fmgr_fwobj_service – Manages FortiManager Firewall Service Objects
New in version 2.8.
Synopsis
- Manages FortiManager Firewall Service Objects.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
adom - | Default: "root" | -The ADOM the configuration should belong to. |
app_category - | Application category ID. | |
app_service_type - | Application service type. | |
application - | Application ID. | |
category - | Service category. | |
check_reset_range - | Enable disable RST check. | |
color - | Default: 22 | GUI icon color. |
comment - | Comment. | |
custom_type - |
| Tells module what kind of custom service to be added. |
explicit_proxy - |
| Enable/disable explicit web proxy service. |
fqdn - | Default: "" | Fully qualified domain name. |
group_member - | Comma-Seperated list of members' names. | |
group_name - | Name of the Service Group. | |
icmp_code - | ICMP code. | |
icmp_type - | ICMP type. | |
iprange - | Default: "0.0.0.0" | Start IP-End IP. |
mode - |
| Sets one of three modes for managing the object. |
name - | Custom service name. | |
object_type - |
| Tells module if we are adding a custom service, category, or group. |
protocol - | Protocol type. | |
protocol_number - | IP protocol number. | |
sctp_portrange - | Multiple SCTP port ranges. Comma separated list of destination ports to add (i.e. '443,80'). Syntax is <destPort:sourcePort> If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
session_ttl - | Default: 0 | Session TTL (300 - 604800, 0 = default). |
tcp_halfclose_timer - | Default: 0 | TCP half close timeout (1 - 86400 sec, 0 = default). |
tcp_halfopen_timer - | Default: 0 | TCP half close timeout (1 - 86400 sec, 0 = default). |
tcp_portrange - | Comma separated list of destination ports to add (i.e. '443,80'). Syntax is <destPort:sourcePort> If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
tcp_timewait_timer - | Default: 0 | TCP half close timeout (1 - 300 sec, 0 = default). |
udp_idle_timer - | Default: 0 | TCP half close timeout (0 - 86400 sec, 0 = default). |
udp_portrange - | Comma separated list of destination ports to add (i.e. '443,80'). Syntax is <destPort:sourcePort> If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
visibility - |
| Enable/disable service visibility. |
Notes
Note
- Full Documentation at https://ftnt-ansible-docs.readthedocs.io/en/latest/.
Examples
- name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_service" object_type: "custom" custom_type: "tcp_udp_sctp" tcp_portrange: "443" udp_portrange: "51" sctp_portrange: "100" - name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP WITH SOURCE RANGES AND MULTIPLES fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_serviceWithSource" object_type: "custom" custom_type: "tcp_udp_sctp" tcp_portrange: "443:2000-1000,80-82:10000-20000" udp_portrange: "51:100-200,162:200-400" sctp_portrange: "100:2000-2500" - name: ADD A CUSTOM SERVICE FOR ICMP fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp" object_type: "custom" custom_type: "icmp" icmp_type: "8" icmp_code: "3" - name: ADD A CUSTOM SERVICE FOR ICMP6 fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp6" object_type: "custom" custom_type: "icmp6" icmp_type: "5" icmp_code: "1" - name: ADD A CUSTOM SERVICE FOR IP - GRE fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_icmp6" object_type: "custom" custom_type: "ip" protocol_number: "47" - name: ADD A CUSTOM PROXY FOR ALL WITH SOURCE RANGES AND MULTIPLES fmgr_fwobj_service: adom: "ansible" name: "ansible_custom_proxy_all" object_type: "custom" custom_type: "all" explicit_proxy: "enable" tcp_portrange: "443:2000-1000,80-82:10000-20000" iprange: "www.ansible.com"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result string | always | full API response, includes status code and message |
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Luke Weighall (@lweighall)
- Andrew Welsh (@Ghilli3)
- Jim Huber (@p4r4n0y1ng)
Hint
If you notice any issues in this documentation you can edit this document to improve it.
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/fmgr_fwobj_service_module.html