community.general.utm_proxy_exception – Create, update or destroy reverse_proxy exception entry in Sophos UTM

Note

This plugin is part of the community.general collection (version 1.3.6).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.utm_proxy_exception.

Synopsis

  • Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.

  • This module needs to have the REST Ability of the UTM to be activated.

Parameters

Parameter Choices/Defaults Comments
headers
dictionary
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
name
string / required
The name of the object. Will be used to identify the entry
op
string
    Choices:
  • AND ←
  • OR
The operand to be used with the entries of the path parameter
path
list / elements=string
Default:
[]
The paths the exception in the reverse proxy is defined for
skip_custom_threats_filters
list / elements=string
Default:
[]
A list of threats to be skipped
skip_threats_filter_categories
list / elements=string
Default:
[]
Define which categories of threats are skipped
skipav
boolean
    Choices:
  • no ←
  • yes
Skip the Antivirus Scanning
skipbadclients
boolean
    Choices:
  • no ←
  • yes
Block clients with bad reputation
skipcookie
boolean
    Choices:
  • no ←
  • yes
Skip the Cookie Signing check
skipform
boolean
    Choices:
  • no ←
  • yes
Enable form hardening
skipform_missingtoken
boolean
    Choices:
  • no ←
  • yes
Enable form hardening with missing tokens
skiphtmlrewrite
boolean
    Choices:
  • no ←
  • yes
Protection against SQL
skiptft
boolean
    Choices:
  • no ←
  • yes
Enable true file type control
skipurl
boolean
    Choices:
  • no ←
  • yes
Enable static URL hardening
source
list / elements=string
Default:
[]
Define which categories of threats are skipped
state
string
    Choices:
  • absent
  • present ←
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
status
boolean
    Choices:
  • no
  • yes ←
Status of the exception rule set
utm_host
string / required
The REST Endpoint of the Sophos UTM.
utm_port
integer
Default:
4444
The port of the REST interface.
utm_protocol
string
    Choices:
  • http
  • https ←
The protocol of the REST Endpoint.
utm_token
string / required
validate_certs
boolean
    Choices:
  • no
  • yes ←
Whether the REST interface's ssl certificate should be verified or not.

Examples

- name: Create UTM proxy_exception
  community.general.utm_proxy_exception:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestExceptionEntry
    backend: REF_OBJECT_STRING
    state: present

- name: Remove UTM proxy_exception
  community.general.utm_proxy_exception:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestExceptionEntry
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
result
complex
success
The utm object that was created

 
_locked
boolean
success
Whether or not the object is currently locked

 
_ref
string
success
The reference name of the object

 
_type
string
success
The type of the object

 
comment
string
success
The optional comment string

 
name
string
success
The name of the object

 
op
string
success
The operand to be used with the entries of the path parameter

 
path
list / elements=string
success
The paths the exception in the reverse proxy is defined for

 
skip_custom_threats_filters
list / elements=string
success
A list of threats to be skipped

 
skip_threats_filter_categories
list / elements=string
success
Define which categories of threats are skipped

 
skipav
boolean
success
Skip the Antivirus Scanning

 
skipbadclients
boolean
success
Block clients with bad reputation

 
skipcookie
boolean
success
Skip the Cookie Signing check

 
skipform
boolean
success
Enable form hardening

 
skipform_missingtoken
boolean
success
Enable form hardening with missing tokens

 
skiphtmlrewrite
boolean
success
Protection against SQL

 
skiptft
boolean
success
Enable true file type control

 
skipurl
boolean
success
Enable static URL hardening

 
source
list / elements=string
success
Define which categories of threats are skipped



Authors

  • Sebastian Schenzel (@RickS-C137)