fortinet / fortinet.fortios / 2.3.6 / module / fortios_gtp_message_filter_v2 Message filter for GTPv2 messages in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communityfortinet.fortios.fortios_gtp_message_filter_v2 (2.3.6) — module
Install with ansible-galaxy collection install fortinet.fortios:==2.3.6
collections: - name: fortinet.fortios version: 2.3.6
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify gtp feature and message_filter_v2 category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- name: Message filter for GTPv2 messages. fortinet.fortios.fortios_gtp_message_filter_v2: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" gtp_message_filter_v2: alert_mme_notif_ack: "allow" bearer_resource_cmd_fail: "allow" change_notification: "allow" configuration_transfer_tunnel: "allow" context_req_res_ack: "allow" create_bearer: "allow" create_forwarding_tunnel_req_resp: "allow" create_indirect_forwarding_tunnel_req_resp: "allow" create_session: "allow" cs_paging: "allow" delete_bearer_cmd_fail: "allow" delete_bearer_req_resp: "allow" delete_indirect_forwarding_tunnel_req_resp: "allow" delete_pdn_connection_set: "allow" delete_session: "allow" detach_notif_ack: "allow" dlink_data_notif_ack: "allow" dlink_notif_failure: "allow" echo: "allow" forward_access_notif_ack: "allow" forward_relocation_cmp_notif_ack: "allow" forward_relocation_req_res: "allow" identification_req_resp: "allow" isr_status: "allow" mbms_session_start_req_resp: "allow" mbms_session_stop_req_resp: "allow" mbms_session_update_req_resp: "allow" modify_access_req_resp: "allow" modify_bearer_cmd_fail: "allow" modify_bearer_req_resp: "allow" name: "default_name_33" pgw_dlink_notif_ack: "allow" pgw_restart_notif_ack: "allow" ran_info_relay: "allow" release_access_bearer_req_resp: "allow" relocation_cancel_req_resp: "allow" remote_ue_report_notif_ack: "allow" reserved_for_earlier_version: "allow" resume: "allow" stop_paging_indication: "allow" suspend: "allow" trace_session: "allow" ue_activity_notif_ack: "allow" ue_registration_query_req_resp: "allow" unknown_message: "allow" unknown_message_white_list: - id: "49" update_bearer: "allow" update_pdn_connection_set: "allow" version_not_support: "allow"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str state: choices: - present - absent description: - Indicates whether to create or remove the object. required: true type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str gtp_message_filter_v2: default: null description: - Message filter for GTPv2 messages. suboptions: alert_mme_notif_ack: choices: - allow - deny description: - Alert MME notification/acknowledge (notif 153, ack 154). type: str bearer_resource_cmd_fail: choices: - allow - deny description: - Bearer resource (command 68, failure indication 69). type: str change_notification: choices: - allow - deny description: - Change notification (req 38, resp 39). type: str configuration_transfer_tunnel: choices: - allow - deny description: - Configuration transfer tunnel (141). type: str context_req_res_ack: choices: - allow - deny description: - Context request/response/acknowledge (req 130, resp 131, ack 132). type: str create_bearer: choices: - allow - deny description: - Create bearer (req 95, resp 96). type: str create_forwarding_tunnel_req_resp: choices: - allow - deny description: - Create forwarding tunnel request/response (req 160, resp 161). type: str create_indirect_forwarding_tunnel_req_resp: choices: - allow - deny description: - Create indirect data forwarding tunnel request/response (req 166, resp 167). type: str create_session: choices: - allow - deny description: - Create session (req 32, resp 33). type: str cs_paging: choices: - allow - deny description: - CS paging indication (151) type: str delete_bearer_cmd_fail: choices: - allow - deny description: - Delete bearer (command 66, failure indication 67). type: str delete_bearer_req_resp: choices: - allow - deny description: - Delete bearer (req 99, resp 100). type: str delete_indirect_forwarding_tunnel_req_resp: choices: - allow - deny description: - Delete indirect data forwarding tunnel request/response (req 168, resp 169). type: str delete_pdn_connection_set: choices: - allow - deny description: - Delete PDN connection set (req 101, resp 102). type: str delete_session: choices: - allow - deny description: - Delete session (req 36, resp 37). type: str detach_notif_ack: choices: - allow - deny description: - Detach notification/acknowledge (notif 149, ack 150). type: str dlink_data_notif_ack: choices: - allow - deny description: - Downlink data notification/acknowledge (notif 176, ack 177). type: str dlink_notif_failure: choices: - allow - deny description: - Downlink data notification failure indication (70). type: str echo: choices: - allow - deny description: - Echo (req 1, resp 2). type: str forward_access_notif_ack: choices: - allow - deny description: - Forward access context notification/acknowledge (notif 137, ack 138). type: str forward_relocation_cmp_notif_ack: choices: - allow - deny description: - Forward relocation complete notification/acknowledge (notif 135, ack 136). type: str forward_relocation_req_res: choices: - allow - deny description: - Forward relocation request/response (req 133, resp 134). type: str identification_req_resp: choices: - allow - deny description: - Identification request/response (req 128, resp 129). type: str isr_status: choices: - allow - deny description: - ISR status indication (157). type: str mbms_session_start_req_resp: choices: - allow - deny description: - MBMS session start request/response (req 231, resp 232). type: str mbms_session_stop_req_resp: choices: - allow - deny description: - MBMS session stop request/response (req 235, resp 236). type: str mbms_session_update_req_resp: choices: - allow - deny description: - MBMS session update request/response (req 233, resp 234). type: str modify_access_req_resp: choices: - allow - deny description: - Modify access bearers request/response (req 211, resp 212). type: str modify_bearer_cmd_fail: choices: - allow - deny description: - Modify bearer (command 64 , failure indication 65). type: str modify_bearer_req_resp: choices: - allow - deny description: - Modify bearer (req 34, resp 35). type: str name: description: - Message filter name. required: true type: str pgw_dlink_notif_ack: choices: - allow - deny description: - PGW downlink triggering notification/acknowledge (notif 103, ack 104). type: str pgw_restart_notif_ack: choices: - allow - deny description: - PGW restart notification/acknowledge (notif 179, ack 180). type: str ran_info_relay: choices: - allow - deny description: - RAN information relay (152). type: str release_access_bearer_req_resp: choices: - allow - deny description: - Release access bearers request/response (req 170, resp 171). type: str relocation_cancel_req_resp: choices: - allow - deny description: - Relocation cancel request/response (req 139, resp 140). type: str remote_ue_report_notif_ack: choices: - allow - deny description: - Remote UE report notification/acknowledge (notif 40, ack 41). type: str reserved_for_earlier_version: choices: - allow - deny description: - Reserved for earlier version of the GTP specification (178). type: str resume: choices: - allow - deny description: - Resume (notify 164 , ack 165). type: str stop_paging_indication: choices: - allow - deny description: - Stop Paging Indication (73). type: str suspend: choices: - allow - deny description: - Suspend (notify 162, ack 163). type: str trace_session: choices: - allow - deny description: - Trace session (activation 71, deactivation 72). type: str ue_activity_notif_ack: choices: - allow - deny description: - UE activity notification/acknowledge (notif 155, ack 156). type: str ue_registration_query_req_resp: choices: - allow - deny description: - UE registration query request/response (req 158, resp 159). type: str unknown_message: choices: - allow - deny description: - Allow or Deny unknown messages. type: str unknown_message_white_list: description: - White list (to allow) of unknown messages. elements: dict suboptions: id: description: - Message IDs. see <a href='#notes'>Notes</a>. required: true type: int type: list update_bearer: choices: - allow - deny description: - Update bearer (req 97, resp 98). type: str update_pdn_connection_set: choices: - allow - deny description: - Update PDN connection set (req 200, resp 201). type: str version_not_support: choices: - allow - deny description: - Version not supported (3). type: str type: dict
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str