community.general.utm_proxy_exception – Create, update or destroy reverse_proxy exception entry in Sophos UTM

Note

This plugin is part of the community.general collection (version 2.5.1).

To install it use: ansible-galaxy collection install community.general.

To use it in a playbook, specify: community.general.utm_proxy_exception.

Synopsis

  • Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.

  • This module needs to have the REST Ability of the UTM to be activated.

Parameters

Parameter Choices/Defaults Comments
headers
dictionary
A dictionary of additional headers to be sent to POST and PUT requests.
Is needed for some modules
name
string / required
The name of the object. Will be used to identify the entry
op
string
    Choices:
  • AND ←
  • OR
The operand to be used with the entries of the path parameter
path
list / elements=string
Default:
[]
The paths the exception in the reverse proxy is defined for
skip_custom_threats_filters
list / elements=string
Default:
[]
A list of threats to be skipped
skip_threats_filter_categories
list / elements=string
Default:
[]
Define which categories of threats are skipped
skipav
boolean
    Choices:
  • no ←
  • yes
Skip the Antivirus Scanning
skipbadclients
boolean
    Choices:
  • no ←
  • yes
Block clients with bad reputation
skipcookie
boolean
    Choices:
  • no ←
  • yes
Skip the Cookie Signing check
skipform
boolean
    Choices:
  • no ←
  • yes
Enable form hardening
skipform_missingtoken
boolean
    Choices:
  • no ←
  • yes
Enable form hardening with missing tokens
skiphtmlrewrite
boolean
    Choices:
  • no ←
  • yes
Protection against SQL
skiptft
boolean
    Choices:
  • no ←
  • yes
Enable true file type control
skipurl
boolean
    Choices:
  • no ←
  • yes
Enable static URL hardening
source
list / elements=string
Default:
[]
Define which categories of threats are skipped
state
string
    Choices:
  • absent
  • present ←
The desired state of the object.
present will create or update an object
absent will delete an object if it was present
status
boolean
    Choices:
  • no
  • yes ←
Status of the exception rule set
utm_host
string / required
The REST Endpoint of the Sophos UTM.
utm_port
integer
Default:
4444
The port of the REST interface.
utm_protocol
string
    Choices:
  • http
  • https ←
The protocol of the REST Endpoint.
utm_token
string / required
validate_certs
boolean
    Choices:
  • no
  • yes ←
Whether the REST interface's ssl certificate should be verified or not.

Examples

- name: Create UTM proxy_exception
  community.general.utm_proxy_exception:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestExceptionEntry
    backend: REF_OBJECT_STRING
    state: present

- name: Remove UTM proxy_exception
  community.general.utm_proxy_exception:
    utm_host: sophos.host.name
    utm_token: abcdefghijklmno1234
    name: TestExceptionEntry
    state: absent

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description
result
complex
success
The utm object that was created
 
_locked
boolean
success
Whether or not the object is currently locked
 
_ref
string
success
The reference name of the object
 
_type
string
success
The type of the object
 
comment
string
success
The optional comment string
 
name
string
success
The name of the object
 
op
string
success
The operand to be used with the entries of the path parameter
 
path
list / elements=string
success
The paths the exception in the reverse proxy is defined for
 
skip_custom_threats_filters
list / elements=string
success
A list of threats to be skipped
 
skip_threats_filter_categories
list / elements=string
success
Define which categories of threats are skipped
 
skipav
boolean
success
Skip the Antivirus Scanning
 
skipbadclients
boolean
success
Block clients with bad reputation
 
skipcookie
boolean
success
Skip the Cookie Signing check
 
skipform
boolean
success
Enable form hardening
 
skipform_missingtoken
boolean
success
Enable form hardening with missing tokens
 
skiphtmlrewrite
boolean
success
Protection against SQL
 
skiptft
boolean
success
Enable true file type control
 
skipurl
boolean
success
Enable static URL hardening
 
source
list / elements=string
success
Define which categories of threats are skipped


Authors

  • Sebastian Schenzel (@RickS-C137)