fortinet.fortios.fortios_firewall_gtp – Configure GTP in Fortinet’s FortiOS and FortiGate.
Note
This plugin is part of the fortinet.fortios collection (version 2.1.2).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install fortinet.fortios
.
To use it in a playbook, specify: fortinet.fortios.fortios_firewall_gtp
.
New in version 2.10: of fortinet.fortios
Synopsis
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify firewall feature and gtp category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
Requirements
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
Parameters
Parameter | Choices/Defaults | Comments | |||
---|---|---|---|---|---|
access_token string | Token-based authentication. Generated from GUI of Fortigate. | ||||
enable_log boolean |
| Enable/Disable logging for task. | |||
firewall_gtp dictionary | Configure GTP. | ||||
addr_notify string | overbilling notify address | ||||
apn list / elements=string | APN. | ||||
action string |
| Action. | |||
apnmember list / elements=string | APN member. | ||||
name string / required | APN name. Source gtp.apn.name gtp.apngrp.name. | ||||
id integer / required | ID. | ||||
selection_mode list / elements=string |
| APN selection mode. | |||
apn_filter string |
| apn filter | |||
authorized_ggsns string | Authorized GGSN group Source firewall.address.name firewall.addrgrp.name. | ||||
authorized_ggsns6 string | Authorized GGSN/PGW IPv6 group. Source firewall.address6.name firewall.addrgrp6.name. | ||||
authorized_sgsns string | Authorized SGSN group Source firewall.address.name firewall.addrgrp.name. | ||||
authorized_sgsns6 string | Authorized SGSN/SGW IPv6 group. Source firewall.address6.name firewall.addrgrp6.name. | ||||
comment string | Comment. | ||||
context_id integer | Overbilling context. | ||||
control_plane_message_rate_limit integer | control plane message rate limit | ||||
default_apn_action string |
| default apn action | |||
default_imsi_action string |
| default imsi action | |||
default_ip_action string |
| default action for encapsulated IP traffic | |||
default_noip_action string |
| default action for encapsulated non-IP traffic | |||
default_policy_action string |
| default advanced policy action | |||
denied_log string |
| log denied | |||
echo_request_interval integer | echo request interval (in seconds) | ||||
extension_log string |
| log in extension format | |||
forwarded_log string |
| log forwarded | |||
global_tunnel_limit string | Global tunnel limit. Source gtp.tunnel-limit.name. | ||||
gtp_in_gtp string |
| gtp in gtp | |||
gtpu_denied_log string |
| Enable/disable logging of denied GTP-U packets. | |||
gtpu_forwarded_log string |
| Enable/disable logging of forwarded GTP-U packets. | |||
gtpu_log_freq integer | Logging of frequency of GTP-U packets. | ||||
half_close_timeout integer | Half-close tunnel timeout (in seconds). | ||||
half_open_timeout integer | Half-open tunnel timeout (in seconds). | ||||
handover_group string | Handover SGSN group Source firewall.address.name firewall.addrgrp.name. | ||||
handover_group6 string | Handover SGSN/SGW IPv6 group. Source firewall.address6.name firewall.addrgrp6.name. | ||||
ie_allow_list_v0v1 string | IE allow list. Source gtp.ie-allow-list.name. | ||||
ie_allow_list_v2 string | IE allow list. Source gtp.ie-allow-list.name. | ||||
ie_remove_policy list / elements=string | IE remove policy. | ||||
id integer / required | ID. | ||||
remove_ies string |
| GTP IEs to be removed. | |||
sgsn_addr string | SGSN address name. Source firewall.address.name firewall.addrgrp.name. | ||||
sgsn_addr6 string | SGSN IPv6 address name. Source firewall.address6.name firewall.addrgrp6.name. | ||||
ie_remover string |
| IE removal policy. | |||
ie_validation dictionary | IE validation. | ||||
apn_restriction string |
| Validate APN restriction. | |||
charging_gateway_addr string |
| Validate charging gateway address. | |||
charging_ID string |
| Validate charging ID. | |||
end_user_addr string |
| Validate end user address. | |||
gsn_addr string |
| Validate GSN address. | |||
imei string |
| Validate IMEI(SV). | |||
imsi string |
| Validate IMSI. | |||
mm_context string |
| Validate MM context. | |||
ms_tzone string |
| Validate MS time zone. | |||
ms_validated string |
