diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-26 04:05:56 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-26 04:05:56 +0000 |
| commit | 67c6a4d1dccb62159b9d9b2dea4e2f487446e276 (patch) | |
| tree | 9ccbb35137f480bbbdb899accbda52a8135d3416 /ansible_collections/fortinet/fortios/plugins | |
| parent | Adding upstream version 9.4.0+dfsg. (diff) | |
| download | ansible-67c6a4d1dccb62159b9d9b2dea4e2f487446e276.tar.xz ansible-67c6a4d1dccb62159b9d9b2dea4e2f487446e276.zip | |
Adding upstream version 9.5.1+dfsg.upstream/9.5.1+dfsg
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'ansible_collections/fortinet/fortios/plugins')
672 files changed, 19016 insertions, 4867 deletions
diff --git a/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/comparison.py b/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/comparison.py index 0ed53cffb..2accf3ed5 100644 --- a/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/comparison.py +++ b/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/comparison.py @@ -121,7 +121,7 @@ def serialize(data): else: return sorted(data) - if isinstance(data[0], dict): + if isinstance(data, dict): result = {} for key, value in data.items(): result[key] = serialize(value) diff --git a/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/secret_field.py b/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/secret_field.py index 597efeb04..9bf291e43 100644 --- a/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/secret_field.py +++ b/ansible_collections/fortinet/fortios/plugins/module_utils/fortios/secret_field.py @@ -25,7 +25,9 @@ secret_fields = [ "ddns_keyname", "eap_password", "n_mhae_key", "passwd1", "passwd2", "passwd3", "http_password", "password_attr", "passwd_policy", "passwd_time", "rsso_secret", "secondary_secret", "secret", "sso_attribute_key", "secondary_key", "tertiary_key", "sae_private_key", "tertiary_secret", "search_key", "est_http_password", "est_srp_password", - "fortitoken_cloud_sync_interval", "mfa_password", "default_user_password_policy", "polestar_server_token" + "fortitoken_cloud_sync_interval", "mfa_password", "default_user_password_policy", "polestar_server_token", + "ssh_hostkey", "ssh_hostkey_password", "keyword", "sam_private_key", "sam_private_key_password", + "videofilter_keyword" ] diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_alertemail_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_alertemail_setting.py index b4b2ab226..c7ee4fe64 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_alertemail_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_alertemail_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -483,11 +483,10 @@ def underscore_to_hyphen(data): def alertemail_setting(data, fos): vdom = data["vdom"] alertemail_setting_data = data["alertemail_setting"] - filtered_data = underscore_to_hyphen( - filter_alertemail_setting_data(alertemail_setting_data) - ) + filtered_data = filter_alertemail_setting_data(alertemail_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("alertemail", "setting", data=filtered_data, vdom=vdom) + return fos.set("alertemail", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_exempt_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_exempt_list.py index 675bfae2e..ec2e3d8ff 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_exempt_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_exempt_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -243,12 +243,11 @@ def antivirus_exempt_list(data, fos): state = data["state"] antivirus_exempt_list_data = data["antivirus_exempt_list"] - filtered_data = underscore_to_hyphen( - filter_antivirus_exempt_list_data(antivirus_exempt_list_data) - ) + filtered_data = filter_antivirus_exempt_list_data(antivirus_exempt_list_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("antivirus", "exempt-list", data=filtered_data, vdom=vdom) + return fos.set("antivirus", "exempt-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_heuristic.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_heuristic.py index 3b7bfd769..89952e9a7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_heuristic.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_heuristic.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -206,11 +206,10 @@ def underscore_to_hyphen(data): def antivirus_heuristic(data, fos): vdom = data["vdom"] antivirus_heuristic_data = data["antivirus_heuristic"] - filtered_data = underscore_to_hyphen( - filter_antivirus_heuristic_data(antivirus_heuristic_data) - ) + filtered_data = filter_antivirus_heuristic_data(antivirus_heuristic_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("antivirus", "heuristic", data=filtered_data, vdom=vdom) + return fos.set("antivirus", "heuristic", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_mms_checksum.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_mms_checksum.py index f68cfc0b0..522df04bb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_mms_checksum.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_mms_checksum.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -264,9 +264,8 @@ def antivirus_mms_checksum(data, fos, check_mode=False): state = data["state"] antivirus_mms_checksum_data = data["antivirus_mms_checksum"] - filtered_data = underscore_to_hyphen( - filter_antivirus_mms_checksum_data(antivirus_mms_checksum_data) - ) + filtered_data = filter_antivirus_mms_checksum_data(antivirus_mms_checksum_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -330,7 +329,7 @@ def antivirus_mms_checksum(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("antivirus", "mms-checksum", data=filtered_data, vdom=vdom) + return fos.set("antivirus", "mms-checksum", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_notification.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_notification.py index 02bf6577f..952a75f1c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_notification.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_notification.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -267,9 +267,8 @@ def antivirus_notification(data, fos, check_mode=False): state = data["state"] antivirus_notification_data = data["antivirus_notification"] - filtered_data = underscore_to_hyphen( - filter_antivirus_notification_data(antivirus_notification_data) - ) + filtered_data = filter_antivirus_notification_data(antivirus_notification_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -333,7 +332,7 @@ def antivirus_notification(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("antivirus", "notification", data=filtered_data, vdom=vdom) + return fos.set("antivirus", "notification", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_profile.py index 4afe858b4..e0ea03688 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -470,7 +470,7 @@ options: - 'ignore' fortisandbox_max_upload: description: - - Maximum size of files that can be uploaded to FortiSandbox. + - Maximum size of files that can be uploaded to FortiSandbox in Mbytes. type: int fortisandbox_mode: description: @@ -1973,12 +1973,11 @@ def antivirus_profile(data, fos): antivirus_profile_data = data["antivirus_profile"] antivirus_profile_data = flatten_multilists_attributes(antivirus_profile_data) - filtered_data = underscore_to_hyphen( - filter_antivirus_profile_data(antivirus_profile_data) - ) + filtered_data = filter_antivirus_profile_data(antivirus_profile_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("antivirus", "profile", data=filtered_data, vdom=vdom) + return fos.set("antivirus", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("antivirus", "profile", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_quarantine.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_quarantine.py index 2f52d03e3..ef8e41946 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_quarantine.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_quarantine.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -522,11 +522,10 @@ def antivirus_quarantine(data, fos): vdom = data["vdom"] antivirus_quarantine_data = data["antivirus_quarantine"] antivirus_quarantine_data = flatten_multilists_attributes(antivirus_quarantine_data) - filtered_data = underscore_to_hyphen( - filter_antivirus_quarantine_data(antivirus_quarantine_data) - ) + filtered_data = filter_antivirus_quarantine_data(antivirus_quarantine_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("antivirus", "quarantine", data=filtered_data, vdom=vdom) + return fos.set("antivirus", "quarantine", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_settings.py index a1df0ea8c..9e811f979 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_antivirus_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -261,11 +261,10 @@ def underscore_to_hyphen(data): def antivirus_settings(data, fos): vdom = data["vdom"] antivirus_settings_data = data["antivirus_settings"] - filtered_data = underscore_to_hyphen( - filter_antivirus_settings_data(antivirus_settings_data) - ) + filtered_data = filter_antivirus_settings_data(antivirus_settings_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("antivirus", "settings", data=filtered_data, vdom=vdom) + return fos.set("antivirus", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_custom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_custom.py index a6894a1ac..f7ab53a2b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_custom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_custom.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -281,9 +281,8 @@ def application_custom(data, fos, check_mode=False): state = data["state"] application_custom_data = data["application_custom"] - filtered_data = underscore_to_hyphen( - filter_application_custom_data(application_custom_data) - ) + filtered_data = filter_application_custom_data(application_custom_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -347,7 +346,7 @@ def application_custom(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("application", "custom", data=filtered_data, vdom=vdom) + return fos.set("application", "custom", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("application", "custom", mkey=filtered_data["tag"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_group.py index 9cd734797..40cb1ef17 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -364,9 +364,8 @@ def application_group(data, fos, check_mode=False): application_group_data = data["application_group"] application_group_data = flatten_multilists_attributes(application_group_data) - filtered_data = underscore_to_hyphen( - filter_application_group_data(application_group_data) - ) + filtered_data = filter_application_group_data(application_group_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -430,7 +429,7 @@ def application_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("application", "group", data=filtered_data, vdom=vdom) + return fos.set("application", "group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("application", "group", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_list.py index 4a203f5d5..358fea9fe 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -709,9 +709,8 @@ def application_list(data, fos, check_mode=False): application_list_data = data["application_list"] application_list_data = flatten_multilists_attributes(application_list_data) - filtered_data = underscore_to_hyphen( - filter_application_list_data(application_list_data) - ) + filtered_data = filter_application_list_data(application_list_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -775,7 +774,7 @@ def application_list(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("application", "list", data=filtered_data, vdom=vdom) + return fos.set("application", "list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("application", "list", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_name.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_name.py index 88df2a230..3389f546c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_name.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_name.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -333,9 +333,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"default value": "default_value"} + speciallist = {"default value": "default_value"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -344,8 +344,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -361,10 +364,8 @@ def application_name(data, fos, check_mode=False): state = data["state"] application_name_data = data["application_name"] - filtered_data = underscore_to_hyphen( - filter_application_name_data(application_name_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_application_name_data(application_name_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_rule_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_rule_settings.py index 0ece60975..5521d63ea 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_rule_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_application_rule_settings.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -227,9 +227,10 @@ def application_rule_settings(data, fos, check_mode=False): state = data["state"] application_rule_settings_data = data["application_rule_settings"] - filtered_data = underscore_to_hyphen( - filter_application_rule_settings_data(application_rule_settings_data) + filtered_data = filter_application_rule_settings_data( + application_rule_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -293,7 +294,7 @@ def application_rule_settings(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("application", "rule-settings", data=filtered_data, vdom=vdom) + return fos.set("application", "rule-settings", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_rule.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_rule.py index 1691002b8..c3d00da44 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_rule.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_rule.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -395,9 +395,8 @@ def authentication_rule(data, fos, check_mode=False): state = data["state"] authentication_rule_data = data["authentication_rule"] - filtered_data = underscore_to_hyphen( - filter_authentication_rule_data(authentication_rule_data) - ) + filtered_data = filter_authentication_rule_data(authentication_rule_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -461,7 +460,7 @@ def authentication_rule(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("authentication", "rule", data=filtered_data, vdom=vdom) + return fos.set("authentication", "rule", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_scheme.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_scheme.py index b48908fb5..937120032 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_scheme.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_scheme.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -373,9 +373,8 @@ def authentication_scheme(data, fos, check_mode=False): authentication_scheme_data = flatten_multilists_attributes( authentication_scheme_data ) - filtered_data = underscore_to_hyphen( - filter_authentication_scheme_data(authentication_scheme_data) - ) + filtered_data = filter_authentication_scheme_data(authentication_scheme_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -439,7 +438,7 @@ def authentication_scheme(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("authentication", "scheme", data=filtered_data, vdom=vdom) + return fos.set("authentication", "scheme", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_setting.py index bff03f6c2..595a3df27 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_authentication_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -190,7 +190,7 @@ options: suboptions: name: description: - - CA certificate list. Source vpn.certificate.ca.name. + - CA certificate list. Source vpn.certificate.ca.name vpn.certificate.local.name. required: true type: str """ @@ -224,7 +224,7 @@ EXAMPLES = """ update_time: "<your_own_value>" user_cert_ca: - - name: "default_name_25 (source vpn.certificate.ca.name)" + name: "default_name_25 (source vpn.certificate.ca.name vpn.certificate.local.name)" """ RETURN = """ @@ -357,11 +357,10 @@ def underscore_to_hyphen(data): def authentication_setting(data, fos): vdom = data["vdom"] authentication_setting_data = data["authentication_setting"] - filtered_data = underscore_to_hyphen( - filter_authentication_setting_data(authentication_setting_data) - ) + filtered_data = filter_authentication_setting_data(authentication_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("authentication", "setting", data=filtered_data, vdom=vdom) + return fos.set("authentication", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_automation_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_automation_setting.py index 3a4f75391..bd7c31503 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_automation_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_automation_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -210,11 +210,10 @@ def underscore_to_hyphen(data): def automation_setting(data, fos): vdom = data["vdom"] automation_setting_data = data["automation_setting"] - filtered_data = underscore_to_hyphen( - filter_automation_setting_data(automation_setting_data) - ) + filtered_data = filter_automation_setting_data(automation_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("automation", "setting", data=filtered_data, vdom=vdom) + return fos.set("automation", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_profile.py index 27ea05cff..98cb82fd1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -210,6 +210,13 @@ options: - Safe search control name. required: true type: str + status: + description: + - Enable/disable setting. + type: str + choices: + - 'enable' + - 'disable' tenant_control: description: - Enable/disable tenant control. @@ -264,10 +271,11 @@ EXAMPLES = """ safe_search_control: - name: "default_name_22" + status: "enable" tenant_control: "enable" tenant_control_tenants: - - name: "default_name_25" + name: "default_name_26" """ RETURN = """ @@ -411,10 +419,11 @@ def casb_profile(data, fos): casb_profile_data = data["casb_profile"] casb_profile_data = flatten_multilists_attributes(casb_profile_data) - filtered_data = underscore_to_hyphen(filter_casb_profile_data(casb_profile_data)) + filtered_data = filter_casb_profile_data(casb_profile_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("casb", "profile", data=filtered_data, vdom=vdom) + return fos.set("casb", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("casb", "profile", mkey=filtered_data["name"], vdom=vdom) @@ -464,6 +473,11 @@ versioned_schema = { "type": "string", "required": True, }, + "status": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "safe_search": { "v_range": [["v7.4.1", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_saas_application.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_saas_application.py index 92e2f79d9..832e9e74e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_saas_application.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_saas_application.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: - SaaS application name. required: true type: str + status: + description: + - Enable/disable setting. + type: str + choices: + - 'enable' + - 'disable' type: description: - SaaS application type. @@ -138,6 +145,7 @@ EXAMPLES = """ - domain: "<your_own_value>" name: "default_name_7" + status: "enable" type: "built-in" uuid: "<your_own_value>" """ @@ -222,7 +230,15 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post def filter_casb_saas_application_data(json): - option_list = ["casb_name", "description", "domains", "name", "type", "uuid"] + option_list = [ + "casb_name", + "description", + "domains", + "name", + "status", + "type", + "uuid", + ] json = remove_invalid_fields(json) dictionary = {} @@ -253,12 +269,11 @@ def casb_saas_application(data, fos): state = data["state"] casb_saas_application_data = data["casb_saas_application"] - filtered_data = underscore_to_hyphen( - filter_casb_saas_application_data(casb_saas_application_data) - ) + filtered_data = filter_casb_saas_application_data(casb_saas_application_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("casb", "saas-application", data=filtered_data, vdom=vdom) + return fos.set("casb", "saas-application", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -302,6 +317,11 @@ versioned_schema = { "children": { "name": {"v_range": [["v7.4.1", ""]], "type": "string", "required": True}, "uuid": {"v_range": [["v7.4.1", ""]], "type": "string"}, + "status": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "type": { "v_range": [["v7.4.1", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_user_activity.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_user_activity.py index c5d53b97a..d233061d3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_user_activity.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_casb_user_activity.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -193,6 +193,13 @@ options: - Operation value. required: true type: str + status: + description: + - CASB control option status. + type: str + choices: + - 'enable' + - 'disable' description: description: - CASB user activity description. @@ -301,6 +308,13 @@ options: - CASB user activity name. required: true type: str + status: + description: + - CASB user activity status. + type: str + choices: + - 'enable' + - 'disable' type: description: - CASB user activity type. @@ -341,10 +355,11 @@ EXAMPLES = """ values: - value: "<your_own_value>" + status: "enable" description: "<your_own_value>" match: - - id: "22" + id: "23" rules: - case_sensitive: "enable" @@ -352,7 +367,7 @@ EXAMPLES = """ - domain: "<your_own_value>" header_name: "<your_own_value>" - id: "28" + id: "29" match_pattern: "simple" match_value: "<your_own_value>" methods: @@ -362,7 +377,8 @@ EXAMPLES = """ type: "domains" strategy: "and" match_strategy: "and" - name: "default_name_37" + name: "default_name_38" + status: "enable" type: "built-in" uuid: "<your_own_value>" """ @@ -456,6 +472,7 @@ def filter_casb_user_activity_data(json): "match", "match_strategy", "name", + "status", "type", "uuid", ] @@ -489,12 +506,11 @@ def casb_user_activity(data, fos): state = data["state"] casb_user_activity_data = data["casb_user_activity"] - filtered_data = underscore_to_hyphen( - filter_casb_user_activity_data(casb_user_activity_data) - ) + filtered_data = filter_casb_user_activity_data(casb_user_activity_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("casb", "user-activity", data=filtered_data, vdom=vdom) + return fos.set("casb", "user-activity", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -538,6 +554,11 @@ versioned_schema = { "children": { "name": {"v_range": [["v7.4.1", ""]], "type": "string", "required": True}, "uuid": {"v_range": [["v7.4.1", ""]], "type": "string"}, + "status": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "description": {"v_range": [["v7.4.1", ""]], "type": "string"}, "type": { "v_range": [["v7.4.1", ""]], @@ -657,6 +678,11 @@ versioned_schema = { "type": "string", "required": True, }, + "status": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "operations": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_ca.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_ca.py index 09e7cefa7..c33ee103b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_ca.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_ca.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -321,9 +321,8 @@ def certificate_ca(data, fos, check_mode=False): state = data["state"] certificate_ca_data = data["certificate_ca"] - filtered_data = underscore_to_hyphen( - filter_certificate_ca_data(certificate_ca_data) - ) + filtered_data = filter_certificate_ca_data(certificate_ca_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -387,7 +386,7 @@ def certificate_ca(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("certificate", "ca", data=filtered_data, vdom=vdom) + return fos.set("certificate", "ca", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("certificate", "ca", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_crl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_crl.py index 10478a682..301aea9e0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_crl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_crl.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -312,9 +312,8 @@ def certificate_crl(data, fos, check_mode=False): state = data["state"] certificate_crl_data = data["certificate_crl"] - filtered_data = underscore_to_hyphen( - filter_certificate_crl_data(certificate_crl_data) - ) + filtered_data = filter_certificate_crl_data(certificate_crl_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -378,7 +377,7 @@ def certificate_crl(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("certificate", "crl", data=filtered_data, vdom=vdom) + return fos.set("certificate", "crl", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("certificate", "crl", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_local.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_local.py index cdfbc0ee2..8c79352c1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_local.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_local.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -474,9 +474,8 @@ def certificate_local(data, fos, check_mode=False): state = data["state"] certificate_local_data = data["certificate_local"] - filtered_data = underscore_to_hyphen( - filter_certificate_local_data(certificate_local_data) - ) + filtered_data = filter_certificate_local_data(certificate_local_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -540,7 +539,7 @@ def certificate_local(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("certificate", "local", data=filtered_data, vdom=vdom) + return fos.set("certificate", "local", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("certificate", "local", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_remote.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_remote.py index b2d1eb470..c0e3b688d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_remote.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_certificate_remote.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -247,9 +247,8 @@ def certificate_remote(data, fos, check_mode=False): state = data["state"] certificate_remote_data = data["certificate_remote"] - filtered_data = underscore_to_hyphen( - filter_certificate_remote_data(certificate_remote_data) - ) + filtered_data = filter_certificate_remote_data(certificate_remote_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -313,7 +312,7 @@ def certificate_remote(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("certificate", "remote", data=filtered_data, vdom=vdom) + return fos.set("certificate", "remote", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_domain_controller.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_domain_controller.py index b3722ed1b..1e8eb09f8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_domain_controller.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_domain_controller.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -263,9 +263,8 @@ def cifs_domain_controller(data, fos, check_mode=False): state = data["state"] cifs_domain_controller_data = data["cifs_domain_controller"] - filtered_data = underscore_to_hyphen( - filter_cifs_domain_controller_data(cifs_domain_controller_data) - ) + filtered_data = filter_cifs_domain_controller_data(cifs_domain_controller_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -329,7 +328,7 @@ def cifs_domain_controller(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("cifs", "domain-controller", data=filtered_data, vdom=vdom) + return fos.set("cifs", "domain-controller", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_profile.py index 0a39b3308..c8a6dec21 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_cifs_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -379,7 +379,8 @@ def cifs_profile(data, fos, check_mode=False): cifs_profile_data = data["cifs_profile"] cifs_profile_data = flatten_multilists_attributes(cifs_profile_data) - filtered_data = underscore_to_hyphen(filter_cifs_profile_data(cifs_profile_data)) + filtered_data = filter_cifs_profile_data(cifs_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -443,7 +444,7 @@ def cifs_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("cifs", "profile", data=filtered_data, vdom=vdom) + return fos.set("cifs", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("cifs", "profile", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_configuration_fact.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_configuration_fact.py index 2c1d96e9f..14117cf4a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_configuration_fact.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_configuration_fact.py @@ -414,6 +414,7 @@ options: - 'vpn.certificate_crl' - 'vpn.certificate_ocsp-server' - 'vpn.certificate_setting' + - 'vpn_qkd' - 'vpn.ssl.web_realm' - 'vpn.ssl.web_host-check-software' - 'vpn.ssl.web_portal' @@ -421,16 +422,16 @@ options: - 'vpn.ssl.web_user-bookmark' - 'vpn.ssl_settings' - 'vpn.ssl_client' - - 'vpn_kmip-server' + - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1' - 'vpn.ipsec_phase2' - 'vpn.ipsec_manualkey' - 'vpn.ipsec_concentrator' - - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1-interface' - 'vpn.ipsec_phase2-interface' - 'vpn.ipsec_manualkey-interface' - 'vpn.ipsec_forticlient' + - 'vpn_kmip-server' - 'vpn_pptp' - 'vpn_l2tp' - 'certificate_ca' @@ -454,6 +455,7 @@ options: - 'ips_global' - 'ips_settings' - 'sctp-filter_profile' + - 'diameter-filter_profile' - 'web-proxy_profile' - 'web-proxy_global' - 'web-proxy_explicit' @@ -477,6 +479,7 @@ options: - 'application_group' - 'dlp_data-type' - 'dlp_dictionary' + - 'dlp_exact-data-match' - 'dlp_sensor' - 'dlp_filepattern' - 'dlp_sensitivity' @@ -484,7 +487,7 @@ options: - 'dlp_profile' - 'dlp_settings' - 'videofilter_youtube-key' - - 'videofilter_youtube-channel-filter' + - 'videofilter_keyword' - 'videofilter_profile' - 'emailfilter_bword' - 'emailfilter_block-allow-list' @@ -553,6 +556,8 @@ options: - 'icap_server' - 'icap_server-group' - 'icap_profile' + - 'user_peer' + - 'user_peergrp' - 'user_certificate' - 'user_radius' - 'user_tacacs+' @@ -562,6 +567,7 @@ options: - 'user_domain-controller' - 'user_pop3' - 'user_saml' + - 'user_external-identity-provider' - 'user_fsso' - 'user_adgrp' - 'user_fsso-polling' @@ -569,8 +575,6 @@ options: - 'user_password-policy' - 'user_local' - 'user_setting' - - 'user_peer' - - 'user_peergrp' - 'user_quarantine' - 'user_group' - 'user_security-exempt-list' @@ -640,22 +644,14 @@ options: - 'system_isf-queue-profile' - 'system_npu' - 'system_np6' + - 'system_gi-gk' - 'system_modem' - 'system.3g-modem_custom' - 'system_lte-modem' - - 'firewall_acl' - - 'firewall_acl6' - - 'monitoring_np6-ipsec-engine' - - 'monitoring_npu-hpe' - - 'switch-controller.ptp_settings' - - 'switch-controller.ptp_policy' - - 'system_physical-switch' - - 'system_virtual-switch' - - 'system_stp' - - 'system_gi-gk' - 'firewall_gtp' - 'firewall_pfcp' - - 'vpn_ocvpn' + - 'firewall_acl' + - 'firewall_acl6' - 'gtp_apn' - 'gtp_apngrp' - 'gtp_message-filter-v0v1' @@ -665,6 +661,17 @@ options: - 'gtp_tunnel-limit' - 'gtp_apn-shaper' - 'pfcp_message-filter' + - 'monitoring_np6-ipsec-engine' + - 'monitoring_npu-hpe' + - 'system_npu-vlink' + - 'system_physical-switch' + - 'system_virtual-switch' + - 'system_stp' + - 'system_smc-ntp' + - 'videofilter_youtube-channel-filter' + - 'switch-controller.ptp_settings' + - 'switch-controller.ptp_policy' + - 'vpn_ocvpn' - 'system.replacemsg_mail' - 'system.replacemsg_http' - 'system.replacemsg_webproxy' @@ -829,7 +836,6 @@ options: - 'firewall_policy6' - 'antivirus_notification' - 'antivirus_mms-checksum' - - 'system_smc-ntp' - 'switch-controller_vlan' - 'switch-controller.security-policy_captive-portal' - 'user_device' @@ -1145,6 +1151,7 @@ options: - 'vpn.certificate_crl' - 'vpn.certificate_ocsp-server' - 'vpn.certificate_setting' + - 'vpn_qkd' - 'vpn.ssl.web_realm' - 'vpn.ssl.web_host-check-software' - 'vpn.ssl.web_portal' @@ -1152,16 +1159,16 @@ options: - 'vpn.ssl.web_user-bookmark' - 'vpn.ssl_settings' - 'vpn.ssl_client' - - 'vpn_kmip-server' + - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1' - 'vpn.ipsec_phase2' - 'vpn.ipsec_manualkey' - 'vpn.ipsec_concentrator' - - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1-interface' - 'vpn.ipsec_phase2-interface' - 'vpn.ipsec_manualkey-interface' - 'vpn.ipsec_forticlient' + - 'vpn_kmip-server' - 'vpn_pptp' - 'vpn_l2tp' - 'certificate_ca' @@ -1185,6 +1192,7 @@ options: - 'ips_global' - 'ips_settings' - 'sctp-filter_profile' + - 'diameter-filter_profile' - 'web-proxy_profile' - 'web-proxy_global' - 'web-proxy_explicit' @@ -1208,6 +1216,7 @@ options: - 'application_group' - 'dlp_data-type' - 'dlp_dictionary' + - 'dlp_exact-data-match' - 'dlp_sensor' - 'dlp_filepattern' - 'dlp_sensitivity' @@ -1215,7 +1224,7 @@ options: - 'dlp_profile' - 'dlp_settings' - 'videofilter_youtube-key' - - 'videofilter_youtube-channel-filter' + - 'videofilter_keyword' - 'videofilter_profile' - 'emailfilter_bword' - 'emailfilter_block-allow-list' @@ -1284,6 +1293,8 @@ options: - 'icap_server' - 'icap_server-group' - 'icap_profile' + - 'user_peer' + - 'user_peergrp' - 'user_certificate' - 'user_radius' - 'user_tacacs+' @@ -1293,6 +1304,7 @@ options: - 'user_domain-controller' - 'user_pop3' - 'user_saml' + - 'user_external-identity-provider' - 'user_fsso' - 'user_adgrp' - 'user_fsso-polling' @@ -1300,8 +1312,6 @@ options: - 'user_password-policy' - 'user_local' - 'user_setting' - - 'user_peer' - - 'user_peergrp' - 'user_quarantine' - 'user_group' - 'user_security-exempt-list' @@ -1371,22 +1381,14 @@ options: - 'system_isf-queue-profile' - 'system_npu' - 'system_np6' + - 'system_gi-gk' - 'system_modem' - 'system.3g-modem_custom' - 'system_lte-modem' - - 'firewall_acl' - - 'firewall_acl6' - - 'monitoring_np6-ipsec-engine' - - 'monitoring_npu-hpe' - - 'switch-controller.ptp_settings' - - 'switch-controller.ptp_policy' - - 'system_physical-switch' - - 'system_virtual-switch' - - 'system_stp' - - 'system_gi-gk' - 'firewall_gtp' - 'firewall_pfcp' - - 'vpn_ocvpn' + - 'firewall_acl' + - 'firewall_acl6' - 'gtp_apn' - 'gtp_apngrp' - 'gtp_message-filter-v0v1' @@ -1396,6 +1398,17 @@ options: - 'gtp_tunnel-limit' - 'gtp_apn-shaper' - 'pfcp_message-filter' + - 'monitoring_np6-ipsec-engine' + - 'monitoring_npu-hpe' + - 'system_npu-vlink' + - 'system_physical-switch' + - 'system_virtual-switch' + - 'system_stp' + - 'system_smc-ntp' + - 'videofilter_youtube-channel-filter' + - 'switch-controller.ptp_settings' + - 'switch-controller.ptp_policy' + - 'vpn_ocvpn' - 'system.replacemsg_mail' - 'system.replacemsg_http' - 'system.replacemsg_webproxy' @@ -1560,7 +1573,6 @@ options: - 'firewall_policy6' - 'antivirus_notification' - 'antivirus_mms-checksum' - - 'system_smc-ntp' - 'switch-controller_vlan' - 'switch-controller.security-policy_captive-portal' - 'user_device' @@ -2853,6 +2865,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "None", "mkey_type": None, }, + "vpn_qkd": { + "mkey": "name", + "mkey_type": str, + }, "vpn.ssl.web_realm": { "mkey": "url_path", "mkey_type": str, @@ -2881,7 +2897,7 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, - "vpn_kmip-server": { + "vpn.ipsec_fec": { "mkey": "name", "mkey_type": str, }, @@ -2901,10 +2917,6 @@ MODULE_MKEY_DEFINITONS = { "mkey": "id", "mkey_type": int, }, - "vpn.ipsec_fec": { - "mkey": "name", - "mkey_type": str, - }, "vpn.ipsec_phase1-interface": { "mkey": "name", "mkey_type": str, @@ -2921,6 +2933,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "realm", "mkey_type": str, }, + "vpn_kmip-server": { + "mkey": "name", + "mkey_type": str, + }, "vpn_pptp": { "mkey": "None", "mkey_type": None, @@ -3013,6 +3029,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "diameter-filter_profile": { + "mkey": "name", + "mkey_type": str, + }, "web-proxy_profile": { "mkey": "name", "mkey_type": str, @@ -3105,6 +3125,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "dlp_exact-data-match": { + "mkey": "name", + "mkey_type": str, + }, "dlp_sensor": { "mkey": "name", "mkey_type": str, @@ -3133,7 +3157,7 @@ MODULE_MKEY_DEFINITONS = { "mkey": "id", "mkey_type": int, }, - "videofilter_youtube-channel-filter": { + "videofilter_keyword": { "mkey": "id", "mkey_type": int, }, @@ -3409,6 +3433,14 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "user_peer": { + "mkey": "name", + "mkey_type": str, + }, + "user_peergrp": { + "mkey": "name", + "mkey_type": str, + }, "user_certificate": { "mkey": "name", "mkey_type": str, @@ -3445,6 +3477,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "user_external-identity-provider": { + "mkey": "name", + "mkey_type": str, + }, "user_fsso": { "mkey": "name", "mkey_type": str, @@ -3473,14 +3509,6 @@ MODULE_MKEY_DEFINITONS = { "mkey": "None", "mkey_type": None, }, - "user_peer": { - "mkey": "name", - "mkey_type": str, - }, - "user_peergrp": { - "mkey": "name", - "mkey_type": str, - }, "user_quarantine": { "mkey": "None", "mkey_type": None, @@ -3757,6 +3785,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "system_gi-gk": { + "mkey": "None", + "mkey_type": None, + }, "system_modem": { "mkey": "None", "mkey_type": None, @@ -3769,6 +3801,14 @@ MODULE_MKEY_DEFINITONS = { "mkey": "None", "mkey_type": None, }, + "firewall_gtp": { + "mkey": "name", + "mkey_type": str, + }, + "firewall_pfcp": { + "mkey": "name", + "mkey_type": str, + }, "firewall_acl": { "mkey": "policyid", "mkey_type": int, @@ -3777,86 +3817,86 @@ MODULE_MKEY_DEFINITONS = { "mkey": "policyid", "mkey_type": int, }, - "monitoring_np6-ipsec-engine": { - "mkey": "None", - "mkey_type": None, - }, - "monitoring_npu-hpe": { - "mkey": "None", - "mkey_type": None, - }, - "switch-controller.ptp_settings": { - "mkey": "None", - "mkey_type": None, - }, - "switch-controller.ptp_policy": { + "gtp_apn": { "mkey": "name", "mkey_type": str, }, - "system_physical-switch": { + "gtp_apngrp": { "mkey": "name", "mkey_type": str, }, - "system_virtual-switch": { + "gtp_message-filter-v0v1": { "mkey": "name", "mkey_type": str, }, - "system_stp": { - "mkey": "None", - "mkey_type": None, - }, - "system_gi-gk": { - "mkey": "None", - "mkey_type": None, - }, - "firewall_gtp": { + "gtp_message-filter-v2": { "mkey": "name", "mkey_type": str, }, - "firewall_pfcp": { + "gtp_rat-timeout-profile": { "mkey": "name", "mkey_type": str, }, - "vpn_ocvpn": { - "mkey": "None", - "mkey_type": None, - }, - "gtp_apn": { + "gtp_ie-allow-list": { "mkey": "name", "mkey_type": str, }, - "gtp_apngrp": { + "gtp_tunnel-limit": { "mkey": "name", "mkey_type": str, }, - "gtp_message-filter-v0v1": { - "mkey": "name", - "mkey_type": str, + "gtp_apn-shaper": { + "mkey": "id", + "mkey_type": int, }, - "gtp_message-filter-v2": { + "pfcp_message-filter": { "mkey": "name", "mkey_type": str, }, - "gtp_rat-timeout-profile": { + "monitoring_np6-ipsec-engine": { + "mkey": "None", + "mkey_type": None, + }, + "monitoring_npu-hpe": { + "mkey": "None", + "mkey_type": None, + }, + "system_npu-vlink": { "mkey": "name", "mkey_type": str, }, - "gtp_ie-allow-list": { + "system_physical-switch": { "mkey": "name", "mkey_type": str, }, - "gtp_tunnel-limit": { + "system_virtual-switch": { "mkey": "name", "mkey_type": str, }, - "gtp_apn-shaper": { + "system_stp": { + "mkey": "None", + "mkey_type": None, + }, + "system_smc-ntp": { + "mkey": "None", + "mkey_type": None, + }, + "videofilter_youtube-channel-filter": { "mkey": "id", "mkey_type": int, }, - "pfcp_message-filter": { + "switch-controller.ptp_settings": { + "mkey": "None", + "mkey_type": None, + }, + "switch-controller.ptp_policy": { "mkey": "name", "mkey_type": str, }, + "vpn_ocvpn": { + "mkey": "None", + "mkey_type": None, + }, "system.replacemsg_mail": { "mkey": "msg_type", "mkey_type": str, @@ -4513,10 +4553,6 @@ MODULE_MKEY_DEFINITONS = { "mkey": "id", "mkey_type": int, }, - "system_smc-ntp": { - "mkey": "None", - "mkey_type": None, - }, "switch-controller_vlan": { "mkey": "name", "mkey_type": str, @@ -4993,6 +5029,7 @@ def main(): "vpn.certificate_crl", "vpn.certificate_ocsp-server", "vpn.certificate_setting", + "vpn_qkd", "vpn.ssl.web_realm", "vpn.ssl.web_host-check-software", "vpn.ssl.web_portal", @@ -5000,16 +5037,16 @@ def main(): "vpn.ssl.web_user-bookmark", "vpn.ssl_settings", "vpn.ssl_client", - "vpn_kmip-server", + "vpn.ipsec_fec", "vpn.ipsec_phase1", "vpn.ipsec_phase2", "vpn.ipsec_manualkey", "vpn.ipsec_concentrator", - "vpn.ipsec_fec", "vpn.ipsec_phase1-interface", "vpn.ipsec_phase2-interface", "vpn.ipsec_manualkey-interface", "vpn.ipsec_forticlient", + "vpn_kmip-server", "vpn_pptp", "vpn_l2tp", "certificate_ca", @@ -5033,6 +5070,7 @@ def main(): "ips_global", "ips_settings", "sctp-filter_profile", + "diameter-filter_profile", "web-proxy_profile", "web-proxy_global", "web-proxy_explicit", @@ -5056,6 +5094,7 @@ def main(): "application_group", "dlp_data-type", "dlp_dictionary", + "dlp_exact-data-match", "dlp_sensor", "dlp_filepattern", "dlp_sensitivity", @@ -5063,7 +5102,7 @@ def main(): "dlp_profile", "dlp_settings", "videofilter_youtube-key", - "videofilter_youtube-channel-filter", + "videofilter_keyword", "videofilter_profile", "emailfilter_bword", "emailfilter_block-allow-list", @@ -5132,6 +5171,8 @@ def main(): "icap_server", "icap_server-group", "icap_profile", + "user_peer", + "user_peergrp", "user_certificate", "user_radius", "user_tacacs+", @@ -5141,6 +5182,7 @@ def main(): "user_domain-controller", "user_pop3", "user_saml", + "user_external-identity-provider", "user_fsso", "user_adgrp", "user_fsso-polling", @@ -5148,8 +5190,6 @@ def main(): "user_password-policy", "user_local", "user_setting", - "user_peer", - "user_peergrp", "user_quarantine", "user_group", "user_security-exempt-list", @@ -5219,22 +5259,14 @@ def main(): "system_isf-queue-profile", "system_npu", "system_np6", + "system_gi-gk", "system_modem", "system.3g-modem_custom", "system_lte-modem", - "firewall_acl", - "firewall_acl6", - "monitoring_np6-ipsec-engine", - "monitoring_npu-hpe", - "switch-controller.ptp_settings", - "switch-controller.ptp_policy", - "system_physical-switch", - "system_virtual-switch", - "system_stp", - "system_gi-gk", "firewall_gtp", "firewall_pfcp", - "vpn_ocvpn", + "firewall_acl", + "firewall_acl6", "gtp_apn", "gtp_apngrp", "gtp_message-filter-v0v1", @@ -5244,6 +5276,17 @@ def main(): "gtp_tunnel-limit", "gtp_apn-shaper", "pfcp_message-filter", + "monitoring_np6-ipsec-engine", + "monitoring_npu-hpe", + "system_npu-vlink", + "system_physical-switch", + "system_virtual-switch", + "system_stp", + "system_smc-ntp", + "videofilter_youtube-channel-filter", + "switch-controller.ptp_settings", + "switch-controller.ptp_policy", + "vpn_ocvpn", "system.replacemsg_mail", "system.replacemsg_http", "system.replacemsg_webproxy", @@ -5408,7 +5451,6 @@ def main(): "firewall_policy6", "antivirus_notification", "antivirus_mms-checksum", - "system_smc-ntp", "switch-controller_vlan", "switch-controller.security-policy_captive-portal", "user_device", @@ -5732,6 +5774,7 @@ def main(): "vpn.certificate_crl", "vpn.certificate_ocsp-server", "vpn.certificate_setting", + "vpn_qkd", "vpn.ssl.web_realm", "vpn.ssl.web_host-check-software", "vpn.ssl.web_portal", @@ -5739,16 +5782,16 @@ def main(): "vpn.ssl.web_user-bookmark", "vpn.ssl_settings", "vpn.ssl_client", - "vpn_kmip-server", + "vpn.ipsec_fec", "vpn.ipsec_phase1", "vpn.ipsec_phase2", "vpn.ipsec_manualkey", "vpn.ipsec_concentrator", - "vpn.ipsec_fec", "vpn.ipsec_phase1-interface", "vpn.ipsec_phase2-interface", "vpn.ipsec_manualkey-interface", "vpn.ipsec_forticlient", + "vpn_kmip-server", "vpn_pptp", "vpn_l2tp", "certificate_ca", @@ -5772,6 +5815,7 @@ def main(): "ips_global", "ips_settings", "sctp-filter_profile", + "diameter-filter_profile", "web-proxy_profile", "web-proxy_global", "web-proxy_explicit", @@ -5795,6 +5839,7 @@ def main(): "application_group", "dlp_data-type", "dlp_dictionary", + "dlp_exact-data-match", "dlp_sensor", "dlp_filepattern", "dlp_sensitivity", @@ -5802,7 +5847,7 @@ def main(): "dlp_profile", "dlp_settings", "videofilter_youtube-key", - "videofilter_youtube-channel-filter", + "videofilter_keyword", "videofilter_profile", "emailfilter_bword", "emailfilter_block-allow-list", @@ -5871,6 +5916,8 @@ def main(): "icap_server", "icap_server-group", "icap_profile", + "user_peer", + "user_peergrp", "user_certificate", "user_radius", "user_tacacs+", @@ -5880,6 +5927,7 @@ def main(): "user_domain-controller", "user_pop3", "user_saml", + "user_external-identity-provider", "user_fsso", "user_adgrp", "user_fsso-polling", @@ -5887,8 +5935,6 @@ def main(): "user_password-policy", "user_local", "user_setting", - "user_peer", - "user_peergrp", "user_quarantine", "user_group", "user_security-exempt-list", @@ -5958,22 +6004,14 @@ def main(): "system_isf-queue-profile", "system_npu", "system_np6", + "system_gi-gk", "system_modem", "system.3g-modem_custom", "system_lte-modem", - "firewall_acl", - "firewall_acl6", - "monitoring_np6-ipsec-engine", - "monitoring_npu-hpe", - "switch-controller.ptp_settings", - "switch-controller.ptp_policy", - "system_physical-switch", - "system_virtual-switch", - "system_stp", - "system_gi-gk", "firewall_gtp", "firewall_pfcp", - "vpn_ocvpn", + "firewall_acl", + "firewall_acl6", "gtp_apn", "gtp_apngrp", "gtp_message-filter-v0v1", @@ -5983,6 +6021,17 @@ def main(): "gtp_tunnel-limit", "gtp_apn-shaper", "pfcp_message-filter", + "monitoring_np6-ipsec-engine", + "monitoring_npu-hpe", + "system_npu-vlink", + "system_physical-switch", + "system_virtual-switch", + "system_stp", + "system_smc-ntp", + "videofilter_youtube-channel-filter", + "switch-controller.ptp_settings", + "switch-controller.ptp_policy", + "vpn_ocvpn", "system.replacemsg_mail", "system.replacemsg_http", "system.replacemsg_webproxy", @@ -6147,7 +6196,6 @@ def main(): "firewall_policy6", "antivirus_notification", "antivirus_mms-checksum", - "system_smc-ntp", "switch-controller_vlan", "switch-controller.security-policy_captive-portal", "user_device", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_credential_store_domain_controller.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_credential_store_domain_controller.py index bbbb07b07..82d4b0792 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_credential_store_domain_controller.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_credential_store_domain_controller.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -269,11 +269,10 @@ def credential_store_domain_controller(data, fos, check_mode=False): state = data["state"] credential_store_domain_controller_data = data["credential_store_domain_controller"] - filtered_data = underscore_to_hyphen( - filter_credential_store_domain_controller_data( - credential_store_domain_controller_data - ) + filtered_data = filter_credential_store_domain_controller_data( + credential_store_domain_controller_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -342,7 +341,7 @@ def credential_store_domain_controller(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "credential-store", "domain-controller", data=filtered_data, vdom=vdom + "credential-store", "domain-controller", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_diameter_filter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_diameter_filter_profile.py new file mode 100644 index 000000000..98e9920f3 --- /dev/null +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_diameter_filter_profile.py @@ -0,0 +1,542 @@ +#!/usr/bin/python +from __future__ import absolute_import, division, print_function + +# Copyright: (c) 2022 Fortinet +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +__metaclass__ = type + +ANSIBLE_METADATA = { + "status": ["preview"], + "supported_by": "community", + "metadata_version": "1.1", +} + +DOCUMENTATION = """ +--- +module: fortios_diameter_filter_profile +short_description: Configure Diameter filter profiles in Fortinet's FortiOS and FortiGate. +description: + - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the + user to set and modify diameter_filter feature and profile category. + Examples include all parameters and values need to be adjusted to datasources before usage. + Tested with FOS v6.0.0 +version_added: "2.0.0" +author: + - Link Zheng (@chillancezen) + - Jie Xue (@JieX19) + - Hongbin Lu (@fgtdev-hblu) + - Frank Shen (@frankshen01) + - Miguel Angel Munoz (@mamunozgonzalez) + - Nicolas Thomas (@thomnico) +notes: + - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks + +requirements: + - ansible>=2.15 +options: + access_token: + description: + - Token-based authentication. + Generated from GUI of Fortigate. + type: str + required: false + enable_log: + description: + - Enable/Disable logging for task. + type: bool + required: false + default: false + vdom: + description: + - Virtual domain, among those defined previously. A vdom is a + virtual instance of the FortiGate that can be configured and + used as a different unit. + type: str + default: root + member_path: + type: str + description: + - Member attribute path to operate on. + - Delimited by a slash character if there are more than one attribute. + - Parameter marked with member_path is legitimate for doing member operation. + member_state: + type: str + description: + - Add or delete a member under specified attribute path. + - When member_state is specified, the state option is ignored. + choices: + - 'present' + - 'absent' + + state: + description: + - Indicates whether to create or remove the object. + type: str + required: true + choices: + - 'present' + - 'absent' + diameter_filter_profile: + description: + - Configure Diameter filter profiles. + default: null + type: dict + suboptions: + cmd_flags_reserve_set: + description: + - Action to be taken for messages with cmd flag reserve bits set. + type: str + choices: + - 'allow' + - 'block' + - 'reset' + - 'monitor' + command_code_invalid: + description: + - Action to be taken for messages with invalid command code. + type: str + choices: + - 'allow' + - 'block' + - 'reset' + - 'monitor' + command_code_range: + description: + - Valid range for command codes (0-16777215). + type: str + comment: + description: + - Comment. + type: str + log_packet: + description: + - Enable/disable packet log for triggered diameter settings. + type: str + choices: + - 'disable' + - 'enable' + message_length_invalid: + description: + - Action to be taken for invalid message length. + type: str + choices: + - 'allow' + - 'block' + - 'reset' + - 'monitor' + missing_request_action: + description: + - Action to be taken for answers without corresponding request. + type: str + choices: + - 'allow' + - 'block' + - 'reset' + - 'monitor' + monitor_all_messages: + description: + - Enable/disable logging for all User Name and Result Code AVP messages. + type: str + choices: + - 'disable' + - 'enable' + name: + description: + - Profile name. + required: true + type: str + protocol_version_invalid: + description: + - Action to be taken for invalid protocol version. + type: str + choices: + - 'allow' + - 'block' + - 'reset' + - 'monitor' + request_error_flag_set: + description: + - Action to be taken for request messages with error flag set. + type: str + choices: + - 'allow' + - 'block' + - 'reset' + - 'monitor' + track_requests_answers: + description: + - Enable/disable validation that each answer has a corresponding request. + type: str + choices: + - 'disable' + - 'enable' +""" + +EXAMPLES = """ +- name: Configure Diameter filter profiles. + fortinet.fortios.fortios_diameter_filter_profile: + vdom: "{{ vdom }}" + state: "present" + access_token: "<your_own_value>" + diameter_filter_profile: + cmd_flags_reserve_set: "allow" + command_code_invalid: "allow" + command_code_range: "<your_own_value>" + comment: "Comment." + log_packet: "disable" + message_length_invalid: "allow" + missing_request_action: "allow" + monitor_all_messages: "disable" + name: "default_name_11" + protocol_version_invalid: "allow" + request_error_flag_set: "allow" + track_requests_answers: "disable" +""" + +RETURN = """ +build: + description: Build number of the fortigate image + returned: always + type: str + sample: '1547' +http_method: + description: Last method used to provision the content into FortiGate + returned: always + type: str + sample: 'PUT' +http_status: + description: Last result given by FortiGate on last operation applied + returned: always + type: str + sample: "200" +mkey: + description: Master key (id) used in the last call to FortiGate + returned: success + type: str + sample: "id" +name: + description: Name of the table used to fulfill the request + returned: always + type: str + sample: "urlfilter" +path: + description: Path of the table used to fulfill the request + returned: always + type: str + sample: "webfilter" +revision: + description: Internal revision number + returned: always + type: str + sample: "17.0.2.10658" +serial: + description: Serial number of the unit + returned: always + type: str + sample: "FGVMEVYYQT3AB5352" +status: + description: Indication of the operation's result + returned: always + type: str + sample: "success" +vdom: + description: Virtual domain used + returned: always + type: str + sample: "root" +version: + description: Version of the FortiGate + returned: always + type: str + sample: "v5.6.3" +""" +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.connection import Connection +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + FortiOSHandler, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_legacy_fortiosapi, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + schema_to_module_spec, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_schema_versioning, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import ( + FAIL_SOCKET_MSG, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post_processor import ( + remove_invalid_fields, +) + + +def filter_diameter_filter_profile_data(json): + option_list = [ + "cmd_flags_reserve_set", + "command_code_invalid", + "command_code_range", + "comment", + "log_packet", + "message_length_invalid", + "missing_request_action", + "monitor_all_messages", + "name", + "protocol_version_invalid", + "request_error_flag_set", + "track_requests_answers", + ] + + json = remove_invalid_fields(json) + dictionary = {} + + for attribute in option_list: + if attribute in json and json[attribute] is not None: + dictionary[attribute] = json[attribute] + + return dictionary + + +def underscore_to_hyphen(data): + if isinstance(data, list): + for i, elem in enumerate(data): + data[i] = underscore_to_hyphen(elem) + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[k.replace("_", "-")] = underscore_to_hyphen(v) + data = new_data + + return data + + +def diameter_filter_profile(data, fos): + vdom = data["vdom"] + + state = data["state"] + + diameter_filter_profile_data = data["diameter_filter_profile"] + filtered_data = filter_diameter_filter_profile_data(diameter_filter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) + + if state == "present" or state is True: + return fos.set("diameter-filter", "profile", data=converted_data, vdom=vdom) + + elif state == "absent": + return fos.delete( + "diameter-filter", "profile", mkey=filtered_data["name"], vdom=vdom + ) + else: + fos._module.fail_json(msg="state must be present or absent!") + + +def is_successful_status(resp): + return ( + "status" in resp + and resp["status"] == "success" + or "http_status" in resp + and resp["http_status"] == 200 + or "http_method" in resp + and resp["http_method"] == "DELETE" + and resp["http_status"] == 404 + ) + + +def fortios_diameter_filter(data, fos): + fos.do_member_operation("diameter-filter", "profile") + if data["diameter_filter_profile"]: + resp = diameter_filter_profile(data, fos) + else: + fos._module.fail_json(msg="missing task body: %s" % ("diameter_filter_profile")) + + return ( + not is_successful_status(resp), + is_successful_status(resp) + and (resp["revision_changed"] if "revision_changed" in resp else True), + resp, + {}, + ) + + +versioned_schema = { + "type": "list", + "elements": "dict", + "children": { + "name": {"v_range": [["v7.4.2", ""]], "type": "string", "required": True}, + "comment": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "monitor_all_messages": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "log_packet": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "track_requests_answers": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "missing_request_action": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "block"}, + {"value": "reset"}, + {"value": "monitor"}, + ], + }, + "protocol_version_invalid": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "block"}, + {"value": "reset"}, + {"value": "monitor"}, + ], + }, + "message_length_invalid": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "block"}, + {"value": "reset"}, + {"value": "monitor"}, + ], + }, + "request_error_flag_set": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "block"}, + {"value": "reset"}, + {"value": "monitor"}, + ], + }, + "cmd_flags_reserve_set": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "block"}, + {"value": "reset"}, + {"value": "monitor"}, + ], + }, + "command_code_invalid": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "block"}, + {"value": "reset"}, + {"value": "monitor"}, + ], + }, + "command_code_range": {"v_range": [["v7.4.2", ""]], "type": "string"}, + }, + "v_range": [["v7.4.2", ""]], +} + + +def main(): + module_spec = schema_to_module_spec(versioned_schema) + mkeyname = "name" + fields = { + "access_token": {"required": False, "type": "str", "no_log": True}, + "enable_log": {"required": False, "type": "bool", "default": False}, + "vdom": {"required": False, "type": "str", "default": "root"}, + "member_path": {"required": False, "type": "str"}, + "member_state": { + "type": "str", + "required": False, + "choices": ["present", "absent"], + }, + "state": {"required": True, "type": "str", "choices": ["present", "absent"]}, + "diameter_filter_profile": { + "required": False, + "type": "dict", + "default": None, + "options": {}, + }, + } + for attribute_name in module_spec["options"]: + fields["diameter_filter_profile"]["options"][attribute_name] = module_spec[ + "options" + ][attribute_name] + if mkeyname and mkeyname == attribute_name: + fields["diameter_filter_profile"]["options"][attribute_name][ + "required" + ] = True + + module = AnsibleModule(argument_spec=fields, supports_check_mode=False) + check_legacy_fortiosapi(module) + + is_error = False + has_changed = False + result = None + diff = None + + versions_check_result = None + if module._socket_path: + connection = Connection(module._socket_path) + if "access_token" in module.params: + connection.set_option("access_token", module.params["access_token"]) + + if "enable_log" in module.params: + connection.set_option("enable_log", module.params["enable_log"]) + else: + connection.set_option("enable_log", False) + fos = FortiOSHandler(connection, module, mkeyname) + versions_check_result = check_schema_versioning( + fos, versioned_schema, "diameter_filter_profile" + ) + + is_error, has_changed, result, diff = fortios_diameter_filter( + module.params, fos + ) + + else: + module.fail_json(**FAIL_SOCKET_MSG) + + if versions_check_result and versions_check_result["matched"] is False: + module.warn( + "Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv" + ) + + if not is_error: + if versions_check_result and versions_check_result["matched"] is False: + module.exit_json( + changed=has_changed, + version_check_warning=versions_check_result, + meta=result, + diff=diff, + ) + else: + module.exit_json(changed=has_changed, meta=result, diff=diff) + else: + if versions_check_result and versions_check_result["matched"] is False: + module.fail_json( + msg="Error in repo", + version_check_warning=versions_check_result, + meta=result, + ) + else: + module.fail_json(msg="Error in repo", meta=result) + + +if __name__ == "__main__": + main() diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_data_type.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_data_type.py index 21779c20a..d0d8a34a6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_data_type.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_data_type.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -100,11 +100,19 @@ options: description: - Number of characters required to save for verification (1 - 255). type: int + match_ahead: + description: + - Number of characters behind for match-around (1 - 4096). + type: int match_around: description: - Dictionary to check whether it has a match around (Only support match-any and basic types, no repeat supported). Source dlp.dictionary .name. type: str + match_back: + description: + - Number of characters in front for match-around (1 - 4096). + type: int name: description: - Name of table containing the data type. @@ -129,6 +137,10 @@ options: choices: - 'enable' - 'disable' + verify2: + description: + - Extra regular expression pattern string used to verify the data type. + type: str """ EXAMPLES = """ @@ -141,12 +153,15 @@ EXAMPLES = """ comment: "Optional comments." look_ahead: "1" look_back: "1" + match_ahead: "1" match_around: "<your_own_value> (source dlp.dictionary.name)" - name: "default_name_7" + match_back: "1" + name: "default_name_9" pattern: "<your_own_value>" transform: "<your_own_value>" verify: "<your_own_value>" verify_transformed_pattern: "enable" + verify2: "<your_own_value>" """ RETURN = """ @@ -233,12 +248,15 @@ def filter_dlp_data_type_data(json): "comment", "look_ahead", "look_back", + "match_ahead", "match_around", + "match_back", "name", "pattern", "transform", "verify", "verify_transformed_pattern", + "verify2", ] json = remove_invalid_fields(json) @@ -270,10 +288,11 @@ def dlp_data_type(data, fos): state = data["state"] dlp_data_type_data = data["dlp_data_type"] - filtered_data = underscore_to_hyphen(filter_dlp_data_type_data(dlp_data_type_data)) + filtered_data = filter_dlp_data_type_data(dlp_data_type_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("dlp", "data-type", data=filtered_data, vdom=vdom) + return fos.set("dlp", "data-type", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("dlp", "data-type", mkey=filtered_data["name"], vdom=vdom) @@ -316,9 +335,12 @@ versioned_schema = { "name": {"v_range": [["v7.2.0", ""]], "type": "string", "required": True}, "pattern": {"v_range": [["v7.2.0", ""]], "type": "string"}, "verify": {"v_range": [["v7.2.0", ""]], "type": "string"}, + "verify2": {"v_range": [["v7.4.2", ""]], "type": "string"}, "match_around": {"v_range": [["v7.4.0", ""]], "type": "string"}, "look_back": {"v_range": [["v7.2.0", ""]], "type": "integer"}, "look_ahead": {"v_range": [["v7.2.0", ""]], "type": "integer"}, + "match_back": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "match_ahead": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "transform": {"v_range": [["v7.2.0", ""]], "type": "string"}, "verify_transformed_pattern": { "v_range": [["v7.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_dictionary.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_dictionary.py index aeab4d3a0..ac576cd86 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_dictionary.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_dictionary.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -295,12 +295,11 @@ def dlp_dictionary(data, fos): state = data["state"] dlp_dictionary_data = data["dlp_dictionary"] - filtered_data = underscore_to_hyphen( - filter_dlp_dictionary_data(dlp_dictionary_data) - ) + filtered_data = filter_dlp_dictionary_data(dlp_dictionary_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("dlp", "dictionary", data=filtered_data, vdom=vdom) + return fos.set("dlp", "dictionary", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("dlp", "dictionary", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_exact_data_match.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_exact_data_match.py new file mode 100644 index 000000000..189dbd6f7 --- /dev/null +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_exact_data_match.py @@ -0,0 +1,411 @@ +#!/usr/bin/python +from __future__ import absolute_import, division, print_function + +# Copyright: (c) 2022 Fortinet +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +__metaclass__ = type + +ANSIBLE_METADATA = { + "status": ["preview"], + "supported_by": "community", + "metadata_version": "1.1", +} + +DOCUMENTATION = """ +--- +module: fortios_dlp_exact_data_match +short_description: Configure exact-data-match template used by DLP scan in Fortinet's FortiOS and FortiGate. +description: + - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the + user to set and modify dlp feature and exact_data_match category. + Examples include all parameters and values need to be adjusted to datasources before usage. + Tested with FOS v6.0.0 +version_added: "2.0.0" +author: + - Link Zheng (@chillancezen) + - Jie Xue (@JieX19) + - Hongbin Lu (@fgtdev-hblu) + - Frank Shen (@frankshen01) + - Miguel Angel Munoz (@mamunozgonzalez) + - Nicolas Thomas (@thomnico) +notes: + - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks + +requirements: + - ansible>=2.15 +options: + access_token: + description: + - Token-based authentication. + Generated from GUI of Fortigate. + type: str + required: false + enable_log: + description: + - Enable/Disable logging for task. + type: bool + required: false + default: false + vdom: + description: + - Virtual domain, among those defined previously. A vdom is a + virtual instance of the FortiGate that can be configured and + used as a different unit. + type: str + default: root + member_path: + type: str + description: + - Member attribute path to operate on. + - Delimited by a slash character if there are more than one attribute. + - Parameter marked with member_path is legitimate for doing member operation. + member_state: + type: str + description: + - Add or delete a member under specified attribute path. + - When member_state is specified, the state option is ignored. + choices: + - 'present' + - 'absent' + + state: + description: + - Indicates whether to create or remove the object. + type: str + required: true + choices: + - 'present' + - 'absent' + dlp_exact_data_match: + description: + - Configure exact-data-match template used by DLP scan. + default: null + type: dict + suboptions: + columns: + description: + - DLP exact-data-match column types. + type: list + elements: dict + suboptions: + index: + description: + - Column index. see <a href='#notes'>Notes</a>. + required: true + type: int + optional: + description: + - Enable/disable optional match. + type: str + choices: + - 'enable' + - 'disable' + type: + description: + - Data-type for this column. Source dlp.data-type.name. + type: str + data: + description: + - External resource for exact data match. Source system.external-resource.name. + type: str + name: + description: + - Name of table containing the exact-data-match template. + required: true + type: str + optional: + description: + - Number of optional columns need to match. + type: int +""" + +EXAMPLES = """ +- name: Configure exact-data-match template used by DLP scan. + fortinet.fortios.fortios_dlp_exact_data_match: + vdom: "{{ vdom }}" + state: "present" + access_token: "<your_own_value>" + dlp_exact_data_match: + columns: + - + index: "<you_own_value>" + optional: "enable" + type: "<your_own_value> (source dlp.data-type.name)" + data: "<your_own_value> (source system.external-resource.name)" + name: "default_name_8" + optional: "0" +""" + +RETURN = """ +build: + description: Build number of the fortigate image + returned: always + type: str + sample: '1547' +http_method: + description: Last method used to provision the content into FortiGate + returned: always + type: str + sample: 'PUT' +http_status: + description: Last result given by FortiGate on last operation applied + returned: always + type: str + sample: "200" +mkey: + description: Master key (id) used in the last call to FortiGate + returned: success + type: str + sample: "id" +name: + description: Name of the table used to fulfill the request + returned: always + type: str + sample: "urlfilter" +path: + description: Path of the table used to fulfill the request + returned: always + type: str + sample: "webfilter" +revision: + description: Internal revision number + returned: always + type: str + sample: "17.0.2.10658" +serial: + description: Serial number of the unit + returned: always + type: str + sample: "FGVMEVYYQT3AB5352" +status: + description: Indication of the operation's result + returned: always + type: str + sample: "success" +vdom: + description: Virtual domain used + returned: always + type: str + sample: "root" +version: + description: Version of the FortiGate + returned: always + type: str + sample: "v5.6.3" +""" +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.connection import Connection +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + FortiOSHandler, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_legacy_fortiosapi, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + schema_to_module_spec, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_schema_versioning, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import ( + FAIL_SOCKET_MSG, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post_processor import ( + remove_invalid_fields, +) + + +def filter_dlp_exact_data_match_data(json): + option_list = ["columns", "data", "name", "optional"] + + json = remove_invalid_fields(json) + dictionary = {} + + for attribute in option_list: + if attribute in json and json[attribute] is not None: + dictionary[attribute] = json[attribute] + + return dictionary + + +def underscore_to_hyphen(data): + if isinstance(data, list): + for i, elem in enumerate(data): + data[i] = underscore_to_hyphen(elem) + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[k.replace("_", "-")] = underscore_to_hyphen(v) + data = new_data + + return data + + +def dlp_exact_data_match(data, fos): + vdom = data["vdom"] + + state = data["state"] + + dlp_exact_data_match_data = data["dlp_exact_data_match"] + filtered_data = filter_dlp_exact_data_match_data(dlp_exact_data_match_data) + converted_data = underscore_to_hyphen(filtered_data) + + if state == "present" or state is True: + return fos.set("dlp", "exact-data-match", data=converted_data, vdom=vdom) + + elif state == "absent": + return fos.delete( + "dlp", "exact-data-match", mkey=filtered_data["name"], vdom=vdom + ) + else: + fos._module.fail_json(msg="state must be present or absent!") + + +def is_successful_status(resp): + return ( + "status" in resp + and resp["status"] == "success" + or "http_status" in resp + and resp["http_status"] == 200 + or "http_method" in resp + and resp["http_method"] == "DELETE" + and resp["http_status"] == 404 + ) + + +def fortios_dlp(data, fos): + fos.do_member_operation("dlp", "exact-data-match") + if data["dlp_exact_data_match"]: + resp = dlp_exact_data_match(data, fos) + else: + fos._module.fail_json(msg="missing task body: %s" % ("dlp_exact_data_match")) + + return ( + not is_successful_status(resp), + is_successful_status(resp) + and (resp["revision_changed"] if "revision_changed" in resp else True), + resp, + {}, + ) + + +versioned_schema = { + "type": "list", + "elements": "dict", + "children": { + "name": {"v_range": [["v7.4.2", ""]], "type": "string", "required": True}, + "optional": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "data": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "columns": { + "type": "list", + "elements": "dict", + "children": { + "index": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + "required": True, + }, + "type": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "optional": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + }, + "v_range": [["v7.4.2", ""]], + }, + }, + "v_range": [["v7.4.2", ""]], +} + + +def main(): + module_spec = schema_to_module_spec(versioned_schema) + mkeyname = "name" + fields = { + "access_token": {"required": False, "type": "str", "no_log": True}, + "enable_log": {"required": False, "type": "bool", "default": False}, + "vdom": {"required": False, "type": "str", "default": "root"}, + "member_path": {"required": False, "type": "str"}, + "member_state": { + "type": "str", + "required": False, + "choices": ["present", "absent"], + }, + "state": {"required": True, "type": "str", "choices": ["present", "absent"]}, + "dlp_exact_data_match": { + "required": False, + "type": "dict", + "default": None, + "options": {}, + }, + } + for attribute_name in module_spec["options"]: + fields["dlp_exact_data_match"]["options"][attribute_name] = module_spec[ + "options" + ][attribute_name] + if mkeyname and mkeyname == attribute_name: + fields["dlp_exact_data_match"]["options"][attribute_name]["required"] = True + + module = AnsibleModule(argument_spec=fields, supports_check_mode=False) + check_legacy_fortiosapi(module) + + is_error = False + has_changed = False + result = None + diff = None + + versions_check_result = None + if module._socket_path: + connection = Connection(module._socket_path) + if "access_token" in module.params: + connection.set_option("access_token", module.params["access_token"]) + + if "enable_log" in module.params: + connection.set_option("enable_log", module.params["enable_log"]) + else: + connection.set_option("enable_log", False) + fos = FortiOSHandler(connection, module, mkeyname) + versions_check_result = check_schema_versioning( + fos, versioned_schema, "dlp_exact_data_match" + ) + + is_error, has_changed, result, diff = fortios_dlp(module.params, fos) + + else: + module.fail_json(**FAIL_SOCKET_MSG) + + if versions_check_result and versions_check_result["matched"] is False: + module.warn( + "Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv" + ) + + if not is_error: + if versions_check_result and versions_check_result["matched"] is False: + module.exit_json( + changed=has_changed, + version_check_warning=versions_check_result, + meta=result, + diff=diff, + ) + else: + module.exit_json(changed=has_changed, meta=result, diff=diff) + else: + if versions_check_result and versions_check_result["matched"] is False: + module.fail_json( + msg="Error in repo", + version_check_warning=versions_check_result, + meta=result, + ) + else: + module.fail_json(msg="Error in repo", meta=result) + + +if __name__ == "__main__": + main() diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_filepattern.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_filepattern.py index 50b97819b..8fca42f8e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_filepattern.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_filepattern.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -325,9 +325,8 @@ def dlp_filepattern(data, fos, check_mode=False): state = data["state"] dlp_filepattern_data = data["dlp_filepattern"] - filtered_data = underscore_to_hyphen( - filter_dlp_filepattern_data(dlp_filepattern_data) - ) + filtered_data = filter_dlp_filepattern_data(dlp_filepattern_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -391,7 +390,7 @@ def dlp_filepattern(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("dlp", "filepattern", data=filtered_data, vdom=vdom) + return fos.set("dlp", "filepattern", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("dlp", "filepattern", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_doc_source.