Try SpotterConfigure MMS profiles.
| "added in version" 2.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager00
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure MMS profiles.
fmgr_firewall_mmsprofile:
bypass_validation: False
adom: FortiCarrier # FortiCarrier only object, need a FortiCarrier adom
state: present
firewall_mmsprofile:
comment: 'ansible-comment'
#extended-utm-log: disable
mm1:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
mm3:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
mm4:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
mm7:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
name: 'ansible-test'
- name: gathering fortimanager facts
hosts: fortimanager00
gather_facts: no
connection: httpapi
collections:
- fortinet.fortimanager
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: retrieve all the MMS profiles
fmgr_fact:
facts:
selector: 'firewall_mmsprofile'
params:
adom: 'FortiCarrier' # FortiCarrier only object, need a FortiCarrier adom
mms-profile: 'your_value'
adom:
description: the parameter (adom) in requested url
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
firewall_mmsprofile:
description: the top level parameters set
required: false
suboptions:
avnotificationtable:
description: AntiVirus notification table ID.
type: str
bwordtable:
description: MMS banned word table ID.
type: str
carrier-endpoint-prefix:
choices:
- disable
- enable
description: Enable/disable prefixing of end point values.
type: str
carrier-endpoint-prefix-range-max:
description: Maximum length of end point value that can be prefixed
type: int
carrier-endpoint-prefix-range-min:
description: Minimum end point length to be prefixed
type: int
carrier-endpoint-prefix-string:
description: String with which to prefix End point values.
type: str
carrierendpointbwltable:
description: Carrier end point filter table ID.
type: str
comment:
description: Comment.
type: str
dupe:
description: no description
required: false
suboptions:
action1:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: description
elements: str
type: list
action2:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: description
elements: str
type: list
action3:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: description
elements: str
type: list
block-time1:
description: Duration for which action takes effect
type: int
block-time2:
description: Duration for which action takes effect
type: int
block-time3:
description: Duration action takes effect
type: int
limit1:
description: Maximum number of messages allowed.
type: int
limit2:
description: Maximum number of messages allowed.
type: int
limit3:
description: Maximum number of messages allowed.
type: int
protocol:
description: Protocol.
type: str
status1:
choices:
- disable
- enable
description: Enable/disable status1 detection.
type: str
status2:
choices:
- disable
- enable
description: Enable/disable status2 detection.
type: str
status3:
choices:
- disable
- enable
description: Enable/disable status3 detection.
type: str
window1:
description: Window to count messages over
type: int
window2:
description: Window to count messages over
type: int
window3:
description: Window to count messages over
type: int
type: dict
flood:
description: no description
required: false
suboptions:
action1:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: description
elements: str
type: list
action2:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: description
elements: str
type: list
action3:
choices:
- log
- archive
- intercept
- block
- archive-first
- alert-notif
description: description
elements: str
type: list
block-time1:
description: Duration for which action takes effect
type: int
block-time2:
description: Duration for which action takes effect
type: int
block-time3:
description: Duration action takes effect
type: int
limit1:
description: Maximum number of messages allowed.
type: int
limit2:
description: Maximum number of messages allowed.
type: int
limit3:
description: Maximum number of messages allowed.
type: int
protocol:
description: Protocol.
type: str
status1:
choices:
- disable
- enable
description: Enable/disable status1 detection.
type: str
status2:
choices:
- disable
- enable
description: Enable/disable status2 detection.
type: str
status3:
choices:
- disable
- enable
description: Enable/disable status3 detection.
type: str
window1:
description: Window to count messages over
type: int
window2:
description: Window to count messages over
type: int
window3:
description: Window to count messages over
type: int
type: dict
mm1:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
description: MM1 options.
elements: str
type: list
mm1-addr-hdr:
description: HTTP header field
type: str
mm1-addr-source:
choices:
- http-header
- cookie
description: Source for MM1 user address.