| Validate MS validated. | |||
msisdn string |
| Validate MSISDN. | |||
nsapi string |
| Validate NSAPI. | |||
pdp_context string |
| Validate PDP context. | |||
qos_profile string |
| Validate Quality of Service(QoS) profile. | |||
rai string |
| Validate RAI. | |||
rat_type string |
| Validate RAT type. | |||
reordering_required string |
| Validate re-ordering required. | |||
selection_mode string |
| Validate selection mode. | |||
uli string |
| Validate user location information. | |||
ie_white_list_v0v1 string | IE white list. Source gtp.ie-white-list.name. | ||||
ie_white_list_v2 string | IE white list. Source gtp.ie-white-list.name. | ||||
imsi list / elements=string | IMSI. | ||||
action string |
| Action. | |||
apnmember list / elements=string | APN member. | ||||
name string / required | APN name. Source gtp.apn.name gtp.apngrp.name. | ||||
id integer / required | ID. | ||||
mcc_mnc string | MCC MNC. | ||||
msisdn_prefix string | MSISDN prefix. | ||||
selection_mode list / elements=string |
| APN selection mode. | |||
imsi_filter string |
| imsi filter | |||
interface_notify string | overbilling interface Source system.interface.name. | ||||
invalid_reserved_field string |
| Invalid reserved field in GTP header | |||
invalid_sgsns6_to_log string | Invalid SGSN IPv6 group to be logged. Source firewall.address6.name firewall.addrgrp6.name. | ||||
invalid_sgsns_to_log string | Invalid SGSN group to be logged Source firewall.address.name firewall.addrgrp.name. | ||||
ip_filter string |
| IP filter for encapsulted traffic | |||
ip_policy list / elements=string | IP policy. | ||||
action string |
| Action. | |||
dstaddr string | Destination address name. Source firewall.address.name firewall.addrgrp.name. | ||||
dstaddr6 string | Destination IPv6 address name. Source firewall.address6.name firewall.addrgrp6.name. | ||||
id integer / required | ID. | ||||
srcaddr string | Source address name. Source firewall.address.name firewall.addrgrp.name. | ||||
srcaddr6 string | Source IPv6 address name. Source firewall.address6.name firewall.addrgrp6.name. | ||||
log_freq integer | Logging of frequency of GTP-C packets. | ||||
log_gtpu_limit integer | the user data log limit (0-512 bytes) | ||||
log_imsi_prefix string | IMSI prefix for selective logging. | ||||
log_msisdn_prefix string | the msisdn prefix for selective logging | ||||
max_message_length integer | max message length | ||||
message_filter_v0v1 string | Message filter. Source gtp.message-filter-v0v1.name. | ||||
message_filter_v2 string | Message filter. Source gtp.message-filter-v2.name. | ||||
message_rate_limit dictionary | Message rate limiting. | ||||
create_aa_pdp_request integer | Rate limit for create AA PDP context request (packets per second). | ||||
create_aa_pdp_response integer | Rate limit for create AA PDP context response (packets per second). | ||||
create_mbms_request integer | Rate limit for create MBMS context request (packets per second). | ||||
create_mbms_response integer | Rate limit for create MBMS context response (packets per second). | ||||
create_pdp_request integer | Rate limit for create PDP context request (packets per second). | ||||
create_pdp_response integer | Rate limit for create PDP context response (packets per second). | ||||
delete_aa_pdp_request integer | Rate limit for delete AA PDP context request (packets per second). | ||||
delete_aa_pdp_response integer | Rate limit for delete AA PDP context response (packets per second). | ||||
delete_mbms_request integer | Rate limit for delete MBMS context request (packets per second). | ||||
delete_mbms_response integer | Rate limit for delete MBMS context response (packets per second). | ||||
delete_pdp_request integer | Rate limit for delete PDP context request (packets per second). | ||||
delete_pdp_response integer | Rate limit for delete PDP context response (packets per second). | ||||
echo_reponse integer | Rate limit for echo response (packets per second). | ||||
echo_request integer | Rate limit for echo requests (packets per second). | ||||
error_indication integer | Rate limit for error indication (packets per second). | ||||
failure_report_request integer | Rate limit for failure report request (packets per second). | ||||
