Try SpotterManage SIP profiles on a BIG-IP
| "added in version" 1.0.0 of f5networks.f5_modules"
Authors: Wojciech Wypior (@wojtek0806)
Install with ansible-galaxy collection install f5networks.f5_modules:==1.28.0
collections:
- name: f5networks.f5_modules
version: 1.28.0Manage SIP profiles on a BIG-IP system.
- name: Create a SIP profile
bigip_profile_sip:
name: foo
parent: sip
log_profile: alg_log
log_publisher: foo-publisher
description: this is a new profile
security: true
provider:
password: secret
server: lb.mydomain.com
user: admin
delegate_to: localhost
- name: Update SIP profile
bigip_profile_sip:
name: foo
insert_record_route_header: true
enable_sip_firewall: true
insert_via_header: true
user_via_header: "SIP/2.0/UDP 10.10.10.10:5060"
provider:
password: secret
server: lb.mydomain.com
user: admin
delegate_to: localhost
- name: Delete a SIP profile
bigip_profile_sip:
name: foo
state: absent
provider:
password: secret
server: lb.mydomain.com
user: admin
delegate_to: localhost
name:
description:
- Specifies the name of the SIP profile to manage.
required: true
type: str
state:
choices:
- present
- absent
default: present
description:
- When C(present), ensures the profile exists.
- When C(absent), ensures the profile is removed.
type: str
parent:
description:
- Specifies the profile from which this profile inherits settings.
- When creating a new profile, if this parameter is not specified, the default is
the system-supplied C(sip) profile.
type: str
max_size:
description:
- Specifies the maximum SIP message size that the BIG-IP system accepts.
- The accepted value range is C(0 - 4294967295) bytes.
type: int
provider:
description:
- A dict object containing connection details.
suboptions:
auth_provider:
description:
- Configures the auth provider for to obtain authentication tokens from the remote
device.
- This option is really used when working with BIG-IQ devices.
type: str
no_f5_teem:
default: false
description:
- If C(yes), TEEM telemetry data is not sent to F5.
- You may omit this option by setting the environment variable C(F5_TELEMETRY_OFF).
- Previously used variable C(F5_TEEM) is deprecated as its name was confusing.
type: bool
password:
aliases:
- pass
- pwd
description:
- The password for the user account used to connect to the BIG-IP or the BIG-IQ.
- You may omit this option by setting the environment variable C(F5_PASSWORD).
required: true
type: str
server:
description:
- The BIG-IP host or the BIG-IQ host.
- You may omit this option by setting the environment variable C(F5_SERVER).
required: true
type: str
server_port:
default: 443
description:
- The BIG-IP server port.
- You may omit this option by setting the environment variable C(F5_SERVER_PORT).
type: int
timeout:
description:
- Specifies the timeout in seconds for communicating with the network device for
either connecting or sending commands. If the timeout is exceeded before the
operation is completed, the module will error.
type: int
transport:
choices:
- rest
default: rest
description:
- Configures the transport connection to use when connecting to the remote device.
type: str
user:
description:
- The username to connect to the BIG-IP or the BIG-IQ. This user must have administrative
privileges on the device.
- You may omit this option by setting the environment variable C(F5_USER).
required: true
type: str
validate_certs:
default: true
description:
- If C(no), SSL certificates are not validated. Use this only on personally controlled
sites using self-signed certificates.
- You may omit this option by setting the environment variable C(F5_VALIDATE_CERTS).
type: bool
type: dict
version_added: 1.0.0
version_added_collection: f5networks.f5_modules
security:
description:
- When C(true), enables the use of enhanced Horizontal Security Layer (HSL) security
checking.
type: bool
community:
description:
- When the C(dialog_aware) is C(true) and the configuration requires multiple SIP
virtual server-profile pairings, this string value indicates whether the pair belongs
to the same SIP proxy functional group.
type: str
partition:
default: Common
description:
- Device partition to manage resources on.
type: str
description:
description:
- Description of the profile.