type: str
mm1-convert-hex:
choices:
- disable
- enable
description: Enable/disable converting user address from HEX string for MM1.
type: str
mm1-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Enable FortiGuard Virus Outbreak Prevention service.
type: str
mm1-retr-dupe:
choices:
- disable
- enable
description: Enable/disable duplicate scanning of MM1 retr.
type: str
mm1-retrieve-scan:
choices:
- disable
- enable
description: Enable/disable scanning on MM1 retrieve configuration messages.
type: str
mm1comfortamount:
description: MM1 comfort amount
type: int
mm1comfortinterval:
description: MM1 comfort interval
type: int
mm1oversizelimit:
description: Maximum file size to scan
type: int
mm3:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
description: MM3 options.
elements: str
type: list
mm3-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Enable FortiGuard Virus Outbreak Prevention service.
type: str
mm3oversizelimit:
description: Maximum file size to scan
type: int
mm4:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- fragmail
- splice
- mms-checksum
description: MM4 options.
elements: str
type: list
mm4-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Enable FortiGuard Virus Outbreak Prevention service.
type: str
mm4oversizelimit:
description: Maximum file size to scan
type: int
mm7:
choices:
- avmonitor
- block
- oversize
- quarantine
- scan
- avquery
- bannedword
- no-content-summary
- archive-summary
- archive-full
- carrier-endpoint-bwl
- remove-blocked
- chunkedbypass
- clientcomfort
- servercomfort
- strict-file
- mms-checksum
description: MM7 options.
elements: str
type: list
mm7-addr-hdr:
description: HTTP header field
type: str
mm7-addr-source:
choices:
- http-header
- cookie
description: Source for MM7 user address.
type: str
mm7-convert-hex:
choices:
- disable
- enable
description: Enable/disable conversion of user address from HEX string for MM7.
type: str
mm7-outbreak-prevention:
choices:
- disabled
- files
- full-archive
description: Enable FortiGuard Virus Outbreak Prevention service.
type: str
mm7comfortamount:
description: MM7 comfort amount
type: int
mm7comfortinterval:
description: MM7 comfort interval
type: int
mm7oversizelimit:
description: Maximum file size to scan
type: int
mms-antispam-mass-log:
choices:
- disable
- enable
description: Enable/disable logging for MMS antispam mass.
type: str
mms-av-block-log:
choices:
- disable
- enable
description: Enable/disable logging for MMS antivirus file blocking.
type: str
mms-av-oversize-log:
choices:
- disable
- enable
description: Enable/disable logging for MMS antivirus oversize file blocking.
type: str
mms-av-virus-log:
choices:
- disable
- enable
description: Enable/disable logging for MMS antivirus scanning.
type: str
mms-carrier-endpoint-filter-log:
choices:
- disable
- enable
description: Enable/disable logging for MMS end point filter blocking.
type: str
mms-checksum-log:
choices:
- disable
- enable
description: Enable/disable MMS content checksum logging.
type: str
mms-checksum-table:
description: MMS content checksum table ID.
type: str
mms-notification-log:
choices:
- disable
- enable
description: Enable/disable logging for MMS notification messages.
type: str
mms-web-content-log:
choices:
- disable
- enable
description: Enable/disable logging for MMS web content blocking.
type: str
mmsbwordthreshold:
description: MMS banned word threshold.
type: int
name:
description: Profile name.
type: str
notif-msisdn:
description: Notif-Msisdn.
elements: dict
suboptions:
msisdn:
description: Recipient MSISDN.
type: str
threshold:
choices:
- flood-thresh-1
- flood-thresh-2
- flood-thresh-3
- dupe-thresh-1
- dupe-thresh-2
- dupe-thresh-3
description: Thresholds on which this MSISDN will receive an alert.
elements: str
type: list
type: list
notification:
description: no description
required: false
suboptions:
alert-int:
description: Alert notification send interval.
type: int
alert-int-mode:
choices:
- hours
- minutes
description: Alert notification interval mode.
