drmofu / drmofu.fortimanager / 2.2.2 / module / fmgr_voip_profile_sip SIP. | "added in version" 2.0.0 of drmofu.fortimanager" Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu) preview | supported by communitydrmofu.fortimanager.fmgr_voip_profile_sip (2.2.2) — module
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections: - name: drmofu.fortimanager version: 2.2.2
This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory collections: - fortinet.fortimanager connection: httpapi vars: ansible_httpapi_use_ssl: True ansible_httpapi_validate_certs: False ansible_httpapi_port: 443 tasks: - name: SIP. fmgr_voip_profile_sip: bypass_validation: False workspace_locking_adom: <value in [global, custom adom including root]> workspace_locking_timeout: 300 rc_succeeded: [0, -2, -3, ...] rc_failed: [-2, -3, ...] adom: <your own value> profile: <your own value> voip_profile_sip: ack-rate: <value of integer> block-ack: <value in [disable, enable]> block-bye: <value in [disable, enable]> block-cancel: <value in [disable, enable]> block-geo-red-options: <value in [disable, enable]> block-info: <value in [disable, enable]> block-invite: <value in [disable, enable]> block-long-lines: <value in [disable, enable]> block-message: <value in [disable, enable]> block-notify: <value in [disable, enable]> block-options: <value in [disable, enable]> block-prack: <value in [disable, enable]> block-publish: <value in [disable, enable]> block-refer: <value in [disable, enable]> block-register: <value in [disable, enable]> block-subscribe: <value in [disable, enable]> block-unknown: <value in [disable, enable]> block-update: <value in [disable, enable]> bye-rate: <value of integer> call-keepalive: <value of integer> cancel-rate: <value of integer> contact-fixup: <value in [disable, enable]> hnt-restrict-source-ip: <value in [disable, enable]> hosted-nat-traversal: <value in [disable, enable]> info-rate: <value of integer> invite-rate: <value of integer> ips-rtp: <value in [disable, enable]> log-call-summary: <value in [disable, enable]> log-violations: <value in [disable, enable]> malformed-header-allow: <value in [pass, discard, respond]> malformed-header-call-id: <value in [pass, discard, respond]> malformed-header-contact: <value in [pass, discard, respond]> malformed-header-content-length: <value in [pass, discard, respond]> malformed-header-content-type: <value in [pass, discard, respond]> malformed-header-cseq: <value in [pass, discard, respond]> malformed-header-expires: <value in [pass, discard, respond]> malformed-header-from: <value in [pass, discard, respond]> malformed-header-max-forwards: <value in [pass, discard, respond]> malformed-header-p-asserted-identity: <value in [pass, discard, respond]> malformed-header-rack: <value in [pass, discard, respond]> malformed-header-record-route: <value in [pass, discard, respond]> malformed-header-route: <value in [pass, discard, respond]> malformed-header-rseq: <value in [pass, discard, respond]> malformed-header-sdp-a: <value in [pass, discard, respond]> malformed-header-sdp-b: <value in [pass, discard, respond]> malformed-header-sdp-c: <value in [pass, discard, respond]> malformed-header-sdp-i: <value in [pass, discard, respond]> malformed-header-sdp-k: <value in [pass, discard, respond]> malformed-header-sdp-m: <value in [pass, discard, respond]> malformed-header-sdp-o: <value in [pass, discard, respond]> malformed-header-sdp-r: <value in [pass, discard, respond]> malformed-header-sdp-s: <value in [pass, discard, respond]> malformed-header-sdp-t: <value in [pass, discard, respond]> malformed-header-sdp-v: <value in [pass, discard, respond]> malformed-header-sdp-z: <value in [pass, discard, respond]> malformed-header-to: <value in [pass, discard, respond]> malformed-header-via: <value in [pass, discard, respond]> malformed-request-line: <value in [pass, discard, respond]> max-body-length: <value of integer> max-dialogs: <value of integer> max-idle-dialogs: <value of integer> max-line-length: <value of integer> message-rate: <value of integer> nat-trace: <value in [disable, enable]> no-sdp-fixup: <value in [disable, enable]> notify-rate: <value of integer> open-contact-pinhole: <value in [disable, enable]> open-record-route-pinhole: <value in [disable, enable]> open-register-pinhole: <value in [disable, enable]> open-via-pinhole: <value in [disable, enable]> options-rate: <value of integer> prack-rate: <value of integer> preserve-override: <value in [disable, enable]> provisional-invite-expiry-time: <value of integer> publish-rate: <value of integer> refer-rate: <value of integer> register-contact-trace: <value in [disable, enable]> register-rate: <value of integer> rfc2543-branch: <value in [disable, enable]> rtp: <value in [disable, enable]> ssl-algorithm: <value in [high, medium, low]> ssl-auth-client: <value of string> ssl-auth-server: <value of string> ssl-client-certificate: <value of string> ssl-client-renegotiation: <value in [allow, deny, secure]> ssl-max-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-min-version: <value in [ssl-3.0, tls-1.0, tls-1.1, ...]