community.network.fmgr_fwobj_ippool – Allows the editing of IP Pool Objects within FortiManager.

From Get docs
Ansible/docs/2.10/collections/community/network/fmgr fwobj ippool module


community.network.fmgr_fwobj_ippool – Allows the editing of IP Pool Objects within FortiManager.

Note

This plugin is part of the community.network collection (version 1.3.0).

To install it use: ansible-galaxy collection install community.network.

To use it in a playbook, specify: community.network.fmgr_fwobj_ippool.


Synopsis

  • Allows users to add/edit/delete IP Pool Objects.

Parameters

Parameter Choices/Defaults Comments

adom

string

Default:

"root"

The ADOM the configuration should belong to.

arp_intf

string

Select an interface from available options that will reply to ARP requests. (If blank, any is selected).

arp_reply

string

  • disable
  • enable

Enable/disable replying to ARP requests when an IP Pool is added to a policy (default = enable).

choice | disable | Disable ARP reply.

choice | enable | Enable ARP reply.

associated_interface

string

Associated interface name.

block_size

string

Number of addresses in a block (64 to 4096, default = 128).

comments

string

Comment.

dynamic_mapping

string

EXPERTS ONLY! KNOWLEDGE OF FMGR JSON API IS REQUIRED!

List of multiple child objects to be added. Expects a list of dictionaries.

Dictionaries must use FortiManager API parameters, not the ansible ones listed below.

If submitted, all other prefixed sub-parameter.ARE IGNORED.

This object is MUTUALLY EXCLUSIVE with its options.

We expect that you know what you are doing with these list parameters, and are leveraging the JSON API Guide.

WHEN IN DOUBT, USE THE SUB OPTIONS BELOW INSTEAD TO CREATE OBJECTS WITH MULTIPLE TASKS

dynamic_mapping_arp_intf

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_arp_reply

string

  • disable
  • enable

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_associated_interface

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_block_size

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_comments

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_endip

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_num_blocks_per_user

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_pba_timeout

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_permit_any_host

string

  • disable
  • enable

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_source_endip

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_source_startip

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_startip

string

Dynamic Mapping clone of original suffixed parameter.

dynamic_mapping_type

string

  • overload
  • one-to-one
  • fixed-port-range
  • port-block-allocation

Dynamic Mapping clone of original suffixed parameter.

endip

string

Final IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default| 0.0.0.0).

mode

string

  • add

  • set
  • delete
  • update

Sets one of three modes for managing the object.

Allows use of soft-adds instead of overwriting existing values

name

string

IP pool name.

num_blocks_per_user

string

Number of addresses blocks that can be used by a user (1 to 128, default = 8).

pba_timeout

string

Port block allocation timeout (seconds).

permit_any_host

string

  • disable
  • enable

Enable/disable full cone NAT.

choice | disable | Disable full cone NAT.

choice | enable | Enable full cone NAT.

source_endip

string

Final IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default| 0.0.0.0).

source_startip

string

First IPv4 address (inclusive) in the range of the source addresses to be translated (format xxx.xxx.xxx.xxx, Default| 0.0.0.0).

startip

string

First IPv4 address (inclusive) in the range for the address pool (format xxx.xxx.xxx.xxx, Default| 0.0.0.0).

type

string

  • overload
  • one-to-one
  • fixed-port-range
  • port-block-allocation

IP pool type (overload, one-to-one, fixed port range, or port block allocation).

choice | overload | IP addresses in the IP pool can be shared by clients.

choice | one-to-one | One to one mapping.

choice | fixed-port-range | Fixed port range.

choice | port-block-allocation | Port block allocation.



Notes

Examples

- name: ADD FMGR_FIREWALL_IPPOOL Overload
  community.network.fmgr_fwobj_ippool:
    mode: "add"
    adom: "ansible"
    name: "Ansible_pool4_overload"
    comments: "Created by ansible"
    type: "overload"

    # OPTIONS FOR ALL MODES
    startip: "10.10.10.10"
    endip: "10.10.10.100"
    arp_reply: "enable"

- name: ADD FMGR_FIREWALL_IPPOOL one-to-one
  community.network.fmgr_fwobj_ippool:
    mode: "add"
    adom: "ansible"
    name: "Ansible_pool4_121"
    comments: "Created by ansible"
    type: "one-to-one"

    # OPTIONS FOR ALL MODES
    startip: "10.10.20.10"
    endip: "10.10.20.100"
    arp_reply: "enable"

- name: ADD FMGR_FIREWALL_IPPOOL FIXED PORT RANGE
  community.network.fmgr_fwobj_ippool:
    mode: "add"
    adom: "ansible"
    name: "Ansible_pool4_fixed_port"
    comments: "Created by ansible"
    type: "fixed-port-range"

    # OPTIONS FOR ALL MODES
    startip: "10.10.40.10"
    endip: "10.10.40.100"
    arp_reply: "enable"
    # FIXED PORT RANGE OPTIONS
    source_startip: "192.168.20.1"
    source_endip: "192.168.20.20"

- name: ADD FMGR_FIREWALL_IPPOOL PORT BLOCK ALLOCATION
  community.network.fmgr_fwobj_ippool:
    mode: "add"
    adom: "ansible"
    name: "Ansible_pool4_port_block_allocation"
    comments: "Created by ansible"
    type: "port-block-allocation"

    # OPTIONS FOR ALL MODES
    startip: "10.10.30.10"
    endip: "10.10.30.100"
    arp_reply: "enable"
    # PORT BLOCK ALLOCATION OPTIONS
    block_size: "128"
    num_blocks_per_user: "1"

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key Returned Description

api_result

string

always

full API response, includes status code and message





Authors

  • Luke Weighall (@lweighall)
  • Andrew Welsh (@Ghilli3)
  • Jim Huber (@p4r4n0y1ng)

© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.10/collections/community/network/fmgr_fwobj_ippool_module.html