Try SpotterConfigure wireless intrusion detection system
| "added in version" 2.0.0 of drmofu.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install drmofu.fortimanager:==2.2.2
collections:
- name: drmofu.fortimanager
version: 2.2.2This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure wireless intrusion detection system
fmgr_widsprofile:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
widsprofile:
ap-auto-suppress: <value in [disable, enable]>
ap-bgscan-disable-day:
- sunday
- monday
- tuesday
- wednesday
- thursday
- friday
- saturday
ap-bgscan-disable-end: <value of string>
ap-bgscan-disable-start: <value of string>
ap-bgscan-duration: <value of integer>
ap-bgscan-idle: <value of integer>
ap-bgscan-intv: <value of integer>
ap-bgscan-period: <value of integer>
ap-bgscan-report-intv: <value of integer>
ap-fgscan-report-intv: <value of integer>
ap-scan: <value in [disable, enable]>
ap-scan-passive: <value in [disable, enable]>
asleap-attack: <value in [disable, enable]>
assoc-flood-thresh: <value of integer>
assoc-flood-time: <value of integer>
assoc-frame-flood: <value in [disable, enable]>
auth-flood-thresh: <value of integer>
auth-flood-time: <value of integer>
auth-frame-flood: <value in [disable, enable]>
comment: <value of string>
deauth-broadcast: <value in [disable, enable]>
deauth-unknown-src-thresh: <value of integer>
eapol-fail-flood: <value in [disable, enable]>
eapol-fail-intv: <value of integer>
eapol-fail-thresh: <value of integer>
eapol-logoff-flood: <value in [disable, enable]>
eapol-logoff-intv: <value of integer>
eapol-logoff-thresh: <value of integer>
eapol-pre-fail-flood: <value in [disable, enable]>
eapol-pre-fail-intv: <value of integer>
eapol-pre-fail-thresh: <value of integer>
eapol-pre-succ-flood: <value in [disable, enable]>
eapol-pre-succ-intv: <value of integer>
eapol-pre-succ-thresh: <value of integer>
eapol-start-flood: <value in [disable, enable]>
eapol-start-intv: <value of integer>
eapol-start-thresh: <value of integer>
eapol-succ-flood: <value in [disable, enable]>
eapol-succ-intv: <value of integer>
eapol-succ-thresh: <value of integer>
invalid-mac-oui: <value in [disable, enable]>
long-duration-attack: <value in [disable, enable]>
long-duration-thresh: <value of integer>
name: <value of string>
null-ssid-probe-resp: <value in [disable, enable]>
sensor-mode: <value in [disable, foreign, both]>
spoofed-deauth: <value in [disable, enable]>
weak-wep-iv: <value in [disable, enable]>
wireless-bridge: <value in [disable, enable]>
ap-bgscan-disable-schedules: <value of string>
rogue-scan: <value in [disable, enable]>
ap-scan-threshold: <value of string>
adom:
description: the parameter (adom) in requested url
required: true
type: str
state:
choices:
- present
- absent
description: The directive to create, update or delete an object.
required: true
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
required: false
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
required: false
type: bool
widsprofile:
description: the top level parameters set
required: false
suboptions:
ap-auto-suppress:
choices:
- disable
- enable
description: Enable/disable on-wire rogue AP auto-suppression
type: str
ap-bgscan-disable-day:
choices:
- sunday
- monday
- tuesday
- wednesday
- thursday
- friday
- saturday
description: Ap-Bgscan-Disable-Day.
elements: str
type: list
ap-bgscan-disable-end:
description: End time, using a 24-hour clock in the format of hh
type: str
ap-bgscan-disable-schedules:
description: Firewall schedules for turning off FortiAP radio background scan.
type: str
ap-bgscan-disable-start:
description: Start time, using a 24-hour clock in the format of hh
type: str
ap-bgscan-duration:
description: Listening time on a scanning channel
type: int
ap-bgscan-idle:
description: Waiting time for channel inactivity before scanning this channel
type: int
ap-bgscan-intv:
description: Period of time between scanning two channels
type: int
ap-bgscan-period:
description: Period of time between background scans
type: int
ap-bgscan-report-intv:
description: Period of time between background scan reports
type: int
ap-fgscan-report-intv:
description: Period of time between foreground scan reports
type: int
ap-scan:
choices:
- disable
- enable
description: Enable/disable rogue AP detection.