> ssl-mode: <value in [off, full]> ssl-pfs: <value in [require, deny, allow]> ssl-send-empty-frags: <value in [disable, enable]> ssl-server-certificate: <value of string> status: <value in [disable, enable]> strict-register: <value in [disable, enable]> subscribe-rate: <value of integer> unknown-header: <value in [pass, discard, respond]> update-rate: <value of integer> nat-port-range: <value of string> ack-rate-track: <value in [none, src-ip, dest-ip]> bye-rate-track: <value in [none, src-ip, dest-ip]> cancel-rate-track: <value in [none, src-ip, dest-ip]> info-rate-track: <value in [none, src-ip, dest-ip]> invite-rate-track: <value in [none, src-ip, dest-ip]> malformed-header-no-proxy-require: <value in [pass, discard, respond]> malformed-header-no-require: <value in [pass, discard, respond]> message-rate-track: <value in [none, src-ip, dest-ip]> notify-rate-track: <value in [none, src-ip, dest-ip]> options-rate-track: <value in [none, src-ip, dest-ip]> prack-rate-track: <value in [none, src-ip, dest-ip]> publish-rate-track: <value in [none, src-ip, dest-ip]> refer-rate-track: <value in [none, src-ip, dest-ip]> register-rate-track: <value in [none, src-ip, dest-ip]> subscribe-rate-track: <value in [none, src-ip, dest-ip]> update-rate-track: <value in [none, src-ip, dest-ip]> call-id-regex: <value of string> content-type-regex: <value of string>
adom: description: the parameter (adom) in requested url required: true type: str profile: description: the parameter (profile) in requested url required: true type: str rc_failed: description: The rc codes list with which the conditions to fail will be overriden. elements: int required: false type: list enable_log: default: false description: Enable/Disable logging for task. required: false type: bool access_token: description: The token to access FortiManager without using username and password. required: false type: str rc_succeeded: description: The rc codes list with which the conditions to succeed will be overriden. elements: int required: false type: list proposed_method: choices: - update - set - add description: The overridden method for the underlying Json RPC request. required: false type: str voip_profile_sip: description: the top level parameters set required: false suboptions: ack-rate: description: ACK request rate limit type: int ack-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str block-ack: choices: - disable - enable description: Enable/disable block ACK requests. type: str block-bye: choices: - disable - enable description: Enable/disable block BYE requests. type: str block-cancel: choices: - disable - enable description: Enable/disable block CANCEL requests. type: str block-geo-red-options: choices: - disable - enable description: Enable/disable block OPTIONS requests, but OPTIONS requests still notify for redundancy. type: str block-info: choices: - disable - enable description: Enable/disable block INFO requests. type: str block-invite: choices: - disable - enable description: Enable/disable block INVITE requests. type: str block-long-lines: choices: - disable - enable description: Enable/disable block requests with headers exceeding max-line-length. type: str block-message: choices: - disable - enable description: Enable/disable block MESSAGE requests. type: str block-notify: choices: - disable - enable description: Enable/disable block NOTIFY requests. type: str block-options: choices: - disable - enable description: Enable/disable block OPTIONS requests and no OPTIONS as notifying message for redundancy either. type: str block-prack: choices: - disable - enable description: Enable/disable block prack requests. type: str block-publish: choices: - disable - enable description: Enable/disable block PUBLISH requests. type: str block-refer: choices: - disable - enable description: Enable/disable block REFER requests. type: str block-register: choices: - disable - enable description: Enable/disable block REGISTER requests. type: str block-subscribe: choices: - disable - enable description: Enable/disable block SUBSCRIBE requests. type: str block-unknown: choices: - disable - enable description: Block unrecognized SIP requests type: str block-update: choices: - disable - enable description: Enable/disable block UPDATE requests. type: str bye-rate: description: BYE request rate limit type: int bye-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str call-id-regex: description: Validate PCRE regular expression for Call-Id header value. type: str call-keepalive: description: Continue tracking calls with no RTP for this many minutes. type: int cancel-rate: description: CANCEL request rate limit type: int cancel-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str contact-fixup: choices: - disable - enable description: Fixup contact anyway even if contacts IP type: str content-type-regex: description: Validate PCRE regular expression for Content-Type header value. type: str hnt-restrict-source-ip: choices: - disable - enable description: Enable/disable restrict RTP source IP to be the same as SIP source IP when HNT is enabled. type: str hosted-nat-traversal: choices: - disable - enable description: Hosted NAT Traversal type: str info-rate: description: INFO request rate limit type: int info-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str invite-rate: description: INVITE request rate limit type: int invite-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str ips-rtp: choices: - disable - enable description: Enable/disable allow IPS on RTP. type: str log-call-summary: choices: - disable - enable description: Enable/disable logging of SIP call summary. type: str log-violations: choices: - disable - enable description: Enable/disable logging of SIP violations. type: str malformed-header-allow: choices: - pass - discard - respond description: Action for malformed Allow header. type: str malformed-header-call-id: choices: - pass - discard - respond description: Action for malformed Call-ID header. type: str malformed-header-contact: choices: - pass - discard - respond description: Action for malformed Contact header. type: str malformed-header-content-length: choices: - pass - discard - respond description: Action for malformed Content-Length header. type: str malformed-header-content-type: choices: - pass - discard - respond description: Action for malformed Content-Type header. type: str malformed-header-cseq: choices: - pass - discard - respond description: Action for malformed CSeq header. type: str malformed-header-expires: choices: - pass - discard - respond description: Action for malformed Expires header. type: str malformed-header-from: choices: - pass - discard - respond description: Action for malformed From header. type: str malformed-header-max-forwards: choices: - pass - discard - respond description: Action for malformed Max-Forwards header. type: str malformed-header-no-proxy-require: choices: - pass - discard - respond description: Action for malformed SIP messages without Proxy-Require header. type: str malformed-header-no-require: choices: - pass - discard - respond description: Action for malformed SIP messages without Require header. type: str malformed-header-p-asserted-identity: choices: - pass - discard - respond description: Action for malformed P-Asserted-Identity header. type: str malformed-header-rack: choices: - pass - discard - respond description: Action for malformed RAck header. type: str malformed-header-record-route: choices: - pass - discard - respond description: Action for malformed Record-Route header. type: str malformed-header-route: choices: - pass - discard - respond description: Action for malformed Route header. type: str malformed-header-rseq: choices: - pass - discard - respond description: Action for malformed RSeq header. type: str malformed-header-sdp-a: choices: - pass - discard - respond description: Action for malformed SDP a line. type: str malformed-header-sdp-b: choices: - pass - discard - respond description: Action for malformed SDP b line. type: str malformed-header-sdp-c: choices: - pass - discard - respond description: Action for malformed SDP c line. type: str malformed-header-sdp-i: choices: - pass - discard - respond description: Action for malformed SDP i line. type: str malformed-header-sdp-k: choices: - pass - discard - respond description: Action for malformed SDP k line. type: str malformed-header-sdp-m: choices: - pass - discard - respond description: Action for malformed SDP m line. type: str malformed-header-sdp-o: choices: - pass - discard - respond description: Action for malformed SDP o line. type: str malformed-header-sdp-r: choices: - pass - discard - respond description: Action for malformed SDP r line. type: str malformed-header-sdp-s: choices: - pass - discard - respond description: Action for malformed SDP s line. type: str malformed-header-sdp-t: choices: - pass - discard - respond description: Action for malformed SDP t line. type: str malformed-header-sdp-v: choices: - pass - discard - respond description: Action for malformed SDP v line. type: str malformed-header-sdp-z: choices: - pass - discard - respond description: Action for malformed SDP z line. type: str malformed-header-to: choices: - pass - discard - respond description: Action for malformed To header. type: str malformed-header-via: choices: - pass - discard - respond description: Action for malformed VIA header. type: str malformed-request-line: choices: - pass - discard - respond description: Action for malformed request line. type: str max-body-length: description: Maximum SIP message body length type: int max-dialogs: description: Maximum number of concurrent calls/dialogs type: int max-idle-dialogs: description: Maximum number established but idle dialogs to retain type: int max-line-length: description: Maximum SIP header line length type: int message-rate: description: MESSAGE request rate limit type: int message-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str nat-port-range: description: RTP NAT port range. type: str nat-trace: choices: - disable - enable description: Enable/disable preservation of original IP in SDP i line. type: str no-sdp-fixup: choices: - disable - enable description: Enable/disable no SDP