- To remove the entry completely, set a value of C('').
type: str
log_profile:
description:
- Specifies the logging settings the publisher uses to send log messages.
- The format of the name can be either be prepended by partition (C(/Common/foo)),
or specified just as an object name (C(foo)).
- To remove the entry. set a value of C(''), however the profile C(log_publisher)
must also be set as C('').
type: str
dialog_aware:
description:
- When C(true), the system gathers SIP dialog information and automatically forwards
SIP messages belonging to the known SIP dialog.
type: bool
log_publisher:
description:
- Specifies the publisher defined to log messages.
- Format of the name can be either be prepended by partition (C(/Common/foo)), or
specified just as an object name (C(foo)).
- To remove the entry. set a value of C(''), however the profile C(log_profile) must
also be set as C('').
type: str
user_via_header:
description:
- When C(insert_via_header) is C(true), specifies the Via value the system inserts
as the top Via header in a SIP REQUEST message.
- 'The valid value must include SIP protocol and sent_by settings, for example: C(SIP/2.0/UDP
10.10.10.10:5060).'
- To remove the entry completely, set a value of C('').
type: str
terminate_on_bye:
description:
- When C(true), closes a connection when a BYE transaction finishes.
- A BYE transaction is a message an application sends to another application when
it is ready to close the connection between the two.
type: bool
insert_via_header:
description:
- When C(true), inserts a Via header in the forwarded SIP request.
- Via headers indicate the path taken through proxy devices and transports used. The
response message uses this routing information.
type: bool
secure_via_header:
description:
- When checked (enabled), inserts a secure Via header in the forwarded SIP request.
- A secure Via header indicates where the message originated.
- This parameter causes the inserted Via header to specify Transport Layer Security.
For this option to take effect, C(insert_via_header) must be set to (true).
type: bool
enable_sip_firewall:
description:
- Specifies whether the Advanced Firewall Manager (AFM) policy is enabled.
- When C(true), the SIP Security settings configured in the DoS Profile in AFM apply
to the virtual servers that use this profile.
type: bool
insert_record_route_header:
description:
- When C(true), inserts a Record-Route SIP header, which indicates the next hop for
the following SIP request messages.
type: bool
community:
description: Indicates whether the pair belongs to the same SIP proxy functional
group.
returned: changed
sample: foo_community
type: str
description:
description: Description of the profile.
returned: changed
sample: custom description
type: str
dialog_aware:
description: Specifies if the system gathers SIP dialog information.
returned: changed
sample: false
type: bool
enable_sip_firewall:
description: Specifies whether the Advanced Firewall Manager policy is enabled.
returned: changed
sample: true
type: bool
insert_record_route_header:
description: Specifies if the system will insert a Record-Route SIP header.
returned: changed
sample: true
type: bool
insert_via_header:
description: Specifies if the system will insert a Via header in the forwarded SIP
request.
returned: changed
sample: true
type: bool
log_profile:
description: The logging settings the publisher uses to send log messages.
returned: changed
sample: /Common/alg_profile
type: str
log_publisher:
description: The publisher defined to log messages.
returned: changed
sample: /Common/foo_publisher
type: str
max_size:
description: Specifies if the system will close a connection when a BYE transaction
finishes.
returned: changed
sample: false
type: bool
parent:
description: Specifies the profile from which this profile inherits settings.
returned: changed
sample: /Common/sip
type: str
secure_via_header:
description: Specifies if the system will insert a secure Via header in the forwarded
SIP request.
returned: changed
sample: false
type: bool
security:
description: Enables the use of enhanced Horizontal Security Layer security checking.
returned: changed
sample: true
type: bool
terminate_on_bye:
description: Specifies if the system will close a connection when a BYE transaction
finishes.
returned: changed
sample: false
type: bool
user_via_header:
description: The value the system inserts as the top Via header in a SIP REQUEST
message.
returned: changed
sample: SIP/2.0/UDP 10.10.10.10:5060
type: str