
"protocol_number": {
"required": False,
"type": "int"
},
"proxy": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sctp_portrange": {
"required": False,
"type": "str"
},
"session_ttl": {
"required": False,
"type": "int"
},
"tcp_halfclose_timer": {
"required": False,
"type": "int"
},
"tcp_halfopen_timer": {
"required": False,
"type": "int"
},
"tcp_portrange": {
"required": False,
"type": "str"
},
"tcp_timewait_timer": {
"required": False,
"type": "int"
},
"udp_idle_timer": {
"required": False,
"type": "int"
},
"udp_portrange": {
"required": False,
"type": "str"
},
"visibility": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall_service(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall_service(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_ha": {
"required": False,
"type": "dict",
"default": None,
"options": {
"arps": {
"required": False,
"type": "int"
},
"arps_interval": {
"required": False,
"type": "int"
},
"authentication": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"cpu_threshold": {
"required": False,
"type": "str"
},
"encryption": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ftp_proxy_threshold": {
"required": False,
"type": "str"
},
"gratuitous_arps": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"group_id": {
"required": False,
"type": "int"
},
"group_name": {
"required": False,
"type": "str"
},
"ha_direct": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ha_eth_type": {
"required": False,
"type": "str"
},
"ha_mgmt_interfaces": {
"required": False,
"type": "list",
"options": {
"dst": {
"required": False,
"type": "str"
},
"gateway": {
"required": False,
"type": "str"
},
"gateway6": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"interface": {
"required": False,
"type": "str"
}
}
},
"ha_mgmt_status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ha_uptime_diff_margin": {
"required": False,
"type": "int"
},
"hb_interval": {
"required": False,
"type": "int"
},
"hb_lost_threshold": {
"required": False,
"type": "int"
},
"hbdev": {
"required": False,
"type": "str"
},
"hc_eth_type": {
"required": False,
"type": "str"
},
"hello_holddown": {
"required": False,
"type": "int"
},
"http_proxy_threshold": {
"required": False,
"type": "str"
},
"imap_proxy_threshold": {
"required": False,
"type": "str"
},
"inter_cluster_session_sync": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"key": {
"required": False,
"type": "str"
},
"l2ep_eth_type": {
"required": False,
"type": "str"
},
"link_failed_signal": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"load_balance_all": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"memory_compatible_mode": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"memory_threshold": {
"required": False,
"type": "str"
},
"mode": {
"required": False,
"type": "str",
"choices": ["standalone", "a-a", "a-p"]
},
"monitor": {
"required": False,
"type": "str"
},
"multicast_ttl": {
"required": False,
"type": "int"
},
"nntp_proxy_threshold": {
"required": False,
"type": "str"
},
"override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"override_wait_time": {
"required": False,
"type": "int"
},
"password": {
"required": False,
"type": "str"
},
"pingserver_failover_threshold": {
"required": False,
"type": "int"
},
"pingserver_flip_timeout": {
"required": False,
"type": "int"
},
"pingserver_monitor_interface": {
"required": False,
"type": "str"
},
"pingserver_slave_force_reset": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"pop3_proxy_threshold": {
"required": False,
"type": "str"
},
"priority": {
"required": False,
"type": "int"
},
"route_hold": {
"required": False,
"type": "int"
},
"route_ttl": {
"required": False,
"type": "int"
},
"route_wait": {
"required": False,
"type": "int"
},
"schedule": {
"required":
False,
"type":
"str",
"choices": [
"none", "hub", "leastconnection", "round-robin",
"weight-round-robin", "random", "ip", "ipport"
]
},
"secondary_vcluster": {
"required": False,
"type": "dict",
"options": {
"monitor": {
"required": False,
"type": "str"
},
"override": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"override_wait_time": {
"required": False,
"type": "int"
},
"pingserver_failover_threshold": {
"required": False,
"type": "int"
},
"pingserver_monitor_interface": {
"required": False,
"type": "str"
},
"pingserver_slave_force_reset": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"priority": {
"required": False,
"type": "int"
},
"vcluster_id": {
"required": False,
"type": "int"
},
"vdom": {
"required": False,
"type": "str"
}
}
},
