Try SpotterBinding Resource definition for describing association between botprofile and ipreputation resources
| "added in version" 2.0.0 of netscaler.adc"
Authors: Sumanth Lingappa (@sumanth-lingappa)
preview | supported by community
Install with ansible-galaxy collection install netscaler.adc:==2.5.1
collections:
- name: netscaler.adc
version: 2.5.1Binding Resource definition for describing association between botprofile and ipreputation resources
name:
description:
- Name for the profile. Must begin with a letter, number, or the underscore character
(_), and must contain only letters, numbers, and the hyphen (-), period (.), pound
(#), space ( ), at (@), equals (=), colon (:), and underscore (_) characters. Cannot
be changed after the profile is added.
- ''
- 'The following requirement applies only to the Citrix ADC CLI:'
- If the name includes one or more spaces, enclose the name in double or single quotation
marks (for example, "my profile" or 'my profile').
type: str
nsip:
description:
- The ip address of the NetScaler ADC appliance where the nitro API calls will be
made.
- The port can be specified with the colon (:). E.g. 192.168.1.1:555.
required: true
type: str
state:
choices:
- present
- absent
default: present
description:
- The state of the resource being configured by the module on the NetScaler ADC node.
- When C(present), the resource will be added/updated configured according to the
module's parameters.
- When C(absent), the resource will be deleted from the NetScaler ADC node.
type: str
api_path:
default: nitro/v1/config
description:
- Base NITRO API path.
- Define only in case of an ADM service proxy call
type: str
category:
choices:
- IP
- BOTNETS
- SPAM_SOURCES
- SCANNERS
- DOS
- REPUTATION
- PHISHING
- PROXY
- NETWORK
- MOBILE_THREATS
- WINDOWS_EXPLOITS
- WEB_ATTACKS
- TOR_PROXY
- CLOUD
- CLOUD_AWS
- CLOUD_GCP
- CLOUD_AZURE
- CLOUD_ORACLE
- CLOUD_IBM
- CLOUD_SALESFORCE
description:
- 'C(IP) Repuation category. Following C(IP) Reuputation categories are allowed:'
- '*IP_BASED - This category checks whether client C(IP) is malicious or not.'
- '*BOTNET - This category includes Botnet C&C channels, and infected zombie machines
controlled by Bot master.'
- '*C(SPAM_SOURCES) - This category includes tunneling spam messages through a proxy,
anomalous SMTP activities, and forum spam activities.'
- '*C(SCANNERS) - This category includes all reconnaissance such as probes, host scan,
domain scan, and password brute force attack.'
- '*C(DOS) - This category includes C(DOS), DDOS, anomalous sync flood, and anomalous
traffic detection.'
- '*C(REPUTATION) - This category denies access from C(IP) addresses currently known
to be infected with malware. This category also includes IPs with average low Webroot
Reputation Index score. Enabling this category will prevent access from sources
identified to contact malware distribution points.'
- '*C(PHISHING) - This category includes C(IP) addresses hosting phishing sites and
other kinds of fraud activities such as ad click fraud or gaming fraud.'
- '*C(PROXY) - This category includes C(IP) addresses providing proxy services.'
- '*C(NETWORK) - IPs providing proxy and anonymization services including The Onion
Router aka TOR or darknet.'
- '*C(MOBILE_THREATS) - This category checks client C(IP) with the list of IPs harmful
for mobile devices.'
- '*C(WINDOWS_EXPLOITS) - This category includes active C(IP) address offering or
distributig malware, shell code, rootkits, worms or viruses.'
- '*C(WEB_ATTACKS) - This category includes cross site scripting, iFrame injection,
SQL injection, cross domain injection or domain password brute force attack.'
- '*C(TOR_PROXY) - This category includes C(IP) address acting as exit nodes for the
Tor Network.'
- '*C(CLOUD) - This category checks client C(IP) with list of public cloud IPs.'
- '*C(CLOUD_AWS) - This category checks client C(IP) with list of public cloud IPs
from Amazon Web Services.'
- '*C(CLOUD_GCP) - This category checks client C(IP) with list of public cloud IPs
from Google Cloud Platform.'
- '*C(CLOUD_AZURE) - This category checks client C(IP) with list of public cloud IPs
from Azure.'
- '*C(CLOUD_ORACLE) - This category checks client C(IP) with list of public cloud
IPs from Oracle.'
- '*C(CLOUD_IBM) - This category checks client C(IP) with list of public cloud IPs
from IBM.'
- '*C(CLOUD_SALESFORCE) - This category checks client C(IP) with list of public cloud
IPs from Salesforce.'
type: str
logmessage:
description:
- Message to be logged for this binding.
type: str
nitro_pass:
description:
- The password with which to authenticate to the NetScaler ADC node.
required: false
type: str
nitro_user:
description:
- The username with which to authenticate to the NetScaler ADC node.
required: false
type: str
save_config:
default: false
description:
- If C(true) the module will save the configuration on the NetScaler ADC node if it
makes any changes.
- The module will not save the configuration on the NetScaler ADC node if it made
no changes.
type: bool
nitro_protocol:
choices:
- http
- https
default: https
description:
- Which protocol to use when accessing the nitro API objects.
type: str
validate_certs:
default: true
description:
- If C(false), SSL certificates will not be validated. This should only be used on
personally controlled sites using self-signed certificates.
required: false
type: bool
bot_bind_comment:
description:
- Any comments about this binding.
type: str
bot_iprep_action:
choices:
- NONE
- LOG
- DROP
- REDIRECT
- RESET
- MITIGATION
description:
- One or more actions to be taken if bot is detected based on this IP Reputation binding.
Only C(LOG) action can be combinded with C(DROP), C(RESET), C(REDIRECT) or C(MITIGATION)
action.
elements: str
type: list
bot_ipreputation:
description:
- IP reputation binding. For each category, only one binding is allowed. To update
the values of an existing binding, user has to first unbind that binding, and then
needs to bind again with the new values.
type: bool
nitro_auth_token:
description:
- The authentication token provided by a login operation.
type: str
version_added: 2.6.0
version_added_collection: netscaler.adc
bot_iprep_enabled:
choices:
- 'ON'
- 'OFF'
description:
- Enabled or disabled IP-repuation binding.
type: str
changed:
description: Indicates if any change is made by the module
returned: always
sample: true
type: bool
diff:
description: Dictionary of before and after changes
returned: always
sample:
after:
key2: pqr
before:
key1: xyz
prepared: changes done
type: dict
diff_list:
description: List of differences between the actual configured object and the configuration
specified in the module
returned: when changed
sample:
- 'Attribute `key1` differs. Desired: (<class ''str''>) XYZ. Existing: (<class ''str''>)
PQR'
type: list
failed:
description: Indicates if the module failed or not
returned: always
sample: false
type: bool
loglines:
description: list of logged messages by the module
returned: always
sample:
- message 1
- message 2
type: list