fortinet.fortimanager.fmgr_firewall_mmsprofile module – Configure MMS profiles.

Note

This module is part of the fortinet.fortimanager collection (version 2.4.0).

You might already have this collection installed if you are using the ansible package. It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install fortinet.fortimanager.

To use it in a playbook, specify: fortinet.fortimanager.fmgr_firewall_mmsprofile.

New in fortinet.fortimanager 2.0.0

Synopsis 

This module is able to configure a FortiManager device.
Examples include all parameters and values which need to be adjusted to data sources before usage.

Parameters 

Parameter	Comments
access_token string	The token to access FortiManager without using username and password.
adom string / required	The parameter (adom) in requested url.
bypass_validation boolean	Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters. Choices: `false` ← (default) `true`
enable_log boolean	Enable/Disable logging for task. Choices: `false` ← (default) `true`
firewall_mmsprofile dictionary	The top level parameters set.
avnotificationtable string	AntiVirus notification table ID.
bwordtable string	MMS banned word table ID.
carrier-endpoint-prefix string	Deprecated, please rename it to carrier_endpoint_prefix. Enable/disable prefixing of end point values. Choices: `"disable"` `"enable"`
carrier-endpoint-prefix-range-max integer	Deprecated, please rename it to carrier_endpoint_prefix_range_max. Maximum length of end point value that can be prefixed
carrier-endpoint-prefix-range-min integer	Deprecated, please rename it to carrier_endpoint_prefix_range_min. Minimum end point length to be prefixed
carrier-endpoint-prefix-string string	Deprecated, please rename it to carrier_endpoint_prefix_string. String with which to prefix End point values.
carrierendpointbwltable string	Carrier end point filter table ID.
comment string	Comment.
dupe dictionary	No description.
action1 list / elements=string	No description. Choices: `"log"` `"archive"` `"intercept"` `"block"` `"archive-first"` `"alert-notif"`
action2 list / elements=string	No description. Choices: `"log"` `"archive"` `"intercept"` `"block"` `"archive-first"` `"alert-notif"`
action3 list / elements=string	No description. Choices: `"log"` `"archive"` `"intercept"` `"block"` `"archive-first"` `"alert-notif"`
block-time1 integer	Deprecated, please rename it to block_time1. Duration for which action takes effect
block-time2 integer	Deprecated, please rename it to block_time2. Duration for which action takes effect
block-time3 integer	Deprecated, please rename it to block_time3. Duration action takes effect
limit1 integer	Maximum number of messages allowed.
limit2 integer	Maximum number of messages allowed.
limit3 integer	Maximum number of messages allowed.
protocol string	Protocol.
status1 string	Enable/disable status1 detection. Choices: `"disable"` `"enable"`
status2 string	Enable/disable status2 detection. Choices: `"disable"` `"enable"`
status3 string	Enable/disable status3 detection. Choices: `"disable"` `"enable"`
window1 integer	Window to count messages over
window2 integer	Window to count messages over
window3 integer	Window to count messages over
flood dictionary	No description.
action1 list / elements=string	No description. Choices: `"log"` `"archive"` `"intercept"` `"block"` `"archive-first"` `"alert-notif"`
action2 list / elements=string	No description. Choices: `"log"` `"archive"` `"intercept"` `"block"` `"archive-first"` `"alert-notif"`
action3 list / elements=string	No description. Choices: `"log"` `"archive"` `"intercept"` `"block"` `"archive-first"` `"alert-notif"`
block-time1 integer	Deprecated, please rename it to block_time1. Duration for which action takes effect
block-time2 integer	Deprecated, please rename it to block_time2. Duration for which action takes effect
block-time3 integer	Deprecated, please rename it to block_time3. Duration action takes effect
limit1 integer	Maximum number of messages allowed.
limit2 integer	Maximum number of messages allowed.
limit3 integer	Maximum number of messages allowed.
protocol string	Protocol.
