:source: fmgr_pm_config_pblock_firewall_policy.py :orphan: .. _fmgr_pm_config_pblock_firewall_policy: fmgr_pm_config_pblock_firewall_policy -- Configure IPv4/IPv6 policies. ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 2.1.0 .. warning:: Starting in version 3.0.0, all input arguments will be named using the underscore naming convention (snake_case). - Argument name before 3.0.0: ``var-name``, ``var name``, ``var.name`` - New argument name starting in 3.0.0: ``var_name`` FortiManager Ansible v2.4+ supports both previous argument name and new underscore name. You will receive deprecation warnings if you keep using the previous argument name. You can ignore the warning by setting deprecation_warnings=False in ansible.cfg. .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiManager device. - Examples include all parameters and values need to be adjusted to data sources before usage. - Tested with FortiManager v7.x. Requirements ------------ The below requirements are needed on the host that executes this module. - ansible-core>=2.16.0 FortiManager Version Compatibility ---------------------------------- .. raw:: html

Supported Version Ranges: v7.0.3 -> latest

Parameters ---------- .. raw:: html Notes ----- .. note:: - Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work. - To create or update an object, use state: present directive. - To delete an object, use state: absent directive - Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded Examples -------- .. code-block:: yaml+jinja - name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi gather_facts: false tasks: - name: Configure IPv4/IPv6 policies. fortinet.fortimanager.fmgr_pm_config_pblock_firewall_policy: # workspace_locking_adom: adom: pblock: state: present # pm_config_pblock_firewall_policy: policyid: 0 # Required variable, integer # _policy_block: # action: # anti_replay: # application_list: # auth_cert: # auth_path: # auth_redirect_addr: # auto_asic_offload: # av_profile: # block_notification: # captive_portal_exempt: # capture_packet: # cifs_profile: # comments: # custom_log_fields: # decrypted_traffic_mirror: # delay_tcp_npu_session: # diffserv_forward: # diffserv_reverse: # diffservcode_forward: # diffservcode_rev: # disclaimer: # dlp_profile: # dnsfilter_profile: # dsri: # dstaddr: # dstaddr_negate: # dstaddr6: # dstintf: # dynamic_shaping: # email_collect: # emailfilter_profile: # fec: # file_filter_profile: # firewall_session_dirty: # fixedport: # fsso_agent_for_ntlm: # fsso_groups: # geoip_anycast: # geoip_match: # global_label: # groups: # gtp_profile: # http_policy_redirect: # icap_profile: # identity_based_route: # inbound: # inspection_mode: # internet_service: # internet_service_custom: # internet_service_custom_group: # internet_service_group: # internet_service_name: # internet_service_negate: # internet_service_src: # internet_service_src_custom: # internet_service_src_custom_group: # internet_service_src_group: # internet_service_src_name: # internet_service_src_negate: # ippool: # ips_sensor: # label: # logtraffic: # logtraffic_start: # match_vip: # match_vip_only: # name: # nat: # nat46: # nat64: # natinbound: # natip: # natoutbound: # np_acceleration: # ntlm: # ntlm_enabled_browsers: # ntlm_guest: # outbound: # passive_wan_health_measurement: # per_ip_shaper: # permit_any_host: # permit_stun_host: # pfcp_profile: # policy_expiry: # policy_expiry_date: # poolname: # poolname6: # profile_group: # profile_protocol_options: # profile_type: # radius_mac_auth_bypass: # redirect_url: # replacemsg_override_group: # reputation_direction: # reputation_minimum: # rtp_addr: # rtp_nat: # schedule: # schedule_timeout: # sctp_filter_profile: # send_deny_packet: # service: # service_negate: # session_ttl: # sgt: # sgt_check: # src_vendor_mac: # srcaddr: # srcaddr_negate: # srcaddr6: # srcintf: # ssh_filter_profile: # ssh_policy_redirect: # ssl_ssh_profile: # status: # tcp_mss_receiver: # tcp_mss_sender: # tcp_session_without_syn: # timeout_send_rst: # tos: # tos_mask: # tos_negate: # traffic_shaper: # traffic_shaper_reverse: # users: # utm_status: # uuid: # videofilter_profile: # vlan_cos_fwd: # vlan_cos_rev: # vlan_filter: # voip_profile: # vpntunnel: # waf_profile: # wanopt: # wanopt_detection: # wanopt_passive_opt: # wanopt_peer: # wanopt_profile: # wccp: # webcache: # webcache_https: # webfilter_profile: # webproxy_forward_server: # webproxy_profile: # ztna_ems_tag: # ztna_geo_tag: # ztna_status: # policy_offload: # cgn_session_quota: # tcp_timeout_pid: # udp_timeout_pid: # dlp_sensor: # cgn_eif: # cgn_log_server_grp: # cgn_resource_quota: # cgn_eim: # mms_profile: # app_category: # internet_service_src_id: # rsso: # internet_service_id: # best_route: # fsso: # url_category: # app_group: # ssl_mirror_intf: # wsso: # ssl_mirror: # application: # dscp_negate: # learning_mode: # devices: # dscp_value: # spamfilter_profile: # scan_botnet_connections: # dscp_match: # diffserv_copy: # dstaddr6_negate: # internet_service6: # internet_service6_custom: # internet_service6_custom_group: # internet_service6_group: # internet_service6_name: # internet_service6_negate: # internet_service6_src: # internet_service6_src_custom: # internet_service6_src_custom_group: # internet_service6_src_group: # internet_service6_src_name: # internet_service6_src_negate: # network_service_dynamic: # network_service_src_dynamic: # reputation_direction6: # reputation_minimum6: # srcaddr6_negate: # ip_version_type: # ips_voip_filter: # pcp_inbound: # pcp_outbound: # pcp_poolname: # policy_behaviour_type: # policy_expiry_date_utc: # ztna_device_ownership: # ztna_ems_tag_secondary: # ztna_policy_redirect: # ztna_tags_match_logic: # casb_profile: # virtual_patch_profile: # diameter_filter_profile: # port_preserve: # cgn_sw_eif_ctrl: # eif_check: # eif_learn: # log_http_transaction: # radius_ip_auth_bypass: # app_monitor: # port_random: # ztna_ems_tag_negate: # telemetry_profile: # access_proxy: # detect_https_in_http_request: # device_ownership: # dynamic_bypass: # explicit_web_proxy: # extended_log: # force_proxy: # http_tunnel_auth: # https_sub_category: # ia_profile: # implicit_proxy_detection: # isolator_profile: # isolator_server: # max_session_per_user: # pass_through: # redirect_profile: # reverse_cache: # ssh_policy_check: # transparent: # type: # url_risk: # tags: # service_connector: # ztna_proxy: # internet_service6_fortiguard: # scim_groups: # internet_service_fortiguard: # internet_service_src_fortiguard: # scim_users: # scim: # internet_service6_src_fortiguard: # saml_server: # llm_profile: Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html
  • meta - The result of the request.returned: always type: dict
    • request_url - The full url requested. returned: always type: str sample: /sys/login/user
    • response_code - The status of api request. returned: always type: int sample: 0
    • response_data - The data body of the api response. returned: optional type: list or dict
    • response_message - The descriptive message of the api response. returned: always type: str sample: OK
    • system_information - The information of the target system. returned: always type: dict
  • rc - The status the request. returned: always type: int sample: 0
  • version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Xinwei Du (@dux-fortinet) - Xing Li (@lix-fortinet) - Jie Xue (@JieX19) - Link Zheng (@chillancezen) - Frank Shen (@fshen01) - Hongbin Lu (@fgtdev-hblu)