Try SpotterMask fields of TCAM.
| "added in version" 2.4.0 of fortinet.fortimanager"
Authors: Xinwei Du (@dux-fortinet), Xing Li (@lix-fortinet), Jie Xue (@JieX19), Link Zheng (@chillancezen), Frank Shen (@fshen01), Hongbin Lu (@fgtdev-hblu)
preview | supported by community
Install with ansible-galaxy collection install fortinet.fortimanager:==2.4.0
collections:
- name: fortinet.fortimanager
version: 2.4.0This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.
- name: Example playbook (generated based on argument schema)
hosts: fortimanagers
connection: httpapi
vars:
ansible_httpapi_use_ssl: true
ansible_httpapi_validate_certs: false
ansible_httpapi_port: 443
tasks:
- name: Mask fields of TCAM.
fortinet.fortimanager.fmgr_system_npu_nputcam_mask:
# bypass_validation: false
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
# rc_succeeded: [0, -2, -3, ...]
# rc_failed: [-2, -3, ...]
adom: <your own value>
npu_tcam: <your own value>
system_npu_nputcam_mask:
df: <value in [disable, enable]>
dstip: <string>
dstipv6: <string>
dstmac: <string>
dstport: <integer>
ethertype: <string>
ext_tag: <value in [disable, enable]>
frag_off: <integer>
gen_buf_cnt: <integer>
gen_iv: <value in [invalid, valid]>
gen_l3_flags: <integer>
gen_l4_flags: <integer>
gen_pkt_ctrl: <integer>
gen_pri: <integer>
gen_pri_v: <value in [invalid, valid]>
gen_tv: <value in [invalid, valid]>
ihl: <integer>
ip4_id: <integer>
ip6_fl: <integer>
ipver: <integer>
l4_wd10: <integer>
l4_wd11: <integer>
l4_wd8: <integer>
l4_wd9: <integer>
mf: <value in [disable, enable]>
protocol: <integer>
slink: <integer>
smac_change: <value in [disable, enable]>
sp: <integer>
src_cfi: <value in [disable, enable]>
src_prio: <integer>
src_updt: <value in [disable, enable]>
srcip: <string>
srcipv6: <string>
srcmac: <string>
srcport: <integer>
svid: <integer>
tcp_ack: <value in [disable, enable]>
tcp_cwr: <value in [disable, enable]>
tcp_ece: <value in [disable, enable]>
tcp_fin: <value in [disable, enable]>
tcp_push: <value in [disable, enable]>
tcp_rst: <value in [disable, enable]>
tcp_syn: <value in [disable, enable]>
tcp_urg: <value in [disable, enable]>
tgt_cfi: <value in [disable, enable]>
tgt_prio: <integer>
tgt_updt: <value in [disable, enable]>
tgt_v: <value in [invalid, valid]>
tos: <integer>
tp: <integer>
ttl: <integer>
tvid: <integer>
vdid: <integer>
adom:
description: The parameter (adom) in requested url.
required: true
type: str
npu-tcam:
description: Deprecated, please use "npu_tcam"
type: str
npu_tcam:
description: The parameter (npu-tcam) in requested url.
type: str
rc_failed:
description: The rc codes list with which the conditions to fail will be overriden.
elements: int
type: list
enable_log:
default: false
description: Enable/Disable logging for task.
type: bool
access_token:
description: The token to access FortiManager without using username and password.
type: str
rc_succeeded:
description: The rc codes list with which the conditions to succeed will be overriden.
elements: int
type: list
proposed_method:
choices:
- update
- set
- add
description: The overridden method for the underlying Json RPC request.
type: str
bypass_validation:
default: false
description: Only set to True when module schema diffs with FortiManager API structure,
module continues to execute without validating parameters.
type: bool
workspace_locking_adom:
description: The adom to lock for FortiManager running in workspace mode, the value
can be global and others including root.
type: str
forticloud_access_token:
description: Authenticate Ansible client with forticloud API access token.
type: str
system_npu_nputcam_mask:
description: The top level parameters set.
required: false
suboptions:
df:
choices:
- disable
- enable
description: Tcam mask ip flag df.
type: str
dstip:
description: Tcam mask dst ipv4 address.
type: str
dstipv6:
description: Tcam mask dst ipv6 address.
type: str
dstmac:
description: Tcam mask dst macaddr.
type: str
dstport:
description: Tcam mask L4 dst port.
type: int
ethertype:
description: Tcam mask ethertype.
type: str
ext-tag:
choices:
- disable
- enable
description: Deprecated, please rename it to ext_tag. Tcam mask extension tag.
type: str
frag-off:
description: Deprecated, please rename it to frag_off. Tcam data ip flag fragment
offset.
type: int
gen-buf-cnt:
description: Deprecated, please rename it to gen_buf_cnt. Tcam mask gen info buffer
count.
type: int
gen-iv:
choices:
- invalid
- valid
description: Deprecated, please rename it to gen_iv. Tcam mask gen info iv.
