fmgr_fwobj_service – Manages FortiManager Firewall Service Objects
fmgr_fwobj_service – Manages FortiManager Firewall Service Objects
New in version 2.8.
Synopsis
- Manages FortiManager Firewall Service Objects.
Parameters
Parameter | Choices/Defaults | Comments |
---|---|---|
adom - |
Default: "root" |
-The ADOM the configuration should belong to. |
app_category - |
Application category ID. | |
app_service_type - |
Application service type. | |
application - |
Application ID. | |
category - |
Service category. | |
check_reset_range - |
Enable disable RST check. | |
color - |
Default: 22 |
GUI icon color. |
comment - |
Comment. | |
custom_type - |
|
Tells module what kind of custom service to be added. |
explicit_proxy - |
|
Enable/disable explicit web proxy service. |
fqdn - |
Default: "" |
Fully qualified domain name. |
group_member - |
Comma-Seperated list of members' names. | |
group_name - |
Name of the Service Group. | |
icmp_code - |
ICMP code. | |
icmp_type - |
ICMP type. | |
iprange - |
Default: "0.0.0.0" |
Start IP-End IP. |
mode - |
|
Sets one of three modes for managing the object. |
name - |
Custom service name. | |
object_type - |
|
Tells module if we are adding a custom service, category, or group. |
protocol - |
Protocol type. | |
protocol_number - |
IP protocol number. | |
sctp_portrange - |
Multiple SCTP port ranges. Comma separated list of destination ports to add (i.e. '443,80'). Syntax is If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
session_ttl - |
Default: 0 |
Session TTL (300 - 604800, 0 = default). |
tcp_halfclose_timer - |
Default: 0 |
TCP half close timeout (1 - 86400 sec, 0 = default). |
tcp_halfopen_timer - |
Default: 0 |
TCP half close timeout (1 - 86400 sec, 0 = default). |
tcp_portrange - |
Comma separated list of destination ports to add (i.e. '443,80'). Syntax is If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
tcp_timewait_timer - |
Default: 0 |
TCP half close timeout (1 - 300 sec, 0 = default). |
udp_idle_timer - |
Default: 0 |
TCP half close timeout (0 - 86400 sec, 0 = default). |
udp_portrange - |
Comma separated list of destination ports to add (i.e. '443,80'). Syntax is If no sourcePort is defined, it assumes all of them. Ranges can be defined with a hyphen - Examples -- '443' (destPort 443 only) '443:1000-2000' (destPort 443 from source ports 1000-2000). String multiple together in same quotes, comma separated. ('443:1000-2000, 80:1000-2000'). | |
visibility - |
|
Enable/disable service visibility. |
Notes
Examples
- name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP
fmgr_fwobj_service:
adom: "ansible"
name: "ansible_custom_service"
object_type: "custom"
custom_type: "tcp_udp_sctp"
tcp_portrange: "443"
udp_portrange: "51"
sctp_portrange: "100"
- name: ADD A CUSTOM SERVICE FOR TCP/UDP/SCP WITH SOURCE RANGES AND MULTIPLES
fmgr_fwobj_service:
adom: "ansible"
name: "ansible_custom_serviceWithSource"
object_type: "custom"
custom_type: "tcp_udp_sctp"
tcp_portrange: "443:2000-1000,80-82:10000-20000"
udp_portrange: "51:100-200,162:200-400"
sctp_portrange: "100:2000-2500"
- name: ADD A CUSTOM SERVICE FOR ICMP
fmgr_fwobj_service:
adom: "ansible"
name: "ansible_custom_icmp"
object_type: "custom"
custom_type: "icmp"
icmp_type: "8"
icmp_code: "3"
- name: ADD A CUSTOM SERVICE FOR ICMP6
fmgr_fwobj_service:
adom: "ansible"
name: "ansible_custom_icmp6"
object_type: "custom"
custom_type: "icmp6"
icmp_type: "5"
icmp_code: "1"
- name: ADD A CUSTOM SERVICE FOR IP - GRE
fmgr_fwobj_service:
adom: "ansible"
name: "ansible_custom_icmp6"
object_type: "custom"
custom_type: "ip"
protocol_number: "47"
- name: ADD A CUSTOM PROXY FOR ALL WITH SOURCE RANGES AND MULTIPLES
fmgr_fwobj_service:
adom: "ansible"
name: "ansible_custom_proxy_all"
object_type: "custom"
custom_type: "all"
explicit_proxy: "enable"
tcp_portrange: "443:2000-1000,80-82:10000-20000"
iprange: "www.ansible.com"
Return Values
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result string |
always |
full API response, includes status code and message
|
Status
- This module is not guaranteed to have a backwards compatible interface. [preview]
- This module is maintained by the Ansible Community. [community]
Authors
- Luke Weighall (@lweighall)
- Andrew Welsh (@Ghilli3)
- Jim Huber (@p4r4n0y1ng)
© 2012–2018 Michael DeHaan
© 2018–2019 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/2.8/modules/fmgr_fwobj_service_module.html