failure_report_response integer | Rate limit for failure report response (packets per second). | ||||
fwd_reloc_complete_ack integer | Rate limit for forward relocation complete acknowledge (packets per second). | ||||
fwd_relocation_complete integer | Rate limit for forward relocation complete (packets per second). | ||||
fwd_relocation_request integer | Rate limit for forward relocation request (packets per second). | ||||
fwd_relocation_response integer | Rate limit for forward relocation response (packets per second). | ||||
fwd_srns_context integer | Rate limit for forward SRNS context (packets per second). | ||||
fwd_srns_context_ack integer | Rate limit for forward SRNS context acknowledge (packets per second). | ||||
g_pdu integer | Rate limit for G-PDU (packets per second). | ||||
identification_request integer | Rate limit for identification request (packets per second). | ||||
identification_response integer | Rate limit for identification response (packets per second). | ||||
mbms_de_reg_request integer | Rate limit for MBMS de-registration request (packets per second). | ||||
mbms_de_reg_response integer | Rate limit for MBMS de-registration response (packets per second). | ||||
mbms_notify_rej_request integer | Rate limit for MBMS notification reject request (packets per second). | ||||
mbms_notify_rej_response integer | Rate limit for MBMS notification reject response (packets per second). | ||||
mbms_notify_request integer | Rate limit for MBMS notification request (packets per second). | ||||
mbms_notify_response integer | Rate limit for MBMS notification response (packets per second). | ||||
mbms_reg_request integer | Rate limit for MBMS registration request (packets per second). | ||||
mbms_reg_response integer | Rate limit for MBMS registration response (packets per second). | ||||
mbms_ses_start_request integer | Rate limit for MBMS session start request (packets per second). | ||||
mbms_ses_start_response integer | Rate limit for MBMS session start response (packets per second). | ||||
mbms_ses_stop_request integer | Rate limit for MBMS session stop request (packets per second). | ||||
mbms_ses_stop_response integer | Rate limit for MBMS session stop response (packets per second). | ||||
note_ms_request integer | Rate limit for note MS GPRS present request (packets per second). | ||||
note_ms_response integer | Rate limit for note MS GPRS present response (packets per second). | ||||
pdu_notify_rej_request integer | Rate limit for PDU notify reject request (packets per second). | ||||
pdu_notify_rej_response integer | Rate limit for PDU notify reject response (packets per second). | ||||
pdu_notify_request integer | Rate limit for PDU notify request (packets per second). | ||||
pdu_notify_response integer | Rate limit for PDU notify response (packets per second). | ||||
ran_info integer | Rate limit for RAN information relay (packets per second). | ||||
relocation_cancel_request integer | Rate limit for relocation cancel request (packets per second). | ||||
relocation_cancel_response integer | Rate limit for relocation cancel response (packets per second). | ||||
send_route_request integer | Rate limit for send routing information for GPRS request (packets per second). | ||||
send_route_response integer | Rate limit for send routing information for GPRS response (packets per second). | ||||
sgsn_context_ack integer | Rate limit for SGSN context acknowledgement (packets per second). | ||||
sgsn_context_request integer | Rate limit for SGSN context request (packets per second). | ||||
sgsn_context_response integer | Rate limit for SGSN context response (packets per second). | ||||
support_ext_hdr_notify integer | Rate limit for support extension headers notification (packets per second). | ||||
update_mbms_request integer | Rate limit for update MBMS context request (packets per second). | ||||
update_mbms_response integer | Rate limit for update MBMS context response (packets per second). | ||||
update_pdp_request integer | Rate limit for update PDP context request (packets per second). | ||||
update_pdp_response integer | Rate limit for update PDP context response (packets per second). | ||||
version_not_support integer | Rate limit for version not supported (packets per second). | ||||
