drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_firewall_profileprotocoloptions_http Configure HTTP protocol options. | "added in version" 2.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_firewall_profileprotocoloptions_http (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: Configure HTTP protocol options. fmgr_firewall_profileprotocoloptions_http: bypass_validation: False workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 rc_succeeded: [0, -2, -3, ...] rc_failed: [-2, -3, ...] adom: <your own value> profile-protocol-options: <your own value> firewall_profileprotocoloptions_http: block-page-status-code: <value of integer> comfort-amount: <value of integer> comfort-interval: <value of integer> fortinet-bar: <value in [disable, enable]> fortinet-bar-port: <value of integer> http-policy: <value in [disable, enable]> inspect-all: <value in [disable, enable]> options: - oversize - chunkedbypass - clientcomfort - no-content-summary - servercomfort oversize-limit: <value of integer> ports: <value of integer> post-lang: - jisx0201 - jisx0208 - jisx0212 - gb2312 - ksc5601-ex - euc-jp - sjis - iso2022-jp - iso2022-jp-1 - iso2022-jp-2 - euc-cn - ces-gbk - hz - ces-big5 - euc-kr - iso2022-jp-3 - iso8859-1 - tis620 - cp874 - cp1252 - cp1251 range-block: <value in [disable, enable]> retry-count: <value of integer> scan-bzip2: <value in [disable, enable]> status: <value in [disable, enable]> streaming-content-bypass: <value in [disable, enable]> strip-x-forwarded-for: <value in [disable, enable]> switching-protocols: <value in [bypass, block]> uncompressed-nest-limit: <value of integer> uncompressed-oversize-limit: <value of integer> tcp-window-maximum: <value of integer> tcp-window-minimum: <value of integer> tcp-window-size: <value of integer> tcp-window-type: <value in [system, static, dynamic, ...]> ssl-offloaded: <value in [no, yes]> stream-based-uncompressed-limit: <value of integer> proxy-after-tcp-handshake: <value in [disable, enable]> tunnel-non-http: <value in [disable, enable]> unknown-http-version: <value in [best-effort, reject, tunnel]> address-ip-rating: <value in [disable, enable]> h2c: <value in [disable, enable]> verify-dns-for-policy-matching: <value in [disable, enable]> unknown-content-encoding: <value in [block, inspect, bypass]>
adom: description: the parameter (adom) in requested url required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str profile-protocol-options: description: the parameter (profile-protocol-options) in requested url required: true type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int firewall_profileprotocoloptions_http: description: the top level parameters set required: false suboptions: address-ip-rating: choices: - disable - enable description: Enable/disable IP based URL rating. type: str block-page-status-code: description: Code number returned for blocked HTTP pages type: int comfort-amount: description: Amount of data to send in a transmission for client comforting type: int comfort-interval: description: Period of time between start, or last transmission, and the next client comfort transmission of data type: int fortinet-bar: choices: - disable - enable description: Enable/disable Fortinet bar on HTML content. type: str fortinet-bar-port: description: Port for use by Fortinet Bar type: int h2c: choices: - disable - enable description: Enable/disable h2c HTTP connection upgrade. type: str http-policy: choices: - disable - enable description: Enable/disable HTTP policy check. type: str inspect-all: choices: - disable - enable description: Enable/disable the inspection of all ports for the protocol. type: str options: choices: - oversize - chunkedbypass - clientcomfort - no-content-summary - servercomfort description: description elements: str type: list oversize-limit: description: Maximum in-memory file size that can be scanned type: int ports: description: description type: int post-lang: choices: - jisx0201 - jisx0208 - jisx0212 - gb2312 - ksc5601-ex - euc-jp - sjis - iso2022-jp - iso2022-jp-1 - iso2022-jp-2 - euc-cn - ces-gbk - hz - ces-big5 - euc-kr - iso2022-jp-3 - iso8859-1 - tis620 - cp874 - cp1252 - cp1251 description: description elements: str type: list proxy-after-tcp-handshake: choices: - disable - enable description: Proxy traffic after the TCP 3-way handshake has been established type: str range-block: choices: - disable - enable description: Enable/disable blocking of partial downloads. type: str retry-count: description: Number of attempts to retry HTTP connection type: int scan-bzip2: choices: - disable - enable description: Enable/disable scanning of BZip2 compressed files. type: str ssl-offloaded: choices: - 'no' - 'yes' description: SSL decryption and encryption performed by an external device. type: str status: choices: - disable - enable description: Enable/disable the active status of scanning for this protocol. type: str stream-based-uncompressed-limit: description: Maximum stream-based uncompressed data size that will be scanned type: int streaming-content-bypass: choices: - disable - enable description: Enable/disable bypassing of streaming content from buffering. type: str strip-x-forwarded-for: choices: - disable - enable description: Enable/disable stripping of HTTP X-Forwarded-For header. type: str switching-protocols: choices: - bypass - block description: Bypass from scanning, or block a connection that attempts to switch protocol. type: str tcp-window-maximum: description: Maximum dynamic TCP window size type: int tcp-window-minimum: description: Minimum dynamic TCP window size type: int tcp-window-size: description: Set TCP static window size type: int tcp-window-type: choices: - system - static - dynamic - auto-tuning description: Specify type of TCP window to use for this protocol. type: str tunnel-non-http: choices: - disable - enable description: Configure how to process non-HTTP traffic when a profile configured for HTTP traffic accepts a non-HTTP session. type: str uncompressed-nest-limit: description: Maximum nested levels of compression that can be uncompressed and scanned type: int uncompressed-oversize-limit: description: Maximum in-memory uncompressed file size that can be scanned type: int unknown-content-encoding: choices: - block - inspect - bypass description: Configure the action the FortiGate unit will take on unknown content-encoding. type: str unknown-http-version: choices: - best-effort - reject - tunnel description: How to handle HTTP sessions that do not comply with HTTP 0. type: str verify-dns-for-policy-matching: choices: - disable - enable description: Enable/disable verification of DNS for policy matching. type: str type: dict
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list