status1 string	Enable/disable status1 detection. Choices: `"disable"` `"enable"`
status2 string	Enable/disable status2 detection. Choices: `"disable"` `"enable"`
status3 string	Enable/disable status3 detection. Choices: `"disable"` `"enable"`
window1 integer	Window to count messages over
window2 integer	Window to count messages over
window3 integer	Window to count messages over
mm1 list / elements=string	MM1 options. Choices: `"avmonitor"` `"block"` `"oversize"` `"quarantine"` `"scan"` `"avquery"` `"bannedword"` `"no-content-summary"` `"archive-summary"` `"archive-full"` `"carrier-endpoint-bwl"` `"remove-blocked"` `"chunkedbypass"` `"clientcomfort"` `"servercomfort"` `"strict-file"` `"mms-checksum"`
mm1-addr-hdr string	Deprecated, please rename it to mm1_addr_hdr. HTTP header field
mm1-addr-source string	Deprecated, please rename it to mm1_addr_source. Source for MM1 user address. Choices: `"http-header"` `"cookie"`
mm1-convert-hex string	Deprecated, please rename it to mm1_convert_hex. Enable/disable converting user address from HEX string for MM1. Choices: `"disable"` `"enable"`
mm1-outbreak-prevention string	Deprecated, please rename it to mm1_outbreak_prevention. Enable FortiGuard Virus Outbreak Prevention service. Choices: `"disabled"` `"files"` `"full-archive"`
mm1-retr-dupe string	Deprecated, please rename it to mm1_retr_dupe. Enable/disable duplicate scanning of MM1 retr. Choices: `"disable"` `"enable"`
mm1-retrieve-scan string	Deprecated, please rename it to mm1_retrieve_scan. Enable/disable scanning on MM1 retrieve configuration messages. Choices: `"disable"` `"enable"`
mm1comfortamount integer	MM1 comfort amount
mm1comfortinterval integer	MM1 comfort interval
mm1oversizelimit integer	Maximum file size to scan
mm3 list / elements=string	MM3 options. Choices: `"avmonitor"` `"block"` `"oversize"` `"quarantine"` `"scan"` `"avquery"` `"bannedword"` `"no-content-summary"` `"archive-summary"` `"archive-full"` `"carrier-endpoint-bwl"` `"remove-blocked"` `"fragmail"` `"splice"` `"mms-checksum"`
mm3-outbreak-prevention string	Deprecated, please rename it to mm3_outbreak_prevention. Enable FortiGuard Virus Outbreak Prevention service. Choices: `"disabled"` `"files"` `"full-archive"`
mm3oversizelimit integer	Maximum file size to scan
mm4 list / elements=string	MM4 options. Choices: `"avmonitor"` `"block"` `"oversize"` `"quarantine"` `"scan"` `"avquery"` `"bannedword"` `"no-content-summary"` `"archive-summary"` `"archive-full"` `"carrier-endpoint-bwl"` `"remove-blocked"` `"fragmail"` `"splice"` `"mms-checksum"`
mm4-outbreak-prevention string	Deprecated, please rename it to mm4_outbreak_prevention. Enable FortiGuard Virus Outbreak Prevention service. Choices: `"disabled"` `"files"` `"full-archive"`
mm4oversizelimit integer	Maximum file size to scan
mm7 list / elements=string	MM7 options. Choices: `"avmonitor"` `"block"` `"oversize"` `"quarantine"` `"scan"` `"avquery"` `"bannedword"` `"no-content-summary"` `"archive-summary"` `"archive-full"` `"carrier-endpoint-bwl"` `"remove-blocked"` `"chunkedbypass"` `"clientcomfort"` `"servercomfort"` `"strict-file"` `"mms-checksum"`
mm7-addr-hdr string	Deprecated, please rename it to mm7_addr_hdr. HTTP header field
mm7-addr-source string	Deprecated, please rename it to mm7_addr_source. Source for MM7 user address. Choices: `"http-header"` `"cookie"`
mm7-convert-hex string	Deprecated, please rename it to mm7_convert_hex. Enable/disable conversion of user address from HEX string for MM7. Choices: `"disable"` `"enable"`
mm7-outbreak-prevention string	Deprecated, please rename it to mm7_outbreak_prevention. Enable FortiGuard Virus Outbreak Prevention service. Choices: `"disabled"` `"files"` `"full-archive"`
mm7comfortamount integer	MM7 comfort amount
mm7comfortinterval integer	MM7 comfort interval
mm7oversizelimit integer	Maximum file size to scan
mms-antispam-mass-log string	Deprecated, please rename it to mms_antispam_mass_log. Enable/disable logging for MMS antispam mass. Choices: `"disable"` `"enable"`
mms-av-block-log string	Deprecated, please rename it to mms_av_block_log. Enable/disable logging for MMS antivirus file blocking. Choices: `"disable"` `"enable"`