"session_pickup": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"session_pickup_connectionless": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"session_pickup_delay": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"session_pickup_expectation": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"session_pickup_nat": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"session_sync_dev": {
"required": False,
"type": "str"
},
"smtp_proxy_threshold": {
"required": False,
"type": "str"
},
"standalone_config_sync": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"standalone_mgmt_vdom": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sync_config": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"sync_packet_balance": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"unicast_hb": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"unicast_hb_netmask": {
"required": False,
"type": "str"
},
"unicast_hb_peerip": {
"required": False,
"type": "str"
},
"uninterruptible_upgrade": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"vcluster_id": {
"required": False,
"type": "int"
},
"vcluster2": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"vdom": {
"required": False,
"type": "str"
},
"weight": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_vip46": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"arp_reply": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"extip": {
"required": False,
"type": "str"
},
"extport": {
"required": False,
"type": "str"
},
"id": {
"required": False,
"type": "int"
},
"ldb_method": {
"required":
False,
"type":
"str",
"choices": [
"static", "round-robin", "weighted", "least-session",
"least-rtt", "first-alive"
]
},
"mappedip": {
"required": False,
"type": "str"
},
"mappedport": {
"required": False,
"type": "str"
},
"monitor": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"portforward": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"protocol": {
"required": False,
"type": "str",
"choices": ["tcp", "udp"]
},
"realservers": {
"required": False,
"type": "list",
"options": {
"client_ip": {
"required": False,
"type": "str"
},
"healthcheck": {
"required": False,
"type": "str",
"choices": ["disable", "enable", "vip"]
},
"holddown_interval": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"ip": {
"required": False,
"type": "str"
},
"max_connections": {
"required": False,
"type": "int"
},
"monitor": {
"required": False,
"type": "str"
},
"port": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["active", "standby", "disable"]
},
"weight": {
"required": False,
"type": "int"
}
}
},
"server_type": {
"required": False,
"type": "str",
"choices": ["http", "tcp", "udp", "ip"]
},
"src_filter": {
"required": False,
"type": "list",
"options": {
"range": {
"required": True,
"type": "str"
}
}
},
"type": {
"required": False,
"type": "str",
"choices": ["static-nat", "server-load-balance"]
},
"uuid": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"report_theme": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"bullet_list_style": {
"required": False,
"type": "str"
},
"column_count": {
"required": False,
"type": "str",
"choices": ["1", "2", "3"]
},
"default_html_style": {
"required": False,
"type": "str"
},
"default_pdf_style": {
"required": False,
"type": "str"
},
"graph_chart_style": {
"required": False,
"type": "str"
},
"heading1_style": {
"required": False,
"type": "str"
},
"heading2_style": {
"required": False,
"type": "str"
},
"heading3_style": {
"required": False,
"type": "str"
},
"heading4_style": {
"required": False,
"type": "str"
},
"hline_style": {
"required": False,
"type": "str"
},
"image_style": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"normal_text_style": {
"required": False,
"type": "str"
},
"numbered_list_style": {
"required": False,
"type": "str"
},
"page_footer_style": {
"required": False,
"type": "str"
},
"page_header_style": {
"required": False,
"type": "str"
},
"page_orient": {
"required": False,
"type": "str",
"choices": ["portrait", "landscape"]
},
"page_style": {
"required": False,
"type": "str"
},
"report_subtitle_style": {
"required": False,
"type": "str"
},
"report_title_style": {
"required": False,
"type": "str"
},
"table_chart_caption_style": {
"required": False,
"type": "str"
},
"table_chart_even_row_style": {
"required": False,
"type": "str"
},
"table_chart_head_style": {
"required": False,
"type": "str"
},
"table_chart_odd_row_style": {
"required": False,
"type": "str"
},
"table_chart_style": {
"required": False,
"type": "str"
},
"toc_heading1_style": {
"required": False,
"type": "str"
},
"toc_heading2_style": {
"required": False,
"type": "str"
},
"toc_heading3_style": {
"required": False,
"type": "str"
},
"toc_heading4_style": {
"required": False,
"type": "str"
},
"toc_title_style": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_report(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_report(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"web_proxy_global": {
