community.fortios.fmgr_fwobj_service – Manages FortiManager Firewall Service Objects.
Note
This plugin is part of the community.fortios collection (version 1.0.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.fortios
.
To use it in a playbook, specify: community.fortios.fmgr_fwobj_service
.
Synopsis
- Manages FortiManager Firewall Service Objects.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
adom string | Default: "root" | -The ADOM the configuration should belong to. |
app_category string | Application category ID. | |
app_service_type string | Application service type. | |
application string | Application ID. | |
category string | Service category. | |
check_reset_range string | Enable disable RST check. | |
color string | Default: 22 | GUI icon color. |
comment string | Comment. | |
custom_type string |
| Tells module what kind of custom service to be added. |
explicit_proxy string |
| Enable/disable explicit web proxy service. |
fqdn string | Default: "" | Fully qualified domain name. |
group_member string | Comma-Seperated list of members' names. | |
group_name string | Name of the Service Group. | |
icmp_code string | ICMP code. | |
icmp_type string | ICMP type. | |
iprange string | Default: "0.0.0.0" | Start IP-End IP. |
mode string |
| Sets one of three modes for managing the object. |
name string | Custom service name. | |
object_type string |
| Tells module if we are adding a custom service, category, or group. |
protocol string | Protocol type. | |
protocol_number string | IP protocol number. | |
sctp_portrange string | Multiple SCTP port ranges. Comma separated list of destination ports to add (i.e. '443,80'). Syntax is <destPort:sourcePort> If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
session_ttl string | Default: 0 | Session TTL (300 - 604800, 0 = default). |
tcp_halfclose_timer string | Default: 0 | TCP half close timeout (1 - 86400 sec, 0 = default). |
tcp_halfopen_timer string | Default: 0 | TCP half close timeout (1 - 86400 sec, 0 = default). |
tcp_portrange string | Comma separated list of destination ports to add (i.e. '443,80'). Syntax is <destPort:sourcePort> If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
tcp_timewait_timer string | Default: 0 | TCP half close timeout (1 - 300 sec, 0 = default). |
udp_idle_timer string | Default: 0 | TCP half close timeout (0 - 86400 sec, 0 = default). |
udp_portrange string | Comma separated list of destination ports to add (i.e. '443,80'). Syntax is <destPort:sourcePort> If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
visibility string |
| Enable/disable service visibility. |
Notes
Note
- Full Documentation at https://ftnt-ansible-docs.readthedocs.io/en/latest/.
Examples
- name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP community.fortios.fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_service" object_type: "custom" custom_type: "tcp_udp_sctp" tcp_portrange: "443" udp_portrange: "51" sctp_portrange: "100" - name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP WITH SOURCE RANGES AND MULTIPLES community.fortios.fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_serviceWithSource" object_type: "custom" custom_type: "tcp_udp_sctp" tcp_portrange: "443:2000-1000,80-82:10000-20000" udp_portrange: "51:100-200,162:200-400" sctp_portrange: "100:2000-2500" - name: ADD A CUSTOM SERVICE FOR ICMP community.fortios.fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp" object_type: "custom" custom_type: "icmp" icmp_type: "8" icmp_code: "3" - name: ADD A CUSTOM SERVICE FOR ICMP6 community.fortios.fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp6" object_type: "custom" custom_type: "icmp6" icmp_type: "5" icmp_code: "1" - name: ADD A CUSTOM SERVICE FOR IP - GRE community.fortios.fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp6" object_type: "custom" custom_type: "ip" protocol_number: "47" - name: ADD A CUSTOM PROXY FOR ALL WITH SOURCE RANGES AND MULTIPLES community.fortios.fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_proxy_all" object_type: "custom" custom_type: "all" explicit_proxy: "enable" tcp_portrange: "443:2000-1000,80-82:10000-20000" iprange: "www.ansible.com"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result string | always | full API response, includes status code and message |
Authors
- Luke Weighall (@lweighall)
- Andrew Welsh (@Ghilli3)
- Jim Huber (@p4r4n0y1ng)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/fortios/fmgr_fwobj_service_module.html