mms-av-oversize-log string	Deprecated, please rename it to mms_av_oversize_log. Enable/disable logging for MMS antivirus oversize file blocking. Choices: `"disable"` `"enable"`
mms-av-virus-log string	Deprecated, please rename it to mms_av_virus_log. Enable/disable logging for MMS antivirus scanning. Choices: `"disable"` `"enable"`
mms-carrier-endpoint-filter-log string	Deprecated, please rename it to mms_carrier_endpoint_filter_log. Enable/disable logging for MMS end point filter blocking. Choices: `"disable"` `"enable"`
mms-checksum-log string	Deprecated, please rename it to mms_checksum_log. Enable/disable MMS content checksum logging. Choices: `"disable"` `"enable"`
mms-checksum-table string	Deprecated, please rename it to mms_checksum_table. MMS content checksum table ID.
mms-notification-log string	Deprecated, please rename it to mms_notification_log. Enable/disable logging for MMS notification messages. Choices: `"disable"` `"enable"`
mms-web-content-log string	Deprecated, please rename it to mms_web_content_log. Enable/disable logging for MMS web content blocking. Choices: `"disable"` `"enable"`
mmsbwordthreshold integer	MMS banned word threshold.
name string / required	Profile name.
notif-msisdn list / elements=dictionary	Deprecated, please rename it to notif_msisdn. Notif-Msisdn.
msisdn string	Recipient MSISDN.
threshold list / elements=string	Thresholds on which this MSISDN will receive an alert. Choices: `"flood-thresh-1"` `"flood-thresh-2"` `"flood-thresh-3"` `"dupe-thresh-1"` `"dupe-thresh-2"` `"dupe-thresh-3"`
notification dictionary	No description.
alert-int integer	Deprecated, please rename it to alert_int. Alert notification send interval.
alert-int-mode string	Deprecated, please rename it to alert_int_mode. Alert notification interval mode. Choices: `"hours"` `"minutes"`
alert-src-msisdn string	Deprecated, please rename it to alert_src_msisdn. Specify from address for alert messages.
alert-status string	Deprecated, please rename it to alert_status. Alert notification status. Choices: `"disable"` `"enable"`
bword-int integer	Deprecated, please rename it to bword_int. Banned word notification send interval.
bword-int-mode string	Deprecated, please rename it to bword_int_mode. Banned word notification interval mode. Choices: `"hours"` `"minutes"`
bword-status string	Deprecated, please rename it to bword_status. Banned word notification status. Choices: `"disable"` `"enable"`
carrier-endpoint-bwl-int integer	Deprecated, please rename it to carrier_endpoint_bwl_int. Carrier end point black/white list notification send int…
carrier-endpoint-bwl-int-mode string	Deprecated, please rename it to carrier_endpoint_bwl_int_mode. Carrier end point black/white list notification int… Choices: `"hours"` `"minutes"`
carrier-endpoint-bwl-status string	Deprecated, please rename it to carrier_endpoint_bwl_status. Carrier end point black/white list notification status. Choices: `"disable"` `"enable"`
days-allowed list / elements=string	Deprecated, please rename it to days_allowed. Choices: `"sunday"` `"monday"` `"tuesday"` `"wednesday"` `"thursday"` `"friday"` `"saturday"`
detect-server string	Deprecated, please rename it to detect_server. Enable/disable automatic server address determination. Choices: `"disable"` `"enable"`
dupe-int integer	Deprecated, please rename it to dupe_int. Duplicate notification send interval.
dupe-int-mode string	Deprecated, please rename it to dupe_int_mode. Duplicate notification interval mode. Choices: `"hours"` `"minutes"`
dupe-status string	Deprecated, please rename it to dupe_status. Duplicate notification status. Choices: `"disable"` `"enable"`
file-block-int integer	Deprecated, please rename it to file_block_int. File block notification send interval.
file-block-int-mode string	Deprecated, please rename it to file_block_int_mode. File block notification interval mode. Choices: `"hours"` `"minutes"`
file-block-status string	Deprecated, please rename it to file_block_status. File block notification status. Choices: `"disable"` `"enable"`
flood-int integer	Deprecated, please rename it to flood_int. Flood notification send interval.