type: str
ap-scan-passive:
choices:
- disable
- enable
description: Enable/disable passive scanning.
type: str
ap-scan-threshold:
description: Minimum signal level/threshold in dBm required for the AP to report
detected rogue AP
type: str
asleap-attack:
choices:
- disable
- enable
description: Enable/disable asleap attack detection
type: str
assoc-flood-thresh:
description: The threshold value for association frame flooding.
type: int
assoc-flood-time:
description: Number of seconds after which a station is considered not connected.
type: int
assoc-frame-flood:
choices:
- disable
- enable
description: Enable/disable association frame flooding detection
type: str
auth-flood-thresh:
description: The threshold value for authentication frame flooding.
type: int
auth-flood-time:
description: Number of seconds after which a station is considered not connected.
type: int
auth-frame-flood:
choices:
- disable
- enable
description: Enable/disable authentication frame flooding detection
type: str
comment:
description: Comment.
type: str
deauth-broadcast:
choices:
- disable
- enable
description: Enable/disable broadcasting de-authentication detection
type: str
deauth-unknown-src-thresh:
description: Threshold value per second to deauth unknown src for DoS attack
type: int
eapol-fail-flood:
choices:
- disable
- enable
description: Enable/disable EAPOL-Failure flooding
type: str
eapol-fail-intv:
description: The detection interval for EAPOL-Failure flooding
type: int
eapol-fail-thresh:
description: The threshold value for EAPOL-Failure flooding in specified interval.
type: int
eapol-logoff-flood:
choices:
- disable
- enable
description: Enable/disable EAPOL-Logoff flooding
type: str
eapol-logoff-intv:
description: The detection interval for EAPOL-Logoff flooding
type: int
eapol-logoff-thresh:
description: The threshold value for EAPOL-Logoff flooding in specified interval.
type: int
eapol-pre-fail-flood:
choices:
- disable
- enable
description: Enable/disable premature EAPOL-Failure flooding
type: str
eapol-pre-fail-intv:
description: The detection interval for premature EAPOL-Failure flooding
type: int
eapol-pre-fail-thresh:
description: The threshold value for premature EAPOL-Failure flooding in specified
interval.
type: int
eapol-pre-succ-flood:
choices:
- disable
- enable
description: Enable/disable premature EAPOL-Success flooding
type: str
eapol-pre-succ-intv:
description: The detection interval for premature EAPOL-Success flooding
type: int
eapol-pre-succ-thresh:
description: The threshold value for premature EAPOL-Success flooding in specified
interval.
type: int
eapol-start-flood:
choices:
- disable
- enable
description: Enable/disable EAPOL-Start flooding
type: str
eapol-start-intv:
description: The detection interval for EAPOL-Start flooding
type: int
eapol-start-thresh:
description: The threshold value for EAPOL-Start flooding in specified interval.
type: int
eapol-succ-flood:
choices:
- disable
- enable
description: Enable/disable EAPOL-Success flooding
type: str
eapol-succ-intv:
description: The detection interval for EAPOL-Success flooding
type: int
eapol-succ-thresh:
description: The threshold value for EAPOL-Success flooding in specified interval.
type: int
invalid-mac-oui:
choices:
- disable
- enable
description: Enable/disable invalid MAC OUI detection.
type: str
long-duration-attack:
choices:
- disable
- enable
description: Enable/disable long duration attack detection based on user configured
threshold
type: str
long-duration-thresh:
description: Threshold value for long duration attack detection
type: int
name:
description: WIDS profile name.
type: str
null-ssid-probe-resp:
choices:
- disable
- enable
description: Enable/disable null SSID probe response detection
type: str
rogue-scan:
choices:
- disable
- enable
description: Enable/disable rogue AP on-wire scan.
type: str
sensor-mode:
choices:
- disable
- foreign
- both
description: Scan WiFi nearby stations
type: str
spoofed-deauth:
choices:
- disable
- enable
description: Enable/disable spoofed de-authentication attack detection
type: str
weak-wep-iv:
choices:
- disable
- enable
description: Enable/disable weak WEP IV
type: str
wireless-bridge:
choices:
- disable
- enable
description: Enable/disable wireless bridge detection
type: str
type: dict
access_token:
description: The token to access FortiManager without using username and password.
required: false
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
required: false
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
required: false
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
required: false
type: bool
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
required: false
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
required: false
type: str
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
required: false
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list