Skip to content

Latest commit

 

History

History
957 lines (913 loc) · 43.9 KB

fortios_gtp_message_filter_v0v1.rst

File metadata and controls

957 lines (913 loc) · 43.9 KB
Raw
source:fortios_gtp_message_filter_v0v1.py
orphan:

fortios_gtp_message_filter_v0v1 -- Message filter for GTPv0/v1 messages in Fortinet's FortiOS and FortiGate.

.. versionadded:: 2.0.0

Synopsis

  • This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify gtp feature and message_filter_v0v1 category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.14

Tips

Using member operation to add an element to an existing object.

FortiOS Version Compatibility


Supported Version Ranges
fortios_gtp_message_filter_v0v1 v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4

Parameters

  • access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
  • enable_log - Enable/Disable logging for task. type: bool required: false default: False
  • vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
  • member_path - Member attribute path to operate on. type: str
  • member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
  • state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
  • gtp_message_filter_v0v1 - Message filter for GTPv0/v1 messages. type: dict more...
    Supported Version Ranges
    gtp_message_filter_v0v1 v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
    • create_mbms - GTPv1 create MBMS context (req 100, resp 101). type: str choices: allow, deny more...
      Supported Version Ranges
      create_mbms v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • create_pdp - Create PDP context (req 16, resp 17). type: str choices: allow, deny more...
      Supported Version Ranges
      create_pdp v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • data_record - Data record transfer (req 240, resp 241). type: str choices: allow, deny more...
      Supported Version Ranges
      data_record v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • delete_aa_pdp - GTPv0 delete AA PDP context (req 24, resp 25). type: str choices: allow, deny more...
      Supported Version Ranges
      delete_aa_pdp v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • delete_mbms - GTPv1 delete MBMS context (req 104, resp 105). type: str choices: allow, deny more...
      Supported Version Ranges
      delete_mbms v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • delete_pdp - Delete PDP context (req 20, resp 21). type: str choices: allow, deny more...
      Supported Version Ranges
      delete_pdp v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • echo - Echo (req 1, resp 2). type: str choices: allow, deny more...
      Supported Version Ranges
      echo v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • end_marker - GTPv1 End marker (254). type: str choices: allow, deny more...
      Supported Version Ranges
      end_marker v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • error_indication - Error indication (26). type: str choices: allow, deny more...
      Supported Version Ranges
      error_indication v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • failure_report - Failure report (req 34, resp 35). type: str choices: allow, deny more...
      Supported Version Ranges
      failure_report v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • fwd_relocation - GTPv1 forward relocation (req 53, resp 54, complete 55, complete ack 59). type: str choices: allow, deny more...
      Supported Version Ranges
      fwd_relocation v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • fwd_srns_context - GTPv1 forward SRNS (context 58, context ack 60). type: str choices: allow, deny more...
      Supported Version Ranges
      fwd_srns_context v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • gtp_pdu - PDU (255). type: str choices: allow, deny more...
      Supported Version Ranges
      gtp_pdu v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • identification - Identification (req 48, resp 49). type: str choices: allow, deny more...
      Supported Version Ranges
      identification v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • mbms_de_registration - GTPv1 MBMS de-registration (req 114, resp 115). type: str choices: allow, deny more...
      Supported Version Ranges
      mbms_de_registration v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • mbms_notification - GTPv1 MBMS notification (req 96, resp 97, reject req 98. reject resp 99). type: str choices: allow, deny more...
      Supported Version Ranges
      mbms_notification v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • mbms_registration - GTPv1 MBMS registration (req 112, resp 113). type: str choices: allow, deny more...
      Supported Version Ranges
      mbms_registration v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • mbms_session_start - GTPv1 MBMS session start (req 116, resp 117). type: str choices: allow, deny more...
      Supported Version Ranges
      mbms_session_start v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • mbms_session_stop - GTPv1 MBMS session stop (req 118, resp 119). type: str choices: allow, deny more...
      Supported Version Ranges
      mbms_session_stop v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • mbms_session_update - GTPv1 MBMS session update (req 120, resp 121). type: str choices: allow, deny more...
      Supported Version Ranges
      mbms_session_update v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • ms_info_change_notif - GTPv1 MS info change notification (req 128, resp 129). type: str choices: allow, deny more...
      Supported Version Ranges
      ms_info_change_notif v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • name - Message filter name. type: str required: true more...
      Supported Version Ranges
      name v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
    • node_alive - Node alive (req 4, resp 5). type: str choices: allow, deny more...
      Supported Version Ranges
      node_alive v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • note_ms_present - Note MS GPRS present (req 36, resp 37). type: str choices: allow, deny more...
      Supported Version Ranges
      note_ms_present v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • pdu_notification - PDU notification (req 27, resp 28, reject req 29, reject resp 30). type: str choices: allow, deny more...
      Supported Version Ranges
      pdu_notification v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • ran_info - GTPv1 RAN information relay (70). type: str choices: allow, deny more...
      Supported Version Ranges
      ran_info v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • redirection - Redirection (req 6, resp 7). type: str choices: allow, deny more...
      Supported Version Ranges
      redirection v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • relocation_cancel - GTPv1 relocation cancel (req 56, resp 57). type: str choices: allow, deny more...
      Supported Version Ranges
      relocation_cancel v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • send_route - Send routing information for GPRS (req 32, resp 33). type: str choices: allow, deny more...
      Supported Version Ranges
      send_route v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • sgsn_context - SGSN context (req 50, resp 51, ack 52). type: str choices: allow, deny more...
      Supported Version Ranges
      sgsn_context v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • support_extension - GTPv1 supported extension headers notify (31). type: str choices: allow, deny more...
      Supported Version Ranges
      support_extension v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • ue_registration_query - UE Registration Query (req 61, resp ack 62). type: str choices: allow, deny more...
      Supported Version Ranges
      ue_registration_query v7.2.1 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • unknown_message - Allow or Deny unknown messages. type: str choices: allow, deny more...
      Supported Version Ranges
      unknown_message v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • unknown_message_white_list - White list (to allow) of unknown messages. type: list member_path: unknown_message_white_list:id more...
      Supported Version Ranges
      unknown_message_white_list v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      • id - Message IDs. see Notes. type: int required: true more...
        Supported Version Ranges
        id v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
    • update_mbms - GTPv1 update MBMS context (req 102, resp 103). type: str choices: allow, deny more...
      Supported Version Ranges
      update_mbms v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • update_pdp - Update PDP context (req 18, resp 19). type: str choices: allow, deny more...
      Supported Version Ranges
      update_pdp v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • v0_create_aa_pdp__v1_init_pdp_ctx - GTPv0 create AA PDP context (req 22, resp 23); Or GTPv1 initiate PDP context (req 22, resp 23). type: str choices: allow, deny more...
      Supported Version Ranges
      v0_create_aa_pdp__v1_init_pdp_ctx v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest
    • version_not_support - Version not supported (3). type: str choices: allow, deny more...
      Supported Version Ranges
      version_not_support v6.0.0 -> v7.0.8 v7.2.0 -> v7.2.4
      [allow] v6.0.0 -> latest
      [deny] v6.0.0 -> latest