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_doc_source.py index e014de687..1431686a6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_doc_source.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_doc_source.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -361,9 +361,8 @@ def dlp_fp_doc_source(data, fos, check_mode=False): state = data["state"] dlp_fp_doc_source_data = data["dlp_fp_doc_source"] - filtered_data = underscore_to_hyphen( - filter_dlp_fp_doc_source_data(dlp_fp_doc_source_data) - ) + filtered_data = filter_dlp_fp_doc_source_data(dlp_fp_doc_source_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -427,7 +426,7 @@ def dlp_fp_doc_source(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("dlp", "fp-doc-source", data=filtered_data, vdom=vdom) + return fos.set("dlp", "fp-doc-source", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("dlp", "fp-doc-source", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_sensitivity.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_sensitivity.py index 36cbf1c92..db83f2c60 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_sensitivity.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_fp_sensitivity.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -226,9 +226,8 @@ def dlp_fp_sensitivity(data, fos, check_mode=False): state = data["state"] dlp_fp_sensitivity_data = data["dlp_fp_sensitivity"] - filtered_data = underscore_to_hyphen( - filter_dlp_fp_sensitivity_data(dlp_fp_sensitivity_data) - ) + filtered_data = filter_dlp_fp_sensitivity_data(dlp_fp_sensitivity_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -292,7 +291,7 @@ def dlp_fp_sensitivity(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("dlp", "fp-sensitivity", data=filtered_data, vdom=vdom) + return fos.set("dlp", "fp-sensitivity", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_profile.py index fb91042ac..04086a066 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -466,9 +466,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -477,8 +477,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -495,8 +498,8 @@ def dlp_profile(data, fos): dlp_profile_data = data["dlp_profile"] dlp_profile_data = flatten_multilists_attributes(dlp_profile_data) - filtered_data = underscore_to_hyphen(filter_dlp_profile_data(dlp_profile_data)) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_dlp_profile_data(dlp_profile_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) if state == "present" or state is True: return fos.set("dlp", "profile", data=converted_data, vdom=vdom) @@ -597,7 +600,10 @@ versioned_schema = { "options": [ {"value": "sensor"}, {"value": "mip"}, - {"value": "fingerprint"}, + { + "value": "fingerprint", + "v_range": [["v7.2.0", "v7.4.1"], ["v7.4.3", ""]], + }, {"value": "encrypted"}, {"value": "none"}, ], @@ -613,9 +619,12 @@ versioned_schema = { "required": True, } }, - "v_range": [["v7.2.0", ""]], + "v_range": [["v7.2.0", "v7.4.1"], ["v7.4.3", ""]], + }, + "match_percentage": { + "v_range": [["v7.2.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", }, - "match_percentage": {"v_range": [["v7.2.0", ""]], "type": "integer"}, "file_type": {"v_range": [["v7.2.0", ""]], "type": "integer"}, "sensor": { "type": "list", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensitivity.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensitivity.py index 1d9807c98..d91ff52c9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensitivity.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensitivity.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -226,9 +226,8 @@ def dlp_sensitivity(data, fos, check_mode=False): state = data["state"] dlp_sensitivity_data = data["dlp_sensitivity"] - filtered_data = underscore_to_hyphen( - filter_dlp_sensitivity_data(dlp_sensitivity_data) - ) + filtered_data = filter_dlp_sensitivity_data(dlp_sensitivity_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -292,7 +291,7 @@ def dlp_sensitivity(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("dlp", "sensitivity", data=filtered_data, vdom=vdom) + return fos.set("dlp", "sensitivity", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("dlp", "sensitivity", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensor.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensor.py index 541b4b9bb..c2c3e8987 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensor.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_sensor.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,7 +112,7 @@ options: type: int dictionary: description: - - Select a DLP dictionary. Source dlp.dictionary.name. + - Select a DLP dictionary. Source dlp.dictionary.name dlp.exact-data-match.name. type: str id: description: @@ -360,7 +360,7 @@ EXAMPLES = """ entries: - count: "1" - dictionary: "<your_own_value> (source dlp.dictionary.name)" + dictionary: "<your_own_value> (source dlp.dictionary.name dlp.exact-data-match.name)" id: "8" status: "enable" eval: "<your_own_value>" @@ -560,9 +560,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -571,8 +571,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -589,8 +592,8 @@ def dlp_sensor(data, fos, check_mode=False): dlp_sensor_data = data["dlp_sensor"] dlp_sensor_data = flatten_multilists_attributes(dlp_sensor_data) - filtered_data = underscore_to_hyphen(filter_dlp_sensor_data(dlp_sensor_data)) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_dlp_sensor_data(dlp_sensor_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_settings.py index c4d6419dc..1a741cdb6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dlp_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,9 +232,10 @@ def underscore_to_hyphen(data): def dlp_settings(data, fos): vdom = data["vdom"] dlp_settings_data = data["dlp_settings"] - filtered_data = underscore_to_hyphen(filter_dlp_settings_data(dlp_settings_data)) + filtered_data = filter_dlp_settings_data(dlp_settings_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("dlp", "settings", data=filtered_data, vdom=vdom) + return fos.set("dlp", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_domain_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_domain_filter.py index 5b2b7895d..9970f74f1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_domain_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_domain_filter.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -282,9 +282,8 @@ def dnsfilter_domain_filter(data, fos, check_mode=False): state = data["state"] dnsfilter_domain_filter_data = data["dnsfilter_domain_filter"] - filtered_data = underscore_to_hyphen( - filter_dnsfilter_domain_filter_data(dnsfilter_domain_filter_data) - ) + filtered_data = filter_dnsfilter_domain_filter_data(dnsfilter_domain_filter_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -348,7 +347,7 @@ def dnsfilter_domain_filter(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("dnsfilter", "domain-filter", data=filtered_data, vdom=vdom) + return fos.set("dnsfilter", "domain-filter", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_profile.py index 1fe68e823..068cac689 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dnsfilter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -497,9 +497,8 @@ def dnsfilter_profile(data, fos, check_mode=False): dnsfilter_profile_data = data["dnsfilter_profile"] dnsfilter_profile_data = flatten_multilists_attributes(dnsfilter_profile_data) - filtered_data = underscore_to_hyphen( - filter_dnsfilter_profile_data(dnsfilter_profile_data) - ) + filtered_data = filter_dnsfilter_profile_data(dnsfilter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -563,7 +562,7 @@ def dnsfilter_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("dnsfilter", "profile", data=filtered_data, vdom=vdom) + return fos.set("dnsfilter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("dnsfilter", "profile", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_cpus.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_cpus.py index ca3100626..d16d79dbe 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_cpus.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_cpus.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -101,6 +101,10 @@ options: description: - CPUs enabled to run DPDK VNP engines. type: str + vnpsp_cpus: + description: + - CPUs enabled to run DPDK VNP slow path. + type: str """ EXAMPLES = """ @@ -113,6 +117,7 @@ EXAMPLES = """ rx_cpus: "<your_own_value>" tx_cpus: "<your_own_value>" vnp_cpus: "<your_own_value>" + vnpsp_cpus: "<your_own_value>" """ RETURN = """ @@ -195,7 +200,14 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post def filter_dpdk_cpus_data(json): - option_list = ["ips_cpus", "isolated_cpus", "rx_cpus", "tx_cpus", "vnp_cpus"] + option_list = [ + "ips_cpus", + "isolated_cpus", + "rx_cpus", + "tx_cpus", + "vnp_cpus", + "vnpsp_cpus", + ] json = remove_invalid_fields(json) dictionary = {} @@ -223,9 +235,10 @@ def underscore_to_hyphen(data): def dpdk_cpus(data, fos): vdom = data["vdom"] dpdk_cpus_data = data["dpdk_cpus"] - filtered_data = underscore_to_hyphen(filter_dpdk_cpus_data(dpdk_cpus_data)) + filtered_data = filter_dpdk_cpus_data(dpdk_cpus_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("dpdk", "cpus", data=filtered_data, vdom=vdom) + return fos.set("dpdk", "cpus", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -268,6 +281,7 @@ versioned_schema = { "v_range": [["v7.0.0", "v7.0.12"], ["v7.2.1", "v7.2.2"], ["v7.4.0", ""]], "type": "string", }, + "vnpsp_cpus": {"v_range": [["v7.4.2", ""]], "type": "string"}, "ips_cpus": { "v_range": [["v7.0.0", "v7.0.12"], ["v7.2.1", "v7.2.2"], ["v7.4.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_global.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_global.py index 594142a1c..f91b77c1d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_global.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_dpdk_global.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -128,6 +128,10 @@ options: - 'disable' - 'traffic-log-only' - 'enable' + protects: + description: + - Special arguments for device + type: str sleep_on_idle: description: - Enable/disable sleep-on-idle support for all FDH engines. @@ -158,6 +162,7 @@ EXAMPLES = """ mbufpool_percentage: "25" multiqueue: "disable" per_session_accounting: "disable" + protects: "<your_own_value>" sleep_on_idle: "disable" status: "disable" """ @@ -250,6 +255,7 @@ def filter_dpdk_global_data(json): "mbufpool_percentage", "multiqueue", "per_session_accounting", + "protects", "sleep_on_idle", "status", ] @@ -280,9 +286,10 @@ def underscore_to_hyphen(data): def dpdk_global(data, fos): vdom = data["vdom"] dpdk_global_data = data["dpdk_global"] - filtered_data = underscore_to_hyphen(filter_dpdk_global_data(dpdk_global_data)) + filtered_data = filter_dpdk_global_data(dpdk_global_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("dpdk", "global", data=filtered_data, vdom=vdom) + return fos.set("dpdk", "global", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -353,6 +360,7 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, + "protects": {"v_range": [["v7.4.2", ""]], "type": "string"}, "per_session_accounting": { "v_range": [["v7.0.0", "v7.0.12"], ["v7.2.1", "v7.2.2"], ["v7.4.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_block_allow_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_block_allow_list.py index 7a169c588..c99ddf02e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_block_allow_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_block_allow_list.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -306,12 +306,15 @@ def emailfilter_block_allow_list(data, fos): state = data["state"] emailfilter_block_allow_list_data = data["emailfilter_block_allow_list"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_block_allow_list_data(emailfilter_block_allow_list_data) + filtered_data = filter_emailfilter_block_allow_list_data( + emailfilter_block_allow_list_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("emailfilter", "block-allow-list", data=filtered_data, vdom=vdom) + return fos.set( + "emailfilter", "block-allow-list", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bwl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bwl.py index 7aa111ad8..f400318bd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bwl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bwl.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -307,9 +307,8 @@ def emailfilter_bwl(data, fos, check_mode=False): state = data["state"] emailfilter_bwl_data = data["emailfilter_bwl"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_bwl_data(emailfilter_bwl_data) - ) + filtered_data = filter_emailfilter_bwl_data(emailfilter_bwl_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -373,7 +372,7 @@ def emailfilter_bwl(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("emailfilter", "bwl", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "bwl", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("emailfilter", "bwl", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bword.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bword.py index c1b5c4118..7bf52c535 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bword.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_bword.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -308,9 +308,8 @@ def emailfilter_bword(data, fos, check_mode=False): state = data["state"] emailfilter_bword_data = data["emailfilter_bword"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_bword_data(emailfilter_bword_data) - ) + filtered_data = filter_emailfilter_bword_data(emailfilter_bword_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -374,7 +373,7 @@ def emailfilter_bword(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("emailfilter", "bword", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "bword", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("emailfilter", "bword", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_dnsbl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_dnsbl.py index fdd7c758e..f22e971d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_dnsbl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_dnsbl.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -272,9 +272,8 @@ def emailfilter_dnsbl(data, fos, check_mode=False): state = data["state"] emailfilter_dnsbl_data = data["emailfilter_dnsbl"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_dnsbl_data(emailfilter_dnsbl_data) - ) + filtered_data = filter_emailfilter_dnsbl_data(emailfilter_dnsbl_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -338,7 +337,7 @@ def emailfilter_dnsbl(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("emailfilter", "dnsbl", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "dnsbl", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("emailfilter", "dnsbl", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_fortishield.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_fortishield.py index ab639b3b4..849739524 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_fortishield.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_fortishield.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -218,11 +218,10 @@ def underscore_to_hyphen(data): def emailfilter_fortishield(data, fos): vdom = data["vdom"] emailfilter_fortishield_data = data["emailfilter_fortishield"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_fortishield_data(emailfilter_fortishield_data) - ) + filtered_data = filter_emailfilter_fortishield_data(emailfilter_fortishield_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("emailfilter", "fortishield", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "fortishield", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_iptrust.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_iptrust.py index 9bb676f86..7a1c908cc 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_iptrust.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_iptrust.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -277,9 +277,8 @@ def emailfilter_iptrust(data, fos, check_mode=False): state = data["state"] emailfilter_iptrust_data = data["emailfilter_iptrust"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_iptrust_data(emailfilter_iptrust_data) - ) + filtered_data = filter_emailfilter_iptrust_data(emailfilter_iptrust_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -343,7 +342,7 @@ def emailfilter_iptrust(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("emailfilter", "iptrust", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "iptrust", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("emailfilter", "iptrust", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_mheader.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_mheader.py index de16b5b78..cad6ff0e7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_mheader.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_mheader.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -285,9 +285,8 @@ def emailfilter_mheader(data, fos, check_mode=False): state = data["state"] emailfilter_mheader_data = data["emailfilter_mheader"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_mheader_data(emailfilter_mheader_data) - ) + filtered_data = filter_emailfilter_mheader_data(emailfilter_mheader_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -351,7 +350,7 @@ def emailfilter_mheader(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("emailfilter", "mheader", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "mheader", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("emailfilter", "mheader", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_options.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_options.py index 4379b81c5..91ccb872f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_options.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_options.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -202,11 +202,10 @@ def underscore_to_hyphen(data): def emailfilter_options(data, fos): vdom = data["vdom"] emailfilter_options_data = data["emailfilter_options"] - filtered_data = underscore_to_hyphen( - filter_emailfilter_options_data(emailfilter_options_data) - ) + filtered_data = filter_emailfilter_options_data(emailfilter_options_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("emailfilter", "options", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "options", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_profile.py index 616ab6247..d9772cabb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_emailfilter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -740,9 +740,8 @@ def emailfilter_profile(data, fos, check_mode=False): emailfilter_profile_data = data["emailfilter_profile"] emailfilter_profile_data = flatten_multilists_attributes(emailfilter_profile_data) - filtered_data = underscore_to_hyphen( - filter_emailfilter_profile_data(emailfilter_profile_data) - ) + filtered_data = filter_emailfilter_profile_data(emailfilter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -806,7 +805,7 @@ def emailfilter_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("emailfilter", "profile", data=filtered_data, vdom=vdom) + return fos.set("emailfilter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_client.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_client.py index 1f654b73b..0e5930c87 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_client.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_client.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -252,9 +252,8 @@ def endpoint_control_client(data, fos, check_mode=False): state = data["state"] endpoint_control_client_data = data["endpoint_control_client"] - filtered_data = underscore_to_hyphen( - filter_endpoint_control_client_data(endpoint_control_client_data) - ) + filtered_data = filter_endpoint_control_client_data(endpoint_control_client_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -318,7 +317,7 @@ def endpoint_control_client(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("endpoint-control", "client", data=filtered_data, vdom=vdom) + return fos.set("endpoint-control", "client", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems.py index fb345fec1..3ce0a8236 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -214,6 +214,13 @@ options: choices: - 'enable' - 'disable' + send_tags_to_all_vdoms: + description: + - Relax restrictions on tags to send all EMS tags to all VDOMs + type: str + choices: + - 'enable' + - 'disable' serial_number: description: - EMS Serial Number. @@ -248,13 +255,17 @@ options: choices: - 'enable' - 'disable' + verifying_ca: + description: + - Lowest CA cert on Fortigate in verified EMS cert chain. Source certificate.ca.name vpn.certificate.ca.name. + type: str websocket_override: description: - Enable/disable override behavior for how this FortiGate unit connects to EMS using a WebSocket connection. type: str choices: - - 'disable' - 'enable' + - 'disable' """ EXAMPLES = """ @@ -284,6 +295,7 @@ EXAMPLES = """ pull_sysinfo: "enable" pull_tags: "enable" pull_vulnerabilities: "enable" + send_tags_to_all_vdoms: "enable" serial_number: "<your_own_value>" server: "192.168.100.40" source_ip: "84.230.14.43" @@ -291,7 +303,8 @@ EXAMPLES = """ status_check_interval: "90" tenant_id: "<your_own_value>" trust_ca_cn: "enable" - websocket_override: "disable" + verifying_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" + websocket_override: "enable" """ RETURN = """ @@ -404,6 +417,7 @@ def filter_endpoint_control_fctems_data(json): "pull_sysinfo", "pull_tags", "pull_vulnerabilities", + "send_tags_to_all_vdoms", "serial_number", "server", "source_ip", @@ -411,6 +425,7 @@ def filter_endpoint_control_fctems_data(json): "status_check_interval", "tenant_id", "trust_ca_cn", + "verifying_ca", "websocket_override", ] @@ -475,9 +490,8 @@ def endpoint_control_fctems(data, fos, check_mode=False): endpoint_control_fctems_data = flatten_multilists_attributes( endpoint_control_fctems_data ) - filtered_data = underscore_to_hyphen( - filter_endpoint_control_fctems_data(endpoint_control_fctems_data) - ) + filtered_data = filter_endpoint_control_fctems_data(endpoint_control_fctems_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -541,7 +555,7 @@ def endpoint_control_fctems(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("endpoint-control", "fctems", data=filtered_data, vdom=vdom) + return fos.set("endpoint-control", "fctems", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -657,10 +671,15 @@ versioned_schema = { }, "call_timeout": {"v_range": [["v6.2.0", ""]], "type": "integer"}, "out_of_sync_threshold": {"v_range": [["v7.0.8", ""]], "type": "integer"}, + "send_tags_to_all_vdoms": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "websocket_override": { "v_range": [["v7.0.0", ""]], "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], + "options": [{"value": "enable"}, {"value": "disable"}], }, "preserve_ssl_session": { "v_range": [["v7.0.1", ""]], @@ -681,6 +700,7 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "verifying_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "cloud_server_type": { "v_range": [["v6.4.0", "v7.4.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems_override.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems_override.py index b883fa09e..e5c7c874b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems_override.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_fctems_override.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -202,6 +202,13 @@ options: choices: - 'enable' - 'disable' + send_tags_to_all_vdoms: + description: + - Relax restrictions on tags to send all EMS tags to all VDOMs + type: str + choices: + - 'enable' + - 'disable' serial_number: description: - EMS Serial Number. @@ -232,13 +239,17 @@ options: choices: - 'enable' - 'disable' + verifying_ca: + description: + - Lowest CA cert on Fortigate in verified EMS cert chain. Source certificate.ca.name vpn.certificate.ca.name. + type: str websocket_override: description: - Enable/disable override behavior for how this FortiGate unit connects to EMS using a WebSocket connection. type: str choices: - - 'disable' - 'enable' + - 'disable' """ EXAMPLES = """ @@ -265,13 +276,15 @@ EXAMPLES = """ pull_sysinfo: "enable" pull_tags: "enable" pull_vulnerabilities: "enable" + send_tags_to_all_vdoms: "enable" serial_number: "<your_own_value>" server: "192.168.100.40" source_ip: "84.230.14.43" status: "enable" tenant_id: "<your_own_value>" trust_ca_cn: "enable" - websocket_override: "disable" + verifying_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" + websocket_override: "enable" """ RETURN = """ @@ -372,12 +385,14 @@ def filter_endpoint_control_fctems_override_data(json): "pull_sysinfo", "pull_tags", "pull_vulnerabilities", + "send_tags_to_all_vdoms", "serial_number", "server", "source_ip", "status", "tenant_id", "trust_ca_cn", + "verifying_ca", "websocket_override", ] @@ -442,15 +457,14 @@ def endpoint_control_fctems_override(data, fos): endpoint_control_fctems_override_data = flatten_multilists_attributes( endpoint_control_fctems_override_data ) - filtered_data = underscore_to_hyphen( - filter_endpoint_control_fctems_override_data( - endpoint_control_fctems_override_data - ) + filtered_data = filter_endpoint_control_fctems_override_data( + endpoint_control_fctems_override_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "endpoint-control", "fctems-override", data=filtered_data, vdom=vdom + "endpoint-control", "fctems-override", data=converted_data, vdom=vdom ) elif state == "absent": @@ -564,10 +578,15 @@ versioned_schema = { }, "call_timeout": {"v_range": [["v7.4.0", ""]], "type": "integer"}, "out_of_sync_threshold": {"v_range": [["v7.4.0", ""]], "type": "integer"}, + "send_tags_to_all_vdoms": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "websocket_override": { "v_range": [["v7.4.0", ""]], "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], + "options": [{"value": "enable"}, {"value": "disable"}], }, "preserve_ssl_session": { "v_range": [["v7.4.0", ""]], @@ -585,6 +604,7 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "verifying_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "cloud_server_type": { "v_range": [["v7.4.0", "v7.4.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_ems.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_ems.py index 18971307c..c397b24eb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_ems.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_ems.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -287,11 +287,10 @@ def endpoint_control_forticlient_ems(data, fos, check_mode=False): state = data["state"] endpoint_control_forticlient_ems_data = data["endpoint_control_forticlient_ems"] - filtered_data = underscore_to_hyphen( - filter_endpoint_control_forticlient_ems_data( - endpoint_control_forticlient_ems_data - ) + filtered_data = filter_endpoint_control_forticlient_ems_data( + endpoint_control_forticlient_ems_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -360,7 +359,7 @@ def endpoint_control_forticlient_ems(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "endpoint-control", "forticlient-ems", data=filtered_data, vdom=vdom + "endpoint-control", "forticlient-ems", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_registration_sync.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_registration_sync.py index 3882b9b49..c6bb27e3a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_registration_sync.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_forticlient_registration_sync.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,11 +232,10 @@ def endpoint_control_forticlient_registration_sync(data, fos, check_mode=False): endpoint_control_forticlient_registration_sync_data = data[ "endpoint_control_forticlient_registration_sync" ] - filtered_data = underscore_to_hyphen( - filter_endpoint_control_forticlient_registration_sync_data( - endpoint_control_forticlient_registration_sync_data - ) + filtered_data = filter_endpoint_control_forticlient_registration_sync_data( + endpoint_control_forticlient_registration_sync_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -310,7 +309,7 @@ def endpoint_control_forticlient_registration_sync(data, fos, check_mode=False): return fos.set( "endpoint-control", "forticlient-registration-sync", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_profile.py index efc02ab82..7b357b4f0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -918,9 +918,8 @@ def endpoint_control_profile(data, fos, check_mode=False): state = data["state"] endpoint_control_profile_data = data["endpoint_control_profile"] - filtered_data = underscore_to_hyphen( - filter_endpoint_control_profile_data(endpoint_control_profile_data) - ) + filtered_data = filter_endpoint_control_profile_data(endpoint_control_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -984,7 +983,7 @@ def endpoint_control_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("endpoint-control", "profile", data=filtered_data, vdom=vdom) + return fos.set("endpoint-control", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_registered_forticlient.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_registered_forticlient.py index e265b7bef..9807482bb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_registered_forticlient.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_registered_forticlient.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -257,11 +257,10 @@ def endpoint_control_registered_forticlient(data, fos, check_mode=False): endpoint_control_registered_forticlient_data = data[ "endpoint_control_registered_forticlient" ] - filtered_data = underscore_to_hyphen( - filter_endpoint_control_registered_forticlient_data( - endpoint_control_registered_forticlient_data - ) + filtered_data = filter_endpoint_control_registered_forticlient_data( + endpoint_control_registered_forticlient_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -330,7 +329,7 @@ def endpoint_control_registered_forticlient(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "endpoint-control", "registered-forticlient", data=filtered_data, vdom=vdom + "endpoint-control", "registered-forticlient", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_settings.py index 8c046bf51..eb8553c6a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_endpoint_control_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -315,11 +315,12 @@ def underscore_to_hyphen(data): def endpoint_control_settings(data, fos): vdom = data["vdom"] endpoint_control_settings_data = data["endpoint_control_settings"] - filtered_data = underscore_to_hyphen( - filter_endpoint_control_settings_data(endpoint_control_settings_data) + filtered_data = filter_endpoint_control_settings_data( + endpoint_control_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("endpoint-control", "settings", data=filtered_data, vdom=vdom) + return fos.set("endpoint-control", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_export_config_playbook.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_export_config_playbook.py index 7d17c9199..382ca0f2f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_export_config_playbook.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_export_config_playbook.py @@ -418,6 +418,7 @@ options: - 'vpn.certificate_crl' - 'vpn.certificate_ocsp-server' - 'vpn.certificate_setting' + - 'vpn_qkd' - 'vpn.ssl.web_realm' - 'vpn.ssl.web_host-check-software' - 'vpn.ssl.web_portal' @@ -425,16 +426,16 @@ options: - 'vpn.ssl.web_user-bookmark' - 'vpn.ssl_settings' - 'vpn.ssl_client' - - 'vpn_kmip-server' + - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1' - 'vpn.ipsec_phase2' - 'vpn.ipsec_manualkey' - 'vpn.ipsec_concentrator' - - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1-interface' - 'vpn.ipsec_phase2-interface' - 'vpn.ipsec_manualkey-interface' - 'vpn.ipsec_forticlient' + - 'vpn_kmip-server' - 'vpn_pptp' - 'vpn_l2tp' - 'certificate_ca' @@ -458,6 +459,7 @@ options: - 'ips_global' - 'ips_settings' - 'sctp-filter_profile' + - 'diameter-filter_profile' - 'web-proxy_profile' - 'web-proxy_global' - 'web-proxy_explicit' @@ -481,6 +483,7 @@ options: - 'application_group' - 'dlp_data-type' - 'dlp_dictionary' + - 'dlp_exact-data-match' - 'dlp_sensor' - 'dlp_filepattern' - 'dlp_sensitivity' @@ -488,7 +491,7 @@ options: - 'dlp_profile' - 'dlp_settings' - 'videofilter_youtube-key' - - 'videofilter_youtube-channel-filter' + - 'videofilter_keyword' - 'videofilter_profile' - 'emailfilter_bword' - 'emailfilter_block-allow-list' @@ -557,6 +560,8 @@ options: - 'icap_server' - 'icap_server-group' - 'icap_profile' + - 'user_peer' + - 'user_peergrp' - 'user_certificate' - 'user_radius' - 'user_tacacs+' @@ -566,6 +571,7 @@ options: - 'user_domain-controller' - 'user_pop3' - 'user_saml' + - 'user_external-identity-provider' - 'user_fsso' - 'user_adgrp' - 'user_fsso-polling' @@ -573,8 +579,6 @@ options: - 'user_password-policy' - 'user_local' - 'user_setting' - - 'user_peer' - - 'user_peergrp' - 'user_quarantine' - 'user_group' - 'user_security-exempt-list' @@ -644,22 +648,14 @@ options: - 'system_isf-queue-profile' - 'system_npu' - 'system_np6' + - 'system_gi-gk' - 'system_modem' - 'system.3g-modem_custom' - 'system_lte-modem' - - 'firewall_acl' - - 'firewall_acl6' - - 'monitoring_np6-ipsec-engine' - - 'monitoring_npu-hpe' - - 'switch-controller.ptp_settings' - - 'switch-controller.ptp_policy' - - 'system_physical-switch' - - 'system_virtual-switch' - - 'system_stp' - - 'system_gi-gk' - 'firewall_gtp' - 'firewall_pfcp' - - 'vpn_ocvpn' + - 'firewall_acl' + - 'firewall_acl6' - 'gtp_apn' - 'gtp_apngrp' - 'gtp_message-filter-v0v1' @@ -669,6 +665,17 @@ options: - 'gtp_tunnel-limit' - 'gtp_apn-shaper' - 'pfcp_message-filter' + - 'monitoring_np6-ipsec-engine' + - 'monitoring_npu-hpe' + - 'system_npu-vlink' + - 'system_physical-switch' + - 'system_virtual-switch' + - 'system_stp' + - 'system_smc-ntp' + - 'videofilter_youtube-channel-filter' + - 'switch-controller.ptp_settings' + - 'switch-controller.ptp_policy' + - 'vpn_ocvpn' - 'system.replacemsg_mail' - 'system.replacemsg_http' - 'system.replacemsg_webproxy' @@ -833,7 +840,6 @@ options: - 'firewall_policy6' - 'antivirus_notification' - 'antivirus_mms-checksum' - - 'system_smc-ntp' - 'switch-controller_vlan' - 'switch-controller.security-policy_captive-portal' - 'user_device' @@ -1149,6 +1155,7 @@ options: - 'vpn.certificate_crl' - 'vpn.certificate_ocsp-server' - 'vpn.certificate_setting' + - 'vpn_qkd' - 'vpn.ssl.web_realm' - 'vpn.ssl.web_host-check-software' - 'vpn.ssl.web_portal' @@ -1156,16 +1163,16 @@ options: - 'vpn.ssl.web_user-bookmark' - 'vpn.ssl_settings' - 'vpn.ssl_client' - - 'vpn_kmip-server' + - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1' - 'vpn.ipsec_phase2' - 'vpn.ipsec_manualkey' - 'vpn.ipsec_concentrator' - - 'vpn.ipsec_fec' - 'vpn.ipsec_phase1-interface' - 'vpn.ipsec_phase2-interface' - 'vpn.ipsec_manualkey-interface' - 'vpn.ipsec_forticlient' + - 'vpn_kmip-server' - 'vpn_pptp' - 'vpn_l2tp' - 'certificate_ca' @@ -1189,6 +1196,7 @@ options: - 'ips_global' - 'ips_settings' - 'sctp-filter_profile' + - 'diameter-filter_profile' - 'web-proxy_profile' - 'web-proxy_global' - 'web-proxy_explicit' @@ -1212,6 +1220,7 @@ options: - 'application_group' - 'dlp_data-type' - 'dlp_dictionary' + - 'dlp_exact-data-match' - 'dlp_sensor' - 'dlp_filepattern' - 'dlp_sensitivity' @@ -1219,7 +1228,7 @@ options: - 'dlp_profile' - 'dlp_settings' - 'videofilter_youtube-key' - - 'videofilter_youtube-channel-filter' + - 'videofilter_keyword' - 'videofilter_profile' - 'emailfilter_bword' - 'emailfilter_block-allow-list' @@ -1288,6 +1297,8 @@ options: - 'icap_server' - 'icap_server-group' - 'icap_profile' + - 'user_peer' + - 'user_peergrp' - 'user_certificate' - 'user_radius' - 'user_tacacs+' @@ -1297,6 +1308,7 @@ options: - 'user_domain-controller' - 'user_pop3' - 'user_saml' + - 'user_external-identity-provider' - 'user_fsso' - 'user_adgrp' - 'user_fsso-polling' @@ -1304,8 +1316,6 @@ options: - 'user_password-policy' - 'user_local' - 'user_setting' - - 'user_peer' - - 'user_peergrp' - 'user_quarantine' - 'user_group' - 'user_security-exempt-list' @@ -1375,22 +1385,14 @@ options: - 'system_isf-queue-profile' - 'system_npu' - 'system_np6' + - 'system_gi-gk' - 'system_modem' - 'system.3g-modem_custom' - 'system_lte-modem' - - 'firewall_acl' - - 'firewall_acl6' - - 'monitoring_np6-ipsec-engine' - - 'monitoring_npu-hpe' - - 'switch-controller.ptp_settings' - - 'switch-controller.ptp_policy' - - 'system_physical-switch' - - 'system_virtual-switch' - - 'system_stp' - - 'system_gi-gk' - 'firewall_gtp' - 'firewall_pfcp' - - 'vpn_ocvpn' + - 'firewall_acl' + - 'firewall_acl6' - 'gtp_apn' - 'gtp_apngrp' - 'gtp_message-filter-v0v1' @@ -1400,6 +1402,17 @@ options: - 'gtp_tunnel-limit' - 'gtp_apn-shaper' - 'pfcp_message-filter' + - 'monitoring_np6-ipsec-engine' + - 'monitoring_npu-hpe' + - 'system_npu-vlink' + - 'system_physical-switch' + - 'system_virtual-switch' + - 'system_stp' + - 'system_smc-ntp' + - 'videofilter_youtube-channel-filter' + - 'switch-controller.ptp_settings' + - 'switch-controller.ptp_policy' + - 'vpn_ocvpn' - 'system.replacemsg_mail' - 'system.replacemsg_http' - 'system.replacemsg_webproxy' @@ -1564,7 +1577,6 @@ options: - 'firewall_policy6' - 'antivirus_notification' - 'antivirus_mms-checksum' - - 'system_smc-ntp' - 'switch-controller_vlan' - 'switch-controller.security-policy_captive-portal' - 'user_device' @@ -2818,6 +2830,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "None", "mkey_type": None, }, + "vpn_qkd": { + "mkey": "name", + "mkey_type": str, + }, "vpn.ssl.web_realm": { "mkey": "url_path", "mkey_type": str, @@ -2846,7 +2862,7 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, - "vpn_kmip-server": { + "vpn.ipsec_fec": { "mkey": "name", "mkey_type": str, }, @@ -2866,10 +2882,6 @@ MODULE_MKEY_DEFINITONS = { "mkey": "id", "mkey_type": int, }, - "vpn.ipsec_fec": { - "mkey": "name", - "mkey_type": str, - }, "vpn.ipsec_phase1-interface": { "mkey": "name", "mkey_type": str, @@ -2886,6 +2898,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "realm", "mkey_type": str, }, + "vpn_kmip-server": { + "mkey": "name", + "mkey_type": str, + }, "vpn_pptp": { "mkey": "None", "mkey_type": None, @@ -2978,6 +2994,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "diameter-filter_profile": { + "mkey": "name", + "mkey_type": str, + }, "web-proxy_profile": { "mkey": "name", "mkey_type": str, @@ -3070,6 +3090,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "dlp_exact-data-match": { + "mkey": "name", + "mkey_type": str, + }, "dlp_sensor": { "mkey": "name", "mkey_type": str, @@ -3098,7 +3122,7 @@ MODULE_MKEY_DEFINITONS = { "mkey": "id", "mkey_type": int, }, - "videofilter_youtube-channel-filter": { + "videofilter_keyword": { "mkey": "id", "mkey_type": int, }, @@ -3374,6 +3398,14 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "user_peer": { + "mkey": "name", + "mkey_type": str, + }, + "user_peergrp": { + "mkey": "name", + "mkey_type": str, + }, "user_certificate": { "mkey": "name", "mkey_type": str, @@ -3410,6 +3442,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "user_external-identity-provider": { + "mkey": "name", + "mkey_type": str, + }, "user_fsso": { "mkey": "name", "mkey_type": str, @@ -3438,14 +3474,6 @@ MODULE_MKEY_DEFINITONS = { "mkey": "None", "mkey_type": None, }, - "user_peer": { - "mkey": "name", - "mkey_type": str, - }, - "user_peergrp": { - "mkey": "name", - "mkey_type": str, - }, "user_quarantine": { "mkey": "None", "mkey_type": None, @@ -3722,6 +3750,10 @@ MODULE_MKEY_DEFINITONS = { "mkey": "name", "mkey_type": str, }, + "system_gi-gk": { + "mkey": "None", + "mkey_type": None, + }, "system_modem": { "mkey": "None", "mkey_type": None, @@ -3734,6 +3766,14 @@ MODULE_MKEY_DEFINITONS = { "mkey": "None", "mkey_type": None, }, + "firewall_gtp": { + "mkey": "name", + "mkey_type": str, + }, + "firewall_pfcp": { + "mkey": "name", + "mkey_type": str, + }, "firewall_acl": { "mkey": "policyid", "mkey_type": int, @@ -3742,86 +3782,86 @@ MODULE_MKEY_DEFINITONS = { "mkey": "policyid", "mkey_type": int, }, - "monitoring_np6-ipsec-engine": { - "mkey": "None", - "mkey_type": None, - }, - "monitoring_npu-hpe": { - "mkey": "None", - "mkey_type": None, - }, - "switch-controller.ptp_settings": { - "mkey": "None", - "mkey_type": None, - }, - "switch-controller.ptp_policy": { + "gtp_apn": { "mkey": "name", "mkey_type": str, }, - "system_physical-switch": { + "gtp_apngrp": { "mkey": "name", "mkey_type": str, }, - "system_virtual-switch": { + "gtp_message-filter-v0v1": { "mkey": "name", "mkey_type": str, }, - "system_stp": { - "mkey": "None", - "mkey_type": None, - }, - "system_gi-gk": { - "mkey": "None", - "mkey_type": None, - }, - "firewall_gtp": { + "gtp_message-filter-v2": { "mkey": "name", "mkey_type": str, }, - "firewall_pfcp": { + "gtp_rat-timeout-profile": { "mkey": "name", "mkey_type": str, }, - "vpn_ocvpn": { - "mkey": "None", - "mkey_type": None, - }, - "gtp_apn": { + "gtp_ie-allow-list": { "mkey": "name", "mkey_type": str, }, - "gtp_apngrp": { + "gtp_tunnel-limit": { "mkey": "name", "mkey_type": str, }, - "gtp_message-filter-v0v1": { - "mkey": "name", - "mkey_type": str, + "gtp_apn-shaper": { + "mkey": "id", + "mkey_type": int, }, - "gtp_message-filter-v2": { + "pfcp_message-filter": { "mkey": "name", "mkey_type": str, }, - "gtp_rat-timeout-profile": { + "monitoring_np6-ipsec-engine": { + "mkey": "None", + "mkey_type": None, + }, + "monitoring_npu-hpe": { + "mkey": "None", + "mkey_type": None, + }, + "system_npu-vlink": { "mkey": "name", "mkey_type": str, }, - "gtp_ie-allow-list": { + "system_physical-switch": { "mkey": "name", "mkey_type": str, }, - "gtp_tunnel-limit": { + "system_virtual-switch": { "mkey": "name", "mkey_type": str, }, - "gtp_apn-shaper": { + "system_stp": { + "mkey": "None", + "mkey_type": None, + }, + "system_smc-ntp": { + "mkey": "None", + "mkey_type": None, + }, + "videofilter_youtube-channel-filter": { "mkey": "id", "mkey_type": int, }, - "pfcp_message-filter": { + "switch-controller.ptp_settings": { + "mkey": "None", + "mkey_type": None, + }, + "switch-controller.ptp_policy": { "mkey": "name", "mkey_type": str, }, + "vpn_ocvpn": { + "mkey": "None", + "mkey_type": None, + }, "system.replacemsg_mail": { "mkey": "msg_type", "mkey_type": str, @@ -4478,10 +4518,6 @@ MODULE_MKEY_DEFINITONS = { "mkey": "id", "mkey_type": int, }, - "system_smc-ntp": { - "mkey": "None", - "mkey_type": None, - }, "switch-controller_vlan": { "mkey": "name", "mkey_type": str, @@ -4618,6 +4654,7 @@ SPECIAL_ATTRIBUTE_TABLE = { ["pingserver_monitor_interface"], ["vcluster", "monitor"], ["vcluster", "pingserver_monitor_interface"], + ["ipsec_phase2_proposal"], ["secondary_vcluster", "monitor"], ["secondary_vcluster", "pingserver_monitor_interface"], ], @@ -4914,14 +4951,14 @@ SPECIAL_ATTRIBUTE_TABLE = { ["neighbor", "attribute_unchanged"], ["neighbor", "attribute_unchanged6"], ["neighbor", "attribute_unchanged_vpnv4"], + ["neighbor", "attribute_unchanged_vpnv6"], ["neighbor_group", "attribute_unchanged"], ["neighbor_group", "attribute_unchanged6"], ["neighbor_group", "attribute_unchanged_vpnv4"], + ["neighbor_group", "attribute_unchanged_vpnv6"], ], "router_isis": [["overload_bit_suppress"]], "system_modem": [["authtype1"], ["authtype2"], ["authtype3"]], - "monitoring_np6_ipsec_engine": [["threshold"]], - "monitoring_npu_hpe": [["multipliers"]], "firewall_gtp": [ ["apn", "selection_mode"], ["imsi", "selection_mode"], @@ -4934,6 +4971,8 @@ SPECIAL_ATTRIBUTE_TABLE = { ["policy_v2", "uli"], ["ie_remove_policy", "remove_ies"], ], + "monitoring_np6_ipsec_engine": [["threshold"]], + "monitoring_npu_hpe": [["multipliers"]], "ips_rule": [["location"]], "extender_controller_extender_profile": [ ["allowaccess"], @@ -5025,8 +5064,8 @@ PLAYBOOK_BASIC_CONFIG = [ "gather_facts": "no", "vars": { "vdom": "root", - "ansible_httpapi_use_ssl": "yes", - "ansible_httpapi_validate_certs": "no", + "ansible_httpapi_use_ssl": "true", + "ansible_httpapi_validate_certs": "false", "ansible_httpapi_port": 443, }, } @@ -5468,6 +5507,7 @@ def main(): "vpn.certificate_crl", "vpn.certificate_ocsp-server", "vpn.certificate_setting", + "vpn_qkd", "vpn.ssl.web_realm", "vpn.ssl.web_host-check-software", "vpn.ssl.web_portal", @@ -5475,16 +5515,16 @@ def main(): "vpn.ssl.web_user-bookmark", "vpn.ssl_settings", "vpn.ssl_client", - "vpn_kmip-server", + "vpn.ipsec_fec", "vpn.ipsec_phase1", "vpn.ipsec_phase2", "vpn.ipsec_manualkey", "vpn.ipsec_concentrator", - "vpn.ipsec_fec", "vpn.ipsec_phase1-interface", "vpn.ipsec_phase2-interface", "vpn.ipsec_manualkey-interface", "vpn.ipsec_forticlient", + "vpn_kmip-server", "vpn_pptp", "vpn_l2tp", "certificate_ca", @@ -5508,6 +5548,7 @@ def main(): "ips_global", "ips_settings", "sctp-filter_profile", + "diameter-filter_profile", "web-proxy_profile", "web-proxy_global", "web-proxy_explicit", @@ -5531,6 +5572,7 @@ def main(): "application_group", "dlp_data-type", "dlp_dictionary", + "dlp_exact-data-match", "dlp_sensor", "dlp_filepattern", "dlp_sensitivity", @@ -5538,7 +5580,7 @@ def main(): "dlp_profile", "dlp_settings", "videofilter_youtube-key", - "videofilter_youtube-channel-filter", + "videofilter_keyword", "videofilter_profile", "emailfilter_bword", "emailfilter_block-allow-list", @@ -5607,6 +5649,8 @@ def main(): "icap_server", "icap_server-group", "icap_profile", + "user_peer", + "user_peergrp", "user_certificate", "user_radius", "user_tacacs+", @@ -5616,6 +5660,7 @@ def main(): "user_domain-controller", "user_pop3", "user_saml", + "user_external-identity-provider", "user_fsso", "user_adgrp", "user_fsso-polling", @@ -5623,8 +5668,6 @@ def main(): "user_password-policy", "user_local", "user_setting", - "user_peer", - "user_peergrp", "user_quarantine", "user_group", "user_security-exempt-list", @@ -5694,22 +5737,14 @@ def main(): "system_isf-queue-profile", "system_npu", "system_np6", + "system_gi-gk", "system_modem", "system.3g-modem_custom", "system_lte-modem", - "firewall_acl", - "firewall_acl6", - "monitoring_np6-ipsec-engine", - "monitoring_npu-hpe", - "switch-controller.ptp_settings", - "switch-controller.ptp_policy", - "system_physical-switch", - "system_virtual-switch", - "system_stp", - "system_gi-gk", "firewall_gtp", "firewall_pfcp", - "vpn_ocvpn", + "firewall_acl", + "firewall_acl6", "gtp_apn", "gtp_apngrp", "gtp_message-filter-v0v1", @@ -5719,6 +5754,17 @@ def main(): "gtp_tunnel-limit", "gtp_apn-shaper", "pfcp_message-filter", + "monitoring_np6-ipsec-engine", + "monitoring_npu-hpe", + "system_npu-vlink", + "system_physical-switch", + "system_virtual-switch", + "system_stp", + "system_smc-ntp", + "videofilter_youtube-channel-filter", + "switch-controller.ptp_settings", + "switch-controller.ptp_policy", + "vpn_ocvpn", "system.replacemsg_mail", "system.replacemsg_http", "system.replacemsg_webproxy", @@ -5883,7 +5929,6 @@ def main(): "firewall_policy6", "antivirus_notification", "antivirus_mms-checksum", - "system_smc-ntp", "switch-controller_vlan", "switch-controller.security-policy_captive-portal", "user_device", @@ -6207,6 +6252,7 @@ def main(): "vpn.certificate_crl", "vpn.certificate_ocsp-server", "vpn.certificate_setting", + "vpn_qkd", "vpn.ssl.web_realm", "vpn.ssl.web_host-check-software", "vpn.ssl.web_portal", @@ -6214,16 +6260,16 @@ def main(): "vpn.ssl.web_user-bookmark", "vpn.ssl_settings", "vpn.ssl_client", - "vpn_kmip-server", + "vpn.ipsec_fec", "vpn.ipsec_phase1", "vpn.ipsec_phase2", "vpn.ipsec_manualkey", "vpn.ipsec_concentrator", - "vpn.ipsec_fec", "vpn.ipsec_phase1-interface", "vpn.ipsec_phase2-interface", "vpn.ipsec_manualkey-interface", "vpn.ipsec_forticlient", + "vpn_kmip-server", "vpn_pptp", "vpn_l2tp", "certificate_ca", @@ -6247,6 +6293,7 @@ def main(): "ips_global", "ips_settings", "sctp-filter_profile", + "diameter-filter_profile", "web-proxy_profile", "web-proxy_global", "web-proxy_explicit", @@ -6270,6 +6317,7 @@ def main(): "application_group", "dlp_data-type", "dlp_dictionary", + "dlp_exact-data-match", "dlp_sensor", "dlp_filepattern", "dlp_sensitivity", @@ -6277,7 +6325,7 @@ def main(): "dlp_profile", "dlp_settings", "videofilter_youtube-key", - "videofilter_youtube-channel-filter", + "videofilter_keyword", "videofilter_profile", "emailfilter_bword", "emailfilter_block-allow-list", @@ -6346,6 +6394,8 @@ def main(): "icap_server", "icap_server-group", "icap_profile", + "user_peer", + "user_peergrp", "user_certificate", "user_radius", "user_tacacs+", @@ -6355,6 +6405,7 @@ def main(): "user_domain-controller", "user_pop3", "user_saml", + "user_external-identity-provider", "user_fsso", "user_adgrp", "user_fsso-polling", @@ -6362,8 +6413,6 @@ def main(): "user_password-policy", "user_local", "user_setting", - "user_peer", - "user_peergrp", "user_quarantine", "user_group", "user_security-exempt-list", @@ -6433,22 +6482,14 @@ def main(): "system_isf-queue-profile", "system_npu", "system_np6", + "system_gi-gk", "system_modem", "system.3g-modem_custom", "system_lte-modem", - "firewall_acl", - "firewall_acl6", - "monitoring_np6-ipsec-engine", - "monitoring_npu-hpe", - "switch-controller.ptp_settings", - "switch-controller.ptp_policy", - "system_physical-switch", - "system_virtual-switch", - "system_stp", - "system_gi-gk", "firewall_gtp", "firewall_pfcp", - "vpn_ocvpn", + "firewall_acl", + "firewall_acl6", "gtp_apn", "gtp_apngrp", "gtp_message-filter-v0v1", @@ -6458,6 +6499,17 @@ def main(): "gtp_tunnel-limit", "gtp_apn-shaper", "pfcp_message-filter", + "monitoring_np6-ipsec-engine", + "monitoring_npu-hpe", + "system_npu-vlink", + "system_physical-switch", + "system_virtual-switch", + "system_stp", + "system_smc-ntp", + "videofilter_youtube-channel-filter", + "switch-controller.ptp_settings", + "switch-controller.ptp_policy", + "vpn_ocvpn", "system.replacemsg_mail", "system.replacemsg_http", "system.replacemsg_webproxy", @@ -6622,7 +6674,6 @@ def main(): "firewall_policy6", "antivirus_notification", "antivirus_mms-checksum", - "system_smc-ntp", "switch-controller_vlan", "switch-controller.security-policy_captive-portal", "user_device", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_dataplan.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_dataplan.py index 3157f52e2..7013edfde 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_dataplan.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_dataplan.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -377,9 +377,10 @@ def extender_controller_dataplan(data, fos, check_mode=False): state = data["state"] extender_controller_dataplan_data = data["extender_controller_dataplan"] - filtered_data = underscore_to_hyphen( - filter_extender_controller_dataplan_data(extender_controller_dataplan_data) + filtered_data = filter_extender_controller_dataplan_data( + extender_controller_dataplan_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -443,7 +444,9 @@ def extender_controller_dataplan(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("extender-controller", "dataplan", data=filtered_data, vdom=vdom) + return fos.set( + "extender-controller", "dataplan", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender.py index a21850cec..02aa319c5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -955,9 +955,10 @@ def extender_controller_extender(data, fos, check_mode=False): extender_controller_extender_data = flatten_multilists_attributes( extender_controller_extender_data ) - filtered_data = underscore_to_hyphen( - filter_extender_controller_extender_data(extender_controller_extender_data) + filtered_data = filter_extender_controller_extender_data( + extender_controller_extender_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1021,7 +1022,9 @@ def extender_controller_extender(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("extender-controller", "extender", data=filtered_data, vdom=vdom) + return fos.set( + "extender-controller", "extender", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender_profile.py index 66909bce9..598e163a8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_controller_extender_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -819,15 +819,14 @@ def extender_controller_extender_profile(data, fos): extender_controller_extender_profile_data = flatten_multilists_attributes( extender_controller_extender_profile_data ) - filtered_data = underscore_to_hyphen( - filter_extender_controller_extender_profile_data( - extender_controller_extender_profile_data - ) + filtered_data = filter_extender_controller_extender_profile_data( + extender_controller_extender_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "extender-controller", "extender-profile", data=filtered_data, vdom=vdom + "extender-controller", "extender-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_extender_info.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_extender_info.py index 8da3dfa1f..bd3d344fa 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_extender_info.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_extender_info.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<sn>": "sn"} + speciallist = {"<sn>": "sn"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def extender_extender_info(data, fos, check_mode=False): vdom = data["vdom"] extender_extender_info_data = data["extender_extender_info"] - filtered_data = underscore_to_hyphen( - filter_extender_extender_info_data(extender_extender_info_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_extender_extender_info_data(extender_extender_info_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("extender", "extender-info", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_by_mcc_mnc.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_by_mcc_mnc.py index 1e8c76755..6f845a126 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_by_mcc_mnc.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_by_mcc_mnc.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<sn>": "sn"} + speciallist = {"<sn>": "sn"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,12 +228,10 @@ def valid_attr_to_invalid_attrs(data): def extender_lte_carrier_by_mcc_mnc(data, fos): vdom = data["vdom"] extender_lte_carrier_by_mcc_mnc_data = data["extender_lte_carrier_by_mcc_mnc"] - filtered_data = underscore_to_hyphen( - filter_extender_lte_carrier_by_mcc_mnc_data( - extender_lte_carrier_by_mcc_mnc_data - ) + filtered_data = filter_extender_lte_carrier_by_mcc_mnc_data( + extender_lte_carrier_by_mcc_mnc_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("extender", "lte-carrier-by-mcc-mnc", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_list.py index e147cad46..49f94e1b8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_lte_carrier_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<sn>": "sn"} + speciallist = {"<sn>": "sn"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,10 @@ def valid_attr_to_invalid_attrs(data): def extender_lte_carrier_list(data, fos): vdom = data["vdom"] extender_lte_carrier_list_data = data["extender_lte_carrier_list"] - filtered_data = underscore_to_hyphen( - filter_extender_lte_carrier_list_data(extender_lte_carrier_list_data) + filtered_data = filter_extender_lte_carrier_list_data( + extender_lte_carrier_list_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("extender", "lte-carrier-list", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_modem_status.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_modem_status.py index a1cf6646b..442310ead 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_modem_status.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_modem_status.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<sn>": "sn", "[1|2]": "set_1_2"} + speciallist = {"<sn>": "sn", "[1|2]": "set_1_2"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def extender_modem_status(data, fos): vdom = data["vdom"] extender_modem_status_data = data["extender_modem_status"] - filtered_data = underscore_to_hyphen( - filter_extender_modem_status_data(extender_modem_status_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_extender_modem_status_data(extender_modem_status_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("extender", "modem-status", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_sys_info.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_sys_info.py index a9a4b3d71..5bfc9e9d5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_sys_info.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extender_sys_info.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<sn>": "sn"} + speciallist = {"<sn>": "sn"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def extender_sys_info(data, fos, check_mode=False): vdom = data["vdom"] extender_sys_info_data = data["extender_sys_info"] - filtered_data = underscore_to_hyphen( - filter_extender_sys_info_data(extender_sys_info_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_extender_sys_info_data(extender_sys_info_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("extender", "sys-info", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_dataplan.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_dataplan.py index ec0e256d8..856f3cbec 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_dataplan.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_dataplan.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -352,13 +352,14 @@ def extension_controller_dataplan(data, fos): state = data["state"] extension_controller_dataplan_data = data["extension_controller_dataplan"] - filtered_data = underscore_to_hyphen( - filter_extension_controller_dataplan_data(extension_controller_dataplan_data) + filtered_data = filter_extension_controller_dataplan_data( + extension_controller_dataplan_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "extension-controller", "dataplan", data=filtered_data, vdom=vdom + "extension-controller", "dataplan", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender.py index 896e7475d..6ea232463 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -397,13 +397,14 @@ def extension_controller_extender(data, fos): extension_controller_extender_data = flatten_multilists_attributes( extension_controller_extender_data ) - filtered_data = underscore_to_hyphen( - filter_extension_controller_extender_data(extension_controller_extender_data) + filtered_data = filter_extension_controller_extender_data( + extension_controller_extender_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "extension-controller", "extender", data=filtered_data, vdom=vdom + "extension-controller", "extender", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender_profile.py index b985cd29b..83c1659d5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_extender_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -807,15 +807,14 @@ def extension_controller_extender_profile(data, fos): extension_controller_extender_profile_data = flatten_multilists_attributes( extension_controller_extender_profile_data ) - filtered_data = underscore_to_hyphen( - filter_extension_controller_extender_profile_data( - extension_controller_extender_profile_data - ) + filtered_data = filter_extension_controller_extender_profile_data( + extension_controller_extender_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "extension-controller", "extender-profile", data=filtered_data, vdom=vdom + "extension-controller", "extender-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate.py index 8fe5a4f6c..8afbef6d7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -258,13 +258,14 @@ def extension_controller_fortigate(data, fos): state = data["state"] extension_controller_fortigate_data = data["extension_controller_fortigate"] - filtered_data = underscore_to_hyphen( - filter_extension_controller_fortigate_data(extension_controller_fortigate_data) + filtered_data = filter_extension_controller_fortigate_data( + extension_controller_fortigate_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "extension-controller", "fortigate", data=filtered_data, vdom=vdom + "extension-controller", "fortigate", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate_profile.py index 68867a07c..ac4701320 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_extension_controller_fortigate_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -244,15 +244,14 @@ def extension_controller_fortigate_profile(data, fos): extension_controller_fortigate_profile_data = data[ "extension_controller_fortigate_profile" ] - filtered_data = underscore_to_hyphen( - filter_extension_controller_fortigate_profile_data( - extension_controller_fortigate_profile_data - ) + filtered_data = filter_extension_controller_fortigate_profile_data( + extension_controller_fortigate_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "extension-controller", "fortigate-profile", data=filtered_data, vdom=vdom + "extension-controller", "fortigate-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_file_filter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_file_filter_profile.py index accdb5951..282be0ad6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_file_filter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_file_filter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -141,7 +141,7 @@ options: type: str direction: description: - - Traffic direction (HTTP, FTP, SSH, CIFS only). + - Traffic direction (HTTP, FTP, SSH, CIFS, and MAPI only). type: str choices: - 'incoming' @@ -379,9 +379,8 @@ def file_filter_profile(data, fos, check_mode=False): file_filter_profile_data = data["file_filter_profile"] file_filter_profile_data = flatten_multilists_attributes(file_filter_profile_data) - filtered_data = underscore_to_hyphen( - filter_file_filter_profile_data(file_filter_profile_data) - ) + filtered_data = filter_file_filter_profile_data(file_filter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -445,7 +444,7 @@ def file_filter_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("file-filter", "profile", data=filtered_data, vdom=vdom) + return fos.set("file-filter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy.py index 557851a75..568387937 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1550,12 +1550,11 @@ def firewall_access_proxy(data, fos): firewall_access_proxy_data = flatten_multilists_attributes( firewall_access_proxy_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_access_proxy_data(firewall_access_proxy_data) - ) + filtered_data = filter_firewall_access_proxy_data(firewall_access_proxy_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("firewall", "access-proxy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "access-proxy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy6.py index ac57f145e..a8724766f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1390,12 +1390,11 @@ def firewall_access_proxy6(data, fos): firewall_access_proxy6_data = flatten_multilists_attributes( firewall_access_proxy6_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_access_proxy6_data(firewall_access_proxy6_data) - ) + filtered_data = filter_firewall_access_proxy6_data(firewall_access_proxy6_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("firewall", "access-proxy6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "access-proxy6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_ssh_client_cert.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_ssh_client_cert.py index 0d2a3e4d2..7e1378f56 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_ssh_client_cert.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_ssh_client_cert.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -317,15 +317,14 @@ def firewall_access_proxy_ssh_client_cert(data, fos): firewall_access_proxy_ssh_client_cert_data = data[ "firewall_access_proxy_ssh_client_cert" ] - filtered_data = underscore_to_hyphen( - filter_firewall_access_proxy_ssh_client_cert_data( - firewall_access_proxy_ssh_client_cert_data - ) + filtered_data = filter_firewall_access_proxy_ssh_client_cert_data( + firewall_access_proxy_ssh_client_cert_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "firewall", "access-proxy-ssh-client-cert", data=filtered_data, vdom=vdom + "firewall", "access-proxy-ssh-client-cert", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_virtual_host.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_virtual_host.py index f9e0ca5d9..f934ad52a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_virtual_host.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_access_proxy_virtual_host.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,17 @@ options: description: - SSL certificate for this host. Source vpn.certificate.local.name. type: str + ssl_certificate_dict: + description: + - SSL certificates for this host. Use the parameter ssl_certificate if the fortiOS firmware version <= 7.4.1 + type: list + elements: dict + suboptions: + name: + description: + - Certificate list. Source vpn.certificate.local.name. + required: true + type: str """ EXAMPLES = """ @@ -126,6 +137,9 @@ EXAMPLES = """ name: "default_name_5" replacemsg_group: "<your_own_value> (source system.replacemsg-group.name)" ssl_certificate: "<your_own_value> (source vpn.certificate.local.name)" + ssl_certificate_dict: + - + name: "default_name_9 (source vpn.certificate.local.name)" """ RETURN = """ @@ -208,7 +222,14 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post def filter_firewall_access_proxy_virtual_host_data(json): - option_list = ["host", "host_type", "name", "replacemsg_group", "ssl_certificate"] + option_list = [ + "host", + "host_type", + "name", + "replacemsg_group", + "ssl_certificate", + "ssl_certificate_dict", + ] json = remove_invalid_fields(json) dictionary = {} @@ -233,21 +254,45 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"ssl-certificate-dict": "ssl-certificate"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def firewall_access_proxy_virtual_host(data, fos): vdom = data["vdom"] state = data["state"] firewall_access_proxy_virtual_host_data = data["firewall_access_proxy_virtual_host"] - filtered_data = underscore_to_hyphen( - filter_firewall_access_proxy_virtual_host_data( - firewall_access_proxy_virtual_host_data - ) + filtered_data = filter_firewall_access_proxy_virtual_host_data( + firewall_access_proxy_virtual_host_data ) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) if state == "present" or state is True: return fos.set( - "firewall", "access-proxy-virtual-host", data=filtered_data, vdom=vdom + "firewall", "access-proxy-virtual-host", data=converted_data, vdom=vdom ) elif state == "absent": @@ -296,7 +341,18 @@ versioned_schema = { "elements": "dict", "children": { "name": {"v_range": [["v7.0.0", ""]], "type": "string", "required": True}, - "ssl_certificate": {"v_range": [["v7.0.0", ""]], "type": "string"}, + "ssl_certificate_dict": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "host": {"v_range": [["v7.0.0", ""]], "type": "string"}, "host_type": { "v_range": [["v7.0.0", ""]], @@ -307,6 +363,7 @@ versioned_schema = { "v_range": [["v7.0.8", "v7.0.12"], ["v7.2.1", ""]], "type": "string", }, + "ssl_certificate": {"v_range": [["v7.0.0", "v7.4.1"]], "type": "string"}, }, "v_range": [["v7.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl.py index e412e5346..1e5a3c0d1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -310,7 +310,8 @@ def firewall_acl(data, fos, check_mode=False): state = data["state"] firewall_acl_data = data["firewall_acl"] - filtered_data = underscore_to_hyphen(filter_firewall_acl_data(firewall_acl_data)) + filtered_data = filter_firewall_acl_data(firewall_acl_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -374,7 +375,7 @@ def firewall_acl(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "acl", data=filtered_data, vdom=vdom) + return fos.set("firewall", "acl", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "acl", mkey=filtered_data["policyid"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl6.py index e9db22779..a1668ce56 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_acl6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -310,7 +310,8 @@ def firewall_acl6(data, fos, check_mode=False): state = data["state"] firewall_acl6_data = data["firewall_acl6"] - filtered_data = underscore_to_hyphen(filter_firewall_acl6_data(firewall_acl6_data)) + filtered_data = filter_firewall_acl6_data(firewall_acl6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -374,7 +375,7 @@ def firewall_acl6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "acl6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "acl6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "acl6", mkey=filtered_data["policyid"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py index b3aa18cce..524f370d9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -253,15 +253,6 @@ options: description: - SDN. Source system.sdn-connector.name. type: str - choices: - - 'aci' - - 'aws' - - 'azure' - - 'gcp' - - 'nsx' - - 'nuage' - - 'oci' - - 'openstack' sdn_addr_type: description: - Type of addresses to collect. @@ -425,7 +416,7 @@ EXAMPLES = """ os: "<your_own_value>" policy_group: "<your_own_value>" route_tag: "0" - sdn: "aci" + sdn: "<your_own_value> (source system.sdn-connector.name)" sdn_addr_type: "private" sdn_tag: "<your_own_value>" start_ip: "<your_own_value>" @@ -618,9 +609,8 @@ def firewall_address(data, fos, check_mode=False): state = data["state"] firewall_address_data = data["firewall_address"] - filtered_data = underscore_to_hyphen( - filter_firewall_address_data(firewall_address_data) - ) + filtered_data = filter_firewall_address_data(firewall_address_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -684,7 +674,7 @@ def firewall_address(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "address", data=filtered_data, vdom=vdom) + return fos.set("firewall", "address", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "address", mkey=filtered_data["name"], vdom=vdom) @@ -791,20 +781,7 @@ versioned_schema = { "wildcard_fqdn": {"v_range": [["v6.0.0", ""]], "type": "string"}, "cache_ttl": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "wildcard": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "sdn": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [ - {"value": "aci", "v_range": [["v6.0.0", "v6.0.11"]]}, - {"value": "aws", "v_range": [["v6.0.0", "v6.0.11"]]}, - {"value": "azure", "v_range": [["v6.0.0", "v6.0.11"]]}, - {"value": "gcp", "v_range": [["v6.0.0", "v6.0.11"]]}, - {"value": "nsx", "v_range": [["v6.0.0", "v6.0.11"]]}, - {"value": "nuage", "v_range": [["v6.0.0", "v6.0.11"]]}, - {"value": "oci", "v_range": [["v6.0.0", "v6.0.11"]]}, - {"value": "openstack", "v_range": [["v6.0.0", "v6.0.11"]]}, - ], - }, + "sdn": {"v_range": [["v6.0.0", ""]], "type": "string"}, "fsso_group": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6.py index 64dd69015..2bdd058b0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -487,9 +487,8 @@ def firewall_address6(data, fos, check_mode=False): state = data["state"] firewall_address6_data = data["firewall_address6"] - filtered_data = underscore_to_hyphen( - filter_firewall_address6_data(firewall_address6_data) - ) + filtered_data = filter_firewall_address6_data(firewall_address6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -553,7 +552,7 @@ def firewall_address6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "address6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "address6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "address6", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6_template.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6_template.py index 3aabafe75..13d09f471 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6_template.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_address6_template.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -300,9 +300,10 @@ def firewall_address6_template(data, fos, check_mode=False): state = data["state"] firewall_address6_template_data = data["firewall_address6_template"] - filtered_data = underscore_to_hyphen( - filter_firewall_address6_template_data(firewall_address6_template_data) + filtered_data = filter_firewall_address6_template_data( + firewall_address6_template_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -366,7 +367,7 @@ def firewall_address6_template(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "address6-template", data=filtered_data, vdom=vdom) + return fos.set("firewall", "address6-template", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp.py index d9e26bd82..bf22f839e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -364,9 +364,8 @@ def firewall_addrgrp(data, fos, check_mode=False): state = data["state"] firewall_addrgrp_data = data["firewall_addrgrp"] - filtered_data = underscore_to_hyphen( - filter_firewall_addrgrp_data(firewall_addrgrp_data) - ) + filtered_data = filter_firewall_addrgrp_data(firewall_addrgrp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -430,7 +429,7 @@ def firewall_addrgrp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "addrgrp", data=filtered_data, vdom=vdom) + return fos.set("firewall", "addrgrp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "addrgrp", mkey=filtered_data["name"], vdom=vdom) @@ -487,6 +486,11 @@ versioned_schema = { ], }, "uuid": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "allow_routing": { + "v_range": [["v6.0.0", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "member": { "type": "list", "elements": "dict", @@ -543,11 +547,6 @@ versioned_schema = { }, "v_range": [["v6.0.0", ""]], }, - "allow_routing": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, "fabric_object": { "v_range": [["v6.4.4", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp6.py index 55f61decf..0ce118313 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_addrgrp6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -336,9 +336,8 @@ def firewall_addrgrp6(data, fos, check_mode=False): state = data["state"] firewall_addrgrp6_data = data["firewall_addrgrp6"] - filtered_data = underscore_to_hyphen( - filter_firewall_addrgrp6_data(firewall_addrgrp6_data) - ) + filtered_data = filter_firewall_addrgrp6_data(firewall_addrgrp6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -402,7 +401,7 @@ def firewall_addrgrp6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "addrgrp6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "addrgrp6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "addrgrp6", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_auth_portal.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_auth_portal.py index f21b36905..ba9f277d2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_auth_portal.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_auth_portal.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -240,11 +240,10 @@ def underscore_to_hyphen(data): def firewall_auth_portal(data, fos): vdom = data["vdom"] firewall_auth_portal_data = data["firewall_auth_portal"] - filtered_data = underscore_to_hyphen( - filter_firewall_auth_portal_data(firewall_auth_portal_data) - ) + filtered_data = filter_firewall_auth_portal_data(firewall_auth_portal_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("firewall", "auth-portal", data=filtered_data, vdom=vdom) + return fos.set("firewall", "auth-portal", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_carrier_endpoint_bwl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_carrier_endpoint_bwl.py index 138c34467..689a2f8ea 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_carrier_endpoint_bwl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_carrier_endpoint_bwl.