source: | fortios_firewall_mms_profile.py |
---|---|
orphan: |
.. versionadded:: 2.0.0
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify firewall feature and mms_profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
The below requirements are needed on the host that executes this module.
- ansible>=2.9
Using member operation to add an element to an existing object.
v6.0.0 |
v6.0.5 |
v6.0.11 |
v6.2.0 |
v6.2.3 |
v6.2.5 |
v6.2.7 |
|
fortios_firewall_mms_profile | yes | yes | yes | yes | yes | yes | yes |
- access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
- member_path - Member attribute path to operate on. type: str
- member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
- state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
- firewall_mms_profile - Configure MMS profiles. type: dict
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
firewall_mms_profile yes yes yes yes yes yes yes - avnotificationtable - AntiVirus notification table ID. Source antivirus.notification.id. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
avnotificationtable yes yes yes yes yes yes yes - bwordtable - MMS banned word table ID. Source webfilter.content.id. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
bwordtable yes yes yes yes yes yes yes - carrier_endpoint_prefix - Enable/disable prefixing of end point values. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrier_endpoint_prefix yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - carrier_endpoint_prefix_range_max - Maximum length of end point value that can be prefixed (1 - 48). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrier_endpoint_prefix_range_max yes yes yes yes yes yes yes - carrier_endpoint_prefix_range_min - Minimum end point length to be prefixed (1 - 48). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrier_endpoint_prefix_range_min yes yes yes yes yes yes yes - carrier_endpoint_prefix_string - String with which to prefix End point values. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrier_endpoint_prefix_string yes yes yes yes yes yes yes - carrierendpointbwltable - Carrier end point filter table ID. Source firewall.carrier-endpoint-bwl.id. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrierendpointbwltable yes yes yes yes yes yes yes - comment - Comment. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
comment yes yes yes yes yes yes yes - dupe - Duplicate configuration. type: list member_path: dupe:protocol
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
dupe yes yes yes yes yes yes yes - action1 - Action to take when threshold reached. type: list choices: block, archive, log, archive-first, alert-notif
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
action1 yes yes yes yes yes yes yes [block] yes yes yes yes yes yes yes [archive] yes yes yes yes yes yes yes [log] yes yes yes yes yes yes yes [archive-first] yes yes yes yes yes yes yes [alert-notif] yes yes yes yes yes yes yes - action2 - Action to take when threshold reached. type: list choices: block, archive, log, archive-first, alert-notif
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
action2 yes yes yes yes yes yes yes [block] yes yes yes yes yes yes yes [archive] yes yes yes yes yes yes yes [log] yes yes yes yes yes yes yes [archive-first] yes yes yes yes yes yes yes [alert-notif] yes yes yes yes yes yes yes - action3 - Action to take when threshold reached. type: list choices: block, archive, log, archive-first, alert-notif
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
action3 yes yes yes yes yes yes yes [block] yes yes yes yes yes yes yes [archive] yes yes yes yes yes yes yes [log] yes yes yes yes yes yes yes [archive-first] yes yes yes yes yes yes yes [alert-notif] yes yes yes yes yes yes yes - block_time1 - Duration for which action takes effect (0 - 35791 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
block_time1 yes yes yes yes yes yes yes - block_time2 - Duration for which action takes effect (0 - 35791 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
block_time2 yes yes yes yes yes yes yes - block_time3 - Duration action takes effect (0 - 35791 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
block_time3 yes yes yes yes yes yes yes - limit1 - Maximum number of messages allowed. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
limit1 yes yes yes yes yes yes yes - limit2 - Maximum number of messages allowed. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
limit2 yes yes yes yes yes yes yes - limit3 - Maximum number of messages allowed. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
limit3 yes yes yes yes yes yes yes - protocol - Protocol. type: str required: true
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
protocol yes yes yes yes yes yes yes - status1 - Enable/disable status1 detection. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
status1 yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - status2 - Enable/disable status2 detection. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
status2 yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - status3 - Enable/disable status3 detection. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
status3 yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - window1 - Window to count messages over (1 - 2880 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
window1 yes yes yes yes yes yes yes - window2 - Window to count messages over (1 - 2880 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
window2 yes yes yes yes yes yes yes - window3 - Window to count messages over (1 - 2880 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
