drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_pkg_header_policy6 Configure IPv6 policies. | "added in version" 2.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_pkg_header_policy6 (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: gathering fortimanager facts hosts: fortimanager00 gather_facts: no connection: httpapi collections: - fortinet.fortimanager vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: retrieve all the IPv6 header policies fmgr_fact: facts: selector: 'pkg_header_policy6' params: pkg: 'ansible' policy6: 'your_value'
- hosts: fortimanager00 collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: Configure IPv6 header policies. fmgr_pkg_header_policy6: bypass_validation: False pkg: ansible state: present pkg_header_policy6: action: accept #<value in [deny, accept, ipsec, ...]> comments: ansible-comment dstaddr: gall dstintf: any name: ansible-test2-header policyid: 1073741827 # must larger than 2^30(1074741824), since header/footer policy is a special policy schedule: galways service: gALL srcaddr: gall srcintf: any status: enable
pkg: description: the parameter (pkg) in requested url required: true type: str state: choices: - present - absent description: The directive to create, update or delete an object. required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool pkg_header_policy6: description: the top level parameters set required: false suboptions: _policy_block: description: Assigned policy block. type: int action: choices: - deny - accept - ipsec - ssl-vpn description: no description type: str anti-replay: choices: - disable - enable description: no description type: str app-category: description: no description type: str app-group: description: no description type: str application: description: description type: int application-charts: choices: - top10-app - top10-p2p-user - top10-media-user description: description elements: str type: list application-list: description: no description type: str auto-asic-offload: choices: - disable - enable description: no description type: str av-profile: description: no description type: str casi-profile: description: no description type: str cgn-log-server-grp: description: NP log server group name type: str cifs-profile: description: no description type: str comments: description: no description type: str custom-log-fields: description: no description type: str decrypted-traffic-mirror: description: no description type: str deep-inspection-options: description: no description type: str device-detection-portal: choices: - disable - enable description: no description type: str devices: description: no description type: str diffserv-forward: choices: - disable - enable description: no description type: str diffserv-reverse: choices: - disable - enable description: no description type: str diffservcode-forward: description: no description type: str diffservcode-rev: description: no description type: str dlp-sensor: description: no description type: str dnsfilter-profile: description: no description type: str dscp-match: choices: - disable - enable description: no description type: str dscp-negate: choices: - disable - enable description: no description type: str dscp-value: description: no description type: str dsri: choices: - disable - enable description: no description type: str dstaddr: description: no description type: str dstaddr-negate: choices: - disable - enable description: no description type: str dstintf: description: no description type: str dynamic-profile: choices: - disable - enable description: no description type: str dynamic-profile-access: choices: - imap - smtp - pop3 - http - ftp - im - nntp - imaps - smtps - pop3s - https - ftps description: description elements: str type: list dynamic-profile-group: description: no description type: str email-collection-portal: choices: - disable - enable description: no description type: str emailfilter-profile: description: no description type: str file-filter-profile: description: no description type: str firewall-session-dirty: choices: - check-all - check-new description: no description type: str fixedport: choices: - disable - enable description: no description type: str fsae: choices: - disable - enable description: no description type: str fsso-groups: description: no description type: str global-label: description: no description type: str groups: description: no description type: str http-policy-redirect: choices: - disable - enable description: no description type: str icap-profile: description: no description type: str identity-based: choices: - disable - enable description: no description type: str identity-based-policy6: description: description elements: dict suboptions: action: choices: - deny - accept description: no description type: str application-list: description: no description type: str av-profile: description: no description type: str deep-inspection-options: description: no description type: str devices: description: no description type: str dlp-sensor: description: no description type: str endpoint-compliance: choices: - disable - enable description: no description type: str groups: description: no description type: str icap-profile: description: no description type: str id: description: no description type: int ips-sensor: description: no description type: str logtraffic: choices: - disable - enable - all - utm description: no description type: str mms-profile: description: no description type: str per-ip-shaper: description: no description type: str profile-group: description: no description type: str