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -319,9 +319,10 @@ def firewall_carrier_endpoint_bwl(data, fos, check_mode=False): firewall_carrier_endpoint_bwl_data = flatten_multilists_attributes( firewall_carrier_endpoint_bwl_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_carrier_endpoint_bwl_data(firewall_carrier_endpoint_bwl_data) + filtered_data = filter_firewall_carrier_endpoint_bwl_data( + firewall_carrier_endpoint_bwl_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -388,7 +389,7 @@ def firewall_carrier_endpoint_bwl(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "carrier-endpoint-bwl", data=filtered_data, vdom=vdom + "firewall", "carrier-endpoint-bwl", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_central_snat_map.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_central_snat_map.py index 26bc1fbd2..57ed19cd5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_central_snat_map.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_central_snat_map.py @@ -42,7 +42,7 @@ notes: - Only one of [after, before] must be specified when action is moving an object. requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -450,9 +450,10 @@ def firewall_central_snat_map(data, fos, check_mode=False): state = data["state"] firewall_central_snat_map_data = data["firewall_central_snat_map"] - filtered_data = underscore_to_hyphen( - filter_firewall_central_snat_map_data(firewall_central_snat_map_data) + filtered_data = filter_firewall_central_snat_map_data( + firewall_central_snat_map_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -516,7 +517,7 @@ def firewall_central_snat_map(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "central-snat-map", data=filtered_data, vdom=vdom) + return fos.set("firewall", "central-snat-map", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_city.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_city.py index 833cbe296..479db74cd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_city.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_city.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,7 +232,8 @@ def firewall_city(data, fos, check_mode=False): state = data["state"] firewall_city_data = data["firewall_city"] - filtered_data = underscore_to_hyphen(filter_firewall_city_data(firewall_city_data)) + filtered_data = filter_firewall_city_data(firewall_city_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -296,7 +297,7 @@ def firewall_city(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "city", data=filtered_data, vdom=vdom) + return fos.set("firewall", "city", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "city", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_consolidated_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_consolidated_policy.py index 837cea7da..0f7a38c3b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_consolidated_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_consolidated_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1011,9 +1011,10 @@ def firewall_consolidated_policy(data, fos, check_mode=False): state = data["state"] firewall_consolidated_policy_data = data["firewall_consolidated_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_consolidated_policy_data(firewall_consolidated_policy_data) + filtered_data = filter_firewall_consolidated_policy_data( + firewall_consolidated_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1077,7 +1078,9 @@ def firewall_consolidated_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.consolidated", "policy", data=filtered_data, vdom=vdom) + return fos.set( + "firewall.consolidated", "policy", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_country.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_country.py index a0c2c9870..39d08dac2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_country.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_country.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,9 +246,8 @@ def firewall_country(data, fos, check_mode=False): state = data["state"] firewall_country_data = data["firewall_country"] - filtered_data = underscore_to_hyphen( - filter_firewall_country_data(firewall_country_data) - ) + filtered_data = filter_firewall_country_data(firewall_country_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -312,7 +311,7 @@ def firewall_country(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "country", data=filtered_data, vdom=vdom) + return fos.set("firewall", "country", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "country", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_decrypted_traffic_mirror.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_decrypted_traffic_mirror.py index 7ab8e3199..dd6971daa 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_decrypted_traffic_mirror.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_decrypted_traffic_mirror.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -294,11 +294,10 @@ def firewall_decrypted_traffic_mirror(data, fos, check_mode=False): firewall_decrypted_traffic_mirror_data = flatten_multilists_attributes( firewall_decrypted_traffic_mirror_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_decrypted_traffic_mirror_data( - firewall_decrypted_traffic_mirror_data - ) + filtered_data = filter_firewall_decrypted_traffic_mirror_data( + firewall_decrypted_traffic_mirror_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -367,7 +366,7 @@ def firewall_decrypted_traffic_mirror(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "decrypted-traffic-mirror", data=filtered_data, vdom=vdom + "firewall", "decrypted-traffic-mirror", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dnstranslation.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dnstranslation.py index 1503328b4..14574dc10 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dnstranslation.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dnstranslation.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -244,9 +244,8 @@ def firewall_dnstranslation(data, fos, check_mode=False): state = data["state"] firewall_dnstranslation_data = data["firewall_dnstranslation"] - filtered_data = underscore_to_hyphen( - filter_firewall_dnstranslation_data(firewall_dnstranslation_data) - ) + filtered_data = filter_firewall_dnstranslation_data(firewall_dnstranslation_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -310,7 +309,7 @@ def firewall_dnstranslation(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "dnstranslation", data=filtered_data, vdom=vdom) + return fos.set("firewall", "dnstranslation", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy.py index b350bf947..0890e912e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -141,6 +141,92 @@ options: choices: - 'disable' - 'enable' + synproxy_tcp_mss: + description: + - Determine TCP maximum segment size (MSS) value for packets replied by syn proxy module. + type: str + choices: + - '0' + - '256' + - '512' + - '1024' + - '1300' + - '1360' + - '1460' + - '1500' + synproxy_tcp_sack: + description: + - enable/disable TCP selective acknowledage (SACK) for packets replied by syn proxy module. + type: str + choices: + - 'enable' + - 'disable' + synproxy_tcp_timestamp: + description: + - enable/disable TCP timestamp option for packets replied by syn proxy module. + type: str + choices: + - 'enable' + - 'disable' + synproxy_tcp_window: + description: + - Determine TCP Window size for packets replied by syn proxy module. + type: str + choices: + - '4096' + - '8192' + - '16384' + - '32768' + synproxy_tcp_windowscale: + description: + - Determine TCP window scale option value for packets replied by syn proxy module. + type: str + choices: + - '0' + - '1' + - '2' + - '3' + - '4' + - '5' + - '6' + - '7' + - '8' + - '9' + - '10' + - '11' + - '12' + - '13' + - '14' + synproxy_tos: + description: + - Determine TCP differentiated services code point value (type of service). + type: str + choices: + - '0' + - '10' + - '12' + - '14' + - '18' + - '20' + - '22' + - '26' + - '28' + - '30' + - '34' + - '36' + - '38' + - '40' + - '46' + - '255' + synproxy_ttl: + description: + - Determine Time to live (TTL) value for packets replied by syn proxy module. + type: str + choices: + - '32' + - '64' + - '128' + - '255' threshold: description: - Anomaly threshold. Number of detected instances (packets per second or concurrent session number) that triggers the anomaly @@ -226,21 +312,28 @@ EXAMPLES = """ quarantine_expiry: "<your_own_value>" quarantine_log: "disable" status: "disable" + synproxy_tcp_mss: "0" + synproxy_tcp_sack: "enable" + synproxy_tcp_timestamp: "enable" + synproxy_tcp_window: "4096" + synproxy_tcp_windowscale: "0" + synproxy_tos: "0" + synproxy_ttl: "32" threshold: "0" threshold_default: "0" comments: "<your_own_value>" dstaddr: - - name: "default_name_15 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_22 (source firewall.address.name firewall.addrgrp.name)" interface: "<your_own_value> (source system.zone.name system.interface.name)" - name: "default_name_17" + name: "default_name_24" policyid: "<you_own_value>" service: - - name: "default_name_20 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_27 (source firewall.service.custom.name firewall.service.group.name)" srcaddr: - - name: "default_name_22 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_29 (source firewall.address.name firewall.addrgrp.name)" status: "enable" """ @@ -369,9 +462,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"threshold(default)": "threshold_default"} + speciallist = {"threshold(default)": "threshold_default"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -380,8 +473,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -397,10 +493,8 @@ def firewall_dos_policy(data, fos, check_mode=False): state = data["state"] firewall_dos_policy_data = data["firewall_dos_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_dos_policy_data(firewall_dos_policy_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_firewall_dos_policy_data(firewall_dos_policy_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: @@ -592,6 +686,93 @@ versioned_schema = { "options": [{"value": "disable"}, {"value": "enable"}], }, "threshold": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "synproxy_ttl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "32"}, + {"value": "64"}, + {"value": "128"}, + {"value": "255"}, + ], + }, + "synproxy_tos": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "10"}, + {"value": "12"}, + {"value": "14"}, + {"value": "18"}, + {"value": "20"}, + {"value": "22"}, + {"value": "26"}, + {"value": "28"}, + {"value": "30"}, + {"value": "34"}, + {"value": "36"}, + {"value": "38"}, + {"value": "40"}, + {"value": "46"}, + {"value": "255"}, + ], + }, + "synproxy_tcp_mss": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "256"}, + {"value": "512"}, + {"value": "1024"}, + {"value": "1300"}, + {"value": "1360"}, + {"value": "1460"}, + {"value": "1500"}, + ], + }, + "synproxy_tcp_sack": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "synproxy_tcp_timestamp": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "synproxy_tcp_window": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "4096"}, + {"value": "8192"}, + {"value": "16384"}, + {"value": "32768"}, + ], + }, + "synproxy_tcp_windowscale": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "1"}, + {"value": "2"}, + {"value": "3"}, + {"value": "4"}, + {"value": "5"}, + {"value": "6"}, + {"value": "7"}, + {"value": "8"}, + {"value": "9"}, + {"value": "10"}, + {"value": "11"}, + {"value": "12"}, + {"value": "13"}, + {"value": "14"}, + ], + }, "threshold_default": { "v_range": [["v6.0.0", "v7.0.5"], ["v7.2.0", "v7.2.0"]], "type": "integer", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy6.py index 163bacfc9..2dc3f2b9c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_dos_policy6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -141,6 +141,92 @@ options: choices: - 'disable' - 'enable' + synproxy_tcp_mss: + description: + - Determine TCP maximum segment size (MSS) value for packets replied by syn proxy module. + type: str + choices: + - '0' + - '256' + - '512' + - '1024' + - '1300' + - '1360' + - '1460' + - '1500' + synproxy_tcp_sack: + description: + - enable/disable TCP selective acknowledage (SACK) for packets replied by syn proxy module. + type: str + choices: + - 'enable' + - 'disable' + synproxy_tcp_timestamp: + description: + - enable/disable TCP timestamp option for packets replied by syn proxy module. + type: str + choices: + - 'enable' + - 'disable' + synproxy_tcp_window: + description: + - Determine TCP Window size for packets replied by syn proxy module. + type: str + choices: + - '4096' + - '8192' + - '16384' + - '32768' + synproxy_tcp_windowscale: + description: + - Determine TCP window scale option value for packets replied by syn proxy module. + type: str + choices: + - '0' + - '1' + - '2' + - '3' + - '4' + - '5' + - '6' + - '7' + - '8' + - '9' + - '10' + - '11' + - '12' + - '13' + - '14' + synproxy_tos: + description: + - Determine TCP differentiated services code point value (type of service). + type: str + choices: + - '0' + - '10' + - '12' + - '14' + - '18' + - '20' + - '22' + - '26' + - '28' + - '30' + - '34' + - '36' + - '38' + - '40' + - '46' + - '255' + synproxy_ttl: + description: + - Determine Time to live (TTL) value for packets replied by syn proxy module. + type: str + choices: + - '32' + - '64' + - '128' + - '255' threshold: description: - Anomaly threshold. Number of detected instances (packets per second or concurrent session number) that triggers the anomaly @@ -226,21 +312,28 @@ EXAMPLES = """ quarantine_expiry: "<your_own_value>" quarantine_log: "disable" status: "disable" + synproxy_tcp_mss: "0" + synproxy_tcp_sack: "enable" + synproxy_tcp_timestamp: "enable" + synproxy_tcp_window: "4096" + synproxy_tcp_windowscale: "0" + synproxy_tos: "0" + synproxy_ttl: "32" threshold: "0" threshold_default: "0" comments: "<your_own_value>" dstaddr: - - name: "default_name_15 (source firewall.address6.name firewall.addrgrp6.name)" + name: "default_name_22 (source firewall.address6.name firewall.addrgrp6.name)" interface: "<your_own_value> (source system.zone.name system.interface.name)" - name: "default_name_17" + name: "default_name_24" policyid: "<you_own_value>" service: - - name: "default_name_20 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_27 (source firewall.service.custom.name firewall.service.group.name)" srcaddr: - - name: "default_name_22 (source firewall.address6.name firewall.addrgrp6.name)" + name: "default_name_29 (source firewall.address6.name firewall.addrgrp6.name)" status: "enable" """ @@ -369,9 +462,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"threshold(default)": "threshold_default"} + speciallist = {"threshold(default)": "threshold_default"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -380,8 +473,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -397,10 +493,8 @@ def firewall_dos_policy6(data, fos, check_mode=False): state = data["state"] firewall_dos_policy6_data = data["firewall_dos_policy6"] - filtered_data = underscore_to_hyphen( - filter_firewall_dos_policy6_data(firewall_dos_policy6_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_firewall_dos_policy6_data(firewall_dos_policy6_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: @@ -592,6 +686,93 @@ versioned_schema = { "options": [{"value": "disable"}, {"value": "enable"}], }, "threshold": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "synproxy_ttl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "32"}, + {"value": "64"}, + {"value": "128"}, + {"value": "255"}, + ], + }, + "synproxy_tos": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "10"}, + {"value": "12"}, + {"value": "14"}, + {"value": "18"}, + {"value": "20"}, + {"value": "22"}, + {"value": "26"}, + {"value": "28"}, + {"value": "30"}, + {"value": "34"}, + {"value": "36"}, + {"value": "38"}, + {"value": "40"}, + {"value": "46"}, + {"value": "255"}, + ], + }, + "synproxy_tcp_mss": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "256"}, + {"value": "512"}, + {"value": "1024"}, + {"value": "1300"}, + {"value": "1360"}, + {"value": "1460"}, + {"value": "1500"}, + ], + }, + "synproxy_tcp_sack": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "synproxy_tcp_timestamp": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "synproxy_tcp_window": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "4096"}, + {"value": "8192"}, + {"value": "16384"}, + {"value": "32768"}, + ], + }, + "synproxy_tcp_windowscale": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "1"}, + {"value": "2"}, + {"value": "3"}, + {"value": "4"}, + {"value": "5"}, + {"value": "6"}, + {"value": "7"}, + {"value": "8"}, + {"value": "9"}, + {"value": "10"}, + {"value": "11"}, + {"value": "12"}, + {"value": "13"}, + {"value": "14"}, + ], + }, "threshold_default": { "v_range": [["v6.0.0", "v7.0.5"], ["v7.2.0", "v7.2.0"]], "type": "integer", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_global.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_global.py index 6a501fe08..3d9ac4002 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_global.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_global.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -206,11 +206,10 @@ def underscore_to_hyphen(data): def firewall_global(data, fos): vdom = data["vdom"] firewall_global_data = data["firewall_global"] - filtered_data = underscore_to_hyphen( - filter_firewall_global_data(firewall_global_data) - ) + filtered_data = filter_firewall_global_data(firewall_global_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("firewall", "global", data=filtered_data, vdom=vdom) + return fos.set("firewall", "global", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_gtp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_gtp.py index c435490c7..82a04ec7e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_gtp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_gtp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1811,10 +1811,11 @@ def firewall_gtp(data, fos): firewall_gtp_data = data["firewall_gtp"] firewall_gtp_data = flatten_multilists_attributes(firewall_gtp_data) - filtered_data = underscore_to_hyphen(filter_firewall_gtp_data(firewall_gtp_data)) + filtered_data = filter_firewall_gtp_data(firewall_gtp_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("firewall", "gtp", data=filtered_data, vdom=vdom) + return fos.set("firewall", "gtp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "gtp", mkey=filtered_data["name"], vdom=vdom) @@ -1855,262 +1856,266 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "comment": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "remove_if_echo_expires": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "remove_if_recovery_differ": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "send_delete_when_timeout": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "send_delete_when_timeout_v2": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "gtp_in_gtp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "unknown_version_action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "min_message_length": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "max_message_length": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "control_plane_message_rate_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "sub_second_sampling": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "rate_sampling_interval": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "sub_second_interval": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "0.5"}, {"value": "0.25"}, {"value": "0.1"}], }, "echo_request_interval": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "user_plane_message_rate_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "tunnel_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "global_tunnel_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "tunnel_timeout": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "half_open_timeout": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "half_close_timeout": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "default_apn_action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "default_imsi_action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "default_policy_action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "default_ip_action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "default_noip_action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "apn_filter": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "imsi_filter": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "policy_filter": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "ie_remover": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "ip_filter": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "noip_filter": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "monitor_mode": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "enable"}, {"value": "disable"}, { "value": "vdom", - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, ], }, "forwarded_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "denied_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "rate_limited_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "state_invalid_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "tunnel_limit_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "extension_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "traffic_count_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "log_freq": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "gtpu_forwarded_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "gtpu_denied_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "gtpu_log_freq": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "log_gtpu_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "log_imsi_prefix": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "log_msisdn_prefix": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "invalid_reserved_field": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "reserved_ie": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "miss_must_ie": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "out_of_state_message": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "out_of_state_ie": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "spoof_src_addr": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "handover_group": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "handover_group6": { @@ -2118,11 +2123,12 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], "type": "string", }, "authorized_sgsns": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "authorized_sgsns6": { @@ -2130,11 +2136,12 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], "type": "string", }, "invalid_sgsns_to_log": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "invalid_sgsns6_to_log": { @@ -2142,11 +2149,12 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], "type": "string", }, "authorized_ggsns": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "authorized_ggsns6": { @@ -2154,6 +2162,7 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], "type": "string", }, @@ -2162,7 +2171,11 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, @@ -2171,43 +2184,71 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "required": True, } }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, "action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "selection_mode": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [{"value": "ms"}, {"value": "net"}, {"value": "vrf"}], "multiple_values": True, "elements": "str", }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "imsi": { "type": "list", "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, "mcc_mnc": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "msisdn_prefix": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "apnmember": { @@ -2215,34 +2256,54 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "required": True, } }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, "action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "selection_mode": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [{"value": "ms"}, {"value": "net"}, {"value": "vrf"}], "multiple_values": True, "elements": "str", }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "policy": { "type": "list", "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, @@ -2251,15 +2312,27 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "required": True, } }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, "messages": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [ {"value": "create-req"}, @@ -2271,14 +2344,22 @@ versioned_schema = { "elements": "str", }, "apn_sel_mode": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [{"value": "ms"}, {"value": "net"}, {"value": "vrf"}], "multiple_values": True, "elements": "str", }, "max_apn_restriction": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [ {"value": "all"}, @@ -2289,15 +2370,27 @@ versioned_schema = { ], }, "imsi_prefix": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "msisdn_prefix": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "rat_type": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [ {"value": "any"}, @@ -2308,48 +2401,80 @@ versioned_schema = { {"value": "hspa"}, { "value": "eutran", - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "virtual", - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "nbiot", - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, ], "multiple_values": True, "elements": "str", }, "imei": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "rai": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "uli": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "imsi": {"v_range": [["v6.0.0", "v6.0.11"]], "type": "string"}, "msisdn": {"v_range": [["v6.0.0", "v6.0.11"]], "type": "string"}, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "policy_v2": { "type": "list", "elements": "dict", "children": { "id": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, @@ -2358,15 +2483,27 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "required": True, } }, - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, "messages": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [ {"value": "create-ses-req"}, @@ -2378,14 +2515,22 @@ versioned_schema = { "elements": "str", }, "apn_sel_mode": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [{"value": "ms"}, {"value": "net"}, {"value": "vrf"}], "multiple_values": True, "elements": "str", }, "max_apn_restriction": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [ {"value": "all"}, @@ -2396,15 +2541,27 @@ versioned_schema = { ], }, "imsi_prefix": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "msisdn_prefix": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "rat_type": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [ {"value": "any"}, @@ -2422,6 +2579,7 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], }, { @@ -2430,6 +2588,7 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], }, ], @@ -2437,37 +2596,49 @@ versioned_schema = { "elements": "str", }, "mei": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "action": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "uli": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "multiple_values": True, "elements": "str", }, }, - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "addr_notify": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "port_notify": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "interface_notify": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "context_id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "ie_remove_policy": { @@ -2475,12 +2646,20 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, "sgsn_addr": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "sgsn_addr6": { @@ -2488,11 +2667,16 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], "type": "string", }, "remove_ies": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "list", "options": [ {"value": "apn-restriction"}, @@ -2505,23 +2689,35 @@ versioned_schema = { "elements": "str", }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "ip_policy": { "type": "list", "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, "srcaddr": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "dstaddr": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "srcaddr6": { @@ -2529,6 +2725,7 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], "type": "string", }, @@ -2537,408 +2734,741 @@ versioned_schema = { ["v6.4.0", "v6.4.0"], ["v6.4.4", "v7.0.8"], ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], ], "type": "string", }, "action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "noip_policy": { "type": "list", "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, "type": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "etsi"}, {"value": "ietf"}], }, "start": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "end": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "message_filter_v0v1": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "message_filter_v2": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "ie_allow_list_v0v1": { - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "ie_allow_list_v2": { - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "rat_timeout_profile": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "ie_validation": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "dict", "children": { "imsi": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "rai": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "reordering_required": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "ms_validated": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "selection_mode": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "nsapi": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "charging_ID": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "end_user_addr": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "mm_context": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "pdp_context": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "gsn_addr": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "msisdn": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "qos_profile": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "apn_restriction": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "rat_type": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "uli": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "ms_tzone": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "imei": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "charging_gateway_addr": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, }, }, "message_rate_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "dict", "children": { "echo_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "echo_reponse": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "version_not_support": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_pdp_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "update_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "update_pdp_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_pdp_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_aa_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_aa_pdp_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_aa_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_aa_pdp_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "error_indication": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "pdu_notify_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "pdu_notify_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "pdu_notify_rej_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "pdu_notify_rej_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "support_ext_hdr_notify": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "send_route_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "send_route_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "failure_report_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "failure_report_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "note_ms_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "note_ms_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "identification_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "identification_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "sgsn_context_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "sgsn_context_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "sgsn_context_ack": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "fwd_relocation_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "fwd_relocation_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "fwd_relocation_complete": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "relocation_cancel_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "relocation_cancel_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "fwd_srns_context": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "fwd_reloc_complete_ack": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "fwd_srns_context_ack": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "ran_info": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_notify_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_notify_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_notify_rej_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_notify_rej_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_mbms_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_mbms_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "update_mbms_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "update_mbms_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_mbms_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_mbms_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_reg_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_reg_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_de_reg_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_de_reg_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_ses_start_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_ses_start_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_ses_stop_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "mbms_ses_stop_response": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "g_pdu": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, }, }, "rate_limit_mode": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "per-profile"}, @@ -2947,59 +3477,95 @@ versioned_schema = { ], }, "warning_threshold": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "message_rate_limit_v0": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "dict", "children": { "echo_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, }, }, "message_rate_limit_v1": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "dict", "children": { "echo_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_pdp_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, }, }, "message_rate_limit_v2": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "dict", "children": { "echo_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "create_session_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "delete_session_request": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, }, @@ -3009,29 +3575,45 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, "apn": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "version": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "rate_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "ie_white_list_v0v1": {"v_range": [["v6.0.0", "v6.4.4"]], "type": "string"}, "ie_white_list_v2": {"v_range": [["v6.0.0", "v6.4.4"]], "type": "string"}, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_identity_based_route.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_identity_based_route.py index cefe11ddf..398703665 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_identity_based_route.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_identity_based_route.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -268,9 +268,10 @@ def firewall_identity_based_route(data, fos, check_mode=False): state = data["state"] firewall_identity_based_route_data = data["firewall_identity_based_route"] - filtered_data = underscore_to_hyphen( - filter_firewall_identity_based_route_data(firewall_identity_based_route_data) + filtered_data = filter_firewall_identity_based_route_data( + firewall_identity_based_route_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -337,7 +338,7 @@ def firewall_identity_based_route(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "identity-based-route", data=filtered_data, vdom=vdom + "firewall", "identity-based-route", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy.py index 1147a73fa..d38612de3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -265,6 +265,10 @@ options: choices: - 'enable' - 'disable' + uuid: + description: + - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). + type: str webfilter_profile: description: - Web filter profile. Source webfilter.profile.name. @@ -319,6 +323,7 @@ EXAMPLES = """ - name: "default_name_32 (source firewall.address.name firewall.addrgrp.name)" status: "enable" + uuid: "<your_own_value>" webfilter_profile: "<your_own_value> (source webfilter.profile.name)" webfilter_profile_status: "enable" """ @@ -441,6 +446,7 @@ def filter_firewall_interface_policy_data(json): "spamfilter_profile_status", "srcaddr", "status", + "uuid", "webfilter_profile", "webfilter_profile_status", ] @@ -474,9 +480,10 @@ def firewall_interface_policy(data, fos, check_mode=False): state = data["state"] firewall_interface_policy_data = data["firewall_interface_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_interface_policy_data(firewall_interface_policy_data) + filtered_data = filter_firewall_interface_policy_data( + firewall_interface_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -540,7 +547,7 @@ def firewall_interface_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "interface-policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "interface-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -586,6 +593,7 @@ versioned_schema = { "elements": "dict", "children": { "policyid": {"v_range": [["v6.0.0", ""]], "type": "integer", "required": True}, + "uuid": {"v_range": [["v7.4.2", ""]], "type": "string"}, "status": { "v_range": [["v6.0.