type: str
gen-l3-flags:
description: Deprecated, please rename it to gen_l3_flags. Tcam mask gen info
L3 flags.
type: int
gen-l4-flags:
description: Deprecated, please rename it to gen_l4_flags. Tcam mask gen info
L4 flags.
type: int
gen-pkt-ctrl:
description: Deprecated, please rename it to gen_pkt_ctrl. Tcam mask gen info
packet control.
type: int
gen-pri:
description: Deprecated, please rename it to gen_pri. Tcam mask gen info priority.
type: int
gen-pri-v:
choices:
- invalid
- valid
description: Deprecated, please rename it to gen_pri_v. Tcam mask gen info priority
valid.
type: str
gen-tv:
choices:
- invalid
- valid
description: Deprecated, please rename it to gen_tv. Tcam mask gen info tv.
type: str
ihl:
description: Tcam mask ipv4 IHL.
type: int
ip4-id:
description: Deprecated, please rename it to ip4_id. Tcam mask ipv4 id.
type: int
ip6-fl:
description: Deprecated, please rename it to ip6_fl. Tcam mask ipv6 flow label.
type: int
ipver:
description: Tcam mask ip header version.
type: int
l4-wd10:
description: Deprecated, please rename it to l4_wd10. Tcam mask L4 word10.
type: int
l4-wd11:
description: Deprecated, please rename it to l4_wd11. Tcam mask L4 word11.
type: int
l4-wd8:
description: Deprecated, please rename it to l4_wd8. Tcam mask L4 word8.
type: int
l4-wd9:
description: Deprecated, please rename it to l4_wd9. Tcam mask L4 word9.
type: int
mf:
choices:
- disable
- enable
description: Tcam mask ip flag mf.
type: str
protocol:
description: Tcam mask ip protocol.
type: int
slink:
description: Tcam mask sublink.
type: int
smac-change:
choices:
- disable
- enable
description: Deprecated, please rename it to smac_change. Tcam mask source MAC
change.
type: str
sp:
description: Tcam mask source port.
type: int
src-cfi:
choices:
- disable
- enable
description: Deprecated, please rename it to src_cfi. Tcam mask source cfi.
type: str
src-prio:
description: Deprecated, please rename it to src_prio. Tcam mask source priority.
type: int
src-updt:
choices:
- disable
- enable
description: Deprecated, please rename it to src_updt. Tcam mask source update.
type: str
srcip:
description: Tcam mask src ipv4 address.
type: str
srcipv6:
description: Tcam mask src ipv6 address.
type: str
srcmac:
description: Tcam mask src macaddr.
type: str
srcport:
description: Tcam mask L4 src port.
type: int
svid:
description: Tcam mask source vid.
type: int
tcp-ack:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_ack. Tcam mask tcp flag ack.
type: str
tcp-cwr:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_cwr. Tcam mask tcp flag cwr.
type: str
tcp-ece:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_ece. Tcam mask tcp flag ece.
type: str
tcp-fin:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_fin. Tcam mask tcp flag fin.
type: str
tcp-push:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_push. Tcam mask tcp flag push.
type: str
tcp-rst:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_rst. Tcam mask tcp flag rst.
type: str
tcp-syn:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_syn. Tcam mask tcp flag syn.
type: str
tcp-urg:
choices:
- disable
- enable
description: Deprecated, please rename it to tcp_urg. Tcam mask tcp flag urg.
type: str
tgt-cfi:
choices:
- disable
- enable
description: Deprecated, please rename it to tgt_cfi. Tcam mask target cfi.
type: str
tgt-prio:
description: Deprecated, please rename it to tgt_prio. Tcam mask target priority.
type: int
tgt-updt:
choices:
- disable
- enable
description: Deprecated, please rename it to tgt_updt. Tcam mask target port update.
type: str
tgt-v:
choices:
- invalid
- valid
description: Deprecated, please rename it to tgt_v. Tcam mask target valid.
type: str
tos:
description: Tcam mask ip tos.
type: int
tp:
description: Tcam mask target port.
type: int
ttl:
description: Tcam mask ip ttl.
type: int
tvid:
description: Tcam mask target vid.
type: int
vdid:
description: Tcam mask vdom id.
type: int
type: dict
workspace_locking_timeout:
default: 300
description: The maximum time in seconds to wait for other user to release the workspace
lock.
type: int
meta:
contains:
request_url:
description: The full url requested.
returned: always
sample: /sys/login/user
type: str
response_code:
description: The status of api request.
returned: always
sample: 0
type: int
response_data:
description: The api response.
returned: always
type: list
response_message:
description: The descriptive message of the api response.
returned: always
sample: OK.
type: str
system_information:
description: The information of the target system.
returned: always
type: dict
description: The result of the request.
returned: always
type: dict
rc:
description: The status the request.
returned: always
sample: 0
type: int
version_check_warning:
description: Warning if the parameters used in the playbook are not supported by
the current FortiManager version.
returned: complex
type: list