message_rate_limit_v0 dictionary | Message rate limiting for GTP version 0. | ||||
create_pdp_request integer | Rate limit (packets/s) for create PDP context request. | ||||
delete_pdp_request integer | Rate limit (packets/s) for delete PDP context request. | ||||
echo_request integer | Rate limit (packets/s) for echo request. | ||||
message_rate_limit_v1 dictionary | Message rate limiting for GTP version 1. | ||||
create_pdp_request integer | Rate limit (packets/s) for create PDP context request. | ||||
delete_pdp_request integer | Rate limit (packets/s) for delete PDP context request. | ||||
echo_request integer | Rate limit (packets/s) for echo request. | ||||
message_rate_limit_v2 dictionary | Message rate limiting for GTP version 2. | ||||
create_session_request integer | Rate limit (packets/s) for create session request. | ||||
delete_session_request integer | Rate limit (packets/s) for delete session request. | ||||
echo_request integer | Rate limit (packets/s) for echo request. | ||||
min_message_length integer | min message length | ||||
miss_must_ie string |
| Missing mandatory information element | |||
monitor_mode string |
| GTP monitor mode | |||
name string / required | Profile name. | ||||
noip_filter string |
| non-IP filter for encapsulted traffic | |||
noip_policy list / elements=string | No IP policy. | ||||
action string |
| Action. | |||
end integer | End of protocol range (0 - 255). | ||||
id integer / required | ID. | ||||
start integer | Start of protocol range (0 - 255). | ||||
type string |
| Protocol field type. | |||
out_of_state_ie string |
| Out of state information element. | |||
out_of_state_message string |
| Out of state GTP message | |||
per_apn_shaper list / elements=string | Per APN shaper. | ||||
apn string | APN name. Source gtp.apn.name. | ||||
id integer / required | ID. | ||||
rate_limit integer | Rate limit (packets/s) for create PDP context request. | ||||
version integer | GTP version number: 0 or 1. | ||||
policy list / elements=string | Policy. | ||||
action string |
| Action. | |||
apn_sel_mode list / elements=string |
| APN selection mode. | |||
apnmember list / elements=string | APN member. | ||||
name string / required | APN name. Source gtp.apn.name gtp.apngrp.name. | ||||
id integer / required | ID. | ||||
imei string | IMEI(SV) pattern. | ||||
imsi string | IMSI prefix. | ||||
imsi_prefix string | IMSI prefix. | ||||
max_apn_restriction string |
| Maximum APN restriction value. | |||
messages list / elements=string |
| GTP messages. | |||
msisdn string | MSISDN prefix. | ||||
msisdn_prefix string | MSISDN prefix. | ||||
rai string | RAI pattern. | ||||
rat_type list / elements=string |
| RAT Type. | |||
uli string | ULI pattern. | ||||
policy_filter string |
| Advanced policy filter | |||
policy_v2 list / elements=string | Apply allow or deny action to each GTPv2-c packet. | ||||
action string |
| Action. | |||
apn_sel_mode string |
| APN selection mode. | |||
apnmember list / elements=string | APN member. | ||||
name string / required | APN name. Source gtp.apn.name gtp.apngrp.name. | ||||
id integer / required | ID. | ||||
imsi_prefix string | IMSI prefix. | ||||
max_apn_restriction string |
| Maximum APN restriction value. | |||
mei string | MEI pattern. | ||||
messages string |
| GTP messages. | |||
msisdn_prefix string | MSISDN prefix. | ||||
rat_type string |
| RAT Type. | |||
uli string | GTPv2 ULI patterns (in order of CGI SAI RAI TAI ECGI LAI). | ||||
port_notify integer | overbilling notify port | ||||
rate_limit_mode string |
| GTP rate limit mode. | |||
rate_limited_log string |
| log rate limited | |||
rate_sampling_interval integer | rate sampling interval (1-3600 seconds) | ||||
remove_if_echo_expires string |
| remove if echo response expires | |||
remove_if_recovery_differ string |
| remove upon different Recovery IE | |||
reserved_ie string |
| reserved information element | |||
send_delete_when_timeout string |
| send DELETE request to path endpoints when GTPv0/v1 tunnel timeout. | |||
send_delete_when_timeout_v2 string |
| send DELETE request to path endpoints when GTPv2 tunnel timeout. | |||
spoof_src_addr string |
| Spoofed source address for Mobile Station. | |||
state_invalid_log string |
| log state invalid | |||
sub_second_interval string |