window3 yes yes yes yes yes yes yes - extended_utm_log - Enable/disable detailed UTM log messages. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
extended_utm_log yes yes yes yes yes yes yes - flood - Flood configuration. type: list member_path: flood:protocol
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
flood yes yes yes yes yes yes yes - action1 - Action to take when threshold reached. type: list choices: block, archive, log, archive-first, alert-notif
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
action1 yes yes yes yes yes yes yes [block] yes yes yes yes yes yes yes [archive] yes yes yes yes yes yes yes [log] yes yes yes yes yes yes yes [archive-first] yes yes yes yes yes yes yes [alert-notif] yes yes yes yes yes yes yes - action2 - Action to take when threshold reached. type: list choices: block, archive, log, archive-first, alert-notif
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
action2 yes yes yes yes yes yes yes [block] yes yes yes yes yes yes yes [archive] yes yes yes yes yes yes yes [log] yes yes yes yes yes yes yes [archive-first] yes yes yes yes yes yes yes [alert-notif] yes yes yes yes yes yes yes - action3 - Action to take when threshold reached. type: list choices: block, archive, log, archive-first, alert-notif
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
action3 yes yes yes yes yes yes yes [block] yes yes yes yes yes yes yes [archive] yes yes yes yes yes yes yes [log] yes yes yes yes yes yes yes [archive-first] yes yes yes yes yes yes yes [alert-notif] yes yes yes yes yes yes yes - block_time1 - Duration for which action takes effect (0 - 35791 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
block_time1 yes yes yes yes yes yes yes - block_time2 - Duration for which action takes effect (0 - 35791 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
block_time2 yes yes yes yes yes yes yes - block_time3 - Duration action takes effect (0 - 35791 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
block_time3 yes yes yes yes yes yes yes - limit1 - Maximum number of messages allowed. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
limit1 yes yes yes yes yes yes yes - limit2 - Maximum number of messages allowed. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
limit2 yes yes yes yes yes yes yes - limit3 - Maximum number of messages allowed. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
limit3 yes yes yes yes yes yes yes - protocol - Protocol. type: str required: true
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
protocol yes yes yes yes yes yes yes - status1 - Enable/disable status1 detection. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
status1 yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - status2 - Enable/disable status2 detection. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
status2 yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - status3 - Enable/disable status3 detection. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
status3 yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - window1 - Window to count messages over (1 - 2880 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
window1 yes yes yes yes yes yes yes - window2 - Window to count messages over (1 - 2880 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
window2 yes yes yes yes yes yes yes - window3 - Window to count messages over (1 - 2880 min). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
window3 yes yes yes yes yes yes yes - mm1 - MM1 options. type: list choices: avmonitor, oversize, quarantine, scan, bannedword, chunkedbypass, clientcomfort, servercomfort, carrier-endpoint-bwl, remove-blocked, mms-checksum
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1 yes yes yes yes yes yes yes [avmonitor] yes yes yes yes yes yes yes [oversize] yes yes yes yes yes yes yes [quarantine] yes yes yes yes yes yes yes [scan] yes yes yes yes yes yes yes [bannedword] yes yes yes yes yes yes yes [chunkedbypass] yes yes yes yes yes yes yes [clientcomfort] yes yes yes yes yes yes yes [servercomfort] yes yes yes yes yes yes yes [carrier-endpoint-bwl] yes yes yes yes yes yes yes [remove-blocked] yes yes yes yes yes yes yes [mms-checksum] yes yes yes yes yes yes yes - mm1_addr_hdr - HTTP header field (for MM1) containing user address. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1_addr_hdr yes yes yes yes yes yes yes - mm1_addr_source - Source for MM1 user address. type: str choices: http-header, cookie
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1_addr_source yes yes yes yes yes yes yes [http-header] yes yes yes yes yes yes yes [cookie] yes yes yes yes yes yes yes - mm1_convert_hex - Enable/disable converting user address from HEX string for MM1. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1_convert_hex yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mm1_outbreak_prevention - Enable Virus Outbreak Prevention service. type: str choices: disabled, files, full-archive