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy6.py index 28d381a3b..3f9d2c5d7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_interface_policy6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -265,6 +265,10 @@ options: choices: - 'enable' - 'disable' + uuid: + description: + - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). + type: str webfilter_profile: description: - Web filter profile. Source webfilter.profile.name. @@ -319,6 +323,7 @@ EXAMPLES = """ - name: "default_name_32 (source firewall.address6.name firewall.addrgrp6.name)" status: "enable" + uuid: "<your_own_value>" webfilter_profile: "<your_own_value> (source webfilter.profile.name)" webfilter_profile_status: "enable" """ @@ -441,6 +446,7 @@ def filter_firewall_interface_policy6_data(json): "spamfilter_profile_status", "srcaddr6", "status", + "uuid", "webfilter_profile", "webfilter_profile_status", ] @@ -474,9 +480,10 @@ def firewall_interface_policy6(data, fos, check_mode=False): state = data["state"] firewall_interface_policy6_data = data["firewall_interface_policy6"] - filtered_data = underscore_to_hyphen( - filter_firewall_interface_policy6_data(firewall_interface_policy6_data) + filtered_data = filter_firewall_interface_policy6_data( + firewall_interface_policy6_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -540,7 +547,7 @@ def firewall_interface_policy6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "interface-policy6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "interface-policy6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -586,6 +593,7 @@ versioned_schema = { "elements": "dict", "children": { "policyid": {"v_range": [["v6.0.0", ""]], "type": "integer", "required": True}, + "uuid": {"v_range": [["v7.4.2", ""]], "type": "string"}, "status": { "v_range": [["v6.0.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service.py index cd678ebdb..ef774e149 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -343,9 +343,10 @@ def firewall_internet_service(data, fos, check_mode=False): state = data["state"] firewall_internet_service_data = data["firewall_internet_service"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_data(firewall_internet_service_data) + filtered_data = filter_firewall_internet_service_data( + firewall_internet_service_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -409,7 +410,7 @@ def firewall_internet_service(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "internet-service", data=filtered_data, vdom=vdom) + return fos.set("firewall", "internet-service", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_addition.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_addition.py index 0092a76ea..5330fde64 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_addition.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_addition.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -283,11 +283,10 @@ def firewall_internet_service_addition(data, fos, check_mode=False): state = data["state"] firewall_internet_service_addition_data = data["firewall_internet_service_addition"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_addition_data( - firewall_internet_service_addition_data - ) + filtered_data = filter_firewall_internet_service_addition_data( + firewall_internet_service_addition_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -356,7 +355,7 @@ def firewall_internet_service_addition(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-addition", data=filtered_data, vdom=vdom + "firewall", "internet-service-addition", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_append.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_append.py index c85ed1763..6b713b941 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_append.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_append.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -216,13 +216,14 @@ def underscore_to_hyphen(data): def firewall_internet_service_append(data, fos): vdom = data["vdom"] firewall_internet_service_append_data = data["firewall_internet_service_append"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_append_data( - firewall_internet_service_append_data - ) + filtered_data = filter_firewall_internet_service_append_data( + firewall_internet_service_append_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("firewall", "internet-service-append", data=filtered_data, vdom=vdom) + return fos.set( + "firewall", "internet-service-append", data=converted_data, vdom=vdom + ) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_botnet.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_botnet.py index fc96218b1..121519bdf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_botnet.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_botnet.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,11 +232,10 @@ def firewall_internet_service_botnet(data, fos, check_mode=False): state = data["state"] firewall_internet_service_botnet_data = data["firewall_internet_service_botnet"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_botnet_data( - firewall_internet_service_botnet_data - ) + filtered_data = filter_firewall_internet_service_botnet_data( + firewall_internet_service_botnet_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -305,7 +304,7 @@ def firewall_internet_service_botnet(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-botnet", data=filtered_data, vdom=vdom + "firewall", "internet-service-botnet", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom.py index a47519849..cdab87e2a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -376,11 +376,10 @@ def firewall_internet_service_custom(data, fos, check_mode=False): state = data["state"] firewall_internet_service_custom_data = data["firewall_internet_service_custom"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_custom_data( - firewall_internet_service_custom_data - ) + filtered_data = filter_firewall_internet_service_custom_data( + firewall_internet_service_custom_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -449,7 +448,7 @@ def firewall_internet_service_custom(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-custom", data=filtered_data, vdom=vdom + "firewall", "internet-service-custom", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom_group.py index 7a647731b..9b2f42f53 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_custom_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,11 +246,10 @@ def firewall_internet_service_custom_group(data, fos, check_mode=False): firewall_internet_service_custom_group_data = data[ "firewall_internet_service_custom_group" ] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_custom_group_data( - firewall_internet_service_custom_group_data - ) + filtered_data = filter_firewall_internet_service_custom_group_data( + firewall_internet_service_custom_group_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -319,7 +318,7 @@ def firewall_internet_service_custom_group(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-custom-group", data=filtered_data, vdom=vdom + "firewall", "internet-service-custom-group", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_definition.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_definition.py index f85f08b7b..252317dac 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_definition.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_definition.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -282,11 +282,10 @@ def firewall_internet_service_definition(data, fos, check_mode=False): firewall_internet_service_definition_data = data[ "firewall_internet_service_definition" ] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_definition_data( - firewall_internet_service_definition_data - ) + filtered_data = filter_firewall_internet_service_definition_data( + firewall_internet_service_definition_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -355,7 +354,7 @@ def firewall_internet_service_definition(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-definition", data=filtered_data, vdom=vdom + "firewall", "internet-service-definition", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_extension.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_extension.py index c9c97ceed..7cff4eddc 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_extension.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_extension.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -414,11 +414,10 @@ def firewall_internet_service_extension(data, fos, check_mode=False): firewall_internet_service_extension_data = data[ "firewall_internet_service_extension" ] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_extension_data( - firewall_internet_service_extension_data - ) + filtered_data = filter_firewall_internet_service_extension_data( + firewall_internet_service_extension_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -487,7 +486,7 @@ def firewall_internet_service_extension(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-extension", data=filtered_data, vdom=vdom + "firewall", "internet-service-extension", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_group.py index a40dd9482..f64ff19b1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -258,11 +258,10 @@ def firewall_internet_service_group(data, fos, check_mode=False): state = data["state"] firewall_internet_service_group_data = data["firewall_internet_service_group"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_group_data( - firewall_internet_service_group_data - ) + filtered_data = filter_firewall_internet_service_group_data( + firewall_internet_service_group_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -331,7 +330,7 @@ def firewall_internet_service_group(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-group", data=filtered_data, vdom=vdom + "firewall", "internet-service-group", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_reason.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_reason.py index 7999e8800..f527562b3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_reason.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_reason.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -234,11 +234,10 @@ def firewall_internet_service_ipbl_reason(data, fos, check_mode=False): firewall_internet_service_ipbl_reason_data = data[ "firewall_internet_service_ipbl_reason" ] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_ipbl_reason_data( - firewall_internet_service_ipbl_reason_data - ) + filtered_data = filter_firewall_internet_service_ipbl_reason_data( + firewall_internet_service_ipbl_reason_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -307,7 +306,7 @@ def firewall_internet_service_ipbl_reason(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-ipbl-reason", data=filtered_data, vdom=vdom + "firewall", "internet-service-ipbl-reason", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_vendor.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_vendor.py index 7047dc742..bcae3b08c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_vendor.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_ipbl_vendor.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -234,11 +234,10 @@ def firewall_internet_service_ipbl_vendor(data, fos, check_mode=False): firewall_internet_service_ipbl_vendor_data = data[ "firewall_internet_service_ipbl_vendor" ] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_ipbl_vendor_data( - firewall_internet_service_ipbl_vendor_data - ) + filtered_data = filter_firewall_internet_service_ipbl_vendor_data( + firewall_internet_service_ipbl_vendor_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -307,7 +306,7 @@ def firewall_internet_service_ipbl_vendor(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-ipbl-vendor", data=filtered_data, vdom=vdom + "firewall", "internet-service-ipbl-vendor", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_list.py index fc8df6e28..af3635bb5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_list.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,9 +232,10 @@ def firewall_internet_service_list(data, fos, check_mode=False): state = data["state"] firewall_internet_service_list_data = data["firewall_internet_service_list"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_list_data(firewall_internet_service_list_data) + filtered_data = filter_firewall_internet_service_list_data( + firewall_internet_service_list_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -303,7 +304,7 @@ def firewall_internet_service_list(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-list", data=filtered_data, vdom=vdom + "firewall", "internet-service-list", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_name.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_name.py index 7fe80c70f..e88111e0e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_name.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_name.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -260,9 +260,10 @@ def firewall_internet_service_name(data, fos, check_mode=False): state = data["state"] firewall_internet_service_name_data = data["firewall_internet_service_name"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_name_data(firewall_internet_service_name_data) + filtered_data = filter_firewall_internet_service_name_data( + firewall_internet_service_name_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -331,7 +332,7 @@ def firewall_internet_service_name(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-name", data=filtered_data, vdom=vdom + "firewall", "internet-service-name", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_owner.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_owner.py index 00c4a98c3..697fc13ff 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_owner.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_owner.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,11 +232,10 @@ def firewall_internet_service_owner(data, fos, check_mode=False): state = data["state"] firewall_internet_service_owner_data = data["firewall_internet_service_owner"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_owner_data( - firewall_internet_service_owner_data - ) + filtered_data = filter_firewall_internet_service_owner_data( + firewall_internet_service_owner_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -305,7 +304,7 @@ def firewall_internet_service_owner(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-owner", data=filtered_data, vdom=vdom + "firewall", "internet-service-owner", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_reputation.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_reputation.py index 4f14c2ccb..66a112d0d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_reputation.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_reputation.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -234,11 +234,10 @@ def firewall_internet_service_reputation(data, fos, check_mode=False): firewall_internet_service_reputation_data = data[ "firewall_internet_service_reputation" ] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_reputation_data( - firewall_internet_service_reputation_data - ) + filtered_data = filter_firewall_internet_service_reputation_data( + firewall_internet_service_reputation_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -307,7 +306,7 @@ def firewall_internet_service_reputation(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-reputation", data=filtered_data, vdom=vdom + "firewall", "internet-service-reputation", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_sld.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_sld.py index 44fd072d7..342bd3821 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_sld.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_internet_service_sld.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,9 +232,10 @@ def firewall_internet_service_sld(data, fos, check_mode=False): state = data["state"] firewall_internet_service_sld_data = data["firewall_internet_service_sld"] - filtered_data = underscore_to_hyphen( - filter_firewall_internet_service_sld_data(firewall_internet_service_sld_data) + filtered_data = filter_firewall_internet_service_sld_data( + firewall_internet_service_sld_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -301,7 +302,7 @@ def firewall_internet_service_sld(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "internet-service-sld", data=filtered_data, vdom=vdom + "firewall", "internet-service-sld", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ip_translation.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ip_translation.py index d5a86f9c9..0f7ae5d03 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ip_translation.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ip_translation.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def firewall_ip_translation(data, fos, check_mode=False): state = data["state"] firewall_ip_translation_data = data["firewall_ip_translation"] - filtered_data = underscore_to_hyphen( - filter_firewall_ip_translation_data(firewall_ip_translation_data) - ) + filtered_data = filter_firewall_ip_translation_data(firewall_ip_translation_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def firewall_ip_translation(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "ip-translation", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ip-translation", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_setting.py index 2a0a8254e..7b01e5c32 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -221,11 +221,12 @@ def underscore_to_hyphen(data): def firewall_ipmacbinding_setting(data, fos): vdom = data["vdom"] firewall_ipmacbinding_setting_data = data["firewall_ipmacbinding_setting"] - filtered_data = underscore_to_hyphen( - filter_firewall_ipmacbinding_setting_data(firewall_ipmacbinding_setting_data) + filtered_data = filter_firewall_ipmacbinding_setting_data( + firewall_ipmacbinding_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("firewall.ipmacbinding", "setting", data=filtered_data, vdom=vdom) + return fos.set("firewall.ipmacbinding", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_table.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_table.py index 405168349..b14e2fc95 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_table.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipmacbinding_table.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -250,9 +250,10 @@ def firewall_ipmacbinding_table(data, fos, check_mode=False): state = data["state"] firewall_ipmacbinding_table_data = data["firewall_ipmacbinding_table"] - filtered_data = underscore_to_hyphen( - filter_firewall_ipmacbinding_table_data(firewall_ipmacbinding_table_data) + filtered_data = filter_firewall_ipmacbinding_table_data( + firewall_ipmacbinding_table_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -316,7 +317,7 @@ def firewall_ipmacbinding_table(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.ipmacbinding", "table", data=filtered_data, vdom=vdom) + return fos.set("firewall.ipmacbinding", "table", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool.py index 9c633222b..bec2ec72d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -182,7 +182,7 @@ options: - 'enable' type: description: - - IP pool type (overload, one-to-one, fixed port range, or port block allocation). + - 'IP pool type: overload, one-to-one, fixed-port-range, port-block-allocation, cgn-resource-allocation (hyperscale vdom only)' type: str choices: - 'overload' @@ -361,9 +361,8 @@ def firewall_ippool(data, fos, check_mode=False): state = data["state"] firewall_ippool_data = data["firewall_ippool"] - filtered_data = underscore_to_hyphen( - filter_firewall_ippool_data(firewall_ippool_data) - ) + filtered_data = filter_firewall_ippool_data(firewall_ippool_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -427,7 +426,7 @@ def firewall_ippool(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "ippool", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ippool", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "ippool", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool6.py index 3ec84ca6d..f621717ec 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ippool6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -256,9 +256,8 @@ def firewall_ippool6(data, fos, check_mode=False): state = data["state"] firewall_ippool6_data = data["firewall_ippool6"] - filtered_data = underscore_to_hyphen( - filter_firewall_ippool6_data(firewall_ippool6_data) - ) + filtered_data = filter_firewall_ippool6_data(firewall_ippool6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -322,7 +321,7 @@ def firewall_ippool6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "ippool6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ippool6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "ippool6", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_iprope_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_iprope_list.py index 39dc763e9..d5769f6d4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_iprope_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_iprope_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<group_number>": "group_number"} + speciallist = {"<group_number>": "group_number"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def firewall_iprope_list(data, fos): vdom = data["vdom"] firewall_iprope_list_data = data["firewall_iprope_list"] - filtered_data = underscore_to_hyphen( - filter_firewall_iprope_list_data(firewall_iprope_list_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_firewall_iprope_list_data(firewall_iprope_list_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("firewall.iprope", "list", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipv6_eh_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipv6_eh_filter.py index 9ffaf05ad..bebbb16e9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipv6_eh_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ipv6_eh_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -299,11 +299,10 @@ def firewall_ipv6_eh_filter(data, fos): firewall_ipv6_eh_filter_data = flatten_multilists_attributes( firewall_ipv6_eh_filter_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_ipv6_eh_filter_data(firewall_ipv6_eh_filter_data) - ) + filtered_data = filter_firewall_ipv6_eh_filter_data(firewall_ipv6_eh_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("firewall", "ipv6-eh-filter", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ipv6-eh-filter", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ldb_monitor.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ldb_monitor.py index 3b663fff1..379619245 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ldb_monitor.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ldb_monitor.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -309,9 +309,8 @@ def firewall_ldb_monitor(data, fos, check_mode=False): state = data["state"] firewall_ldb_monitor_data = data["firewall_ldb_monitor"] - filtered_data = underscore_to_hyphen( - filter_firewall_ldb_monitor_data(firewall_ldb_monitor_data) - ) + filtered_data = filter_firewall_ldb_monitor_data(firewall_ldb_monitor_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -375,7 +374,7 @@ def firewall_ldb_monitor(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "ldb-monitor", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ldb-monitor", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -430,7 +429,11 @@ versioned_schema = { {"value": "dns", "v_range": [["v7.0.0", ""]]}, { "value": "passive-sip", - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, ], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy.py index 19732d4ab..ad3b80368 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -130,6 +130,17 @@ options: description: - Incoming interface name from available options. Source system.zone.name system.interface.name. type: str + intf_dict: + description: + - Incoming interface name from available options. Use the parameter intf if the fortiOS firmware version <= 7.4.1 + type: list + elements: dict + suboptions: + name: + description: + - Address name. Source system.zone.name system.interface.name. + required: true + type: str policyid: description: - User defined local in policy ID. see <a href='#notes'>Notes</a>. @@ -211,15 +222,18 @@ EXAMPLES = """ dstaddr_negate: "enable" ha_mgmt_intf_only: "enable" intf: "<your_own_value> (source system.zone.name system.interface.name)" + intf_dict: + - + name: "default_name_11 (source system.zone.name system.interface.name)" policyid: "<you_own_value>" schedule: "<your_own_value> (source firewall.schedule.onetime.name firewall.schedule.recurring.name firewall.schedule.group.name)" service: - - name: "default_name_13 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_15 (source firewall.service.custom.name firewall.service.group.name)" service_negate: "enable" srcaddr: - - name: "default_name_16 (source firewall.address.name firewall.addrgrp.name system.external-resource.name)" + name: "default_name_18 (source firewall.address.name firewall.addrgrp.name system.external-resource.name)" srcaddr_negate: "enable" status: "enable" uuid: "<your_own_value>" @@ -322,6 +336,7 @@ def filter_firewall_local_in_policy_data(json): "dstaddr_negate", "ha_mgmt_intf_only", "intf", + "intf_dict", "policyid", "schedule", "service", @@ -356,15 +371,39 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"intf-dict": "intf"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def firewall_local_in_policy(data, fos, check_mode=False): vdom = data["vdom"] state = data["state"] firewall_local_in_policy_data = data["firewall_local_in_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_local_in_policy_data(firewall_local_in_policy_data) - ) + filtered_data = filter_firewall_local_in_policy_data(firewall_local_in_policy_data) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) # check_mode starts from here if check_mode: @@ -428,7 +467,7 @@ def firewall_local_in_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "local-in-policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "local-in-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -480,7 +519,18 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "intf": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "intf_dict": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "srcaddr": { "type": "list", "elements": "dict", @@ -549,6 +599,7 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "comments": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "intf": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy6.py index 166a3a11f..23b0b56b6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_local_in_policy6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -123,6 +123,17 @@ options: description: - Incoming interface name from available options. Source system.zone.name system.interface.name. type: str + intf_dict: + description: + - Incoming interface name from available options. Use the parameter intf if the fortiOS firmware version <= 7.4.1 + type: list + elements: dict + suboptions: + name: + description: + - Address name. Source system.zone.name system.interface.name. + required: true + type: str policyid: description: - User defined local in policy ID. see <a href='#notes'>Notes</a>. @@ -203,15 +214,18 @@ EXAMPLES = """ name: "default_name_6 (source firewall.address6.name firewall.addrgrp6.name system.external-resource.name)" dstaddr_negate: "enable" intf: "<your_own_value> (source system.zone.name system.interface.name)" + intf_dict: + - + name: "default_name_10 (source system.zone.name system.interface.name)" policyid: "<you_own_value>" schedule: "<your_own_value> (source firewall.schedule.onetime.name firewall.schedule.recurring.name firewall.schedule.group.name)" service: - - name: "default_name_12 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_14 (source firewall.service.custom.name firewall.service.group.name)" service_negate: "enable" srcaddr: - - name: "default_name_15 (source firewall.address6.name firewall.addrgrp6.name system.external-resource.name)" + name: "default_name_17 (source firewall.address6.name firewall.addrgrp6.name system.external-resource.name)" srcaddr_negate: "enable" status: "enable" uuid: "<your_own_value>" @@ -313,6 +327,7 @@ def filter_firewall_local_in_policy6_data(json): "dstaddr", "dstaddr_negate", "intf", + "intf_dict", "policyid", "schedule", "service", @@ -347,15 +362,41 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"intf-dict": "intf"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def firewall_local_in_policy6(data, fos, check_mode=False): vdom = data["vdom"] state = data["state"] firewall_local_in_policy6_data = data["firewall_local_in_policy6"] - filtered_data = underscore_to_hyphen( - filter_firewall_local_in_policy6_data(firewall_local_in_policy6_data) + filtered_data = filter_firewall_local_in_policy6_data( + firewall_local_in_policy6_data ) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) # check_mode starts from here if check_mode: @@ -419,7 +460,7 @@ def firewall_local_in_policy6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "local-in-policy6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "local-in-policy6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -466,7 +507,18 @@ versioned_schema = { "children": { "policyid": {"v_range": [["v6.0.0", ""]], "type": "integer", "required": True}, "uuid": {"v_range": [["v6.4.0", ""]], "type": "string"}, - "intf": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "intf_dict": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "srcaddr": { "type": "list", "elements": "dict", @@ -535,6 +587,7 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "comments": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "intf": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_mms_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_mms_profile.py index a69ad1e3e..3ef9d6377 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_mms_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_mms_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1230,12 +1230,11 @@ def firewall_mms_profile(data, fos): firewall_mms_profile_data = data["firewall_mms_profile"] firewall_mms_profile_data = flatten_multilists_attributes(firewall_mms_profile_data) - filtered_data = underscore_to_hyphen( - filter_firewall_mms_profile_data(firewall_mms_profile_data) - ) + filtered_data = filter_firewall_mms_profile_data(firewall_mms_profile_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("firewall", "mms-profile", data=filtered_data, vdom=vdom) + return fos.set("firewall", "mms-profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address.py index a001b0e73..41d9b45df 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -316,9 +316,10 @@ def firewall_multicast_address(data, fos, check_mode=False): state = data["state"] firewall_multicast_address_data = data["firewall_multicast_address"] - filtered_data = underscore_to_hyphen( - filter_firewall_multicast_address_data(firewall_multicast_address_data) + filtered_data = filter_firewall_multicast_address_data( + firewall_multicast_address_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -382,7 +383,7 @@ def firewall_multicast_address(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "multicast-address", data=filtered_data, vdom=vdom) + return fos.set("firewall", "multicast-address", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address6.py index 4c57af20c..ef3a925b2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_address6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -281,9 +281,10 @@ def firewall_multicast_address6(data, fos, check_mode=False): state = data["state"] firewall_multicast_address6_data = data["firewall_multicast_address6"] - filtered_data = underscore_to_hyphen( - filter_firewall_multicast_address6_data(firewall_multicast_address6_data) + filtered_data = filter_firewall_multicast_address6_data( + firewall_multicast_address6_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -347,7 +348,7 @@ def firewall_multicast_address6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "multicast-address6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "multicast-address6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy.py index 2d4fade7c..7c3e4efaf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -136,13 +136,19 @@ options: - Policy ID ((0 - 4294967294). see <a href='#notes'>Notes</a>. required: true type: int + ips_sensor: + description: + - Name of an existing IPS sensor. Source ips.sensor.name. + type: str logtraffic: description: - - Enable/disable logging traffic accepted by this policy. + - Enable or disable logging. Log all sessions or security profile sessions. type: str choices: - - 'enable' + - 'all' + - 'utm' - 'disable' + - 'enable' name: description: - Policy name. @@ -192,6 +198,13 @@ options: description: - Traffic shaper to apply to traffic forwarded by the multicast policy. Source firewall.shaper.traffic-shaper.name. type: str + utm_status: + description: + - Enable to add an IPS security profile to the policy. + type: str + choices: + - 'enable' + - 'disable' uuid: description: - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). @@ -215,18 +228,20 @@ EXAMPLES = """ dstintf: "<your_own_value> (source system.interface.name system.zone.name)" end_port: "65535" id: "11" - logtraffic: "enable" - name: "default_name_13" + ips_sensor: "<your_own_value> (source ips.sensor.name)" + logtraffic: "all" + name: "default_name_14" protocol: "0" snat: "enable" snat_ip: "<your_own_value>" srcaddr: - - name: "default_name_18 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_19 (source firewall.address.name firewall.addrgrp.name)" srcintf: "<your_own_value> (source system.interface.name system.zone.name)" start_port: "1" status: "enable" traffic_shaper: "<your_own_value> (source firewall.shaper.traffic-shaper.name)" + utm_status: "enable" uuid: "<your_own_value>" """ @@ -328,6 +343,7 @@ def filter_firewall_multicast_policy_data(json): "dstintf", "end_port", "id", + "ips_sensor", "logtraffic", "name", "protocol", @@ -338,6 +354,7 @@ def filter_firewall_multicast_policy_data(json): "start_port", "status", "traffic_shaper", + "utm_status", "uuid", ] @@ -370,9 +387,10 @@ def firewall_multicast_policy(data, fos, check_mode=False): state = data["state"] firewall_multicast_policy_data = data["firewall_multicast_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_multicast_policy_data(firewall_multicast_policy_data) + filtered_data = filter_firewall_multicast_policy_data( + firewall_multicast_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -436,7 +454,7 @@ def firewall_multicast_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "multicast-policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "multicast-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -490,11 +508,6 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "logtraffic": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, "srcintf": {"v_range": [["v6.0.0", ""]], "type": "string"}, "dstintf": {"v_range": [["v6.0.0", ""]], "type": "string"}, "srcaddr": { @@ -536,6 +549,22 @@ versioned_schema = { "protocol": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "start_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "end_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "utm_status": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "ips_sensor": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "logtraffic": { + "v_range": [["v6.0.0", ""]], + "type": "string", + "options": [ + {"value": "all", "v_range": [["v7.4.2", ""]]}, + {"value": "utm", "v_range": [["v7.4.2", ""]]}, + {"value": "disable"}, + {"value": "enable", "v_range": [["v6.0.0", "v7.4.1"]]}, + ], + }, "auto_asic_offload": { "v_range": [["v6.0.