profile-protocol-options: description: no description type: str profile-type: choices: - single - group description: no description type: str replacemsg-group: description: no description type: str schedule: description: no description type: str send-deny-packet: choices: - disable - enable description: no description type: str service: description: no description type: str service-negate: choices: - disable - enable description: no description type: str spamfilter-profile: description: no description type: str sslvpn-portal: description: no description type: str sslvpn-realm: description: no description type: str traffic-shaper: description: no description type: str traffic-shaper-reverse: description: no description type: str utm-status: choices: - disable - enable description: no description type: str voip-profile: description: no description type: str webfilter-profile: description: no description type: str type: list identity-from: choices: - auth - device description: no description type: str inbound: choices: - disable - enable description: no description type: str inspection-mode: choices: - proxy - flow description: no description type: str ippool: choices: - disable - enable description: no description type: str ips-sensor: description: no description type: str label: description: no description type: str logtraffic: choices: - disable - enable - all - utm description: no description type: str logtraffic-start: choices: - disable - enable description: no description type: str mms-profile: description: no description type: str name: description: no description type: str nat: choices: - disable - enable description: no description type: str natinbound: choices: - disable - enable description: no description type: str natoutbound: choices: - disable - enable description: no description type: str np-accelation: choices: - disable - enable description: no description type: str np-acceleration: choices: - disable - enable description: no description type: str outbound: choices: - disable - enable description: no description type: str per-ip-shaper: description: no description type: str policy-offload: choices: - disable - enable description: Enable/disable offloading policy configuration to CP processors. type: str policyid: description: no description type: int poolname: description: no description type: str profile-group: description: no description type: str profile-protocol-options: description: no description type: str profile-type: choices: - single - group description: no description type: str replacemsg-group: description: no description type: str replacemsg-override-group: description: no description type: str rsso: choices: - disable - enable description: no description type: str schedule: description: no description type: str send-deny-packet: choices: - disable - enable description: no description type: str service: description: no description type: str service-negate: choices: - disable - enable description: no description type: str session-ttl: description: no description type: int spamfilter-profile: description: no description type: str srcaddr: description: no description type: str srcaddr-negate: choices: - disable - enable description: no description type: str srcintf: description: no description type: str ssh-filter-profile: description: no description type: str ssh-policy-redirect: choices: - disable - enable description: no description type: str ssl-mirror: choices: - disable - enable description: no description type: str ssl-mirror-intf: description: no description type: str ssl-ssh-profile: description: no description type: str sslvpn-auth: choices: - any - local - radius - ldap - tacacs+ description: no description type: str sslvpn-ccert: choices: - disable - enable description: no description type: str sslvpn-cipher: choices: - any - high - medium description: no description type: str status: choices: - disable - enable description: no description type: str tags: description: no description type: str tcp-mss-receiver: description: no description type: int tcp-mss-sender: description: no description type: int tcp-session-without-syn: choices: - all - data-only - disable description: no description type: str timeout-send-rst: choices: - disable - enable description: no description type: str tos: description: no description type: str tos-mask: description: no description type: str tos-negate: choices: - disable - enable description: no description type: str traffic-shaper: description: no description type: str traffic-shaper-reverse: description: no description type: str url-category: description: no description type: str users: description: no description type: str utm-inspection-mode: choices: - proxy - flow description: no description type: str utm-status: choices: - disable - enable description: no description type: str uuid: description: no description type: str vlan-cos-fwd: description: no description type: int vlan-cos-rev: description: no description type: int vlan-filter: description: no description type: str voip-profile: description: no description type: str vpntunnel: description: no description type: str waf-profile: description: no description type: str webcache: choices: - disable - enable description: no description type: str webcache-https: choices: - disable - enable description: no description type: str webfilter-profile: description: no description type: str webproxy-forward-server: description: no description type: str webproxy-profile: description: no description type: str type: dict workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list