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1_outbreak_prevention yes yes yes yes yes yes yes [disabled] yes yes yes yes yes yes yes [files] yes yes yes yes yes yes yes [full-archive] yes yes yes yes yes yes yes - mm1_retr_dupe - Enable/disable duplicate scanning of MM1 retr. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1_retr_dupe yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mm1_retrieve_scan - Enable/disable scanning on MM1 retrieve configuration messages. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1_retrieve_scan yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mm1comfortamount - MM1 comfort amount (0 - 4294967295). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1comfortamount yes yes yes yes yes yes yes - mm1comfortinterval - MM1 comfort interval (0 - 4294967295). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1comfortinterval yes yes yes yes yes yes yes - mm1oversizelimit - Maximum file size to scan (1 - 819200 kB). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm1oversizelimit yes yes yes yes yes yes yes - mm3 - MM3 options. type: list choices: avmonitor, oversize, quarantine, scan, bannedword, fragmail, splice, carrier-endpoint-bwl, remove-blocked, mms-checksum
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm3 yes yes yes yes yes yes yes [avmonitor] yes yes yes yes yes yes yes [oversize] yes yes yes yes yes yes yes [quarantine] yes yes yes yes yes yes yes [scan] yes yes yes yes yes yes yes [bannedword] yes yes yes yes yes yes yes [fragmail] yes yes yes yes yes yes yes [splice] yes yes yes yes yes yes yes [carrier-endpoint-bwl] yes yes yes yes yes yes yes [remove-blocked] yes yes yes yes yes yes yes [mms-checksum] yes yes yes yes yes yes yes - mm3_outbreak_prevention - Enable Virus Outbreak Prevention service. type: str choices: disabled, files, full-archive
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm3_outbreak_prevention yes yes yes yes yes yes yes [disabled] yes yes yes yes yes yes yes [files] yes yes yes yes yes yes yes [full-archive] yes yes yes yes yes yes yes - mm3oversizelimit - Maximum file size to scan (1 - 819200 kB). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm3oversizelimit yes yes yes yes yes yes yes - mm4 - MM4 options. type: list choices: avmonitor, oversize, quarantine, scan, bannedword, fragmail, splice, carrier-endpoint-bwl, remove-blocked, mms-checksum
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm4 yes yes yes yes yes yes yes [avmonitor] yes yes yes yes yes yes yes [oversize] yes yes yes yes yes yes yes [quarantine] yes yes yes yes yes yes yes [scan] yes yes yes yes yes yes yes [bannedword] yes yes yes yes yes yes yes [fragmail] yes yes yes yes yes yes yes [splice] yes yes yes yes yes yes yes [carrier-endpoint-bwl] yes yes yes yes yes yes yes [remove-blocked] yes yes yes yes yes yes yes [mms-checksum] yes yes yes yes yes yes yes - mm4_outbreak_prevention - Enable Virus Outbreak Prevention service. type: str choices: disabled, files, full-archive
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm4_outbreak_prevention yes yes yes yes yes yes yes [disabled] yes yes yes yes yes yes yes [files] yes yes yes yes yes yes yes [full-archive] yes yes yes yes yes yes yes - mm4oversizelimit - Maximum file size to scan (1 - 819200 kB). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm4oversizelimit yes yes yes yes yes yes yes - mm7 - MM7 options. type: list choices: avmonitor, oversize, quarantine, scan, bannedword, chunkedbypass, clientcomfort, servercomfort, carrier-endpoint-bwl, remove-blocked, mms-checksum
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7 yes yes yes yes yes yes yes [avmonitor] yes yes yes yes yes yes yes [oversize] yes yes yes yes yes yes yes [quarantine] yes yes yes yes yes yes yes [scan] yes yes yes yes yes yes yes [bannedword] yes yes yes yes yes yes yes [chunkedbypass] yes yes yes yes yes yes yes [clientcomfort] yes yes yes yes yes yes yes [servercomfort] yes yes yes yes yes yes yes [carrier-endpoint-bwl] yes yes yes yes yes yes yes [remove-blocked] yes yes yes yes yes yes yes [mms-checksum] yes yes yes yes yes yes yes - mm7_addr_hdr - HTTP header field (for MM7) containing user address. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7_addr_hdr yes yes yes yes yes yes yes - mm7_addr_source - Source for MM7 user address. type: str choices: http-header, cookie
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7_addr_source yes yes yes yes yes yes yes [http-header] yes yes yes yes yes yes yes [cookie] yes yes yes yes yes yes yes - mm7_convert_hex - Enable/disable conversion of user address from HEX string for MM7. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7_convert_hex yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mm7_outbreak_prevention - Enable Virus Outbreak Prevention service. type: str choices: disabled, files, full-archive
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7_outbreak_prevention yes yes yes yes yes yes yes [disabled] yes yes yes yes yes yes yes [files] yes yes yes yes yes yes yes [full-archive] yes yes yes yes yes yes yes - mm7comfortamount - MM7 comfort amount (0 - 4294967295). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7comfortamount yes yes yes yes yes yes yes - mm7comfortinterval - MM7 comfort interval (0 - 4294967295). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7comfortinterval yes yes yes yes yes yes yes - mm7oversizelimit - Maximum file size to scan (1 - 819200 kB). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mm7oversizelimit yes yes yes yes yes yes yes - mms_antispam_mass_log - Enable/disable logging for MMS antispam mass. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_antispam_mass_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_av_block_log - Enable/disable logging for MMS antivirus file blocking. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_av_block_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_av_oversize_log - Enable/disable logging for MMS antivirus oversize file blocking. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_av_oversize_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_av_virus_log - Enable/disable logging for MMS antivirus scanning. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_av_virus_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_carrier_endpoint_filter_log - Enable/disable logging for MMS end point filter blocking. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_carrier_endpoint_filter_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_checksum_log - Enable/disable MMS content checksum logging. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_checksum_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_checksum_table - MMS content checksum table ID. Source antivirus.mms-checksum.id. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_checksum_table yes yes yes yes yes yes yes - mms_notification_log - Enable/disable logging for MMS notification messages. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_notification_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_web_content_log - Enable/disable logging for MMS web content blocking. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_web_content_log yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mmsbwordthreshold - MMS banned word threshold. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mmsbwordthreshold yes yes yes yes yes yes yes - name - Profile name. type: str required: true
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
name yes yes yes yes yes yes yes - notif_msisdn - Notification for MSISDNs. type: list member_path: notif_msisdn:msisdn
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
notif_msisdn yes yes yes yes yes yes yes - msisdn - Recipient MSISDN. type: str required: true
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
msisdn yes yes yes yes yes yes yes - threshold - Thresholds on which this MSISDN will receive an alert. type: list choices: flood-thresh-1, flood-thresh-2, flood-thresh-3, dupe-thresh-1, dupe-thresh-2, dupe-thresh-3
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
threshold yes yes yes yes yes yes yes [flood-thresh-1] yes yes yes yes yes yes yes [flood-thresh-2] yes yes yes yes yes yes yes [flood-thresh-3] yes yes yes yes yes yes yes [dupe-thresh-1] yes yes yes yes yes yes yes [dupe-thresh-2] yes yes yes yes yes yes yes [dupe-thresh-3] yes yes yes yes yes yes yes - notification - Notification configuration. type: list member_path: notification:protocol
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
notification yes yes yes yes yes yes yes - alert_int - Alert notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
alert_int yes yes yes yes yes yes yes - alert_int_mode - Alert notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
alert_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - alert_src_msisdn - Specify from address for alert messages. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
alert_src_msisdn yes yes yes yes yes yes yes - alert_status - Alert notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
alert_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - bword_int - Banned word notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
bword_int yes yes yes yes yes yes yes - bword_int_mode - Banned word notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
bword_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - bword_status - Banned word notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
bword_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - carrier_endpoint_bwl_int - Carrier end point black/white list notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrier_endpoint_bwl_int yes yes yes yes yes yes yes - carrier_endpoint_bwl_int_mode - Carrier end point black/white list notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrier_endpoint_bwl_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - carrier_endpoint_bwl_status - Carrier end point black/white list notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
carrier_endpoint_bwl_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - days_allowed - Weekdays on which notification messages may be sent. type: list choices: sunday, monday, tuesday, wednesday, thursday, friday, saturday
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
days_allowed yes yes yes yes yes yes yes [sunday] yes yes yes yes yes yes yes [monday] yes yes yes yes yes yes yes [tuesday] yes yes yes yes yes yes yes [wednesday] yes yes yes yes yes yes yes [thursday] yes yes yes yes yes yes yes [friday] yes yes yes yes yes yes yes [saturday] yes yes yes yes yes yes yes - detect_server - Enable/disable automatic server address determination. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
detect_server yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - dupe_int - Duplicate notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
dupe_int yes yes yes yes yes yes yes - dupe_int_mode - Duplicate notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
dupe_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - dupe_status - Duplicate notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
dupe_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - file_block_int - File block notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
file_block_int yes yes yes yes yes yes yes - file_block_int_mode - File block notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
file_block_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - file_block_status - File block notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
file_block_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - flood_int - Flood notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