flood-int-mode string	Deprecated, please rename it to flood_int_mode. Flood notification interval mode. Choices: `"hours"` `"minutes"`
flood-status string	Deprecated, please rename it to flood_status. Flood notification status. Choices: `"disable"` `"enable"`
from-in-header string	Deprecated, please rename it to from_in_header. Enable/disable insertion of from address in HTTP header. Choices: `"disable"` `"enable"`
mms-checksum-int integer	Deprecated, please rename it to mms_checksum_int. MMS checksum notification send interval.
mms-checksum-int-mode string	Deprecated, please rename it to mms_checksum_int_mode. MMS checksum notification interval mode. Choices: `"hours"` `"minutes"`
mms-checksum-status string	Deprecated, please rename it to mms_checksum_status. MMS checksum notification status. Choices: `"disable"` `"enable"`
mmsc-hostname string	Deprecated, please rename it to mmsc_hostname. Host name or IP address of the MMSC.
mmsc-password any	(list) Deprecated, please rename it to mmsc_password.
mmsc-port integer	Deprecated, please rename it to mmsc_port. Port used on the MMSC for sending MMS messages
mmsc-url string	Deprecated, please rename it to mmsc_url. URL used on the MMSC for sending MMS messages.
mmsc-username string	Deprecated, please rename it to mmsc_username. User name required for authentication with the MMSC.
msg-protocol string	Deprecated, please rename it to msg_protocol. Protocol to use for sending notification messages. Choices: `"mm1"` `"mm3"` `"mm4"` `"mm7"`
msg-type string	Deprecated, please rename it to msg_type. MM7 message type. Choices: `"submit-req"` `"deliver-req"`
protocol string	Protocol.
rate-limit integer	Deprecated, please rename it to rate_limit. Rate limit for sending notification messages
tod-window-duration string	Deprecated, please rename it to tod_window_duration. Time of day window duration.
tod-window-end string	Deprecated, please rename it to tod_window_end. Obsolete.
tod-window-start string	Deprecated, please rename it to tod_window_start. Time of day window start.
user-domain string	Deprecated, please rename it to user_domain. Domain name to which the user addresses belong.
vas-id string	Deprecated, please rename it to vas_id. VAS identifier.
vasp-id string	Deprecated, please rename it to vasp_id. VASP identifier.
virus-int integer	Deprecated, please rename it to virus_int. Virus notification send interval.
virus-int-mode string	Deprecated, please rename it to virus_int_mode. Virus notification interval mode. Choices: `"hours"` `"minutes"`
virus-status string	Deprecated, please rename it to virus_status. Virus notification status. Choices: `"disable"` `"enable"`
outbreak-prevention dictionary	Deprecated, please rename it to outbreak_prevention.
external-blocklist string	Deprecated, please rename it to external_blocklist. Enable/disable external malware blocklist. Choices: `"disable"` `"enable"`
ftgd-service string	Deprecated, please rename it to ftgd_service. Enable/disable FortiGuard Virus outbreak prevention service. Choices: `"disable"` `"enable"`
remove-blocked-const-length string	Deprecated, please rename it to remove_blocked_const_length. Enable/disable MMS replacement of blocked file constant length. Choices: `"disable"` `"enable"`
replacemsg-group string	Deprecated, please rename it to replacemsg_group. Replacement message group.
forticloud_access_token string	Authenticate Ansible client with forticloud API access token.
proposed_method string	The overridden method for the underlying Json RPC request. Choices: `"update"` `"set"` `"add"`
rc_failed list / elements=integer	The rc codes list with which the conditions to fail will be overriden.
rc_succeeded list / elements=integer	The rc codes list with which the conditions to succeed will be overriden.
state string / required	The directive to create, update or delete an object. Choices: `"present"` `"absent"`
workspace_locking_adom string	The adom to lock for FortiManager running in workspace mode, the value can be global and others including root.
workspace_locking_timeout integer	The maximum time in seconds to wait for other user to release the workspace lock. Default: `300`