"required": False,
"type": "dict",
"default": None,
"options": {
"fast_policy_match": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"forward_proxy_auth": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"forward_server_affinity_timeout": {
"required": False,
"type": "int"
},
"learn_client_ip": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"learn_client_ip_from_header": {
"required": False,
"type": "str",
"choices":
["true-client-ip", "x-real-ip", "x-forwarded-for"]
},
"learn_client_ip_srcaddr": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"learn_client_ip_srcaddr6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"max_message_length": {
"required": False,
"type": "int"
},
"max_request_length": {
"required": False,
"type": "int"
},
"max_waf_body_cache_length": {
"required": False,
"type": "int"
},
"proxy_fqdn": {
"required": False,
"type": "str"
},
"strict_web_check": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_non_http": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"unknown_http_version": {
"required": False,
"type": "str",
"choices": ["reject", "tunnel", "best-effort"]
},
"webproxy_profile": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_web_proxy(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_web_proxy(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"firewall_ippool": {
"required": False, "type": "dict", "default": None,
"options": {
"state": {"required": False, "type": "str",
"choices": ["present", "absent"]},
"arp_intf": {"required": False, "type": "str"},
"arp_reply": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"associated_interface": {"required": False, "type": "str"},
"block_size": {"required": False, "type": "int"},
"comments": {"required": False, "type": "str"},
"endip": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"num_blocks_per_user": {"required": False, "type": "int"},
"pba_timeout": {"required": False, "type": "int"},
"permit_any_host": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"source_endip": {"required": False, "type": "str"},
"source_startip": {"required": False, "type": "str"},
"startip": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["overload", "one-to-one", "fixed-port-range",
"port-block-allocation"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"state": {"required": True, "type": "str",
"choices": ["present", "absent"]},
"system_dhcp6_server": {
"required": False, "type": "dict", "default": None,
"options": {
"dns_search_list": {"required": False, "type": "str",
"choices": ["delegated", "specify"]},
"dns_server1": {"required": False, "type": "str"},
"dns_server2": {"required": False, "type": "str"},
"dns_server3": {"required": False, "type": "str"},
"dns_service": {"required": False, "type": "str",
"choices": ["delegated", "default", "specify"]},
"domain": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"interface": {"required": False, "type": "str"},
"ip_mode": {"required": False, "type": "str",
"choices": ["range", "delegated"]},
"ip_range": {"required": False, "type": "list",
"options": {
"end_ip": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"start_ip": {"required": False, "type": "str"}
}},
"lease_time": {"required": False, "type": "int"},
"option1": {"required": False, "type": "str"},
"option2": {"required": False, "type": "str"},
"option3": {"required": False, "type": "str"},
"prefix_range": {"required": False, "type": "list",
"options": {
"end_prefix": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
"prefix_length": {"required": False, "type": "int"},
"start_prefix": {"required": False, "type": "str"}
}},
"rapid_commit": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"status": {"required": False, "type": "str",
"choices": ["disable", "enable"]},
"subnet": {"required": False, "type": "str"},
"upstream_interface": {"required": False, "type": "str"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system_dhcp6(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system_dhcp6(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"firewall_ssl_setting": {
"required": False, "type": "dict", "default": None,
"options": {
"abbreviate_handshake": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"cert_cache_capacity": {"required": False, "type": "int"},
"cert_cache_timeout": {"required": False, "type": "int"},
"kxp_queue_threshold": {"required": False, "type": "int"},
"no_matching_cipher_action": {"required": False, "type": "str",
"choices": ["bypass", "drop"]},
"proxy_connect_timeout": {"required": False, "type": "int"},
"session_cache_capacity": {"required": False, "type": "int"},
"session_cache_timeout": {"required": False, "type": "int"},