Notes

Note

  • Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks

Examples

- name: Message filter for GTPv0/v1 messages.
  fortinet.fortios.fortios_gtp_message_filter_v0v1:
      vdom: "{{ vdom }}"
      state: "present"
      access_token: "<your_own_value>"
      gtp_message_filter_v0v1:
          create_mbms: "allow"
          create_pdp: "allow"
          data_record: "allow"
          delete_aa_pdp: "allow"
          delete_mbms: "allow"
          delete_pdp: "allow"
          echo: "allow"
          end_marker: "allow"
          error_indication: "allow"
          failure_report: "allow"
          fwd_relocation: "allow"
          fwd_srns_context: "allow"
          gtp_pdu: "allow"
          identification: "allow"
          mbms_de_registration: "allow"
          mbms_notification: "allow"
          mbms_registration: "allow"
          mbms_session_start: "allow"
          mbms_session_stop: "allow"
          mbms_session_update: "allow"
          ms_info_change_notif: "allow"
          name: "default_name_24"
          node_alive: "allow"
          note_ms_present: "allow"
          pdu_notification: "allow"
          ran_info: "allow"
          redirection: "allow"
          relocation_cancel: "allow"
          send_route: "allow"
          sgsn_context: "allow"
          support_extension: "allow"
          ue_registration_query: "allow"
          unknown_message: "allow"
          unknown_message_white_list:
              -
                  id: "37"
          update_mbms: "allow"
          update_pdp: "allow"
          v0_create_aa_pdp__v1_init_pdp_ctx: "allow"
          version_not_support: "allow"

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

  • build - Build number of the fortigate image returned: always type: str sample: 1547
  • http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
  • http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
  • mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
  • name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
  • path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
  • revision - Internal revision number returned: always type: str sample: 17.0.2.10658
  • serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
  • status - Indication of the operation's result returned: always type: str sample: success
  • vdom - Virtual domain used returned: always type: str sample: root
  • version - Version of the FortiGate returned: always type: str sample: v5.6.3

Status

  • This module is not guaranteed to have a backwards compatible interface.

Authors

  • Link Zheng (@chillancezen)
  • Jie Xue (@JieX19)
  • Hongbin Lu (@fgtdev-hblu)
  • Frank Shen (@frankshen01)
  • Miguel Angel Munoz (@mamunozgonzalez)
  • Nicolas Thomas (@thomnico)

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.