check_point.mgmt.cp_mgmt_nat_rule_facts module – Get nat-rule objects facts on Checkpoint over Web Services API
Note
This module is part of the check_point.mgmt collection (version 6.2.1).
You might already have this collection installed if you are using the ansible
package.
It is not included in ansible-core
.
To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install check_point.mgmt
.
To use it in a playbook, specify: check_point.mgmt.cp_mgmt_nat_rule_facts
.
New in check_point.mgmt 2.0.0
Synopsis
Get nat-rule objects facts on Checkpoint devices.
All operations are performed over Web Services API.
This module handles both operations, get a specific object and get several objects, For getting a specific object use the parameter ‘name’.
Parameters
Parameter |
Comments |
---|---|
Indicates whether to dereference “members” field by details level for every object in reply. Choices:
|
|
The level of detail for some of the fields in the response can vary from showing only the UID value of the object to a fully detailed representation of the object. Choices:
|
|
Search expression to filter the rulebase. The provided text should be exactly the same as it would be given in Smart Console. The logical operators in the expression (‘AND’, ‘OR’) should be provided in capital letters. If an operator is not used, the default OR operator applies. |
|
Sets filter preferences. |
|
When ‘search-mode’ is set to ‘packet’, this object allows to set the packet search preferences. |
|
When true, if the search expression contains a UID or a name of a group object, results will include rules that match on at least one member of the group. Choices:
|
|
When true, if the search expression contains a UID or a name of a group-with-exclusion object, results will include rules that match at least one member of the “include” part and is not a member of the “except” part. Choices:
|
|
Whether to match on ‘Any’ object. Choices:
|
|
Whether to match on a group-with-exclusion. Choices:
|
|
Whether to match on a negated cell. Choices:
|
|
When set to ‘general’, both the Full Text Search and Packet Search are enabled. In this mode, Packet Search will not match on ‘Any’ object, a negated cell or a group-with-exclusion. When the search-mode is set to ‘packet’, by default, the match on ‘Any’ object, a negated cell or a group-with-exclusion are enabled. packet-search-settings may be provided to change the default behavior. Choices:
|
|
The maximal number of returned results. This parameter is relevant only for getting few objects. |
|
Rule name. This parameter is relevant only for getting a specific object. Minimum version required is 1.7.1. |
|
Number of the results to initially skip. This parameter is relevant only for getting few objects. |
|
Sorts the results by search criteria. Automatically sorts the results by Name, in the ascending order. This parameter is relevant only for getting few objects. |
|
Sorts results by the given field in ascending order. Choices:
|
|
Sorts results by the given field in descending order. Choices:
|
|
Name of the package. |
|
Rule number. |
|
Indicates whether to calculate and show “groups” field for every object in reply. Choices:
|
|
N/A Choices:
|
|
Version of checkpoint. If not given one, the latest version taken. |
Examples
- name: show-nat-rule
cp_mgmt_nat_rule_facts:
package: standard
name: nat_rule1
- name: show-nat-rulebase
cp_mgmt_nat_rule_facts:
details_level: standard
limit: 2
offset: 1
package: standard
use_object_dictionary: true