type: str
alert-src-msisdn:
description: Specify from address for alert messages.
type: str
alert-status:
choices:
- disable
- enable
description: Alert notification status.
type: str
bword-int:
description: Banned word notification send interval.
type: int
bword-int-mode:
choices:
- hours
- minutes
description: Banned word notification interval mode.
type: str
bword-status:
choices:
- disable
- enable
description: Banned word notification status.
type: str
carrier-endpoint-bwl-int:
description: Carrier end point black/white list notification send interval.
type: int
carrier-endpoint-bwl-int-mode:
choices:
- hours
- minutes
description: Carrier end point black/white list notification interval mode.
type: str
carrier-endpoint-bwl-status:
choices:
- disable
- enable
description: Carrier end point black/white list notification status.
type: str
days-allowed:
choices:
- sunday
- monday
- tuesday
- wednesday
- thursday
- friday
- saturday
description: description
elements: str
type: list
detect-server:
choices:
- disable
- enable
description: Enable/disable automatic server address determination.
type: str
dupe-int:
description: Duplicate notification send interval.
type: int
dupe-int-mode:
choices:
- hours
- minutes
description: Duplicate notification interval mode.
type: str
dupe-status:
choices:
- disable
- enable
description: Duplicate notification status.
type: str
file-block-int:
description: File block notification send interval.
type: int
file-block-int-mode:
choices:
- hours
- minutes
description: File block notification interval mode.
type: str
file-block-status:
choices:
- disable
- enable
description: File block notification status.
type: str
flood-int:
description: Flood notification send interval.
type: int
flood-int-mode:
choices:
- hours
- minutes
description: Flood notification interval mode.
type: str
flood-status:
choices:
- disable
- enable
description: Flood notification status.
type: str
from-in-header:
choices:
- disable
- enable
description: Enable/disable insertion of from address in HTTP header.
type: str
mms-checksum-int:
description: MMS checksum notification send interval.
type: int
mms-checksum-int-mode:
choices:
- hours
- minutes
description: MMS checksum notification interval mode.
type: str
mms-checksum-status:
choices:
- disable
- enable
description: MMS checksum notification status.
type: str
mmsc-hostname:
description: Host name or IP address of the MMSC.
type: str
mmsc-password:
description: description
type: str
mmsc-port:
description: Port used on the MMSC for sending MMS messages
type: int
mmsc-url:
description: URL used on the MMSC for sending MMS messages.
type: str
mmsc-username:
description: User name required for authentication with the MMSC.
type: str
msg-protocol:
choices:
- mm1
- mm3
- mm4
- mm7
description: Protocol to use for sending notification messages.
type: str
msg-type:
choices:
- submit-req
- deliver-req
description: MM7 message type.
type: str
protocol:
description: Protocol.
type: str
rate-limit:
description: Rate limit for sending notification messages
type: int
tod-window-duration:
description: Time of day window duration.
type: str
tod-window-end:
description: Obsolete.
type: str
tod-window-start:
description: Time of day window start.
type: str
user-domain:
description: Domain name to which the user addresses belong.
type: str
vas-id:
description: VAS identifier.
type: str
vasp-id:
description: VASP identifier.
type: str
virus-int:
description: Virus notification send interval.
type: int
virus-int-mode:
choices:
- hours
- minutes
description: Virus notification interval mode.
type: str
virus-status:
choices:
- disable
- enable
description: Virus notification status.
type: str
type: dict
outbreak-prevention:
description: no description
required: false
suboptions:
external-blocklist:
choices:
- disable
- enable
description: Enable/disable external malware blocklist.
type: str
ftgd-service:
choices:
- disable
- enable
description: Enable/disable FortiGuard Virus outbreak prevention service.
type: str
type: dict
remove-blocked-const-length:
choices:
- disable
- enable
description: Enable/disable MMS replacement of blocked file constant length.
type: str
replacemsg-group:
description: Replacement message group.
type: str
type: dict
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list