flood_int yes yes yes yes yes yes yes - flood_int_mode - Flood notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
flood_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - flood_status - Flood notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
flood_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - from_in_header - Enable/disable insertion of from address in HTTP header. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
from_in_header yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mms_checksum_int - MMS checksum notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_checksum_int yes yes yes yes yes yes yes - mms_checksum_int_mode - MMS checksum notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_checksum_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - mms_checksum_status - MMS checksum notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mms_checksum_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - mmsc_hostname - Host name or IP address of the MMSC. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mmsc_hostname yes yes yes yes yes yes yes - mmsc_password - Password required for authentication with the MMSC. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mmsc_password yes yes yes yes yes yes yes - mmsc_port - Port used on the MMSC for sending MMS messages (1 - 65535). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mmsc_port yes yes yes yes yes yes yes - mmsc_url - URL used on the MMSC for sending MMS messages. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mmsc_url yes yes yes yes yes yes yes - mmsc_username - User name required for authentication with the MMSC. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
mmsc_username yes yes yes yes yes yes yes - msg_protocol - Protocol to use for sending notification messages. type: str choices: mm1, mm3, mm4, mm7
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
msg_protocol yes yes yes yes yes yes yes [mm1] yes yes yes yes yes yes yes [mm3] yes yes yes yes yes yes yes [mm4] yes yes yes yes yes yes yes [mm7] yes yes yes yes yes yes yes - msg_type - MM7 message type. type: str choices: submit-req, deliver-req
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
msg_type yes yes yes yes yes yes yes [submit-req] yes yes yes yes yes yes yes [deliver-req] yes yes yes yes yes yes yes - protocol - Protocol. type: str required: true
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
protocol yes yes yes yes yes yes yes - rate_limit - Rate limit for sending notification messages (0 - 250). type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
rate_limit yes yes yes yes yes yes yes - tod_window_duration - Time of day window duration. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
tod_window_duration yes yes yes yes yes yes yes - tod_window_end - Obsolete. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
tod_window_end yes yes yes yes yes yes yes - tod_window_start - Time of day window start. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
tod_window_start yes yes yes yes yes yes yes - user_domain - Domain name to which the user addresses belong. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
user_domain yes yes yes yes yes yes yes - vas_id - VAS identifier. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
vas_id yes yes yes yes yes yes yes - vasp_id - VASP identifier. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
vasp_id yes yes yes yes yes yes yes - virus_int - Virus notification send interval. type: int
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
virus_int yes yes yes yes yes yes yes - virus_int_mode - Virus notification interval mode. type: str choices: hours, minutes
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
virus_int_mode yes yes yes yes yes yes yes [hours] yes yes yes yes yes yes yes [minutes] yes yes yes yes yes yes yes - virus_status - Virus notification status. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
virus_status yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - outbreak_prevention - Configure Virus Outbreak Prevention settings. type: dict
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
outbreak_prevention no no no yes yes yes yes - external_blocklist - Enable/disable external malware blocklist. type: str choices: disable, enable
more...
v6.2.0
v6.2.3
v6.2.5
v6.2.7
external_blocklist yes yes yes yes [disable] yes yes yes yes [enable] yes yes yes yes - ftgd_service - Enable/disable FortiGuard Virus outbreak prevention service. type: str choices: disable, enable
more...
v6.2.0
v6.2.3
v6.2.5
v6.2.7
ftgd_service yes yes yes yes [disable] yes yes yes yes [enable] yes yes yes yes - remove_blocked_const_length - Enable/disable MMS replacement of blocked file constant length. type: str choices: enable, disable
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
remove_blocked_const_length yes yes yes yes yes yes yes [enable] yes yes yes yes yes yes yes [disable] yes yes yes yes yes yes yes - replacemsg_group - Replacement message group. Source system.replacemsg-group.name. type: str
more...
v6.0.0
v6.0.5
v6.0.11
v6.2.0
v6.2.3
v6.2.5
v6.2.7
replacemsg_group yes yes yes yes yes yes yes
Note
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure MMS profiles.
fortios_firewall_mms_profile:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
firewall_mms_profile:
avnotificationtable: "2147483647"
bwordtable: "2147483647"
carrier_endpoint_prefix: "enable"
carrier_endpoint_prefix_range_max: "24"
carrier_endpoint_prefix_range_min: "24"
carrier_endpoint_prefix_string: "<your_own_value>"
carrierendpointbwltable: "2147483647"
comment: "Comment."
