New in version 2.3.
Specifies Application Control name.
Specifies Antivirus profile name.
This argument will cause the module to create a backup of the current
Specifies the backup filename. If omitted filename will be formated like [email protected]:MM:SS
Specifies where to store backup files. Required if backup=yes.
free text to describe policy.
Specifies destination address (or group) object name(s). Required when state=present.
Negate destination address param.
Specifies destination interface name.
Use fixed port for nat.
Specifies the DNS hostname or IP address for connecting to the remote fortios device.
Policy ID. Warning: policy ID number is different than Policy sequence number. The policy ID is the number assigned at policy creation. The sequence number represents the order in which the Fortigate will evaluate the rule for policy enforcement, and also the order in which rules are listed in the GUI and CLI. These two numbers do not necessarily correlate: this module is based off policy ID. TIP: policy ID can be viewed in the GUI by adding 'ID' to the display columns
Specifies IPS Sensor profile name.
(added in 2.4)
Logs sessions that matched policy.
(added in 2.4)
Logs begining of session as well.
Enable or disable Nat.
Specifies the password used to authenticate to the remote device.
Specifies accept or deny action policy. Required when state=present.
Specifies NAT pool name.
defines policy schedule.
Specifies policy service(s), could be a list (ex: ['MAIL','DNS']). Required when state=present.
Negate policy service(s) defined in service value.
Specifies source address (or group) object name(s). Required when state=present.
Negate source address param.
Specifies source interface name.
Specifies if policy id need to be added or deleted.
Timeout in seconds for connecting to the remote device.
Configures the username used to authenticate to the remote device.
Specifies on which vdom to apply configuration
Specifies Webfilter profile name.
- name: Allow external DNS call fortios_ipv4_policy: host: 192.168.0.254 username: admin password: password id: 42 src_addr: internal_network dst_addr: all service: dns nat: True state: present policy_action: accept logtraffic: disable - name: Public Web fortios_ipv4_policy: host: 192.168.0.254 username: admin password: password id: 42 src_addr: all dst_addr: webservers services: - http - https state: present policy_action: accept
Common return values are documented here Return Values, the following are the fields unique to this module:
|firewall_address_config||full firewall adresses config string||always||string|
|change_string||The commands executed by the module||only if config changed||string|
|msg_error_list||List of errors returned by CLI (use -vvv for better readability).||only when error||string|
This module is flagged as preview which means that it is not guaranteed to have a backwards compatible interface.
This module is community maintained without core committer oversight.
For more information on what this means please read Module Support