fortinet / fortinet.fortios / 2.3.6 / module / fortios_icap_profile Configure ICAP profiles in Fortinet's FortiOS and FortiGate. | "added in version" 2.0.0 of fortinet.fortios" Authors: Link Zheng (@chillancezen), Jie Xue (@JieX19), Hongbin Lu (@fgtdev-hblu), Frank Shen (@frankshen01), Miguel Angel Munoz (@mamunozgonzalez), Nicolas Thomas (@thomnico) preview | supported by communityfortinet.fortios.fortios_icap_profile (2.3.6) — module
Install with ansible-galaxy collection install fortinet.fortios:==2.3.6
collections: - name: fortinet.fortios version: 2.3.6
This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify icap feature and profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
- name: Configure ICAP profiles. fortinet.fortios.fortios_icap_profile: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" icap_profile: response_204: "disable" size_limit_204: "1" chunk_encap: "disable" comment: "Comment." extension_feature: "scan-progress" file_transfer: "ssh" file_transfer_failure: "error" file_transfer_path: "<your_own_value>" file_transfer_server: "<your_own_value> (source icap.server.name icap.server-group.name)" icap_block_log: "disable" icap_headers: - base64_encoding: "disable" content: "<your_own_value>" id: "16" name: "default_name_17" methods: "delete" name: "default_name_19" preview: "disable" preview_data_length: "0" replacemsg_group: "<your_own_value> (source system.replacemsg-group.name)" request: "disable" request_failure: "error" request_path: "<your_own_value>" request_server: "<your_own_value> (source icap.server.name icap.server-group.name)" respmod_default_action: "forward" respmod_forward_rules: - action: "forward" header_group: - case_sensitivity: "disable" header: "<your_own_value>" header_name: "<your_own_value>" id: "34" host: "myhostname (source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name)" http_resp_status_code: - code: "<you_own_value>" name: "default_name_38" response: "disable" response_failure: "error" response_path: "<your_own_value>" response_req_hdr: "disable" response_server: "<your_own_value> (source icap.server.name icap.server-group.name)" scan_progress_interval: "10" streaming_content_bypass: "disable" timeout: "30"
vdom: default: root description: - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str state: choices: - present - absent description: - Indicates whether to create or remove the object. required: true type: str enable_log: default: false description: - Enable/Disable logging for task. required: false type: bool member_path: description: - Member attribute path to operate on. - Delimited by a slash character if there are more than one attribute. - Parameter marked with member_path is legitimate for doing member operation. type: str access_token: description: - Token-based authentication. Generated from GUI of Fortigate. required: false type: str icap_profile: default: null description: - Configure ICAP profiles. suboptions: chunk_encap: choices: - disable - enable description: - Enable/disable chunked encapsulation . type: str comment: description: - Comment. type: str extension_feature: choices: - scan-progress description: - Enable/disable ICAP extension features. elements: str type: list file_transfer: choices: - ssh - ftp description: - Configure the file transfer protocols to pass transferred files to an ICAP server as REQMOD. elements: str type: list file_transfer_failure: choices: - error - bypass description: - Action to take if the ICAP server cannot be contacted when processing a file transfer. type: str file_transfer_path: description: - Path component of the ICAP URI that identifies the file transfer processing service. type: str file_transfer_server: description: - ICAP server to use for a file transfer. Source icap.server.name icap.server-group.name. type: str icap_block_log: choices: - disable - enable description: - Enable/disable UTM log when infection found . type: str icap_headers: description: - Configure ICAP forwarded request headers. elements: dict suboptions: base64_encoding: choices: - disable - enable description: - Enable/disable use of base64 encoding of HTTP content. type: str content: description: - HTTP header content. type: str id: description: - HTTP forwarded header ID. see <a href='#notes'>Notes</a>. required: true type: int name: description: - HTTP forwarded header name. type: str type: list methods: choices: - delete - get - head - options - post - put - trace - connect - other description: - The allowed HTTP methods that will be sent to ICAP server for further processing. elements: str type: list name: description: - ICAP profile name. required: true type: str preview: choices: - disable - enable description: - Enable/disable preview of data to ICAP server. type: str preview_data_length: description: - Preview data length to be sent to ICAP server. type: int replacemsg_group: description: - Replacement message group. Source system.replacemsg-group.name. type: str request: choices: - disable - enable description: - Enable/disable whether an HTTP request is passed to an ICAP server. type: str request_failure: choices: - error - bypass description: - Action to take if the ICAP server cannot be contacted when processing an HTTP request. type: str request_path: description: - Path component of the ICAP URI that identifies the HTTP request processing service. type: str request_server: description: - ICAP server to use for an HTTP request. Source icap.server.name icap.server-group.name. type: str respmod_default_action: choices: - forward - bypass description: - Default action to ICAP response modification (respmod) processing. type: str respmod_forward_rules: description: - ICAP response mode forward rules. elements: dict suboptions: action: choices: - forward - bypass description: - Action to be taken for ICAP server. type: str header_group: description: - HTTP header group. elements: dict suboptions: case_sensitivity: choices: - disable - enable description: - Enable/disable case sensitivity when matching header. type: str header: description: - HTTP header regular expression. type: str header_name: description: - HTTP header. type: str id: description: - ID. see <a href='#notes'>Notes</a>. required: true type: int type: list host: description: - Address object for the host. Source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name. type: str http_resp_status_code: description: - HTTP response status code. elements: dict suboptions: code: description: - HTTP response status code. see <a href='#notes'>Notes</a>. required: true type: int type: list name: description: - Address name. required: true type: str type: list response: choices: - disable - enable description: - Enable/disable whether an HTTP response is passed to an ICAP server. type: str response_204: choices: - disable - enable description: - Enable/disable allowance of 204 response from ICAP server. type: str response_failure: choices: - error - bypass description: - Action to take if the ICAP server cannot be contacted when processing an HTTP response. type: str response_path: description: - Path component of the ICAP URI that identifies the HTTP response processing service. type: str response_req_hdr: choices: - disable - enable description: - Enable/disable addition of req-hdr for ICAP response modification (respmod) processing. type: str response_server: description: - ICAP server to use for an HTTP response. Source icap.server.name icap.server-group.name. type: str scan_progress_interval: description: - Scan progress interval value. type: int size_limit_204: description: - 204 response size limit to be saved by ICAP client in megabytes (1 - 10). type: int streaming_content_bypass: choices: - disable - enable description: - Enable/disable bypassing of ICAP server for streaming content. type: str timeout: description: - Time (in seconds) that ICAP client waits for the response from ICAP server. type: int type: dict member_state: choices: - present - absent description: - Add or delete a member under specified attribute path. - When member_state is specified, the state option is ignored. type: str
build: description: Build number of the fortigate image returned: always sample: '1547' type: str http_method: description: Last method used to provision the content into FortiGate returned: always sample: PUT type: str http_status: description: Last result given by FortiGate on last operation applied returned: always sample: '200' type: str mkey: description: Master key (id) used in the last call to FortiGate returned: success sample: id type: str name: description: Name of the table used to fulfill the request returned: always sample: urlfilter type: str path: description: Path of the table used to fulfill the request returned: always sample: webfilter type: str revision: description: Internal revision number returned: always sample: 17.0.2.10658 type: str serial: description: Serial number of the unit returned: always sample: FGVMEVYYQT3AB5352 type: str status: description: Indication of the operation's result returned: always sample: success type: str vdom: description: Virtual domain used returned: always sample: root type: str version: description: Version of the FortiGate returned: always sample: v5.6.3 type: str