dupe:
-
action1: "block"
action2: "block"
action3: "block"
block_time1: "17895"
block_time2: "17895"
block_time3: "17895"
limit1: "1073741823"
limit2: "1073741823"
limit3: "1073741823"
protocol: "<your_own_value>"
status1: "enable"
status2: "enable"
status3: "enable"
window1: "1440"
window2: "1440"
window3: "1440"
extended_utm_log: "<your_own_value>"
flood:
-
action1: "block"
action2: "block"
action3: "block"
block_time1: "17895"
block_time2: "17895"
block_time3: "17895"
limit1: "1073741823"
limit2: "1073741823"
limit3: "1073741823"
protocol: "<your_own_value>"
status1: "enable"
status2: "enable"
status3: "enable"
window1: "1440"
window2: "1440"
window3: "1440"
mm1: "avmonitor"
mm1_addr_hdr: "<your_own_value>"
mm1_addr_source: "http-header"
mm1_convert_hex: "enable"
mm1_outbreak_prevention: "disabled"
mm1_retr_dupe: "enable"
mm1_retrieve_scan: "enable"
mm1comfortamount: "2147483647"
mm1comfortinterval: "2147483647"
mm1oversizelimit: "409600"
mm3: "avmonitor"
mm3_outbreak_prevention: "disabled"
mm3oversizelimit: "409600"
mm4: "avmonitor"
mm4_outbreak_prevention: "disabled"
mm4oversizelimit: "409600"
mm7: "avmonitor"
mm7_addr_hdr: "<your_own_value>"
mm7_addr_source: "http-header"
mm7_convert_hex: "enable"
mm7_outbreak_prevention: "disabled"
mm7comfortamount: "2147483647"
mm7comfortinterval: "2147483647"
mm7oversizelimit: "409600"
mms_antispam_mass_log: "enable"
mms_av_block_log: "enable"
mms_av_oversize_log: "enable"
mms_av_virus_log: "enable"
mms_carrier_endpoint_filter_log: "enable"
mms_checksum_log: "enable"
mms_checksum_table: "2147483647"
mms_notification_log: "enable"
mms_web_content_log: "enable"
mmsbwordthreshold: "1073741823"
name: "default_name_80"
notif_msisdn:
-
msisdn: "<your_own_value>"
threshold: "flood-thresh-1"
notification:
-
alert_int: "720"
alert_int_mode: "hours"
alert_src_msisdn: "<your_own_value>"
alert_status: "enable"
bword_int: "720"
bword_int_mode: "hours"
bword_status: "enable"
carrier_endpoint_bwl_int: "720"
carrier_endpoint_bwl_int_mode: "hours"
carrier_endpoint_bwl_status: "enable"
days_allowed: "sunday"
detect_server: "enable"
dupe_int: "720"
dupe_int_mode: "hours"
dupe_status: "enable"
file_block_int: "720"
file_block_int_mode: "hours"
file_block_status: "enable"
flood_int: "720"
flood_int_mode: "hours"
flood_status: "enable"
from_in_header: "enable"
mms_checksum_int: "720"
mms_checksum_int_mode: "hours"
mms_checksum_status: "enable"
mmsc_hostname: "myhostname"
mmsc_password: "<your_own_value>"
mmsc_port: "32767"
mmsc_url: "<your_own_value>"
mmsc_username: "<your_own_value>"
msg_protocol: "mm1"
msg_type: "submit-req"
protocol: "<your_own_value>"
rate_limit: "125"
tod_window_duration: "<your_own_value>"
tod_window_end: "<your_own_value>"
tod_window_start: "<your_own_value>"
user_domain: "<your_own_value>"
vas_id: "<your_own_value>"
vasp_id: "<your_own_value>"
virus_int: "720"
virus_int_mode: "hours"
virus_status: "enable"
outbreak_prevention:
external_blocklist: "disable"
ftgd_service: "disable"
remove_blocked_const_length: "enable"
replacemsg_group: "<your_own_value> (source system.replacemsg-group.name)"
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
- http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- revision - Internal revision number returned: always type: str sample: 17.0.2.10658
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- status - Indication of the operation's result returned: always type: str sample: success
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3
- This module is not guaranteed to have a backwards compatible interface.
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
Hint
If you notice any issues in this documentation, you can create a pull request to improve it.