| Sub-second interval (0.1, 0.25, or 0.5 sec). | |||
sub_second_sampling string |
| Enable/disable sub-second sampling. | |||
traffic_count_log string |
| log tunnel traffic counter | |||
tunnel_limit integer | tunnel limit | ||||
tunnel_limit_log string |
| tunnel limit | |||
tunnel_timeout integer | Established tunnel timeout (in seconds). | ||||
unknown_version_action string |
| action for unknown gtp version | |||
user_plane_message_rate_limit integer | user plane message rate limit | ||||
warning_threshold integer | Warning threshold for rate limiting (0 - 99 percent). | ||||
state string / required |
| Indicates whether to create or remove the object. | |||
vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. |
Notes
Note
- Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks
Examples
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure GTP. fortios_firewall_gtp: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" firewall_gtp: addr_notify: "<your_own_value>" apn: - action: "allow" apnmember: - name: "default_name_7 (source gtp.apn.name gtp.apngrp.name)" id: "8" selection_mode: "ms" apn_filter: "enable" authorized_ggsns: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" authorized_ggsns6: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" authorized_sgsns: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" authorized_sgsns6: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" comment: "Comment." context_id: "16" control_plane_message_rate_limit: "17" default_apn_action: "allow" default_imsi_action: "allow" default_ip_action: "allow" default_noip_action: "allow" default_policy_action: "allow" denied_log: "enable" echo_request_interval: "24" extension_log: "enable" forwarded_log: "enable" global_tunnel_limit: "<your_own_value> (source gtp.tunnel-limit.name)" gtp_in_gtp: "allow" gtpu_denied_log: "enable" gtpu_forwarded_log: "enable" gtpu_log_freq: "31" half_close_timeout: "32" half_open_timeout: "33" handover_group: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" handover_group6: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" ie_allow_list_v0v1: "<your_own_value> (source gtp.ie-allow-list.name)" ie_allow_list_v2: "<your_own_value> (source gtp.ie-allow-list.name)" ie_remove_policy: - id: "39" remove_ies: "apn-restriction" sgsn_addr: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" sgsn_addr6: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" ie_remover: "enable" ie_validation: apn_restriction: "enable" charging_gateway_addr: "enable" charging_ID: "enable" end_user_addr: "enable" gsn_addr: "enable" imei: "enable" imsi: "enable" mm_context: "enable" ms_tzone: "enable" ms_validated: "enable" msisdn: "enable" nsapi: "enable" pdp_context: "enable" qos_profile: "enable" rai: "enable" rat_type: "enable" reordering_required: "enable" selection_mode: "enable" uli: "enable" ie_white_list_v0v1: "<your_own_value> (source gtp.ie-white-list.name)" ie_white_list_v2: "<your_own_value> (source gtp.ie-white-list.name)" imsi: - action: "allow" apnmember: - name: "default_name_69 (source gtp.apn.name gtp.apngrp.name)" id: "70" mcc_mnc: "<your_own_value>" msisdn_prefix: "<your_own_value>" selection_mode: "ms" imsi_filter: "enable" interface_notify: "<your_own_value> (source system.interface.name)" invalid_reserved_field: "allow" invalid_sgsns_to_log: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" invalid_sgsns6_to_log: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" ip_filter: "enable" ip_policy: - action: "allow" dstaddr: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" dstaddr6: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" id: "84" srcaddr: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" srcaddr6: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" log_freq: "87" log_gtpu_limit: "88" log_imsi_prefix: "<your_own_value>" log_msisdn_prefix: "<your_own_value>" max_message_length: "91" message_filter_v0v1: "<your_own_value> (source gtp.message-filter-v0v1.name)" message_filter_v2: "<your_own_value> (source gtp.message-filter-v2.name)" message_rate_limit: create_aa_pdp_request: "95" create_aa_pdp_response: "96" create_mbms_request: "97" create_mbms_response: "98" create_pdp_request: "99" create_pdp_response: "100" delete_aa_pdp_request: "101" delete_aa_pdp_response: "102" delete_mbms_request: "103" delete_mbms_response: "104" delete_pdp_request: "105" delete_pdp_response: "106" echo_reponse: "107" echo_request: "108" error_indication: "109" failure_report_request: "110" failure_report_response: "111" fwd_reloc_complete_ack: "112" fwd_relocation_complete: "113" fwd_relocation_request: "114" fwd_relocation_response: "115" fwd_srns_context: "116" fwd_srns_context_ack: "117" g_pdu: "118" identification_request: "119" identification_response: "120" mbms_de_reg_request: "121" mbms_de_reg_response: "122" mbms_notify_rej_request: "123" mbms_notify_rej_response: "124" mbms_notify_request: "125" mbms_notify_response: "126" mbms_reg_request: "127" mbms_reg_response: "128" mbms_ses_start_request: "129" mbms_ses_start_response: "130" mbms_ses_stop_request: "131" mbms_ses_stop_response: "132" note_ms_request: "133" note_ms_response: "134" pdu_notify_rej_request: "135" pdu_notify_rej_response: "136" pdu_notify_request: "137" pdu_notify_response: "138" ran_info: "139" relocation_cancel_request: "140" relocation_cancel_response: "141" send_route_request: "142" send_route_response: "143" sgsn_context_ack: "144" sgsn_context_request: "145" sgsn_context_response: "146" support_ext_hdr_notify: "147" update_mbms_request: "148" update_mbms_response: "149" update_pdp_request: "150" update_pdp_response: "151" version_not_support: "152" message_rate_limit_v0: create_pdp_request: "154" delete_pdp_request: "155" echo_request: "156" message_rate_limit_v1: create_pdp_request: "158" delete_pdp_request: "159" echo_request: "160" message_rate_limit_v2: create_session_request: "162" delete_session_request: "163" echo_request: "164" min_message_length: "165" miss_must_ie: "allow" monitor_mode: "enable" name: "default_name_168" noip_filter: "enable" noip_policy: - action: "allow" end: "172" id: "173" start: "174" type: "etsi" out_of_state_ie: "allow" out_of_state_message: "allow" per_apn_shaper: - apn: "<your_own_value> (source gtp.apn.name)" id: "180" rate_limit: "181" version: "182" policy: - action: "allow" apn_sel_mode: "ms" apnmember: - name: "default_name_187 (source gtp.apn.name gtp.apngrp.name)" id: "188" imei: "<your_own_value>" imsi: "<your_own_value>" imsi_prefix: "<your_own_value>" max_apn_restriction: "all" messages: "create-req" msisdn: "<your_own_value>" msisdn_prefix: "<your_own_value>" rai: "<your_own_value>" rat_type: "any" uli: "<your_own_value>" policy_filter: "enable" policy_v2: - action: "allow" apn_sel_mode: "ms" apnmember: - name: "default_name_204 (source gtp.apn.name gtp.apngrp.name)" id: "205" imsi_prefix: "<your_own_value>" max_apn_restriction: "all" mei: "<your_own_value>" messages: "create-ses-req" msisdn_prefix: "<your_own_value>" rat_type: "any" uli: "<your_own_value>" port_notify: "213" rate_limit_mode: "per-profile" rate_limited_log: "enable" rate_sampling_interval: "216" remove_if_echo_expires: "enable" remove_if_recovery_differ: "enable" reserved_ie: "allow" send_delete_when_timeout: "enable" send_delete_when_timeout_v2: "enable" spoof_src_addr: "allow" state_invalid_log: "enable" sub_second_interval: "0.5" sub_second_sampling: "enable" traffic_count_log: "enable" tunnel_limit: "227" tunnel_limit_log: "enable" tunnel_timeout: "229" unknown_version_action: "allow" user_plane_message_rate_limit: "231" warning_threshold: "232"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build string | always | Build number of the fortigate image Sample: 1547 |
http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
name string | always | Name of the table used to fulfill the request Sample: urlfilter |
path string | always | Path of the table used to fulfill the request Sample: webfilter |
revision string | always | Internal revision number Sample: 17.0.2.10658 |
serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
status string | always | Indication of the operation's result Sample: success |
vdom string | always | Virtual domain used Sample: root |
version string | always | Version of the FortiGate Sample: v5.6.3 |
Authors
- Link Zheng (@chillancezen)
- Jie Xue (@JieX19)
- Hongbin Lu (@fgtdev-hblu)
- Frank Shen (@frankshen01)
- Miguel Angel Munoz (@mamunozgonzalez)
- Nicolas Thomas (@thomnico)
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_firewall_gtp_module.html