diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-18 05:52:27 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-18 05:52:27 +0000 |
| commit | 3b0807ad7b283c46c21862eb826dcbb4ad04e5e2 (patch) | |
| tree | 6461ea75f03eca87a5a90c86c3c9a787a6ad037e /ansible_collections/cisco/asa/plugins | |
| parent | Adding debian version 7.7.0+dfsg-3. (diff) | |
| download | ansible-3b0807ad7b283c46c21862eb826dcbb4ad04e5e2.tar.xz ansible-3b0807ad7b283c46c21862eb826dcbb4ad04e5e2.zip | |
Merging upstream version 9.4.0+dfsg.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/cisco/asa/plugins')
7 files changed, 288 insertions, 290 deletions
diff --git a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py index 26a032478..d79d3dd19 100644 --- a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py +++ b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/rm_templates/ogs.py @@ -93,7 +93,7 @@ def _tmplt_services_object(config_data): if config_data["services_object"].get("source_port"): if config_data["services_object"]["source_port"].get("range"): cmd += " source range {start} {end}".format( - **config_data["services_object"]["source_port"]["range"] + **config_data["services_object"]["source_port"]["range"], ) else: key = list(config_data["services_object"]["source_port"])[0] @@ -104,7 +104,7 @@ def _tmplt_services_object(config_data): if config_data["services_object"].get("destination_port"): if config_data["services_object"]["destination_port"].get("range"): cmd += " destination range {start} {end}".format( - **config_data["services_object"]["destination_port"]["range"] + **config_data["services_object"]["destination_port"]["range"], ) else: key = list(config_data["services_object"]["destination_port"])[0] diff --git a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py index c5399db00..89fcd4efe 100644 --- a/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py +++ b/ansible_collections/cisco/asa/plugins/module_utils/network/asa/utils/utils.py @@ -70,7 +70,7 @@ def new_dict_to_set(input_dict, temp_list, test_set, count=0): temp_list.append(k) for each in v: if isinstance(each, dict): - if [True for i in each.values() if type(i) == list]: + if [True for i in each.values() if isinstance(i, list)]: new_dict_to_set(each, temp_list, test_set, count) else: new_dict_to_set(each, temp_list, test_set, 0) diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_acls.py b/ansible_collections/cisco/asa/plugins/modules/asa_acls.py index e5330faeb..38fc89d10 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_acls.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_acls.py @@ -460,85 +460,85 @@ EXAMPLES = """ - name: temp_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.2.0 - netmask: 255.255.255.0 - destination: - address: 192.0.3.0 - netmask: 255.255.255.0 - port_protocol: - eq: www - log: default - - grant: deny - line: 2 - protocol_options: - igrp: true - source: - address: 198.51.100.0 - netmask: 255.255.255.0 - destination: - address: 198.51.110.0 - netmask: 255.255.255.0 - time_range: temp - - grant: deny - line: 3 - protocol_options: - tcp: true - source: - interface: management - destination: - interface: management - port_protocol: - eq: www - log: warnings - - grant: deny - line: 4 - protocol_options: - tcp: true - source: - object_group: test_og_network - destination: - object_group: test_network_og - port_protocol: - eq: www - log: default + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 198.51.100.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + time_range: temp + - grant: deny + line: 3 + protocol_options: + tcp: true + source: + interface: management + destination: + interface: management + port_protocol: + eq: www + log: warnings + - grant: deny + line: 4 + protocol_options: + tcp: true + source: + object_group: test_og_network + destination: + object_group: test_network_og + port_protocol: + eq: www + log: default - name: global_access acl_type: extended aces: - - line: 3 - remark: test global access - - grant: deny - line: 4 - protocol_options: - tcp: true - source: - any: true - destination: - any: true - port_protocol: - eq: www - log: errors + - line: 3 + remark: test global access + - grant: deny + line: 4 + protocol_options: + tcp: true + source: + any: true + destination: + any: true + port_protocol: + eq: www + log: errors - name: R1_traffic aces: - - line: 1 - remark: test_v6_acls - - grant: deny - line: 2 - protocol_options: - tcp: true - source: - address: 2001:db8:0:3::/64 - port_protocol: - eq: www - destination: - address: 2001:fc8:0:4::/64 - port_protocol: - eq: telnet - inactive: true + - line: 1 + remark: test_v6_acls + - grant: deny + line: 2 + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true state: merged # Commands fired: @@ -547,7 +547,7 @@ EXAMPLES = """ # access-list global_access line 4 extended deny tcp any any eq www log errors interval 300 # access-list R1_traffic line 1 remark test_v6_acls # access-list R1_traffic line 2 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive -# access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive # access-list temp_access line 2 extended deny tcp interface management interface management @@ -571,7 +571,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -581,9 +581,9 @@ EXAMPLES = """ # interval 300 (hitcnt=0) 0x78aa233d # access-list test_access line 2 extended deny tcp object-group test_og_network object-group test_network_og # eq www log default (hitcnt=0) 0x477aec1e -# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 192.0.3.1 eq www +# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 198.51.100.1 eq www # log default (hitcnt=0) 0xdc7edff8 -# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 192.0.3.2 eq www +# access-list test_access line 2 extended deny tcp 192.0.2.0 255.255.255.0 host 198.51.100.2 eq www # log default (hitcnt=0) 0x7b0e9fde # access-list test_access line 2 extended deny tcp 198.51.100.0 255.255.255.0 2001:db8:3::/64 eq www # log default (hitcnt=0) 0x97c75adc @@ -648,7 +648,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -661,20 +661,20 @@ EXAMPLES = """ - name: global_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.4.0 - netmask: 255.255.255.0 - port_protocol: - eq: telnet - destination: - address: 192.0.5.0 - netmask: 255.255.255.0 - port_protocol: - eq: www + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www state: replaced # Commands fired: @@ -700,7 +700,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -725,7 +725,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -739,20 +739,20 @@ EXAMPLES = """ - name: global_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.4.0 - netmask: 255.255.255.0 - port_protocol: - eq: telnet - destination: - address: 192.0.5.0 - netmask: 255.255.255.0 - port_protocol: - eq: www + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.4.0 + netmask: 255.255.255.0 + port_protocol: + eq: telnet + destination: + address: 192.0.5.0 + netmask: 255.255.255.0 + port_protocol: + eq: www state: overridden # Commands fired: @@ -760,7 +760,7 @@ EXAMPLES = """ # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 time-range temp # no access-list temp_access line 1 -# extended grant deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# extended grant deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # no access-list R1_traffic line 2 # extended grant deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive # no access-list R1_traffic line 1 @@ -796,7 +796,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -814,7 +814,7 @@ EXAMPLES = """ # --------------- # no access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive -# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default # no access-list global_access line 3 extended deny tcp any any eq www log errors interval 300 # no access-list global_access line 2 extended deny tcp any any eq telnet @@ -833,7 +833,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # Using Deleted without any config passed -#"(NOTE: This will delete all of configured resource module attributes)" +# "(NOTE: This will delete all of configured resource module attributes)" # Before state: # ------------- @@ -852,7 +852,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -870,7 +870,7 @@ EXAMPLES = """ # no access-list R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq telnet 2001:fc8:0:4::/64 eq www # log errors interval 300 # no access-list R1_traffic line 2 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive -# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# no access-list temp_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # no access-list temp_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 # time-range temp inactive @@ -897,7 +897,7 @@ EXAMPLES = """ # inactive (hitcnt=0) (inactive) 0xe922b432 # access-list temp_access; 2 elements; name hash: 0xaf1b712e # access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www # log default (hitcnt=0) 0xb58abb0d # access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -1002,7 +1002,7 @@ EXAMPLES = """ # "aces": [ # { # "destination": { -# "address": "192.0.3.0", +# "address": "198.51.100.0", # "netmask": "255.255.255.0", # "port_protocol": { # "eq": "www" @@ -1055,44 +1055,44 @@ EXAMPLES = """ - name: temp_access acl_type: extended aces: - - grant: deny - line: 1 - protocol_options: - tcp: true - source: - address: 192.0.2.0 - netmask: 255.255.255.0 - destination: - address: 192.0.3.0 - netmask: 255.255.255.0 - port_protocol: - eq: www - log: default - - grant: deny - line: 2 - protocol_options: - igrp: true - source: - address: 198.51.100.0 - netmask: 255.255.255.0 - destination: - address: 198.51.110.0 - netmask: 255.255.255.0 - time_range: temp + - grant: deny + line: 1 + protocol_options: + tcp: true + source: + address: 192.0.2.0 + netmask: 255.255.255.0 + destination: + address: 198.51.100.0 + netmask: 255.255.255.0 + port_protocol: + eq: www + log: default + - grant: deny + line: 2 + protocol_options: + igrp: true + source: + address: 198.51.100.0 + netmask: 255.255.255.0 + destination: + address: 198.51.110.0 + netmask: 255.255.255.0 + time_range: temp - name: R1_traffic aces: - - grant: deny - protocol_options: - tcp: true - source: - address: 2001:db8:0:3::/64 - port_protocol: - eq: www - destination: - address: 2001:fc8:0:4::/64 - port_protocol: - eq: telnet - inactive: true + - grant: deny + protocol_options: + tcp: true + source: + address: 2001:db8:0:3::/64 + port_protocol: + eq: www + destination: + address: 2001:fc8:0:4::/64 + port_protocol: + eq: telnet + inactive: true state: rendered # Module Execution Result: @@ -1100,7 +1100,7 @@ EXAMPLES = """ # # "rendered": [ # "access-list temp_access line 1 -# extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 +# extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 # eq www log default" # "access-list temp_access line 2 # extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 @@ -1114,7 +1114,7 @@ EXAMPLES = """ # parsed.cfg # # access-list test_access; 2 elements; name hash: 0xaf1b712e -# access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 192.0.3.0 255.255.255.0 eq www log default +# access-list test_access line 1 extended deny tcp 192.0.2.0 255.255.255.0 198.51.100.0 255.255.255.0 eq www log default # access-list test_access line 2 extended deny igrp 198.51.100.0 255.255.255.0 198.51.110.0 255.255.255.0 log errors # access-list test_R1_traffic; 1 elements; name hash: 0xaf40d3c2 # access-list test_R1_traffic line 1 extended deny tcp 2001:db8:0:3::/64 eq www 2001:fc8:0:4::/64 eq telnet inactive @@ -1134,7 +1134,7 @@ EXAMPLES = """ # "aces": [ # { # "destination": { -# "address": "192.0.3.0", +# "address": "198.51.100.0", # "netmask": "255.255.255.0", # "port_protocol": { # "eq": "www" @@ -1203,7 +1203,6 @@ EXAMPLES = """ # ] # } # ] - """ RETURN = """ diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_command.py b/ansible_collections/cisco/asa/plugins/modules/asa_command.py index 51a6c74b3..4191a9d32 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_command.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_command.py @@ -78,20 +78,20 @@ EXAMPLES = """ - name: Show the ASA version cisco.asa.asa_command: commands: - - show version + - show version - name: Show ASA drops and memory cisco.asa.asa_command: commands: - - show asp drop - - show memory + - show asp drop + - show memory - name: Send repeat pings and wait for the result to pass 100% cisco.asa.asa_command: commands: - - ping 8.8.8.8 repeat 20 size 350 + - ping 8.8.8.8 repeat 20 size 350 wait_for: - - result[0] contains 100 + - result[0] contains 100 retries: 2 """ diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_config.py b/ansible_collections/cisco/asa/plugins/modules/asa_config.py index 76a8ca263..793844f83 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_config.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_config.py @@ -170,16 +170,16 @@ options: EXAMPLES = """ - cisco.asa.asa_config: lines: - - network-object host 10.80.30.18 - - network-object host 10.80.30.19 - - network-object host 10.80.30.20 + - network-object host 10.80.30.18 + - network-object host 10.80.30.19 + - network-object host 10.80.30.20 parents: [object-group network OG-MONITORED-SERVERS] - cisco.asa.asa_config: host: '{{ inventory_hostname }}' lines: - - message-length maximum client auto - - message-length maximum 512 + - message-length maximum client auto + - message-length maximum 512 match: line parents: [policy-map type inspect dns PM-DNS, parameters] authorize: yes @@ -190,42 +190,42 @@ EXAMPLES = """ - cisco.asa.asa_config: lines: - - ikev1 pre-shared-key MyS3cretVPNK3y + - ikev1 pre-shared-key MyS3cretVPNK3y parents: tunnel-group 1.1.1.1 ipsec-attributes passwords: yes - name: attach ASA acl on interface vlan13/nameif cloud13 cisco.asa.asa_config: lines: - - access-group cloud-acl_access_in in interface cloud13 + - access-group cloud-acl_access_in in interface cloud13 - name: configure ASA (>=9.2) default BGP cisco.asa.asa_config: lines: - - bgp log-neighbor-changes - - bgp bestpath compare-routerid + - bgp log-neighbor-changes + - bgp bestpath compare-routerid parents: - - router bgp 65002 + - router bgp 65002 register: bgp when: bgp_default_config is defined - name: configure ASA (>=9.2) BGP neighbor in default/single context mode cisco.asa.asa_config: lines: - - bgp router-id {{ bgp_router_id }} - - neighbor {{ bgp_neighbor_ip }} remote-as {{ bgp_neighbor_as }} - - neighbor {{ bgp_neighbor_ip }} description {{ bgp_neighbor_name }} + - bgp router-id {{ bgp_router_id }} + - neighbor {{ bgp_neighbor_ip }} remote-as {{ bgp_neighbor_as }} + - neighbor {{ bgp_neighbor_ip }} description {{ bgp_neighbor_name }} parents: - - router bgp 65002 - - address-family ipv4 unicast + - router bgp 65002 + - address-family ipv4 unicast register: bgp when: bgp_neighbor_as is defined - name: configure ASA interface with standby cisco.asa.asa_config: lines: - - description my cloud interface - - nameif cloud13 - - security-level 50 - - ip address 192.168.13.1 255.255.255.0 standby 192.168.13.2 + - description my cloud interface + - nameif cloud13 + - security-level 50 + - ip address 192.168.13.1 255.255.255.0 standby 192.168.13.2 parents: [interface Vlan13] register: interface - name: Show changes to interface from task above @@ -235,7 +235,7 @@ EXAMPLES = """ - name: configurable backup path cisco.asa.asa_config: lines: - - access-group cloud-acl_access_in in interface cloud13 + - access-group cloud-acl_access_in in interface cloud13 backup: yes backup_options: filename: backup.cfg diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_facts.py b/ansible_collections/cisco/asa/plugins/modules/asa_facts.py index cec957e94..a05852602 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_facts.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_facts.py @@ -70,12 +70,12 @@ EXAMPLES = """ - name: Gather only the config and default facts cisco.asa.asa_facts: gather_subset: - - config + - config - name: Do not gather hardware facts cisco.asa.asa_facts: gather_subset: - - '!hardware' + - '!hardware' - name: Gather legacy and resource facts cisco.asa.asa_facts: diff --git a/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py b/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py index c51cae341..80ee453ca 100644 --- a/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py +++ b/ansible_collections/cisco/asa/plugins/modules/asa_ogs.py @@ -303,75 +303,75 @@ EXAMPLES = """ # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_network_og -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 - name: "Merge module attributes of given object-group" cisco.asa.asa_ogs: config: - - object_type: network - object_groups: - - name: group_network_obj - group_object: - - test_og_network - - name: test_og_network - description: test_og_network - network_object: - host: - - 192.0.2.1 - - 192.0.2.2 - address: - - 192.0.2.0 255.255.255.0 - - 198.51.100.0 255.255.255.0 - - name: test_network_og - description: test_network_og - network_object: - host: - - 192.0.3.1 - - 192.0.3.2 - ipv6_address: - - 2001:db8:3::/64 - - object_type: security - object_groups: - - name: test_og_security - description: test_security - security_group: - sec_name: - - test_1 - - test_2 - tag: - - 10 - - 20 - - object_type: service - object_groups: - - name: O-Worker - services_object: - - protocol: tcp - destination_port: - range: + - object_type: network + object_groups: + - name: group_network_obj + group_object: + - test_og_network + - name: test_og_network + description: test_og_network + network_object: + host: + - 192.0.2.1 + - 192.0.2.2 + address: + - 192.0.2.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 + - name: test_network_og + description: test_network_og + network_object: + host: + - 198.51.100.1 + - 198.51.100.2 + ipv6_address: + - 2001:db8:3::/64 + - object_type: security + object_groups: + - name: test_og_security + description: test_security + security_group: + sec_name: + - test_1 + - test_2 + tag: + - 10 + - 20 + - object_type: service + object_groups: + - name: O-Worker + services_object: + - protocol: tcp + destination_port: + range: + start: 100 + end: 200 + - protocol: tcp-udp + source_port: + eq: 1234 + destination_port: + gt: nfs + - name: O-UNIX-TCP + protocol: tcp + port_object: + - eq: https + - range: start: 100 - end: 200 - - protocol: tcp-udp - source_port: - eq: 1234 - destination_port: - gt: nfs - - name: O-UNIX-TCP - protocol: tcp - port_object: - - eq: https - - range: - start: 100 - end: 400 - - object_type: user - object_groups: - - name: test_og_user - description: test_user - user_object: - user: - - name: new_user_1 - domain: LOCAL - - name: new_user_2 - domain: LOCAL + end: 400 + - object_type: user + object_groups: + - name: test_og_user + description: test_user + user_object: + user: + - name: new_user_1 + domain: LOCAL + - name: new_user_2 + domain: LOCAL state: merged # Commands fired: @@ -392,8 +392,8 @@ EXAMPLES = """ # network-object host 192.0.2.1 # network-object host 192.0.2.2 # object-group network test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:3::/64 # object-group service O-Worker # service-object tcp destination range 100 200 @@ -418,11 +418,11 @@ EXAMPLES = """ # network-object host 192.0.2.2 # network-object 192.0.2.0 255.255.255.0 # network-object 198.51.100.0 255.255.255.0 -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -455,8 +455,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -483,9 +483,9 @@ EXAMPLES = """ description: test_og_network_replace network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - object_type: protocol object_groups: - name: test_og_protocol @@ -507,10 +507,10 @@ EXAMPLES = """ # description test_og_network_replace # no network-object 192.0.2.0 255.255.255.0 # no network-object 198.51.100.0 255.255.255.0 -# network-object 192.0.3.0 255.255.255.0 +# network-object 198.51.100.0 255.255.255.0 # no network-object host 192.0.2.1 # no network-object host 192.0.2.2 -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 # After state: # ------------- @@ -518,12 +518,12 @@ EXAMPLES = """ # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_og_network_replace -# network-object host 192.0.3.1 -# network-object 192.0.3.0 255.255.255.0 +# network-object host 198.51.100.1 +# network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -558,8 +558,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -586,9 +586,9 @@ EXAMPLES = """ description: test_og_network_override network_object: host: - - 192.0.3.1 + - 198.51.100.1 address: - - 192.0.3.0 255.255.255.0 + - 198.51.100.0 255.255.255.0 - name: ANSIBLE_TEST network_object: object: @@ -619,10 +619,10 @@ EXAMPLES = """ # description test_og_network_override # no network-object 192.0.2.0 255.255.255.0 # no network-object 198.51.100.0 255.255.255.0 -# network-object 192.0.3.0 255.255.255.0 +# network-object 198.51.100.0 255.255.255.0 # no network-object host 192.0.2.1 # no network-object host 192.0.2.2 -# network-object host 192.0.3.1 +# network-object host 198.51.100.1 # no object-group network test_network_og # object-group network ANSIBLE_TEST # network-object object TEST1 @@ -634,8 +634,8 @@ EXAMPLES = """ # ciscoasa# sh running-config object-group # object-group network test_og_network # description test_og_network_override -# network-object host 192.0.3.1 -# network-object 192.0.3.0 255.255.255.0 +# network-object host 198.51.100.1 +# network-object 198.51.100.0 255.255.255.0 # object-group network ANSIBLE_TEST # network-object object TEST1 # network-object object TEST2 @@ -657,8 +657,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -711,7 +711,7 @@ EXAMPLES = """ # service-object tcp source eq 1234 destination gt nfs # Using DELETED without any config passed -#"(NOTE: This will delete all of configured resource module attributes)" +# "(NOTE: This will delete all of configured resource module attributes)" # Before state: # ------------- @@ -725,8 +725,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -770,8 +770,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -818,8 +818,8 @@ EXAMPLES = """ # "name": "test_network_og", # "network_object": { # "host": [ -# "192.0.3.1", -# "192.0.3.2" +# "198.51.100.1", +# "198.51.100.2" # ], # "ipv6_address": [ # "2001:db8:3::/64" @@ -878,8 +878,8 @@ EXAMPLES = """ # network-object 198.51.100.0 255.255.255.0 # object-group network test_network_og # description test_network_og -# network-object host 192.0.3.1 -# network-object host 192.0.3.2 +# network-object host 198.51.100.1 +# network-object host 198.51.100.2 # network-object 2001:db8:0:3::/64 # group-object test_og_network # object-group security test_og_security @@ -911,8 +911,8 @@ EXAMPLES = """ description: test_network_og network_object: host: - - 192.0.3.1 - - 192.0.3.2 + - 198.51.100.1 + - 198.51.100.2 ipv6_address: - 2001:db8:3::/64 - object_type: security @@ -956,8 +956,8 @@ EXAMPLES = """ # "network-object host 192.0.2.2", # "object-group network test_network_og", # "description test_network_og", -# "network-object host 192.0.3.1", -# "network-object host 192.0.3.2", +# "network-object host 198.51.100.1", +# "network-object host 198.51.100.2", # "network-object 2001:db8:3::/64", # "object-group user test_og_user", # "description test_user", @@ -1019,7 +1019,6 @@ EXAMPLES = """ # "object_type": "service" # } # ] - """ RETURN = """ |