Notes 

Note

Starting in version 2.4.0, all input arguments are named using the underscore naming convention (snake_case). Please change the arguments such as “var-name” to “var_name”. Old argument names are still available yet you will receive deprecation warnings. You can ignore this warning by setting deprecation_warnings=False in ansible.cfg.
Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
To create or update an object, use state present directive.
To delete an object, use state absent directive.
Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded

Examples 

- name: Example playbook
  hosts: fortimanagers
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Configure MMS profiles.
      fortinet.fortimanager.fmgr_firewall_mmsprofile:
        bypass_validation: false
        adom: FortiCarrier # FortiCarrier only object, need a FortiCarrier adom
        state: present
        firewall_mmsprofile:
          comment: "ansible-comment"
          # extended-utm-log: disable
          mm1:
            - avmonitor
            - block
            - oversize
            - quarantine
            - scan
            - avquery
            - bannedword
            - no-content-summary
            - archive-summary
            - archive-full
            - carrier-endpoint-bwl
            - remove-blocked
            - chunkedbypass
            - clientcomfort
            - servercomfort
            - strict-file
            - mms-checksum
          mm3:
            - avmonitor
            - block
            - oversize
            - quarantine
            - scan
            - avquery
            - bannedword
            - no-content-summary
            - archive-summary
            - archive-full
            - carrier-endpoint-bwl
            - remove-blocked
            - fragmail
            - splice
            - mms-checksum
          mm4:
            - avmonitor
            - block
            - oversize
            - quarantine
            - scan
            - avquery
            - bannedword
            - no-content-summary
            - archive-summary
            - archive-full
            - carrier-endpoint-bwl
            - remove-blocked
            - fragmail
            - splice
            - mms-checksum
          mm7:
            - avmonitor
            - block
            - oversize
            - quarantine
            - scan
            - avquery
            - bannedword
            - no-content-summary
            - archive-summary
            - archive-full
            - carrier-endpoint-bwl
            - remove-blocked
            - chunkedbypass
            - clientcomfort
            - servercomfort
            - strict-file
            - mms-checksum
          name: "ansible-test"

- name: Gathering fortimanager facts
  hosts: fortimanagers
  gather_facts: false
  connection: httpapi
  vars:
    ansible_httpapi_use_ssl: true
    ansible_httpapi_validate_certs: false
    ansible_httpapi_port: 443
  tasks:
    - name: Retrieve all the MMS profiles
      fortinet.fortimanager.fmgr_fact:
        facts:
          selector: "firewall_mmsprofile"
          params:
            adom: "FortiCarrier" # FortiCarrier only object, need a FortiCarrier adom
            mms-profile: "your_value"

Return Values 

Common return values are documented here, the following are the fields unique to this module:

Key	Description
meta dictionary	The result of the request. Returned: always
request_url string	The full url requested. Returned: always Sample: `"/sys/login/user"`
response_code integer	The status of api request. Returned: always Sample: `0`
response_data list / elements=string	The api response. Returned: always
response_message string	The descriptive message of the api response. Returned: always Sample: `"OK."`
system_information dictionary	The information of the target system. Returned: always
rc integer	The status the request. Returned: always Sample: `0`
version_check_warning list / elements=string	Warning if the parameters used in the playbook are not supported by the current FortiManager version. Returned: complex

Authors

Xinwei Du (@dux-fortinet)
Xing Li (@lix-fortinet)
Jie Xue (@JieX19)
Link Zheng (@chillancezen)
Frank Shen (@fshen01)
Hongbin Lu (@fgtdev-hblu)

fortinet.fortimanager.fmgr_firewall_mmsprofile module – Configure MMS profiles.

Synopsis

Parameters

Notes

Examples

Return Values