ansible / ansible.builtin / v2.8.17 / module / fmgr_fwobj_service Manages FortiManager Firewall Service Objects. | "added in version" 2.8 of ansible.builtin" Authors: Luke Weighall (@lweighall), Andrew Welsh (@Ghilli3), Jim Huber (@p4r4n0y1ng) preview | supported by communityansible.builtin.fmgr_fwobj_service (v2.8.17) — module
pip
Install with pip install ansible==2.8.17
Manages FortiManager Firewall Service Objects.
- name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_service" object_type: "custom" custom_type: "tcp_udp_sctp" tcp_portrange: "443" udp_portrange: "51" sctp_portrange: "100"
- name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP WITH SOURCE RANGES AND MULTIPLES fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_serviceWithSource" object_type: "custom" custom_type: "tcp_udp_sctp" tcp_portrange: "443:2000-1000,80-82:10000-20000" udp_portrange: "51:100-200,162:200-400" sctp_portrange: "100:2000-2500"
- name: ADD A CUSTOM SERVICE FOR ICMP fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp" object_type: "custom" custom_type: "icmp" icmp_type: "8" icmp_code: "3"
- name: ADD A CUSTOM SERVICE FOR ICMP6 fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp6" object_type: "custom" custom_type: "icmp6" icmp_type: "5" icmp_code: "1"
- name: ADD A CUSTOM SERVICE FOR IP - GRE fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp6" object_type: "custom" custom_type: "ip" protocol_number: "47"
- name: ADD A CUSTOM PROXY FOR ALL WITH SOURCE RANGES AND MULTIPLES fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_proxy_all" object_type: "custom" custom_type: "all" explicit_proxy: "enable" tcp_portrange: "443:2000-1000,80-82:10000-20000" iprange: "www.ansible.com"
adom: default: root description: -The ADOM the configuration should belong to. required: false fqdn: default: '' description: - Fully qualified domain name. required: false mode: choices: - add - set - delete default: add description: - Sets one of three modes for managing the object. required: false name: description: - Custom service name. required: false color: default: 22 description: - GUI icon color. required: false comment: description: - Comment. required: false iprange: default: 0.0.0.0 description: - Start IP-End IP. required: false category: description: - Service category. required: false protocol: description: - Protocol type. required: false icmp_code: description: - ICMP code. required: false icmp_type: description: - ICMP type. required: false group_name: description: - Name of the Service Group. required: false visibility: choices: - enable - disable default: enable description: - Enable/disable service visibility. required: false application: description: - Application ID. required: false custom_type: choices: - tcp_udp_sctp - icmp - icmp6 - ip - http - ftp - connect - socks_tcp - socks_udp - all default: all description: - Tells module what kind of custom service to be added. required: false object_type: choices: - custom - group - category description: - Tells module if we are adding a custom service, category, or group. required: false session_ttl: default: 0 description: - Session TTL (300 - 604800, 0 = default). required: false app_category: description: - Application category ID. required: false group_member: description: - Comma-Seperated list of members' names. required: false tcp_portrange: description: - Comma separated list of destination ports to add (i.e. '443,80'). - Syntax is <destPort:sourcePort> - If no sourcePort is defined, it assumes all of them. - Ranges can be defined with a hyphen - - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). - String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). required: false udp_portrange: description: - Comma separated list of destination ports to add (i.e. '443,80'). - Syntax is <destPort:sourcePort> - If no sourcePort is defined, it assumes all of them. - Ranges can be defined with a hyphen - - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). - String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). required: false explicit_proxy: choices: - enable - disable default: disable description: - Enable/disable explicit web proxy service. required: false sctp_portrange: description: - Multiple SCTP port ranges. Comma separated list of destination ports to add (i.e. '443,80'). - Syntax is <destPort:sourcePort> - If no sourcePort is defined, it assumes all of them. - Ranges can be defined with a hyphen - - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). - String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). required: false udp_idle_timer: default: 0 description: - TCP half close timeout (0 - 86400 sec, 0 = default). required: false protocol_number: description: - IP protocol number. required: false app_service_type: description: - Application service type. required: false check_reset_range: description: - Enable disable RST check. required: false tcp_halfopen_timer: default: 0 description: - TCP half close timeout (1 - 86400 sec, 0 = default). required: false tcp_timewait_timer: default: 0 description: - TCP half close timeout (1 - 300 sec, 0 = default). required: false tcp_halfclose_timer: default: 0 description: - TCP half close timeout (1 - 86400 sec, 0 = default). required: false
api_result: description: full API response, includes status code and message returned: always type: str