"ssl_dh_bits": {"required": False, "type": "str",
"choices": ["768", "1024", "1536",
"2048"]},
"ssl_queue_threshold": {"required": False, "type": "int"},
"ssl_send_empty_frags": {"required": False, "type": "str",
"choices": ["enable", "disable"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall_ssl(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall_ssl(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_fortiguard_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"enc_algorithm": {
"required": False,
"type": "str",
"choices": ["high-medium", "high", "low"]
},
"source_ip": {
"required": False,
"type": "str"
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"upload_day": {
"required": False,
"type": "str"
},
"upload_interval": {
"required": False,
"type": "str",
"choices": ["daily", "weekly", "monthly"]
},
"upload_option": {
"required":
False,
"type":
"str",
"choices":
["store-and-upload", "realtime", "1-minute", "5-minute"]
},
"upload_time": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_fortiguard(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_fortiguard(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"vpn_ssl_settings": {
"required": False,
"type": "dict",
"default": None,
"options": {
"auth_timeout": {
"required": False,
"type": "int"
},
"authentication_rule": {
"required": False,
"type": "list",
"options": {
"auth": {
"required":
False,
"type":
"str",
"choices":
["any", "local", "radius", "tacacs+", "ldap"]
},
"cipher": {
"required": False,
"type": "str",
"choices": ["any", "high", "medium"]
},
"client_cert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"groups": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"portal": {
"required": False,
"type": "str"
},
"realm": {
"required": False,
"type": "str"
},
"source_address": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"source_address_negate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"source_address6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"source_address6_negate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"source_interface": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"users": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
},
"auto_tunnel_static_route": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"banned_cipher": {
"required":
False,
"type":
"str",
"choices": [
"RSA", "DH", "DHE", "ECDH", "ECDHE", "DSS", "ECDSA",
"AES", "AESGCM", "CAMELLIA", "3DES", "SHA1", "SHA256",
"SHA384", "STATIC"
]
},
"check_referer": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"default_portal": {
"required": False,
"type": "str"
},
"deflate_compression_level": {
"required": False,
"type": "int"
},
"deflate_min_data_size": {
"required": False,
"type": "int"
},
"dns_server1": {
"required": False,
"type": "str"
},
"dns_server2": {
"required": False,
"type": "str"
},
"dns_suffix": {
"required": False,
"type": "str"
},
"dtls_hello_timeout": {
"required": False,
"type": "int"
},
"dtls_tunnel": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"force_two_factor_auth": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"header_x_forwarded_for": {
"required": False,
"type": "str",
"choices": ["pass", "add", "remove"]
},
"http_compression": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"http_only_cookie": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"http_request_body_timeout": {
"required": False,
"type": "int"
},
"http_request_header_timeout": {
"required": False,
"type": "int"
},
"https_redirect": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"idle_timeout": {
"required": False,
"type": "int"
},
"ipv6_dns_server1": {
"required": False,
"type": "str"
},
"ipv6_dns_server2": {
"required": False,
"type": "str"
},
"ipv6_wins_server1": {
"required": False,
"type": "str"
},
"ipv6_wins_server2": {
"required": False,
"type": "str"
},
"login_attempt_limit": {
"required": False,
"type": "int"
},
"login_block_time": {
"required": False,
"type": "int"
},
"login_timeout": {
"required": False,
"type": "int"
},
"port": {
"required": False,
"type": "int"
},
"port_precedence": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"reqclientcert": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"route_source_interface": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"servercert": {
"required": False,
"type": "str"
},
"source_address": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"source_address_negate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"source_address6": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"source_address6_negate": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"source_interface": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"ssl_client_renegotiation": {
