ansible / ansible.builtin / v2.9.24 / module / fortios_system_fortiguard Configure FortiGuard services in Fortinet's FortiOS and FortiGate. | "added in version" 2.9 of ansible.builtin" Authors: Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communityansible.builtin.fortios_system_fortiguard (v2.9.24) — module
pip
Install with pip install ansible==2.9.24
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify system feature and fortiguard category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.5
- hosts: localhost vars: host: "192.168.122.40" username: "admin" password: "" vdom: "root" ssl_verify: "False" tasks: - name: Configure FortiGuard services. fortios_system_fortiguard: host: "{{ host }}" username: "{{ username }}" password: "{{ password }}" vdom: "{{ vdom }}" https: "False" system_fortiguard: antispam_cache: "enable" antispam_cache_mpercent: "4" antispam_cache_ttl: "5" antispam_expiration: "6" antispam_force_off: "enable" antispam_license: "8" antispam_timeout: "9" auto_join_forticloud: "enable" ddns_server_ip: "<your_own_value>" ddns_server_port: "12" load_balance_servers: "13" outbreak_prevention_cache: "enable" outbreak_prevention_cache_mpercent: "15" outbreak_prevention_cache_ttl: "16" outbreak_prevention_expiration: "17" outbreak_prevention_force_off: "enable" outbreak_prevention_license: "19" outbreak_prevention_timeout: "20" port: "53" sdns_server_ip: "<your_own_value>" sdns_server_port: "23" service_account_id: "<your_own_value>" source_ip: "84.230.14.43" source_ip6: "<your_own_value>" update_server_location: "usa" webfilter_cache: "enable" webfilter_cache_ttl: "29" webfilter_expiration: "30" webfilter_force_off: "enable" webfilter_license: "32" webfilter_timeout: "33"
host: description: - FortiOS or FortiGate IP address. required: false type: str vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str https: default: true description: - Indicates if the requests towards FortiGate must use HTTPS protocol. type: bool password: default: '' description: - FortiOS or FortiGate password. type: str username: description: - FortiOS or FortiGate username. required: false type: str ssl_verify: default: true description: - Ensures FortiGate certificate must be verified by a proper CA. type: bool system_fortiguard: default: null description: - Configure FortiGuard services. suboptions: antispam_cache: choices: - enable - disable description: - Enable/disable FortiGuard antispam request caching. Uses a small amount of memory but improves performance. type: str antispam_cache_mpercent: description: - Maximum percent of FortiGate memory the antispam cache is allowed to use (1 - 15%). type: int antispam_cache_ttl: description: - Time-to-live for antispam cache entries in seconds (300 - 86400). Lower times reduce the cache size. Higher times may improve performance since the cache will have more entries. type: int antispam_expiration: description: - Expiration date of the FortiGuard antispam contract. type: int antispam_force_off: choices: - enable - disable description: - Enable/disable turning off the FortiGuard antispam service. type: str antispam_license: description: - Interval of time between license checks for the FortiGuard antispam contract. type: int antispam_timeout: description: - Antispam query time out (1 - 30 sec). type: int auto_join_forticloud: choices: - enable - disable description: - Automatically connect to and login to FortiCloud. type: str ddns_server_ip: description: - IP address of the FortiDDNS server. type: str ddns_server_port: description: - Port used to communicate with FortiDDNS servers. type: int load_balance_servers: description: - Number of servers to alternate between as first FortiGuard option. type: int outbreak_prevention_cache: choices: - enable - disable description: - Enable/disable FortiGuard Virus Outbreak Prevention cache. type: str outbreak_prevention_cache_mpercent: description: - Maximum percent of memory FortiGuard Virus Outbreak Prevention cache can use (1 - 15%). type: int outbreak_prevention_cache_ttl: description: - Time-to-live for FortiGuard Virus Outbreak Prevention cache entries (300 - 86400 sec). type: int outbreak_prevention_expiration: description: - Expiration date of FortiGuard Virus Outbreak Prevention contract. type: int outbreak_prevention_force_off: choices: - enable - disable description: - Turn off FortiGuard Virus Outbreak Prevention service. type: str outbreak_prevention_license: description: - Interval of time between license checks for FortiGuard Virus Outbreak Prevention contract. type: int outbreak_prevention_timeout: description: - FortiGuard Virus Outbreak Prevention time out (1 - 30 sec). type: int port: choices: - 53 - 8888 - 80 description: - Port used to communicate with the FortiGuard servers. type: str sdns_server_ip: description: - IP address of the FortiDNS server. type: str sdns_server_port: description: - Port used to communicate with FortiDNS servers. type: int service_account_id: description: - Service account ID. type: str source_ip: description: - Source IPv4 address used to communicate with FortiGuard. type: str source_ip6: description: - Source IPv6 address used to communicate with FortiGuard. type: str update_server_location: choices: - usa - any description: - Signature update server location. type: str webfilter_cache: choices: - enable - disable description: - Enable/disable FortiGuard web filter caching. type: str webfilter_cache_ttl: description: - Time-to-live for web filter cache entries in seconds (300 - 86400). type: int webfilter_expiration: description: - Expiration date of the FortiGuard web filter contract. type: int webfilter_force_off: choices: - enable - disable description: - Enable/disable turning off the FortiGuard web filtering service. type: str webfilter_license: description: - Interval of time between license checks for the FortiGuard web filter contract. type: int webfilter_timeout: description: - Web filter query time out (1 - 30 sec). type: int type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str