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy6.py index a1479f852..ed36a9f2a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_multicast_policy6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -132,13 +132,19 @@ options: - Policy ID (0 - 4294967294). see <a href='#notes'>Notes</a>. required: true type: int + ips_sensor: + description: + - Name of an existing IPS sensor. Source ips.sensor.name. + type: str logtraffic: description: - - Enable/disable logging traffic accepted by this policy. + - Enable or disable logging. Log all sessions or security profile sessions. type: str choices: - - 'enable' + - 'all' + - 'utm' - 'disable' + - 'enable' name: description: - Policy name. @@ -173,6 +179,13 @@ options: choices: - 'enable' - 'disable' + utm_status: + description: + - Enable to add an IPS security profile to the policy. + type: str + choices: + - 'enable' + - 'disable' uuid: description: - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). @@ -195,15 +208,17 @@ EXAMPLES = """ dstintf: "<your_own_value> (source system.interface.name system.zone.name)" end_port: "65535" id: "10" - logtraffic: "enable" - name: "default_name_12" + ips_sensor: "<your_own_value> (source ips.sensor.name)" + logtraffic: "all" + name: "default_name_13" protocol: "0" srcaddr: - - name: "default_name_15 (source firewall.address6.name firewall.addrgrp6.name)" + name: "default_name_16 (source firewall.address6.name firewall.addrgrp6.name)" srcintf: "<your_own_value> (source system.interface.name system.zone.name)" start_port: "1" status: "enable" + utm_status: "enable" uuid: "<your_own_value>" """ @@ -304,6 +319,7 @@ def filter_firewall_multicast_policy6_data(json): "dstintf", "end_port", "id", + "ips_sensor", "logtraffic", "name", "protocol", @@ -311,6 +327,7 @@ def filter_firewall_multicast_policy6_data(json): "srcintf", "start_port", "status", + "utm_status", "uuid", ] @@ -343,9 +360,10 @@ def firewall_multicast_policy6(data, fos, check_mode=False): state = data["state"] firewall_multicast_policy6_data = data["firewall_multicast_policy6"] - filtered_data = underscore_to_hyphen( - filter_firewall_multicast_policy6_data(firewall_multicast_policy6_data) + filtered_data = filter_firewall_multicast_policy6_data( + firewall_multicast_policy6_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -409,7 +427,7 @@ def firewall_multicast_policy6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "multicast-policy6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "multicast-policy6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -462,11 +480,6 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "name": {"v_range": [["v6.4.0", "v6.4.0"], ["v6.4.4", ""]], "type": "string"}, - "logtraffic": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, "srcintf": {"v_range": [["v6.0.0", ""]], "type": "string"}, "dstintf": {"v_range": [["v6.0.0", ""]], "type": "string"}, "srcaddr": { @@ -501,6 +514,22 @@ versioned_schema = { "protocol": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "start_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "end_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "utm_status": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "ips_sensor": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "logtraffic": { + "v_range": [["v6.0.0", ""]], + "type": "string", + "options": [ + {"value": "all", "v_range": [["v7.4.2", ""]]}, + {"value": "utm", "v_range": [["v7.4.2", ""]]}, + {"value": "disable"}, + {"value": "enable", "v_range": [["v6.0.0", "v7.4.1"]]}, + ], + }, "auto_asic_offload": { "v_range": [["v6.0.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_network_service_dynamic.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_network_service_dynamic.py index 57157cf69..1ed2b19ed 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_network_service_dynamic.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_network_service_dynamic.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -231,15 +231,14 @@ def firewall_network_service_dynamic(data, fos): state = data["state"] firewall_network_service_dynamic_data = data["firewall_network_service_dynamic"] - filtered_data = underscore_to_hyphen( - filter_firewall_network_service_dynamic_data( - firewall_network_service_dynamic_data - ) + filtered_data = filter_firewall_network_service_dynamic_data( + firewall_network_service_dynamic_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "firewall", "network-service-dynamic", data=filtered_data, vdom=vdom + "firewall", "network-service-dynamic", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_pfcp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_pfcp.py index f8f14258f..a7dc22a02 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_pfcp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_pfcp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -303,10 +303,11 @@ def firewall_pfcp(data, fos): state = data["state"] firewall_pfcp_data = data["firewall_pfcp"] - filtered_data = underscore_to_hyphen(filter_firewall_pfcp_data(firewall_pfcp_data)) + filtered_data = filter_firewall_pfcp_data(firewall_pfcp_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("firewall", "pfcp", data=filtered_data, vdom=vdom) + return fos.set("firewall", "pfcp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "pfcp", mkey=filtered_data["name"], vdom=vdom) @@ -347,62 +348,62 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "min_message_length": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "max_message_length": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "monitor_mode": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}, {"value": "vdom"}], }, "message_filter": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "pfcp_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "unknown_version": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "invalid_reserved_field": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "forwarded_log": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "denied_log": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "traffic_count_log": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "log_freq": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, }, - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy.py index 422220b53..3799f92cf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy.py @@ -42,7 +42,7 @@ notes: - Only one of [after, before] must be specified when action is moving an object. requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,6 +254,10 @@ options: - Device or group name. Source user.device.alias user.device-group.name user.device-category.name. required: true type: str + diameter_filter_profile: + description: + - Name of an existing Diameter filter profile. Source diameter-filter.profile.name. + type: str diffserv_copy: description: - Enable to copy packet"s DiffServ values from session"s original direction to its reply direction. @@ -1548,6 +1552,7 @@ EXAMPLES = """ devices: - name: "default_name_28 (source user.device.alias user.device-group.name user.device-category.name)" + diameter_filter_profile: "<your_own_value> (source diameter-filter.profile.name)" diffserv_copy: "enable" diffserv_forward: "enable" diffserv_reverse: "enable" @@ -1563,17 +1568,17 @@ EXAMPLES = """ dsri: "enable" dstaddr: - - name: "default_name_43 (source firewall.address.name firewall.addrgrp.name firewall.vip.name firewall.vipgrp.name system.external-resource + name: "default_name_44 (source firewall.address.name firewall.addrgrp.name firewall.vip.name firewall.vipgrp.name system.external-resource .name)" dstaddr_negate: "enable" dstaddr6: - - name: "default_name_46 (source firewall.address6.name firewall.vipgrp6.name firewall.vip6.name system.external-resource.name firewall + name: "default_name_47 (source firewall.address6.name firewall.vipgrp6.name firewall.vip6.name system.external-resource.name firewall .addrgrp6.name)" dstaddr6_negate: "enable" dstintf: - - name: "default_name_49 (source system.interface.name system.zone.name system.sdwan.zone.name)" + name: "default_name_50 (source system.interface.name system.zone.name system.sdwan.zone.name)" dynamic_shaping: "enable" email_collect: "enable" emailfilter_profile: "<your_own_value> (source emailfilter.profile.name)" @@ -1585,13 +1590,13 @@ EXAMPLES = """ fsso_agent_for_ntlm: "<your_own_value> (source user.fsso.name)" fsso_groups: - - name: "default_name_60 (source user.adgrp.name)" + name: "default_name_61 (source user.adgrp.name)" geoip_anycast: "enable" geoip_match: "physical-location" global_label: "<your_own_value>" groups: - - name: "default_name_65 (source user.group.name)" + name: "default_name_66 (source user.group.name)" gtp_profile: "<your_own_value> (source firewall.gtp.name)" http_policy_redirect: "enable" icap_profile: "<your_own_value> (source icap.profile.name)" @@ -1601,64 +1606,64 @@ EXAMPLES = """ internet_service: "enable" internet_service_custom: - - name: "default_name_74 (source firewall.internet-service-custom.name)" + name: "default_name_75 (source firewall.internet-service-custom.name)" internet_service_custom_group: - - name: "default_name_76 (source firewall.internet-service-custom-group.name)" + name: "default_name_77 (source firewall.internet-service-custom-group.name)" internet_service_group: - - name: "default_name_78 (source firewall.internet-service-group.name)" + name: "default_name_79 (source firewall.internet-service-group.name)" internet_service_id: - - id: "80 (source firewall.internet-service.id)" + id: "81 (source firewall.internet-service.id)" internet_service_name: - - name: "default_name_82 (source firewall.internet-service-name.name)" + name: "default_name_83 (source firewall.internet-service-name.name)" internet_service_negate: "enable" internet_service_src: "enable" internet_service_src_custom: - - name: "default_name_86 (source firewall.internet-service-custom.name)" + name: "default_name_87 (source firewall.internet-service-custom.name)" internet_service_src_custom_group: - - name: "default_name_88 (source firewall.internet-service-custom-group.name)" + name: "default_name_89 (source firewall.internet-service-custom-group.name)" internet_service_src_group: - - name: "default_name_90 (source firewall.internet-service-group.name)" + name: "default_name_91 (source firewall.internet-service-group.name)" internet_service_src_id: - - id: "92 (source firewall.internet-service.id)" + id: "93 (source firewall.internet-service.id)" internet_service_src_name: - - name: "default_name_94 (source firewall.internet-service-name.name)" + name: "default_name_95 (source firewall.internet-service-name.name)" internet_service_src_negate: "enable" internet_service6: "enable" internet_service6_custom: - - name: "default_name_98 (source firewall.internet-service-custom.name)" + name: "default_name_99 (source firewall.internet-service-custom.name)" internet_service6_custom_group: - - name: "default_name_100 (source firewall.internet-service-custom-group.name)" + name: "default_name_101 (source firewall.internet-service-custom-group.name)" internet_service6_group: - - name: "default_name_102 (source firewall.internet-service-group.name)" + name: "default_name_103 (source firewall.internet-service-group.name)" internet_service6_name: - - name: "default_name_104 (source firewall.internet-service-name.name)" + name: "default_name_105 (source firewall.internet-service-name.name)" internet_service6_negate: "enable" internet_service6_src: "enable" internet_service6_src_custom: - - name: "default_name_108 (source firewall.internet-service-custom.name)" + name: "default_name_109 (source firewall.internet-service-custom.name)" internet_service6_src_custom_group: - - name: "default_name_110 (source firewall.internet-service-custom-group.name)" + name: "default_name_111 (source firewall.internet-service-custom-group.name)" internet_service6_src_group: - - name: "default_name_112 (source firewall.internet-service-group.name)" + name: "default_name_113 (source firewall.internet-service-group.name)" internet_service6_src_name: - - name: "default_name_114 (source firewall.internet-service-name.name)" + name: "default_name_115 (source firewall.internet-service-name.name)" internet_service6_src_negate: "enable" ippool: "enable" ips_sensor: "<your_own_value> (source ips.sensor.name)" @@ -1670,7 +1675,7 @@ EXAMPLES = """ match_vip: "enable" match_vip_only: "enable" mms_profile: "<your_own_value> (source firewall.mms-profile.name)" - name: "default_name_126" + name: "default_name_127" nat: "enable" nat46: "enable" nat64: "enable" @@ -1679,10 +1684,10 @@ EXAMPLES = """ natoutbound: "enable" network_service_dynamic: - - name: "default_name_134 (source firewall.network-service-dynamic.name)" + name: "default_name_135 (source firewall.network-service-dynamic.name)" network_service_src_dynamic: - - name: "default_name_136 (source firewall.network-service-dynamic.name)" + name: "default_name_137 (source firewall.network-service-dynamic.name)" np_acceleration: "enable" ntlm: "enable" ntlm_enabled_browsers: @@ -1695,7 +1700,7 @@ EXAMPLES = """ pcp_outbound: "enable" pcp_poolname: - - name: "default_name_147 (source system.pcp-server.pools.name)" + name: "default_name_148 (source system.pcp-server.pools.name)" per_ip_shaper: "<your_own_value> (source firewall.shaper.per-ip-shaper.name)" permit_any_host: "enable" permit_stun_host: "enable" @@ -1706,10 +1711,10 @@ EXAMPLES = """ policyid: "<you_own_value>" poolname: - - name: "default_name_157 (source firewall.ippool.name)" + name: "default_name_158 (source firewall.ippool.name)" poolname6: - - name: "default_name_159 (source firewall.ippool6.name)" + name: "default_name_160 (source firewall.ippool6.name)" profile_group: "<your_own_value> (source firewall.profile-group.name)" profile_protocol_options: "<your_own_value> (source firewall.profile-protocol-options.name)" profile_type: "single" @@ -1723,7 +1728,7 @@ EXAMPLES = """ rsso: "enable" rtp_addr: - - name: "default_name_172 (source firewall.internet-service-custom-group.name firewall.addrgrp.name)" + name: "default_name_173 (source firewall.internet-service-custom-group.name firewall.addrgrp.name)" rtp_nat: "disable" scan_botnet_connections: "disable" schedule: "<your_own_value> (source firewall.schedule.onetime.name firewall.schedule.recurring.name firewall.schedule.group.name)" @@ -1732,34 +1737,34 @@ EXAMPLES = """ send_deny_packet: "disable" service: - - name: "default_name_180 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_181 (source firewall.service.custom.name firewall.service.group.name)" service_negate: "enable" session_ttl: "<your_own_value>" sgt: - - id: "184" + id: "185" sgt_check: "enable" spamfilter_profile: "<your_own_value> (source spamfilter.profile.name)" src_vendor_mac: - - id: "188 (source firewall.vendor-mac.id)" + id: "189 (source firewall.vendor-mac.id)" srcaddr: - - name: "default_name_190 (source firewall.address.name firewall.addrgrp.name system.external-resource.name)" + name: "default_name_191 (source firewall.address.name firewall.addrgrp.name system.external-resource.name)" srcaddr_negate: "enable" srcaddr6: - - name: "default_name_193 (source firewall.address6.name system.external-resource.name firewall.addrgrp6.name)" + name: "default_name_194 (source firewall.address6.name system.external-resource.name firewall.addrgrp6.name)" srcaddr6_negate: "enable" srcintf: - - name: "default_name_196 (source system.interface.name system.zone.name system.sdwan.zone.name)" + name: "default_name_197 (source system.interface.name system.zone.name system.sdwan.zone.name)" ssh_filter_profile: "<your_own_value> (source ssh-filter.profile.name)" ssh_policy_redirect: "enable" ssl_mirror: "enable" ssl_mirror_intf: - - name: "default_name_201 (source system.interface.name system.zone.name)" + name: "default_name_202 (source system.interface.name system.zone.name)" ssl_ssh_profile: "<your_own_value> (source firewall.ssl-ssh-profile.name)" status: "enable" tcp_mss_receiver: "0" @@ -1773,10 +1778,10 @@ EXAMPLES = """ traffic_shaper_reverse: "<your_own_value> (source firewall.shaper.traffic-shaper.name)" url_category: - - id: "214" + id: "215" users: - - name: "default_name_216 (source user.local.name user.certificate.name)" + name: "default_name_217 (source user.local.name user.certificate.name)" utm_status: "enable" uuid: "<your_own_value>" videofilter_profile: "<your_own_value> (source videofilter.profile.name)" @@ -1802,13 +1807,13 @@ EXAMPLES = """ ztna_device_ownership: "enable" ztna_ems_tag: - - name: "default_name_241 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_242 (source firewall.address.name firewall.addrgrp.name)" ztna_ems_tag_secondary: - - name: "default_name_243 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_244 (source firewall.address.name firewall.addrgrp.name)" ztna_geo_tag: - - name: "default_name_245 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_246 (source firewall.address.name firewall.addrgrp.name)" ztna_policy_redirect: "enable" ztna_status: "enable" ztna_tags_match_logic: "or" @@ -1925,6 +1930,7 @@ def filter_firewall_policy_data(json): "decrypted_traffic_mirror", "delay_tcp_npu_session", "devices", + "diameter_filter_profile", "diffserv_copy", "diffserv_forward", "diffserv_reverse", @@ -2134,9 +2140,8 @@ def firewall_policy(data, fos, check_mode=False): state = data["state"] firewall_policy_data = data["firewall_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_policy_data(firewall_policy_data) - ) + filtered_data = filter_firewall_policy_data(firewall_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -2200,7 +2205,7 @@ def firewall_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -2804,6 +2809,7 @@ versioned_schema = { "voip_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "ips_voip_filter": {"v_range": [["v7.4.0", ""]], "type": "string"}, "sctp_filter_profile": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "diameter_filter_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, "virtual_patch_profile": {"v_range": [["v7.4.1", ""]], "type": "string"}, "icap_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "cifs_profile": {"v_range": [["v6.2.0", ""]], "type": "string"}, @@ -2822,9 +2828,12 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "capture_packet": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + ], }, "auto_asic_offload": { "v_range": [["v6.0.0", ""]], @@ -2832,35 +2841,54 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "wanopt": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + ], }, "wanopt_detection": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "active"}, {"value": "passive"}, {"value": "off"}], + "options": [ + {"value": "active", "v_range": [["v6.0.0", ""]]}, + {"value": "passive", "v_range": [["v6.0.0", ""]]}, + {"value": "off", "v_range": [["v6.0.0", ""]]}, + ], }, "wanopt_passive_opt": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ - {"value": "default"}, - {"value": "transparent"}, - {"value": "non-transparent"}, + {"value": "default", "v_range": [["v6.0.0", ""]]}, + {"value": "transparent", "v_range": [["v6.0.0", ""]]}, + {"value": "non-transparent", "v_range": [["v6.0.0", ""]]}, ], }, - "wanopt_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "wanopt_peer": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "wanopt_profile": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "string", + }, + "wanopt_peer": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "string", + }, "webcache": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + ], }, "webcache_https": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], + "options": [ + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + ], }, "webproxy_forward_server": {"v_range": [["v6.2.0", ""]], "type": "string"}, "traffic_shaper": {"v_range": [["v6.0.0", ""]], "type": "string"}, @@ -3189,11 +3217,11 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "gtp_profile": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "pfcp_profile": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, "dlp_sensor": {"v_range": [["v6.0.0", "v7.0.12"]], "type": "string"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy46.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy46.py index 04f22584b..ffaf31461 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy46.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy46.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -418,9 +418,8 @@ def firewall_policy46(data, fos, check_mode=False): state = data["state"] firewall_policy46_data = data["firewall_policy46"] - filtered_data = underscore_to_hyphen( - filter_firewall_policy46_data(firewall_policy46_data) - ) + filtered_data = filter_firewall_policy46_data(firewall_policy46_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -484,7 +483,7 @@ def firewall_policy46(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "policy46", data=filtered_data, vdom=vdom) + return fos.set("firewall", "policy46", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy6.py index 08ae67bd0..ac4953429 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1044,9 +1044,8 @@ def firewall_policy6(data, fos, check_mode=False): state = data["state"] firewall_policy6_data = data["firewall_policy6"] - filtered_data = underscore_to_hyphen( - filter_firewall_policy6_data(firewall_policy6_data) - ) + filtered_data = filter_firewall_policy6_data(firewall_policy6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1110,7 +1109,7 @@ def firewall_policy6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "policy6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "policy6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy64.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy64.py index e69dd28ab..f68b1986a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy64.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy64.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -418,9 +418,8 @@ def firewall_policy64(data, fos, check_mode=False): state = data["state"] firewall_policy64_data = data["firewall_policy64"] - filtered_data = underscore_to_hyphen( - filter_firewall_policy64_data(firewall_policy64_data) - ) + filtered_data = filter_firewall_policy64_data(firewall_policy64_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -484,7 +483,7 @@ def firewall_policy64(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "policy64", data=filtered_data, vdom=vdom) + return fos.set("firewall", "policy64", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_group.py index b6c77b5d5..c7c954e1b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -104,6 +104,10 @@ options: description: - Name of an existing CIFS profile. Source cifs.profile.name. type: str + diameter_filter_profile: + description: + - Name of an existing Diameter filter profile. Source diameter-filter.profile.name. + type: str dlp_profile: description: - Name of an existing DLP profile. Source dlp.profile.name. @@ -198,6 +202,7 @@ EXAMPLES = """ av_profile: "<your_own_value> (source antivirus.profile.name)" casb_profile: "<your_own_value> (source casb.profile.name)" cifs_profile: "<your_own_value> (source cifs.profile.name)" + diameter_filter_profile: "<your_own_value> (source diameter-filter.profile.name)" dlp_profile: "<your_own_value> (source dlp.profile.name)" dlp_sensor: "<your_own_value> (source dlp.sensor.name)" dnsfilter_profile: "<your_own_value> (source dnsfilter.profile.name)" @@ -207,7 +212,7 @@ EXAMPLES = """ ips_sensor: "<your_own_value> (source ips.sensor.name)" ips_voip_filter: "<your_own_value> (source voip.profile.name)" mms_profile: "<your_own_value> (source firewall.mms-profile.name)" - name: "default_name_16" + name: "default_name_17" profile_protocol_options: "<your_own_value> (source firewall.profile-protocol-options.name)" sctp_filter_profile: "<your_own_value> (source sctp-filter.profile.name)" spamfilter_profile: "<your_own_value> (source spamfilter.profile.name)" @@ -314,6 +319,7 @@ def filter_firewall_profile_group_data(json): "av_profile", "casb_profile", "cifs_profile", + "diameter_filter_profile", "dlp_profile", "dlp_sensor", "dnsfilter_profile", @@ -365,9 +371,8 @@ def firewall_profile_group(data, fos, check_mode=False): state = data["state"] firewall_profile_group_data = data["firewall_profile_group"] - filtered_data = underscore_to_hyphen( - filter_firewall_profile_group_data(firewall_profile_group_data) - ) + filtered_data = filter_firewall_profile_group_data(firewall_profile_group_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -431,7 +436,7 @@ def firewall_profile_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "profile-group", data=filtered_data, vdom=vdom) + return fos.set("firewall", "profile-group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -488,6 +493,7 @@ versioned_schema = { "voip_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "ips_voip_filter": {"v_range": [["v7.4.0", ""]], "type": "string"}, "sctp_filter_profile": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "diameter_filter_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, "virtual_patch_profile": {"v_range": [["v7.4.1", ""]], "type": "string"}, "icap_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "cifs_profile": {"v_range": [["v6.2.0", ""]], "type": "string"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_protocol_options.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_protocol_options.py index d6651d190..cd903dcda 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_protocol_options.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_profile_protocol_options.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -177,7 +177,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int comment: description: @@ -300,7 +300,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int http: description: @@ -504,7 +504,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int unknown_content_encoding: description: @@ -592,7 +592,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int mail_signature: description: @@ -652,7 +652,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int name: description: @@ -715,7 +715,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int oversize_log: description: @@ -787,7 +787,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int replacemsg_group: description: @@ -871,7 +871,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int ssh: description: @@ -945,7 +945,7 @@ options: type: int uncompressed_oversize_limit: description: - - Maximum in-memory uncompressed file size that can be scanned. + - Maximum in-memory uncompressed file size that can be scanned (MB). type: int switching_protocols_log: description: @@ -1301,11 +1301,10 @@ def firewall_profile_protocol_options(data, fos, check_mode=False): firewall_profile_protocol_options_data = flatten_multilists_attributes( firewall_profile_protocol_options_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_profile_protocol_options_data( - firewall_profile_protocol_options_data - ) + filtered_data = filter_firewall_profile_protocol_options_data( + firewall_profile_protocol_options_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1374,7 +1373,7 @@ def firewall_profile_protocol_options(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall", "profile-protocol-options", data=filtered_data, vdom=vdom + "firewall", "profile-protocol-options", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proute.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proute.py index caabf449d..2a832191b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proute.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proute.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<policy route id>": "policy_route_id"} + speciallist = {"<policy route id>": "policy_route_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def firewall_proute(data, fos): vdom = data["vdom"] firewall_proute_data = data["firewall_proute"] - filtered_data = underscore_to_hyphen( - filter_firewall_proute_data(firewall_proute_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_firewall_proute_data(firewall_proute_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("firewall", "proute", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_address.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_address.py index 2d7c7b4b9..060705e0b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_address.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_address.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -499,9 +499,8 @@ def firewall_proxy_address(data, fos, check_mode=False): firewall_proxy_address_data = flatten_multilists_attributes( firewall_proxy_address_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_proxy_address_data(firewall_proxy_address_data) - ) + filtered_data = filter_firewall_proxy_address_data(firewall_proxy_address_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -565,7 +564,7 @@ def firewall_proxy_address(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "proxy-address", data=filtered_data, vdom=vdom) + return fos.set("firewall", "proxy-address", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_addrgrp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_addrgrp.py index debc54045..6a6210b58 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_addrgrp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_addrgrp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -312,9 +312,8 @@ def firewall_proxy_addrgrp(data, fos, check_mode=False): state = data["state"] firewall_proxy_addrgrp_data = data["firewall_proxy_addrgrp"] - filtered_data = underscore_to_hyphen( - filter_firewall_proxy_addrgrp_data(firewall_proxy_addrgrp_data) - ) + filtered_data = filter_firewall_proxy_addrgrp_data(firewall_proxy_addrgrp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -378,7 +377,7 @@ def firewall_proxy_addrgrp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "proxy-addrgrp", data=filtered_data, vdom=vdom) + return fos.set("firewall", "proxy-addrgrp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_policy.py index 8c01a42be..9ec85ca81 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_proxy_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -165,6 +165,10 @@ options: choices: - 'enable' - 'disable' + diameter_filter_profile: + description: + - Name of an existing Diameter filter profile. Source diameter-filter.profile.name. + type: str disclaimer: description: - 'Web proxy disclaimer setting: by domain, policy, or user.' @@ -690,59 +694,60 @@ EXAMPLES = """ decrypted_traffic_mirror: "<your_own_value> (source firewall.decrypted-traffic-mirror.name)" detect_https_in_http_request: "enable" device_ownership: "enable" + diameter_filter_profile: "<your_own_value> (source diameter-filter.profile.name)" disclaimer: "disable" dlp_profile: "<your_own_value> (source dlp.profile.name)" dlp_sensor: "<your_own_value> (source dlp.sensor.name)" dstaddr: - - name: "default_name_21 (source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name firewall.proxy-addrgrp.name firewall + name: "default_name_22 (source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name firewall.proxy-addrgrp.name firewall .vip.name firewall.vipgrp.name system.external-resource.name)" dstaddr_negate: "enable" dstaddr6: - - name: "default_name_24 (source firewall.address6.name firewall.addrgrp6.name firewall.vip6.name firewall.vipgrp6.name system + name: "default_name_25 (source firewall.address6.name firewall.addrgrp6.name firewall.vip6.name firewall.vipgrp6.name system .external-resource.name)" dstintf: - - name: "default_name_26 (source system.interface.name system.zone.name system.sdwan.zone.name)" + name: "default_name_27 (source system.interface.name system.zone.name system.sdwan.zone.name)" emailfilter_profile: "<your_own_value> (source emailfilter.profile.name)" file_filter_profile: "<your_own_value> (source file-filter.profile.name)" global_label: "<your_own_value>" groups: - - name: "default_name_31 (source user.group.name)" + name: "default_name_32 (source user.group.name)" http_tunnel_auth: "enable" icap_profile: "<your_own_value> (source icap.profile.name)" internet_service: "enable" internet_service_custom: - - name: "default_name_36 (source firewall.internet-service-custom.name)" + name: "default_name_37 (source firewall.internet-service-custom.name)" internet_service_custom_group: - - name: "default_name_38 (source firewall.internet-service-custom-group.name)" + name: "default_name_39 (source firewall.internet-service-custom-group.name)" internet_service_group: - - name: "default_name_40 (source firewall.internet-service-group.name)" + name: "default_name_41 (source firewall.internet-service-group.name)" internet_service_id: - - id: "42 (source firewall.internet-service.id)" + id: "43 (source firewall.internet-service.id)" internet_service_name: - - name: "default_name_44 (source firewall.internet-service-name.name)" + name: "default_name_45 (source firewall.internet-service-name.name)" internet_service_negate: "enable" internet_service6: "enable" internet_service6_custom: - - name: "default_name_48 (source firewall.internet-service-custom.name)" + name: "default_name_49 (source firewall.internet-service-custom.name)" internet_service6_custom_group: - - name: "default_name_50 (source firewall.internet-service-custom-group.name)" + name: "default_name_51 (source firewall.internet-service-custom-group.name)" internet_service6_group: - - name: "default_name_52 (source firewall.internet-service-group.name)" + name: "default_name_53 (source firewall.internet-service-group.name)" internet_service6_name: - - name: "default_name_54 (source firewall.internet-service-name.name)" + name: "default_name_55 (source firewall.internet-service-name.name)" internet_service6_negate: "enable" ips_sensor: "<your_own_value> (source ips.sensor.name)" ips_voip_filter: "<your_own_value> (source voip.profile.name)" @@ -750,11 +755,11 @@ EXAMPLES = """ logtraffic: "all" logtraffic_start: "enable" mms_profile: "<your_own_value> (source firewall.mms-profile.name)" - name: "default_name_62" + name: "default_name_63" policyid: "<you_own_value>" poolname: - - name: "default_name_65 (source firewall.ippool.name)" + name: "default_name_66 (source firewall.ippool.name)" profile_group: "<your_own_value> (source firewall.profile-group.name)" profile_protocol_options: "<your_own_value> (source firewall.profile-protocol-options.name)" profile_type: "single" @@ -766,21 +771,21 @@ EXAMPLES = """ sctp_filter_profile: "<your_own_value> (source sctp-filter.profile.name)" service: - - name: "default_name_76 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_77 (source firewall.service.custom.name firewall.service.group.name)" service_negate: "enable" session_ttl: "0" spamfilter_profile: "<your_own_value> (source spamfilter.profile.name)" srcaddr: - - name: "default_name_81 (source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name firewall.proxy-addrgrp.name system + name: "default_name_82 (source firewall.address.name firewall.addrgrp.name firewall.proxy-address.name firewall.proxy-addrgrp.name system .external-resource.name)" srcaddr_negate: "enable" srcaddr6: - - name: "default_name_84 (source firewall.address6.name firewall.addrgrp6.name system.external-resource.name)" + name: "default_name_85 (source firewall.address6.name firewall.addrgrp6.name system.external-resource.name)" srcintf: - - name: "default_name_86 (source system.interface.name system.zone.name system.sdwan.zone.name)" + name: "default_name_87 (source system.interface.name system.zone.name system.sdwan.zone.name)" ssh_filter_profile: "<your_own_value> (source ssh-filter.profile.name)" ssh_policy_redirect: "enable" ssl_ssh_profile: "<your_own_value> (source firewall.ssl-ssh-profile.name)" @@ -788,7 +793,7 @@ EXAMPLES = """ transparent: "enable" users: - - name: "default_name_93 (source user.local.name user.certificate.name)" + name: "default_name_94 (source user.local.name user.certificate.name)" utm_status: "enable" uuid: "<your_own_value>" videofilter_profile: "<your_own_value> (source videofilter.profile.name)" @@ -802,7 +807,7 @@ EXAMPLES = """ webproxy_profile: "<your_own_value> (source web-proxy.profile.name)" ztna_ems_tag: - - name: "default_name_106 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_107 (source firewall.address.name firewall.addrgrp.name)" ztna_tags_match_logic: "or" """ @@ -908,6 +913,7 @@ def filter_firewall_proxy_policy_data(json): "decrypted_traffic_mirror", "detect_https_in_http_request", "device_ownership", + "diameter_filter_profile", "disclaimer", "dlp_profile", "dlp_sensor", @@ -1010,9 +1016,8 @@ def firewall_proxy_policy(data, fos, check_mode=False): state = data["state"] firewall_proxy_policy_data = data["firewall_proxy_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_proxy_policy_data(firewall_proxy_policy_data) - ) + filtered_data = filter_firewall_proxy_policy_data(firewall_proxy_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1076,7 +1081,7 @@ def firewall_proxy_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "proxy-policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "proxy-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -1132,7 +1137,7 @@ versioned_schema = { {"value": "ssh"}, {"value": "ssh-tunnel"}, {"value": "access-proxy", "v_range": [["v7.0.0", ""]]}, - {"value": "wanopt"}, + {"value": "wanopt", "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]]}, ], }, "access_proxy": { @@ -1467,14 +1472,20 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "webcache": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + ], }, "webcache_https": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], + "options": [ + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + ], }, "disclaimer": { "v_range": [["v6.0.0", ""]], @@ -1508,7 +1519,7 @@ versioned_schema = { "application_list": {"v_range": [["v6.0.0", ""]], "type": "string"}, "ips_voip_filter": {"v_range": [["v7.4.0", ""]], "type": "string"}, "sctp_filter_profile": {"v_range": [["v7.0.1", ""]], "type": "string"}, - "virtual_patch_profile": {"v_range": [["v7.4.1", ""]], "type": "string"}, + "diameter_filter_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, "icap_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "cifs_profile": {"v_range": [["v6.2.0", ""]], "type": "string"}, "videofilter_profile": {"v_range": [["v7.0.0", ""]], "type": "string"}, @@ -1534,6 +1545,7 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "virtual_patch_profile": {"v_range": [["v7.4.1", "v7.4.1"]], "type": "string"}, "voip_profile": {"v_range": [["v7.0.0", "v7.2.4"]], "type": "string"}, "dlp_sensor": {"v_range": [["v6.0.0", "v7.0.12"]], "type": "string"}, "internet_service_id": { diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_region.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_region.py index 03d0734dd..2e0c156d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_region.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_region.