"required": False,
"type": "str",
"choices": ["disable", "enable"]
},
"ssl_insert_empty_fragment": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tlsv1_0": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tlsv1_1": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tlsv1_2": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_ip_pools": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"tunnel_ipv6_pools": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"unsafe_legacy_renegotiation": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"url_obscuration": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"wins_server1": {
"required": False,
"type": "str"
},
"wins_server2": {
"required": False,
"type": "str"
},
"x_content_type_options": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_ssl(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_ssl(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"wanopt_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"auth_group": {
"required": False,
"type": "str"
},
"cifs": {
"required": False,
"type": "dict",
"options": {
"byte_caching": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"log_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"port": {
"required": False,
"type": "int"
},
"prefer_chunking": {
"required": False,
"type": "str",
"choices": ["dynamic", "fix"]
},
"secure_tunnel": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_sharing": {
"required": False,
"type": "str",
"choices": ["private", "shared", "express-shared"]
}
}
},
"comments": {
"required": False,
"type": "str"
},
"ftp": {
"required": False,
"type": "dict",
"options": {
"byte_caching": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"log_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"port": {
"required": False,
"type": "int"
},
"prefer_chunking": {
"required": False,
"type": "str",
"choices": ["dynamic", "fix"]
},
"secure_tunnel": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_sharing": {
"required": False,
"type": "str",
"choices": ["private", "shared", "express-shared"]
}
}
},
"http": {
"required": False,
"type": "dict",
"options": {
"byte_caching": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"log_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"port": {
"required": False,
"type": "int"
},
"prefer_chunking": {
"required": False,
"type": "str",
"choices": ["dynamic", "fix"]
},
"secure_tunnel": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssl": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssl_port": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_non_http": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_sharing": {
"required": False,
"type": "str",
"choices": ["private", "shared", "express-shared"]
},
"unknown_http_version": {
"required": False,
"type": "str",
"choices": ["reject", "tunnel", "best-effort"]
}
}
},
"mapi": {
"required": False,
"type": "dict",
"options": {
"byte_caching": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"log_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"port": {
"required": False,
"type": "int"
},
"secure_tunnel": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_sharing": {
"required": False,
"type": "str",
"choices": ["private", "shared", "express-shared"]
}
}
},
"name": {
"required": True,
"type": "str"
},
"tcp": {
"required": False,
"type": "dict",
"options": {
"byte_caching": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"byte_caching_opt": {
"required": False,
"type": "str",
"choices": ["mem-only", "mem-disk"]
},
"log_traffic": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"port": {
"required": False,
"type": "str"
},
"secure_tunnel": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssl": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"ssl_port": {
"required": False,
"type": "int"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"tunnel_sharing": {
"required": False,
"type": "str",
"choices": ["private", "shared", "express-shared"]
}
}
},
"transparent": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wanopt(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"log_syslogd4_setting": {
"required": False,
"type": "dict",
"default": None,
"options": {
"certificate": {
"required": False,
"type": "str"
},
"custom_field_name": {
"required": False,
"type": "list",
"options": {
"custom": {
"required": False,
"type": "str"
},
"id": {
"required": True,
"type": "int"
},
"name": {
"required": False,
"type": "str"
}
}
},
"enc_algorithm": {
"required": False,
"type": "str",
"choices": ["high-medium", "high", "low", "disable"]
},
"facility": {
"required":
False,
"type":
"str",
"choices": [
"kernel", "user", "mail", "daemon", "auth", "syslog",