fix-up. type: str notify-rate: description: NOTIFY request rate limit type: int notify-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str open-contact-pinhole: choices: - disable - enable description: Enable/disable open pinhole for non-REGISTER Contact port. type: str open-record-route-pinhole: choices: - disable - enable description: Enable/disable open pinhole for Record-Route port. type: str open-register-pinhole: choices: - disable - enable description: Enable/disable open pinhole for REGISTER Contact port. type: str open-via-pinhole: choices: - disable - enable description: Enable/disable open pinhole for Via port. type: str options-rate: description: OPTIONS request rate limit type: int options-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str prack-rate: description: PRACK request rate limit type: int prack-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str preserve-override: choices: - disable - enable description: Override i line to preserve original IPS type: str provisional-invite-expiry-time: description: Expiry time for provisional INVITE type: int publish-rate: description: PUBLISH request rate limit type: int publish-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str refer-rate: description: REFER request rate limit type: int refer-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str register-contact-trace: choices: - disable - enable description: Enable/disable trace original IP/port within the contact header of REGISTER requests. type: str register-rate: description: REGISTER request rate limit type: int register-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str rfc2543-branch: choices: - disable - enable description: Enable/disable support via branch compliant with RFC 2543. type: str rtp: choices: - disable - enable description: Enable/disable create pinholes for RTP traffic to traverse firewall. type: str ssl-algorithm: choices: - high - medium - low description: Relative strength of encryption algorithms accepted in negotiation. type: str ssl-auth-client: description: Require a client certificate and authenticate it with the peer/peergrp. type: str ssl-auth-server: description: Authenticate the servers certificate with the peer/peergrp. type: str ssl-client-certificate: description: Name of Certificate to offer to server if requested. type: str ssl-client-renegotiation: choices: - allow - deny - secure description: Allow/block client renegotiation by server. type: str ssl-max-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: Highest SSL/TLS version to negotiate. type: str ssl-min-version: choices: - ssl-3.0 - tls-1.0 - tls-1.1 - tls-1.2 - tls-1.3 description: Lowest SSL/TLS version to negotiate. type: str ssl-mode: choices: - 'off' - full description: SSL/TLS mode for encryption & decryption of traffic. type: str ssl-pfs: choices: - require - deny - allow description: SSL Perfect Forward Secrecy. type: str ssl-send-empty-frags: choices: - disable - enable description: Send empty fragments to avoid attack on CBC IV type: str ssl-server-certificate: description: Name of Certificate return to the client in every SSL connection. type: str status: choices: - disable - enable description: Enable/disable SIP. type: str strict-register: choices: - disable - enable description: Enable/disable only allow the registrar to connect. type: str subscribe-rate: description: SUBSCRIBE request rate limit type: int subscribe-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str unknown-header: choices: - pass - discard - respond description: Action for unknown SIP header. type: str update-rate: description: UPDATE request rate limit type: int update-rate-track: choices: - none - src-ip - dest-ip description: Track the packet protocol field. type: str type: dict bypass_validation: default: false description: Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. required: false type: bool workspace_locking_adom: description: The adom to lock for FortiManager running in workspace mode, the value can be global and others including root. required: false type: str forticloud_access_token: description: Authenticate Ansible client with forticloud API access token. required: false type: str workspace_locking_timeout: default: 300 description: The maximum time in seconds to wait for other user to release the workspace lock. required: false type: int
meta: contains: request_url: description: The full url requested. returned: always sample: /sys/login/user type: str response_code: description: The status of api request. returned: always sample: 0 type: int response_data: description: The api response. returned: always type: list response_message: description: The descriptive message of the api response. returned: always sample: OK. type: str system_information: description: The information of the target system. returned: always type: dict description: The result of the request. returned: always type: dict rc: description: The status the request. returned: always sample: 0 type: int version_check_warning: description: Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: complex type: list