community.network.fmgr_fwpol_ipv4 – Allows the add/delete of Firewall Policies on Packages in FortiManager.¶
Note
This plugin is part of the community.network collection (version 1.3.2).
To install it use: ansible-galaxy collection install community.network
.
To use it in a playbook, specify: community.network.fmgr_fwpol_ipv4
.
Parameters¶
Notes¶
Note
Full Documentation at https://ftnt-ansible-docs.readthedocs.io/en/latest/.
Examples¶
- name: ADD VERY BASIC IPV4 POLICY WITH NO NAT (WIDE OPEN)
community.network.fmgr_fwpol_ipv4:
mode: "set"
adom: "ansible"
package_name: "default"
name: "Basic_IPv4_Policy"
comments: "Created by Ansible"
action: "accept"
dstaddr: "all"
srcaddr: "all"
dstintf: "any"
srcintf: "any"
logtraffic: "utm"
service: "ALL"
schedule: "always"
- name: ADD VERY BASIC IPV4 POLICY WITH NAT AND MULTIPLE ENTRIES
community.network.fmgr_fwpol_ipv4:
mode: "set"
adom: "ansible"
package_name: "default"
name: "Basic_IPv4_Policy_2"
comments: "Created by Ansible"
action: "accept"
dstaddr: "google-play"
srcaddr: "all"
dstintf: "any"
srcintf: "any"
logtraffic: "utm"
service: "HTTP, HTTPS"
schedule: "always"
nat: "enable"
users: "karen, kevin"
- name: ADD VERY BASIC IPV4 POLICY WITH NAT AND MULTIPLE ENTRIES AND SEC PROFILES
community.network.fmgr_fwpol_ipv4:
mode: "set"
adom: "ansible"
package_name: "default"
name: "Basic_IPv4_Policy_3"
comments: "Created by Ansible"
action: "accept"
dstaddr: "google-play, autoupdate.opera.com"
srcaddr: "corp_internal"
dstintf: "zone_wan1, zone_wan2"
srcintf: "zone_int1"
logtraffic: "utm"
service: "HTTP, HTTPS"
schedule: "always"
nat: "enable"
users: "karen, kevin"
av_profile: "sniffer-profile"
ips_sensor: "default"
Return Values¶
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result
string
|
always |
full API response, includes status code and message
|
Authors¶
Luke Weighall (@lweighall)
Andrew Welsh (@Ghilli3)
Jim Huber (@p4r4n0y1ng)