ansible / ansible.builtin / v2.7.10 / module / fortios_webfilter Configure webfilter capabilities of FortiGate and FortiOS. | "added in version" 2.6 of ansible.builtin" Authors: Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communityansible.builtin.fortios_webfilter (v2.7.10) — module
pip
Install with pip install ansible==2.7.10
This module is able to configure a FortiGate or FortiOS by allowing the user to configure webfilter feature. For now it is able to handle url and content filtering capabilities. The module uses FortiGate REST API internally to configure the device.
- hosts: localhost vars: host: "192.168.122.40" username: "admin" password: "" vdom: "root" tasks: - name: Configure url to be filtered by fortigate fortios_webfilter: host: "{{ host }}" username: "{{ username}}" password: "{{ password }}" vdom: "{{ vdom }}" webfilter_url: state: "present" id: "1" name: "default" comment: "mycomment" one-arm-ips-url-filter: "disable" ip-addr-block: "disable" entries: - id: "1" url: "www.test1.com" type: "simple" action: "exempt" status: "enable" exempt: "pass" web-proxy-profile: "" referrrer-host: "" - id: "2" url: "www.test2.com" type: "simple" action: "exempt" status: "enable" exempt: "pass" web-proxy-profile: "" referrrer-host: ""
- hosts: localhost vars: host: "192.168.122.40" username: "admin" password: "" vdom: "root" tasks: - name: Configure web content filtering in fortigate fortios_webfilter: host: "{{ host }}" username: "{{ username}}" password: "{{ password }}" vdom: "{{ vdom }}" webfilter_content: id: "1" name: "default" comment: "" entries: - name: "1" pattern-type: "www.test45.com" status: "enable" lang: "western" score: 40 action: "block" - name: "2" pattern-type: "www.test46.com" status: "enable" lang: "western" score: 42 action: "block" state: "present"
host: description: - FortiOS or FortiGate ip adress. required: true vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. password: default: '' description: - FortiOS or FortiGate password. username: description: - FortiOS or FortiGate username. required: true webfilter_url: default: null description: - Container for a group of url entries that the FortiGate must act upon suboptions: comment: default: null description: - Optional comments. entries: default: [] description: - URL filter entries. suboptions: action: choices: - exempt - block - allow - monitor description: - Action to take for URL filter matches. required: true exempt: choices: - av - web-content - activex-java-cookie - dlp - fortiguard - range-block - pass - all description: - If action is set to exempt, select the security profile operations that exempt URLs skip. Separate multiple options with a space. required: true id: description: - Id of URL. required: true referrer-host: description: - Referrer host name. required: true status: choices: - enable - disable description: - Enable/disable this URL filter. required: true type: choices: - simple - regex - wildcard description: - Filter type (simple, regex, or wildcard). required: true url: description: - URL to be filtered. required: true web-proxy-profile: description: - Web proxy profile. required: true id: description: - Id of URL filter list. required: true ip-addr-block: choices: - enable - disable default: disable description: - Enable/disable blocking URLs when the hostname appears as an IP address. name: description: - Name of URL filter list. required: true one-arm-ips-urlfilter: choices: - enable - disable default: disable description: - Enable/disable DNS resolver for one-arm IPS URL filter operation. state: choices: - absent - present description: - Configures the intended state of this object on the FortiGate. When this value is set to I(present), the object is configured on the device and when this value is set to I(absent) the object is removed from the device. required: true webfilter_content: default: null description: - Container for a group of content-filtering entries that the FortiGate must act upon suboptions: comment: default: null description: - Optional comments. entries: default: [] description: - Content filter entries. suboptions: action: choices: - block - exempt description: - Block or exempt word when a match is found. required: true lang: choices: - western - simch - trach - japanese - korean - french - thai - spanish - cyrillic description: - Language of banned word. required: true name: description: - Banned word. required: true pattern-type: choices: - wildcard - regexp description: - Banned word pattern type. It can be a wildcard pattern or Perl regular expression. required: true score: description: - Score, to be applied every time the word appears on a web page. required: true status: choices: - enable - disable description: - Enable/disable banned word. required: true id: description: - Id of content-filter list. required: true name: description: - Name of content-filter list. state: choices: - absent - present description: - Configures the intended state of this object on the FortiGate. When this value is set to I(present), the object is configured on the device and when this value is set to I(absent) the object is removed from the device. required: true
build: description: Build number of the fortigate image returned: always sample: '1547' type: string http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: string http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: string mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: key1 type: string name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: string path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: string revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: string serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: string status: description: Indication of the operation's result returned: always sample: success type: string vdom: description: Virtual domain used returned: always sample: root type: string version: description: Version of the FortiGate returned: always sample: v5.6.3 type: string