"lpr", "news", "uucp", "cron", "authpriv", "ftp",
"ntp", "audit", "alert", "clock", "local0", "local1",
"local2", "local3", "local4", "local5", "local6",
"local7"
]
},
"format": {
"required": False,
"type": "str",
"choices": ["default", "csv", "cef"]
},
"mode": {
"required": False,
"type": "str",
"choices": ["udp", "legacy-reliable", "reliable"]
},
"port": {
"required": False,
"type": "int"
},
"server": {
"required": False,
"type": "str"
},
"source_ip": {
"required": False,
"type": "str"
},
"ssl_min_proto_version": {
"required": False,
"type": "str",
"choices":
["default", "SSLv3", "TLSv1", "TLSv1-1", "TLSv1-2"]
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_log_syslogd4(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_log_syslogd4(
module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"system_netflow": {
"required": False,
"type": "dict",
"default": None,
"options": {
"active_flow_timeout": {
"required": False,
"type": "int"
},
"collector_ip": {
"required": False,
"type": "str"
},
"collector_port": {
"required": False,
"type": "int"
},
"inactive_flow_timeout": {
"required": False,
"type": "int"
},
"source_ip": {
"required": False,
"type": "str"
},
"template_tx_counter": {
"required": False,
"type": "int"
},
"template_tx_timeout": {
"required": False,
"type": "int"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_system(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_system(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_shaping_profile": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"default_class_id": {
"required": False,
"type": "int"
},
"profile_name": {
"required": False,
"type": "str"
},
"shaping_entries": {
"required": False,
"type": "list",
"options": {
"class_id": {
"required": False,
"type": "int"
},
"guaranteed_bandwidth_percentage": {
"required": False,
"type": "int"
},
"id": {
"required": True,
"type": "int"
},
"maximum_bandwidth_percentage": {
"required": False,
"type": "int"
},
"priority": {
"required": False,
"type": "str",
"choices": ["high", "medium", "low"]
}
}
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"user_setting": {
"required": False, "type": "dict", "default": None,
"options": {
"auth_blackout_time": {"required": False, "type": "int"},
"auth_ca_cert": {"required": False, "type": "str"},
"auth_cert": {"required": False, "type": "str"},
"auth_http_basic": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"auth_invalid_max": {"required": False, "type": "int"},
"auth_lockout_duration": {"required": False, "type": "int"},
"auth_lockout_threshold": {"required": False, "type": "int"},
"auth_portal_timeout": {"required": False, "type": "int"},
"auth_ports": {"required": False, "type": "list",
"options": {
"id": {"required": True, "type": "int"},
"port": {"required": False, "type": "int"},
"type": {"required": False, "type": "str",
"choices": ["http", "https", "ftp",
"telnet"]}
}},
"auth_secure_http": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"auth_src_mac": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"auth_ssl_allow_renegotiation": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"auth_timeout": {"required": False, "type": "int"},
"auth_timeout_type": {"required": False, "type": "str",
"choices": ["idle-timeout", "hard-timeout", "new-session"]},
"auth_type": {"required": False, "type": "str",
"choices": ["http", "https", "ftp",
"telnet"]},
"radius_ses_timeout_act": {"required": False, "type": "str",
"choices": ["hard-timeout", "ignore-timeout"]}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_user(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_user(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"firewall_addrgrp6": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"color": {
"required": False,
"type": "int"
},
"comment": {
"required": False,
"type": "str"
},
"member": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
},
"name": {
"required": True,
"type": "str"
},
"tagging": {
"required": False,
"type": "list",
"options": {
"category": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"tags": {
"required": False,
"type": "list",
"options": {
"name": {
"required": True,
"type": "str"
}
}
}
}
},
"uuid": {
"required": False,
"type": "str"
},
"visibility": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_firewall(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_firewall(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"webfilter_urlfilter": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"comment": {
"required": False,
"type": "str"
},
"entries": {
"required": False,
"type": "list",
"options": {
"action": {
"required": False,
"type": "str",
"choices": ["exempt", "block", "allow", "monitor"]
},
"dns_address_family": {
