fortios_wanopt_webcache – Configure global Web cache settings in Fortinet’s FortiOS and FortiGate

New in version 2.9.

Synopsis

  • This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify wanopt feature and webcache category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.5

Requirements

The below requirements are needed on the host that executes this module.

  • fortiosapi>=0.9.8

Parameters

Parameter Choices/Defaults Comments
host
string
FortiOS or FortiGate IP address.
https
boolean
    Choices:
  • no
  • yes ←
Indicates if the requests towards FortiGate must use HTTPS protocol.
password
string
Default:
""
FortiOS or FortiGate password.
ssl_verify
boolean
    Choices:
  • no
  • yes ←
Ensures FortiGate certificate must be verified by a proper CA.
username
string
FortiOS or FortiGate username.
vdom
string
Default:
"root"
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
wanopt_webcache
dictionary
Default:
null
Configure global Web cache settings.
always_revalidate
string
    Choices:
  • enable
  • disable
Enable/disable revalidation of requested cached objects, which have content on the server, before serving it to the client.
cache_by_default
string
    Choices:
  • enable
  • disable
Enable/disable caching content that lacks explicit caching policies from the server.
cache_cookie
string
    Choices:
  • enable
  • disable
Enable/disable caching cookies. Since cookies contain information for or about individual users, they not usually cached.
cache_expired
string
    Choices:
  • enable
  • disable
Enable/disable caching type-1 objects that are already expired on arrival.
default_ttl
integer
Default object expiry time . This only applies to those objects that do not have an expiry time set by the web server.
external
string
    Choices:
  • enable
  • disable
Enable/disable external Web caching.
fresh_factor
integer
Frequency that the server is checked to see if any objects have expired (1 - 100). The higher the fresh factor, the less often the checks occur.
host_validate
string
    Choices:
  • enable
  • disable
Enable/disable validating Host: with original server IP.
ignore_conditional
string
    Choices:
  • enable
  • disable
Enable/disable controlling the behavior of cache-control HTTP 1.1 header values.
ignore_ie_reload
string
    Choices:
  • enable
  • disable
Enable/disable ignoring the PNC-interpretation of Internet Explorer's Accept: / header.
ignore_ims
string
    Choices:
  • enable
  • disable
Enable/disable ignoring the if-modified-since (IMS) header.
ignore_pnc
string
    Choices:
  • enable
  • disable
Enable/disable ignoring the pragma no-cache (PNC) header.
max_object_size
integer
Maximum cacheable object size in kB (1 - 2147483 kb (2GB). All objects that exceed this are delivered to the client but not stored in the web cache.
max_ttl
integer
Maximum time an object can stay in the web cache without checking to see if it has expired on the server .
min_ttl
integer
Minimum time an object can stay in the web cache without checking to see if it has expired on the server .
neg_resp_time
integer
Time in minutes to cache negative responses or errors (0 - 4294967295).
reval_pnc
string
    Choices:
  • enable
  • disable
Enable/disable revalidation of pragma-no-cache (PNC) to address bandwidth concerns.

Notes

Note

  • Requires fortiosapi library developed by Fortinet

  • Run as a local_action in your playbook

Examples

- hosts: localhost
  vars:
   host: "192.168.122.40"
   username: "admin"
   password: ""
   vdom: "root"
   ssl_verify: "False"
  tasks:
  - name: Configure global Web cache settings.
    fortios_wanopt_webcache:
      host:  "{{ host }}"
      username: "{{ username }}"
      password: "{{ password }}"
      vdom:  "{{ vdom }}"
      https: "False"
      wanopt_webcache:
        always_revalidate: "enable"
        cache_by_default: "enable"
        cache_cookie: "enable"
        cache_expired: "enable"
        default_ttl: "7"
        external: "enable"
        fresh_factor: "9"
        host_validate: "enable"
        ignore_conditional: "enable"
        ignore_ie_reload: "enable"
        ignore_ims: "enable"
        ignore_pnc: "enable"
        max_object_size: "15"
        max_ttl: "16"
        min_ttl: "17"
        neg_resp_time: "18"
        reval_pnc: "enable"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
build
string
always
Build number of the fortigate image

Sample:
1547
http_method
string
always
Last method used to provision the content into FortiGate

Sample:
PUT
http_status
string
always
Last result given by FortiGate on last operation applied

Sample:
200
mkey
string
success
Master key (id) used in the last call to FortiGate

Sample:
id
name
string
always
Name of the table used to fulfill the request

Sample:
urlfilter
path
string
always
Path of the table used to fulfill the request

Sample:
webfilter
revision
string
always
Internal revision number

Sample:
17.0.2.10658
serial
string
always
Serial number of the unit

Sample:
FGVMEVYYQT3AB5352
status
string
always
Indication of the operation's result

Sample:
success
vdom
string
always
Virtual domain used

Sample:
root
version
string
always
Version of the FortiGate

Sample:
v5.6.3


Status

Authors

  • Miguel Angel Munoz (@mamunozgonzalez)

  • Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can edit this document to improve it.