XLAB Steampunk logo Try Spotter
 / home / community / community.general / 0.1.1 / module / fmgr_secprof_dns

community.general.fmgr_secprof_dns (0.1.1) — module

Manage DNS security profiles in FortiManager

Authors: Luke Weighall (@lweighall), Andrew Welsh (@Ghilli3), Jim Huber (@p4r4n0y1ng)

preview | supported by community

Install collection | Add to requirements.yml | Description | Usage examples | Inputs | Outputs

Install collection

Install with ansible-galaxy collection install community.general:==0.1.1


Add to requirements.yml

  collections:
    - name: community.general
      version: 0.1.1

Description

Manage DNS security profiles in FortiManager

Usage examples

Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
  - name: DELETE Profile
    fmgr_secprof_dns:
      name: "Ansible_DNS_Profile"
      comment: "Created by Ansible Module TEST"
      mode: "delete"
Scanned by Steampunk Spotter
  • Success
    Steampunk Spotter scan finished with no errors, warnings or hints.
  - name: CREATE Profile
    fmgr_secprof_dns:
      name: "Ansible_DNS_Profile"
      comment: "Created by Ansible Module TEST"
      mode: "set"
      block_action: "block"

Inputs

    
adom:
    default: root
    description:
    - The ADOM the configuration should belong to.
    required: false

mode:
    choices:
    - add
    - set
    - delete
    - update
    default: add
    description:
    - Sets one of three modes for managing the object.
    - Allows use of soft-adds instead of overwriting existing values.
    required: false

name:
    description:
    - Profile name.
    required: false
    type: str

comment:
    description:
    - Comment for the security profile to show in the FortiManager GUI.
    required: false
    type: str

safe_search:
    choices:
    - disable
    - enable
    description:
    - Enable/disable Google, Bing, and YouTube safe search.
    - choice | disable | Disable Google, Bing, and YouTube safe search.
    - choice | enable | Enable Google, Bing, and YouTube safe search.
    required: false
    type: str

block_action:
    choices:
    - block
    - redirect
    description:
    - Action to take for blocked domains.
    - choice | block | Return NXDOMAIN for blocked domains.
    - choice | redirect | Redirect blocked domains to SDNS portal.
    required: false
    type: str

block_botnet:
    choices:
    - disable
    - enable
    description:
    - Enable/disable blocking botnet C&C; DNS lookups.
    - choice | disable | Disable blocking botnet C&C; DNS lookups.
    - choice | enable | Enable blocking botnet C&C; DNS lookups.
    required: false
    type: str

log_all_domain:
    choices:
    - disable
    - enable
    description:
    - Enable/disable logging of all domains visited (detailed DNS logging).
    - choice | disable | Disable logging of all domains visited.
    - choice | enable | Enable logging of all domains visited.
    required: false
    type: str

redirect_portal:
    description:
    - IP address of the SDNS redirect portal.
    required: false
    type: str

sdns_domain_log:
    choices:
    - disable
    - enable
    description:
    - Enable/disable domain filtering and botnet domain logging.
    - choice | disable | Disable domain filtering and botnet domain logging.
    - choice | enable | Enable domain filtering and botnet domain logging.
    required: false
    type: str

ftgd_dns_options:
    choices:
    - error-allow
    - ftgd-disable
    description:
    - FortiGuard DNS filter options.
    - FLAG Based Options. Specify multiple in list form.
    - flag | error-allow | Allow all domains when FortiGuard DNS servers fail.
    - flag | ftgd-disable | Disable FortiGuard DNS domain rating.
    required: false
    type: str

youtube_restrict:
    choices:
    - strict
    - moderate
    description:
    - Set safe search for YouTube restriction level.
    - choice | strict | Enable strict safe seach for YouTube.
    - choice | moderate | Enable moderate safe search for YouTube.
    required: false
    type: str

sdns_ftgd_err_log:
    choices:
    - disable
    - enable
    description:
    - Enable/disable FortiGuard SDNS rating error logging.
    - choice | disable | Disable FortiGuard SDNS rating error logging.
    - choice | enable | Enable FortiGuard SDNS rating error logging.
    required: false
    type: str

ftgd_dns_filters_log:
    choices:
    - disable
    - enable
    description:
    - Enable/disable DNS filter logging for this DNS profile.
    - choice | disable | Disable DNS filter logging.
    - choice | enable | Enable DNS filter logging.
    required: false
    type: str

external_ip_blocklist:
    description:
    - One or more external IP block lists.
    required: false
    type: str

ftgd_dns_filters_action:
    choices:
    - monitor
    - block
    description:
    - Action to take for DNS requests matching the category.
    - choice | monitor | Allow DNS requests matching the category and log the result.
    - choice | block | Block DNS requests matching the category.
    required: false
    type: str

ftgd_dns_filters_category:
    description:
    - Category number.
    required: false
    type: str

domain_filter_domain_filter_table:
    description:
    - DNS domain filter table ID.
    required: false
    type: str

Outputs

api_result:
  description: full API response, includes status code and message
  returned: always
  type: str
Got feedback? steampunk@xlab.si | © 2024. All rights reserved.
Cookie policy-Privacy policy-Terms of use-Security policy