ansible / ansible.builtin / v2.9.23 / module / fmgr_secprof_wanopt WAN optimization | "added in version" 2.8 of ansible.builtin" Authors: Luke Weighall (@lweighall), Andrew Welsh (@Ghilli3), Jim Huber (@p4r4n0y1ng) preview | supported by communityansible.builtin.fmgr_secprof_wanopt (v2.9.23) — module
pip
Install with pip install ansible==2.9.23
Manage WanOpt security profiles in FortiManager via API
- name: DELETE Profile fmgr_secprof_wanopt: name: "Ansible_WanOpt_Profile" mode: "delete"
- name: Create FMGR_WANOPT_PROFILE fmgr_secprof_wanopt: mode: "set" adom: "root" transparent: "enable" name: "Ansible_WanOpt_Profile" comments: "Created by Ansible" cifs: {byte-caching: "enable", log-traffic: "enable", port: 80, prefer-chunking: "dynamic", status: "enable", tunnel-sharing: "private"} ftp: {byte-caching: "enable", log-traffic: "enable", port: 80, prefer-chunking: "dynamic", secure-tunnel: "disable", status: "enable", tunnel-sharing: "private"}
ftp: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false tcp: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false adom: default: root description: - The ADOM the configuration should belong to. required: false cifs: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false http: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false mapi: description: - EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED! - List of multiple child objects to be added. Expects a list of dictionaries. - Dictionaries must use FortiManager API parameters, not the ansible ones listed below. - If submitted, all other prefixed sub-parameters ARE IGNORED. - This object is MUTUALLY EXCLUSIVE with its options. - We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide. - WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS required: false mode: choices: - add - set - delete - update default: add description: - Sets one of three modes for managing the object. - Allows use of soft-adds instead of overwriting existing values required: false name: description: - Profile name. required: false tcp_ssl: choices: - disable - enable description: - Enable/disable SSL/TLS offloading. required: false comments: description: - Comment. required: false ftp_port: description: - Single port number or port number range for FTP. Only packets with a destination port number that matches this port number or range are accepted by this profile. required: false http_ssl: choices: - disable - enable description: - Enable/disable SSL/TLS offloading (hardware acceleration) for HTTPS traffic in this tunnel. required: false tcp_port: description: - Single port number or port number range for TCP. Only packets with a destination port number that matches this port number or range are accepted by this profile. required: false cifs_port: description: - Single port number or port number range for CIFS. Only packets with a destination port number that matches this port number or range are accepted by this profile. required: false http_port: description: - Single port number or port number range for HTTP. Only packets with a destination port number that matches this port number or range are accepted by this profile. required: false mapi_port: description: - Single port number or port number range for MAPI. Only packets with a destination port number that matches this port number or range are accepted by this profile. required: false auth_group: description: - Optionally add an authentication group to restrict access to the WAN Optimization tunnel to peers in the authentication group. required: false ftp_status: choices: - disable - enable description: - Enable/disable HTTP WAN Optimization. required: false tcp_status: choices: - disable - enable description: - Enable/disable HTTP WAN Optimization. required: false cifs_status: choices: - disable - enable description: - Enable/disable HTTP WAN Optimization. required: false http_status: choices: - disable - enable description: - Enable/disable HTTP WAN Optimization. required: false mapi_status: choices: - disable - enable description: - Enable/disable HTTP WAN Optimization. required: false transparent: choices: - disable - enable description: - Enable/disable transparent mode. required: false tcp_ssl_port: description: - Port on which to expect HTTPS traffic for SSL/TLS offloading. required: false http_ssl_port: description: - Port on which to expect HTTPS traffic for SSL/TLS offloading. required: false ftp_log_traffic: choices: - disable - enable description: - Enable/disable logging. required: false tcp_log_traffic: choices: - disable - enable description: - Enable/disable logging. required: false cifs_log_traffic: choices: - disable - enable description: - Enable/disable logging. required: false ftp_byte_caching: choices: - disable - enable description: - Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. required: false http_log_traffic: choices: - disable - enable description: - Enable/disable logging. required: false mapi_log_traffic: choices: - disable - enable description: - Enable/disable logging. required: false tcp_byte_caching: choices: - disable - enable description: - Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. required: false cifs_byte_caching: choices: - disable - enable description: - Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. required: false ftp_secure_tunnel: choices: - disable - enable description: - Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). required: false http_byte_caching: choices: - disable - enable description: - Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. required: false mapi_byte_caching: choices: - disable - enable description: - Enable/disable byte-caching for HTTP. Byte caching reduces the amount of traffic by caching file data sent across the WAN and in future serving if from the cache. required: false tcp_secure_tunnel: choices: - disable - enable description: - Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). required: false cifs_secure_tunnel: choices: - disable - enable description: - Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). required: false ftp_tunnel_sharing: choices: - private - shared - express-shared description: - Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. required: false http_secure_tunnel: choices: - disable - enable description: - Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). required: false mapi_secure_tunnel: choices: - disable - enable description: - Enable/disable securing the WAN Opt tunnel using SSL. Secure and non-secure tunnels use the same TCP port (7810). required: false tcp_tunnel_sharing: choices: - private - shared - express-shared description: - Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. required: false cifs_tunnel_sharing: choices: - private - shared - express-shared description: - Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. required: false ftp_prefer_chunking: choices: - dynamic - fix description: - Select dynamic or fixed-size data chunking for HTTP WAN Optimization. required: false http_tunnel_sharing: choices: - private - shared - express-shared description: - Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. required: false mapi_tunnel_sharing: choices: - private - shared - express-shared description: - Tunnel sharing mode for aggressive/non-aggressive and/or interactive/non-interactive protocols. required: false cifs_prefer_chunking: choices: - dynamic - fix description: - Select dynamic or fixed-size data chunking for HTTP WAN Optimization. required: false http_prefer_chunking: choices: - dynamic - fix description: - Select dynamic or fixed-size data chunking for HTTP WAN Optimization. required: false http_tunnel_non_http: choices: - disable - enable description: - Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. Can occur if an application sends non-HTTP traffic using an HTTP destination port. required: false tcp_byte_caching_opt: choices: - mem-only - mem-disk description: - Select whether TCP byte-caching uses system memory only or both memory and disk space. required: false http_unknown_http_version: choices: - best-effort - reject - tunnel description: - How to handle HTTP sessions that do not comply with HTTP 0.9, 1.0, or 1.1. required: false
api_result: description: full API response, includes status code and message returned: always type: str