"required": False,
"type": "str",
"choices": ["ipv4", "ipv6", "both"]
},
"exempt": {
"required":
False,
"type":
"str",
"choices": [
"av", "web-content", "activex-java-cookie",
"dlp", "fortiguard", "range-block", "pass",
"all"
]
},
"id": {
"required": True,
"type": "int"
},
"referrer_host": {
"required": False,
"type": "str"
},
"status": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"type": {
"required": False,
"type": "str",
"choices": ["simple", "regex", "wildcard"]
},
"url": {
"required": False,
"type": "str"
},
"web_proxy_profile": {
"required": False,
"type": "str"
}
}
},
"id": {
"required": True,
"type": "int"
},
"ip_addr_block": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
},
"name": {
"required": False,
"type": "str"
},
"one_arm_ips_urlfilter": {
"required": False,
"type": "str",
"choices": ["enable", "disable"]
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_webfilter(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_webfilter(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {"required": False, "type": "str"},
"username": {"required": False, "type": "str"},
"password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
"ssl_verify": {"required": False, "type": "bool", "default": True},
"wireless_controller_timers": {
"required": False, "type": "dict", "default": None,
"options": {
"ble_scan_report_intv": {"required": False, "type": "int"},
"client_idle_timeout": {"required": False, "type": "int"},
"darrp_day": {"required": False, "type": "str",
"choices": ["sunday", "monday", "tuesday",
"wednesday", "thursday", "friday",
"saturday"]},
"darrp_optimize": {"required": False, "type": "int"},
"darrp_time": {"required": False, "type": "list",
"options": {
"time": {"required": True, "type": "str"}
}},
"discovery_interval": {"required": False, "type": "int"},
"echo_interval": {"required": False, "type": "int"},
"fake_ap_log": {"required": False, "type": "int"},
"ipsec_intf_cleanup": {"required": False, "type": "int"},
"radio_stats_interval": {"required": False, "type": "int"},
"rogue_ap_log": {"required": False, "type": "int"},
"sta_capability_interval": {"required": False, "type": "int"},
"sta_locate_timer": {"required": False, "type": "int"},
"sta_stats_interval": {"required": False, "type": "int"},
"vap_stats_interval": {"required": False, "type": "int"}
}
}
}
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_wireless_controller(module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_wireless_controller(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
def main():
fields = {
"host": {
"required": False,
"type": "str"
},
"username": {
"required": False,
"type": "str"
},
"password": {
"required": False,
"type": "str",
"default": "",
"no_log": True
},
"vdom": {
"required": False,
"type": "str",
"default": "root"
},
"https": {
"required": False,
"type": "bool",
"default": True
},
"ssl_verify": {
"required": False,
"type": "bool",
"default": True
},
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"vpn_ipsec_manualkey": {
"required": False,
"type": "dict",
"default": None,
"options": {
"state": {
"required": False,
"type": "str",
"choices": ["present", "absent"]
},
"authentication": {
"required":
False,
"type":
"str",
"choices":
["null", "md5", "sha1", "sha256", "sha384", "sha512"]
},
"authkey": {
"required": False,
"type": "str"
},
"enckey": {
"required": False,
"type": "str"
},
"encryption": {
"required": False,
"type": "str",
"choices": ["null", "des"]
},
"interface": {
"required": False,
"type": "str"
},
"local_gw": {
"required": False,
"type": "str"
},
"localspi": {
"required": False,
"type": "str"
},
"name": {
"required": True,
"type": "str"
},
"remote_gw": {
"required": False,
"type": "str"
},
"remotespi": {
"required": False,
"type": "str"
}
}
}
}
module = AnsibleModule(argument_spec=fields, supports_check_mode=False)
# legacy_mode refers to using fortiosapi instead of HTTPAPI
legacy_mode = 'host' in module.params and module.params['host'] is not None and \
'username' in module.params and module.params['username'] is not None and \
'password' in module.params and module.params['password'] is not None
if not legacy_mode:
if module._socket_path:
connection = Connection(module._socket_path)
fos = FortiOSHandler(connection)
is_error, has_changed, result = fortios_vpn_ipsec(
module.params, fos)
else:
module.fail_json(**FAIL_SOCKET_MSG)
else:
try:
from fortiosapi import FortiOSAPI
except ImportError:
module.fail_json(msg="fortiosapi module is required")
fos = FortiOSAPI()
login(module.params, fos)
is_error, has_changed, result = fortios_vpn_ipsec(module.params, fos)
fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
else:
module.fail_json(msg="Error in repo", meta=result)