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,9 +246,8 @@ def firewall_region(data, fos, check_mode=False): state = data["state"] firewall_region_data = data["firewall_region"] - filtered_data = underscore_to_hyphen( - filter_firewall_region_data(firewall_region_data) - ) + filtered_data = filter_firewall_region_data(firewall_region_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -312,7 +311,7 @@ def firewall_region(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "region", data=filtered_data, vdom=vdom) + return fos.set("firewall", "region", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "region", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_group.py index 4163edfac..ab75607c3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -252,9 +252,8 @@ def firewall_schedule_group(data, fos, check_mode=False): state = data["state"] firewall_schedule_group_data = data["firewall_schedule_group"] - filtered_data = underscore_to_hyphen( - filter_firewall_schedule_group_data(firewall_schedule_group_data) - ) + filtered_data = filter_firewall_schedule_group_data(firewall_schedule_group_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -318,7 +317,7 @@ def firewall_schedule_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.schedule", "group", data=filtered_data, vdom=vdom) + return fos.set("firewall.schedule", "group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_onetime.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_onetime.py index c67a03428..394948e8b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_onetime.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_onetime.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -272,9 +272,10 @@ def firewall_schedule_onetime(data, fos, check_mode=False): state = data["state"] firewall_schedule_onetime_data = data["firewall_schedule_onetime"] - filtered_data = underscore_to_hyphen( - filter_firewall_schedule_onetime_data(firewall_schedule_onetime_data) + filtered_data = filter_firewall_schedule_onetime_data( + firewall_schedule_onetime_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -338,7 +339,7 @@ def firewall_schedule_onetime(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.schedule", "onetime", data=filtered_data, vdom=vdom) + return fos.set("firewall.schedule", "onetime", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_recurring.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_recurring.py index 309dc8766..90ac35d95 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_recurring.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_schedule_recurring.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -295,9 +295,10 @@ def firewall_schedule_recurring(data, fos, check_mode=False): firewall_schedule_recurring_data = flatten_multilists_attributes( firewall_schedule_recurring_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_schedule_recurring_data(firewall_schedule_recurring_data) + filtered_data = filter_firewall_schedule_recurring_data( + firewall_schedule_recurring_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -361,7 +362,7 @@ def firewall_schedule_recurring(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.schedule", "recurring", data=filtered_data, vdom=vdom) + return fos.set("firewall.schedule", "recurring", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_security_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_security_policy.py index acf6d793c..86a5af244 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_security_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_security_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -150,6 +150,10 @@ options: description: - Comment. type: str + diameter_filter_profile: + description: + - Name of an existing Diameter filter profile. Source diameter-filter.profile.name. + type: str dlp_profile: description: - Name of an existing DLP profile. Source dlp.profile.name. @@ -772,97 +776,98 @@ EXAMPLES = """ casb_profile: "<your_own_value> (source casb.profile.name)" cifs_profile: "<your_own_value> (source cifs.profile.name)" comments: "<your_own_value>" + diameter_filter_profile: "<your_own_value> (source diameter-filter.profile.name)" dlp_profile: "<your_own_value> (source dlp.profile.name)" dlp_sensor: "<your_own_value> (source dlp.sensor.name)" dnsfilter_profile: "<your_own_value> (source dnsfilter.profile.name)" dstaddr: - - name: "default_name_19 (source firewall.address.name firewall.addrgrp.name firewall.vip.name firewall.vipgrp.name system.external-resource + name: "default_name_20 (source firewall.address.name firewall.addrgrp.name firewall.vip.name firewall.vipgrp.name system.external-resource .name)" dstaddr_negate: "enable" dstaddr4: - - name: "default_name_22 (source firewall.address.name firewall.addrgrp.name firewall.vip.name firewall.vipgrp.name)" + name: "default_name_23 (source firewall.address.name firewall.addrgrp.name firewall.vip.name firewall.vipgrp.name)" dstaddr6: - - name: "default_name_24 (source firewall.address6.name firewall.addrgrp6.name firewall.vip6.name firewall.vipgrp6.name system + name: "default_name_25 (source firewall.address6.name firewall.addrgrp6.name firewall.vip6.name firewall.vipgrp6.name system .external-resource.name)" dstaddr6_negate: "enable" dstintf: - - name: "default_name_27 (source system.interface.name system.zone.name system.sdwan.zone.name)" + name: "default_name_28 (source system.interface.name system.zone.name system.sdwan.zone.name)" emailfilter_profile: "<your_own_value> (source emailfilter.profile.name)" enforce_default_app_port: "enable" file_filter_profile: "<your_own_value> (source file-filter.profile.name)" fsso_groups: - - name: "default_name_32 (source user.adgrp.name)" + name: "default_name_33 (source user.adgrp.name)" global_label: "<your_own_value>" groups: - - name: "default_name_35 (source user.group.name)" + name: "default_name_36 (source user.group.name)" icap_profile: "<your_own_value> (source icap.profile.name)" internet_service: "enable" internet_service_custom: - - name: "default_name_39 (source firewall.internet-service-custom.name)" + name: "default_name_40 (source firewall.internet-service-custom.name)" internet_service_custom_group: - - name: "default_name_41 (source firewall.internet-service-custom-group.name)" + name: "default_name_42 (source firewall.internet-service-custom-group.name)" internet_service_group: - - name: "default_name_43 (source firewall.internet-service-group.name)" + name: "default_name_44 (source firewall.internet-service-group.name)" internet_service_id: - - id: "45 (source firewall.internet-service.id)" + id: "46 (source firewall.internet-service.id)" internet_service_name: - - name: "default_name_47 (source firewall.internet-service-name.name)" + name: "default_name_48 (source firewall.internet-service-name.name)" internet_service_negate: "enable" internet_service_src: "enable" internet_service_src_custom: - - name: "default_name_51 (source firewall.internet-service-custom.name)" + name: "default_name_52 (source firewall.internet-service-custom.name)" internet_service_src_custom_group: - - name: "default_name_53 (source firewall.internet-service-custom-group.name)" + name: "default_name_54 (source firewall.internet-service-custom-group.name)" internet_service_src_group: - - name: "default_name_55 (source firewall.internet-service-group.name)" + name: "default_name_56 (source firewall.internet-service-group.name)" internet_service_src_id: - - id: "57 (source firewall.internet-service.id)" + id: "58 (source firewall.internet-service.id)" internet_service_src_name: - - name: "default_name_59 (source firewall.internet-service-name.name)" + name: "default_name_60 (source firewall.internet-service-name.name)" internet_service_src_negate: "enable" internet_service6: "enable" internet_service6_custom: - - name: "default_name_63 (source firewall.internet-service-custom.name)" + name: "default_name_64 (source firewall.internet-service-custom.name)" internet_service6_custom_group: - - name: "default_name_65 (source firewall.internet-service-custom-group.name)" + name: "default_name_66 (source firewall.internet-service-custom-group.name)" internet_service6_group: - - name: "default_name_67 (source firewall.internet-service-group.name)" + name: "default_name_68 (source firewall.internet-service-group.name)" internet_service6_name: - - name: "default_name_69 (source firewall.internet-service-name.name)" + name: "default_name_70 (source firewall.internet-service-name.name)" internet_service6_negate: "enable" internet_service6_src: "enable" internet_service6_src_custom: - - name: "default_name_73 (source firewall.internet-service-custom.name)" + name: "default_name_74 (source firewall.internet-service-custom.name)" internet_service6_src_custom_group: - - name: "default_name_75 (source firewall.internet-service-custom-group.name)" + name: "default_name_76 (source firewall.internet-service-custom-group.name)" internet_service6_src_group: - - name: "default_name_77 (source firewall.internet-service-group.name)" + name: "default_name_78 (source firewall.internet-service-group.name)" internet_service6_src_name: - - name: "default_name_79 (source firewall.internet-service-name.name)" + name: "default_name_80 (source firewall.internet-service-name.name)" internet_service6_src_negate: "enable" ips_sensor: "<your_own_value> (source ips.sensor.name)" ips_voip_filter: "<your_own_value> (source voip.profile.name)" @@ -870,7 +875,7 @@ EXAMPLES = """ logtraffic: "all" logtraffic_start: "enable" mms_profile: "<your_own_value> (source firewall.mms-profile.name)" - name: "default_name_87" + name: "default_name_88" nat46: "enable" nat64: "enable" policyid: "<you_own_value>" @@ -882,29 +887,29 @@ EXAMPLES = """ send_deny_packet: "disable" service: - - name: "default_name_98 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_99 (source firewall.service.custom.name firewall.service.group.name)" service_negate: "enable" srcaddr: - - name: "default_name_101 (source firewall.address.name firewall.addrgrp.name system.external-resource.name)" + name: "default_name_102 (source firewall.address.name firewall.addrgrp.name system.external-resource.name)" srcaddr_negate: "enable" srcaddr4: - - name: "default_name_104 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_105 (source firewall.address.name firewall.addrgrp.name)" srcaddr6: - - name: "default_name_106 (source firewall.address6.name firewall.addrgrp6.name system.external-resource.name)" + name: "default_name_107 (source firewall.address6.name firewall.addrgrp6.name system.external-resource.name)" srcaddr6_negate: "enable" srcintf: - - name: "default_name_109 (source system.interface.name system.zone.name system.sdwan.zone.name)" + name: "default_name_110 (source system.interface.name system.zone.name system.sdwan.zone.name)" ssh_filter_profile: "<your_own_value> (source ssh-filter.profile.name)" ssl_ssh_profile: "<your_own_value> (source firewall.ssl-ssh-profile.name)" status: "enable" url_category: "<your_own_value>" users: - - name: "default_name_115 (source user.local.name)" + name: "default_name_116 (source user.local.name)" utm_status: "enable" uuid: "<your_own_value>" uuid_idx: "2147483647" @@ -1013,6 +1018,7 @@ def filter_firewall_security_policy_data(json): "casb_profile", "cifs_profile", "comments", + "diameter_filter_profile", "dlp_profile", "dlp_sensor", "dnsfilter_profile", @@ -1154,9 +1160,8 @@ def firewall_security_policy(data, fos, check_mode=False): firewall_security_policy_data = flatten_multilists_attributes( firewall_security_policy_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_security_policy_data(firewall_security_policy_data) - ) + filtered_data = filter_firewall_security_policy_data(firewall_security_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1220,7 +1225,7 @@ def firewall_security_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "security-policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "security-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -1670,6 +1675,7 @@ versioned_schema = { "voip_profile": {"v_range": [["v6.2.0", ""]], "type": "string"}, "ips_voip_filter": {"v_range": [["v7.4.0", ""]], "type": "string"}, "sctp_filter_profile": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "diameter_filter_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, "virtual_patch_profile": {"v_range": [["v7.4.1", ""]], "type": "string"}, "icap_profile": {"v_range": [["v6.2.0", ""]], "type": "string"}, "cifs_profile": {"v_range": [["v6.2.0", ""]], "type": "string"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_category.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_category.py index c2ca20285..ed37ecd67 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_category.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_category.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -238,9 +238,10 @@ def firewall_service_category(data, fos, check_mode=False): state = data["state"] firewall_service_category_data = data["firewall_service_category"] - filtered_data = underscore_to_hyphen( - filter_firewall_service_category_data(firewall_service_category_data) + filtered_data = filter_firewall_service_category_data( + firewall_service_category_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -304,7 +305,7 @@ def firewall_service_category(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.service", "category", data=filtered_data, vdom=vdom) + return fos.set("firewall.service", "category", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_custom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_custom.py index a68aed381..42d7c54d4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_custom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_custom.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,6 +254,10 @@ options: description: - Multiple UDP port ranges. type: str + uuid: + description: + - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). + type: str visibility: description: - Enable/disable the visibility of the service on the GUI. @@ -300,6 +304,7 @@ EXAMPLES = """ tcp_timewait_timer: "0" udp_idle_timer: "0" udp_portrange: "<your_own_value>" + uuid: "<your_own_value>" visibility: "enable" """ @@ -419,6 +424,7 @@ def filter_firewall_service_custom_data(json): "tcp_timewait_timer", "udp_idle_timer", "udp_portrange", + "uuid", "visibility", ] @@ -451,9 +457,8 @@ def firewall_service_custom(data, fos, check_mode=False): state = data["state"] firewall_service_custom_data = data["firewall_service_custom"] - filtered_data = underscore_to_hyphen( - filter_firewall_service_custom_data(firewall_service_custom_data) - ) + filtered_data = filter_firewall_service_custom_data(firewall_service_custom_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -517,7 +522,7 @@ def firewall_service_custom(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.service", "custom", data=filtered_data, vdom=vdom) + return fos.set("firewall.service", "custom", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -561,6 +566,7 @@ versioned_schema = { "elements": "dict", "children": { "name": {"v_range": [["v6.0.0", ""]], "type": "string", "required": True}, + "uuid": {"v_range": [["v7.4.2", ""]], "type": "string"}, "proxy": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -606,19 +612,35 @@ versioned_schema = { {"value": "mgcp"}, { "value": "gtp-c", - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "gtp-u", - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "gtp-b", - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "pfcp", - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v7.0.1", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, ], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_group.py index b952b84d8..34bca3348 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_service_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -126,6 +126,10 @@ options: choices: - 'enable' - 'disable' + uuid: + description: + - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). + type: str """ EXAMPLES = """ @@ -143,6 +147,7 @@ EXAMPLES = """ name: "default_name_7 (source firewall.service.custom.name firewall.service.group.name)" name: "default_name_8" proxy: "enable" + uuid: "<your_own_value>" """ RETURN = """ @@ -234,7 +239,15 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.compariso def filter_firewall_service_group_data(json): - option_list = ["color", "comment", "fabric_object", "member", "name", "proxy"] + option_list = [ + "color", + "comment", + "fabric_object", + "member", + "name", + "proxy", + "uuid", + ] json = remove_invalid_fields(json) dictionary = {} @@ -265,9 +278,8 @@ def firewall_service_group(data, fos, check_mode=False): state = data["state"] firewall_service_group_data = data["firewall_service_group"] - filtered_data = underscore_to_hyphen( - filter_firewall_service_group_data(firewall_service_group_data) - ) + filtered_data = filter_firewall_service_group_data(firewall_service_group_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -331,7 +343,7 @@ def firewall_service_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.service", "group", data=filtered_data, vdom=vdom) + return fos.set("firewall.service", "group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -375,6 +387,7 @@ versioned_schema = { "elements": "dict", "children": { "name": {"v_range": [["v6.0.0", ""]], "type": "string", "required": True}, + "uuid": {"v_range": [["v7.4.2", ""]], "type": "string"}, "proxy": { "v_range": [["v6.0.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_per_ip_shaper.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_per_ip_shaper.py index c74879d90..c4bca8e19 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_per_ip_shaper.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_per_ip_shaper.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -291,9 +291,10 @@ def firewall_shaper_per_ip_shaper(data, fos, check_mode=False): state = data["state"] firewall_shaper_per_ip_shaper_data = data["firewall_shaper_per_ip_shaper"] - filtered_data = underscore_to_hyphen( - filter_firewall_shaper_per_ip_shaper_data(firewall_shaper_per_ip_shaper_data) + filtered_data = filter_firewall_shaper_per_ip_shaper_data( + firewall_shaper_per_ip_shaper_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -360,7 +361,7 @@ def firewall_shaper_per_ip_shaper(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall.shaper", "per-ip-shaper", data=filtered_data, vdom=vdom + "firewall.shaper", "per-ip-shaper", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_traffic_shaper.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_traffic_shaper.py index 95478eea6..838f4c075 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_traffic_shaper.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaper_traffic_shaper.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -359,9 +359,10 @@ def firewall_shaper_traffic_shaper(data, fos, check_mode=False): state = data["state"] firewall_shaper_traffic_shaper_data = data["firewall_shaper_traffic_shaper"] - filtered_data = underscore_to_hyphen( - filter_firewall_shaper_traffic_shaper_data(firewall_shaper_traffic_shaper_data) + filtered_data = filter_firewall_shaper_traffic_shaper_data( + firewall_shaper_traffic_shaper_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -430,7 +431,7 @@ def firewall_shaper_traffic_shaper(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall.shaper", "traffic-shaper", data=filtered_data, vdom=vdom + "firewall.shaper", "traffic-shaper", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_policy.py index 76fde19ce..d3279654f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_policy.py @@ -42,7 +42,7 @@ notes: - Only one of [after, before] must be specified when action is moving an object. requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -751,9 +751,8 @@ def firewall_shaping_policy(data, fos, check_mode=False): state = data["state"] firewall_shaping_policy_data = data["firewall_shaping_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_shaping_policy_data(firewall_shaping_policy_data) - ) + filtered_data = filter_firewall_shaping_policy_data(firewall_shaping_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -817,7 +816,7 @@ def firewall_shaping_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "shaping-policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "shaping-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_profile.py index ef1951557..acd7ad754 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_shaping_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -319,9 +319,8 @@ def firewall_shaping_profile(data, fos, check_mode=False): state = data["state"] firewall_shaping_profile_data = data["firewall_shaping_profile"] - filtered_data = underscore_to_hyphen( - filter_firewall_shaping_profile_data(firewall_shaping_profile_data) - ) + filtered_data = filter_firewall_shaping_profile_data(firewall_shaping_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -385,7 +384,7 @@ def firewall_shaping_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "shaping-profile", data=filtered_data, vdom=vdom) + return fos.set("firewall", "shaping-profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_sniffer.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_sniffer.py index 1faa6bebd..2a645f373 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_sniffer.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_sniffer.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -141,6 +141,92 @@ options: choices: - 'disable' - 'enable' + synproxy_tcp_mss: + description: + - Determine TCP maximum segment size (MSS) value for packets replied by syn proxy module. + type: str + choices: + - '0' + - '256' + - '512' + - '1024' + - '1300' + - '1360' + - '1460' + - '1500' + synproxy_tcp_sack: + description: + - enable/disable TCP selective acknowledage (SACK) for packets replied by syn proxy module. + type: str + choices: + - 'enable' + - 'disable' + synproxy_tcp_timestamp: + description: + - enable/disable TCP timestamp option for packets replied by syn proxy module. + type: str + choices: + - 'enable' + - 'disable' + synproxy_tcp_window: + description: + - Determine TCP Window size for packets replied by syn proxy module. + type: str + choices: + - '4096' + - '8192' + - '16384' + - '32768' + synproxy_tcp_windowscale: + description: + - Determine TCP window scale option value for packets replied by syn proxy module. + type: str + choices: + - '0' + - '1' + - '2' + - '3' + - '4' + - '5' + - '6' + - '7' + - '8' + - '9' + - '10' + - '11' + - '12' + - '13' + - '14' + synproxy_tos: + description: + - Determine TCP differentiated services code point value (type of service). + type: str + choices: + - '0' + - '10' + - '12' + - '14' + - '18' + - '20' + - '22' + - '26' + - '28' + - '30' + - '34' + - '36' + - '38' + - '40' + - '46' + - '255' + synproxy_ttl: + description: + - Determine Time to live (TTL) value for packets replied by syn proxy module. + type: str + choices: + - '32' + - '64' + - '128' + - '255' threshold: description: - Anomaly threshold. Number of detected instances (packets per second or concurrent session number) that triggers the anomaly @@ -344,6 +430,10 @@ options: choices: - 'enable' - 'disable' + uuid: + description: + - Universally Unique Identifier (UUID; automatically assigned but can be manually reset). + type: str vlan: description: - List of VLANs to sniff. @@ -377,6 +467,13 @@ EXAMPLES = """ quarantine_expiry: "<your_own_value>" quarantine_log: "disable" status: "disable" + synproxy_tcp_mss: "0" + synproxy_tcp_sack: "enable" + synproxy_tcp_timestamp: "enable" + synproxy_tcp_window: "4096" + synproxy_tcp_windowscale: "0" + synproxy_tos: "0" + synproxy_ttl: "32" threshold: "0" threshold_default: "0" application_list: "<your_own_value> (source application.list.name)" @@ -395,11 +492,11 @@ EXAMPLES = """ file_filter_profile: "<your_own_value> (source file-filter.profile.name)" file_filter_profile_status: "enable" host: "myhostname" - id: "29" + id: "36" interface: "<your_own_value> (source system.interface.name)" ip_threatfeed: - - name: "default_name_32 (source system.external-resource.name)" + name: "default_name_39 (source system.external-resource.name)" ip_threatfeed_status: "enable" ips_dos_status: "enable" ips_sensor: "<your_own_value> (source ips.sensor.name)" @@ -414,6 +511,7 @@ EXAMPLES = """ spamfilter_profile: "<your_own_value> (source spamfilter.profile.name)" spamfilter_profile_status: "enable" status: "enable" + uuid: "<your_own_value>" vlan: "<your_own_value>" webfilter_profile: "<your_own_value> (source webfilter.profile.name)" webfilter_profile_status: "enable" @@ -543,6 +641,7 @@ def filter_firewall_sniffer_data(json): "spamfilter_profile", "spamfilter_profile_status", "status", + "uuid", "vlan", "webfilter_profile", "webfilter_profile_status", @@ -572,9 +671,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"threshold(default)": "threshold_default"} + speciallist = {"threshold(default)": "threshold_default"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -583,8 +682,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -600,10 +702,8 @@ def firewall_sniffer(data, fos, check_mode=False): state = data["state"] firewall_sniffer_data = data["firewall_sniffer"] - filtered_data = underscore_to_hyphen( - filter_firewall_sniffer_data(firewall_sniffer_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_firewall_sniffer_data(firewall_sniffer_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: @@ -709,6 +809,7 @@ versioned_schema = { "elements": "dict", "children": { "id": {"v_range": [["v6.0.0", ""]], "type": "integer", "required": True}, + "uuid": {"v_range": [["v7.4.2", ""]], "type": "string"}, "status": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -760,12 +861,6 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "av_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "casb_profile_status": { - "v_range": [["v7.4.1", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, - "casb_profile": {"v_range": [["v7.4.1", ""]], "type": "string"}, "webfilter_profile_status": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -852,6 +947,93 @@ versioned_schema = { "options": [{"value": "disable"}, {"value": "enable"}], }, "threshold": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "synproxy_ttl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "32"}, + {"value": "64"}, + {"value": "128"}, + {"value": "255"}, + ], + }, + "synproxy_tos": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "10"}, + {"value": "12"}, + {"value": "14"}, + {"value": "18"}, + {"value": "20"}, + {"value": "22"}, + {"value": "26"}, + {"value": "28"}, + {"value": "30"}, + {"value": "34"}, + {"value": "36"}, + {"value": "38"}, + {"value": "40"}, + {"value": "46"}, + {"value": "255"}, + ], + }, + "synproxy_tcp_mss": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "256"}, + {"value": "512"}, + {"value": "1024"}, + {"value": "1300"}, + {"value": "1360"}, + {"value": "1460"}, + {"value": "1500"}, + ], + }, + "synproxy_tcp_sack": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "synproxy_tcp_timestamp": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "synproxy_tcp_window": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "4096"}, + {"value": "8192"}, + {"value": "16384"}, + {"value": "32768"}, + ], + }, + "synproxy_tcp_windowscale": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "0"}, + {"value": "1"}, + {"value": "2"}, + {"value": "3"}, + {"value": "4"}, + {"value": "5"}, + {"value": "6"}, + {"value": "7"}, + {"value": "8"}, + {"value": "9"}, + {"value": "10"}, + {"value": "11"}, + {"value": "12"}, + {"value": "13"}, + {"value": "14"}, + ], + }, "threshold_default": { "v_range": [["v6.0.0", "v7.0.5"], ["v7.2.0", "v7.2.0"]], "type": "integer", @@ -859,6 +1041,12 @@ versioned_schema = { }, "v_range": [["v6.0.0", ""]], }, + "casb_profile_status": { + "v_range": [["v7.4.1", "v7.4.1"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "casb_profile": {"v_range": [["v7.4.1", "v7.4.1"]], "type": "string"}, "dlp_sensor_status": { "v_range": [["v6.0.0", "v7.0.12"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_host_key.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_host_key.py index 73b601ccf..53b66adbd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_host_key.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_host_key.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -294,9 +294,8 @@ def firewall_ssh_host_key(data, fos, check_mode=False): state = data["state"] firewall_ssh_host_key_data = data["firewall_ssh_host_key"] - filtered_data = underscore_to_hyphen( - filter_firewall_ssh_host_key_data(firewall_ssh_host_key_data) - ) + filtered_data = filter_firewall_ssh_host_key_data(firewall_ssh_host_key_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -360,7 +359,7 @@ def firewall_ssh_host_key(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.ssh", "host-key", data=filtered_data, vdom=vdom) + return fos.set("firewall.ssh", "host-key", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_ca.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_ca.py index cd4e55c89..63a7da52f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_ca.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_ca.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -248,9 +248,8 @@ def firewall_ssh_local_ca(data, fos, check_mode=False): state = data["state"] firewall_ssh_local_ca_data = data["firewall_ssh_local_ca"] - filtered_data = underscore_to_hyphen( - filter_firewall_ssh_local_ca_data(firewall_ssh_local_ca_data) - ) + filtered_data = filter_firewall_ssh_local_ca_data(firewall_ssh_local_ca_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -314,7 +313,7 @@ def firewall_ssh_local_ca(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.ssh", "local-ca", data=filtered_data, vdom=vdom) + return fos.set("firewall.ssh", "local-ca", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_key.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_key.py index fd3d483de..fb6ef65d7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_key.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_local_key.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -248,9 +248,8 @@ def firewall_ssh_local_key(data, fos, check_mode=False): state = data["state"] firewall_ssh_local_key_data = data["firewall_ssh_local_key"] - filtered_data = underscore_to_hyphen( - filter_firewall_ssh_local_key_data(firewall_ssh_local_key_data) - ) + filtered_data = filter_firewall_ssh_local_key_data(firewall_ssh_local_key_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -314,7 +313,7 @@ def firewall_ssh_local_key(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.ssh", "local-key", data=filtered_data, vdom=vdom) + return fos.set("firewall.ssh", "local-key", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_setting.py index ac50dc13d..55092662e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssh_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -255,11 +255,10 @@ def underscore_to_hyphen(data): def firewall_ssh_setting(data, fos): vdom = data["vdom"] firewall_ssh_setting_data = data["firewall_ssh_setting"] - filtered_data = underscore_to_hyphen( - filter_firewall_ssh_setting_data(firewall_ssh_setting_data) - ) + filtered_data = filter_firewall_ssh_setting_data(firewall_ssh_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("firewall.ssh", "setting", data=filtered_data, vdom=vdom) + return fos.set("firewall.ssh", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_server.py index c98d4f1c2..fa3f6b118 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -124,6 +124,18 @@ options: description: - Name of certificate for SSL connections to this server . Source vpn.certificate.local.name. type: str + ssl_cert_dict: + description: + - List of certificate names to use for SSL connections to this server. . Use the parameter ssl_cert if the fortiOS firmware version <= 7.4 + .1 + type: list + elements: dict + suboptions: + name: + description: + - Certificate list. Source vpn.certificate.local.name. + required: true + type: str ssl_client_renegotiation: description: - Allow or block client renegotiation by server. @@ -196,6 +208,9 @@ EXAMPLES = """ port: "443" ssl_algorithm: "high" ssl_cert: "<your_own_value> (source vpn.certificate.local.name)" + ssl_cert_dict: + - + name: "default_name_11 (source vpn.certificate.local.name)" ssl_client_renegotiation: "allow" ssl_dh_bits: "768" ssl_max_version: "tls-1.0" @@ -302,6 +317,7 @@ def filter_firewall_ssl_server_data(json): "port", "ssl_algorithm", "ssl_cert", + "ssl_cert_dict", "ssl_client_renegotiation", "ssl_dh_bits", "ssl_max_version", @@ -334,15 +350,39 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"ssl-cert-dict": "ssl-cert"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def firewall_ssl_server(data, fos, check_mode=False): vdom = data["vdom"] state = data["state"] firewall_ssl_server_data = data["firewall_ssl_server"] - filtered_data = underscore_to_hyphen( - filter_firewall_ssl_server_data(firewall_ssl_server_data) - ) + filtered_data = filter_firewall_ssl_server_data(firewall_ssl_server_data) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) # check_mode starts from here if check_mode: @@ -406,7 +446,7 @@ def firewall_ssl_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "ssl-server", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ssl-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -463,7 +503,18 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "mapped_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "ssl_cert": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "ssl_cert_dict": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "ssl_dh_bits": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -514,6 +565,7 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "ssl_cert": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_setting.py index 86b3d92cf..c2388376d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,11 +278,10 @@ def underscore_to_hyphen(data): def firewall_ssl_setting(data, fos): vdom = data["vdom"] firewall_ssl_setting_data = data["firewall_ssl_setting"] - filtered_data = underscore_to_hyphen( - filter_firewall_ssl_setting_data(firewall_ssl_setting_data) - ) + filtered_data = filter_firewall_ssl_setting_data(firewall_ssl_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("firewall.ssl", "setting", data=filtered_data, vdom=vdom) + return fos.set("firewall.ssl", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_ssh_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_ssh_profile.py index fac1f496e..3b14ef1ad 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_ssh_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ssl_ssh_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -163,9 +163,12 @@ options: - 'disable' quic: description: - - Enable/disable QUIC inspection . + - QUIC inspection status . type: str choices: + - 'inspect' + - 'bypass' + - 'block' - 'disable' - 'enable' revoked_server_cert: @@ -454,9 +457,12 @@ options: - 'disable' quic: description: - - Enable/disable QUIC inspection . + - QUIC inspection status . type: str choices: + - 'inspect' + - 'bypass' + - 'block' - 'disable' - 'enable' revoked_server_cert: @@ -1446,7 +1452,7 @@ EXAMPLES = """ client_certificate: "bypass" expired_server_cert: "allow" proxy_after_tcp_handshake: "enable" - quic: "disable" + quic: "inspect" revoked_server_cert: "allow" sni_server_cert_check: "enable" status: "disable" @@ -1485,7 +1491,7 @@ EXAMPLES = """ min_allowed_ssl_version: "ssl-3.0" ports: "<your_own_value>" proxy_after_tcp_handshake: "enable" - quic: "disable" + quic: "inspect" revoked_server_cert: "allow" sni_server_cert_check: "enable" status: "disable" @@ -1816,9 +1822,8 @@ def firewall_ssl_ssh_profile(data, fos, check_mode=False): firewall_ssl_ssh_profile_data = flatten_multilists_attributes( firewall_ssl_ssh_profile_data ) - filtered_data = underscore_to_hyphen( - filter_firewall_ssl_ssh_profile_data(firewall_ssl_ssh_profile_data) - ) + filtered_data = filter_firewall_ssl_ssh_profile_data(firewall_ssl_ssh_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1882,7 +1887,7 @@ def firewall_ssl_ssh_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "ssl-ssh-profile", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ssl-ssh-profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -2101,7 +2106,13 @@ versioned_schema = { "quic": { "v_range": [["v7.4.1", ""]], "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], + "options": [ + {"value": "inspect", "v_range": [["v7.4.2", ""]]}, + {"value": "bypass", "v_range": [["v7.4.2", ""]]}, + {"value": "block", "v_range": [["v7.4.2", ""]]}, + {"value": "disable", "v_range": [["v7.4.1", "v7.4.1"]]}, + {"value": "enable", "v_range": [["v7.4.1", "v7.4.1"]]}, + ], }, "proxy_after_tcp_handshake": { "v_range": [["v6.4.0", ""]], @@ -2874,7 +2885,13 @@ versioned_schema = { "quic": { "v_range": [["v7.4.1", ""]], "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], + "options": [ + {"value": "inspect", "v_range": [["v7.4.2", ""]]}, + {"value": "bypass", "v_range": [["v7.4.2", ""]]}, + {"value": "block", "v_range": [["v7.4.2", ""]]}, + {"value": "disable", "v_range": [["v7.4.1", "v7.4.1"]]}, + {"value": "enable", "v_range": [["v7.4.1", "v7.4.1"]]}, + ], }, "proxy_after_tcp_handshake": { "v_range": [["v7.0.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_traffic_class.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_traffic_class.py index 3e70b17ac..536d42d8a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_traffic_class.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_traffic_class.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,9 +232,8 @@ def firewall_traffic_class(data, fos, check_mode=False): state = data["state"] firewall_traffic_class_data = data["firewall_traffic_class"] - filtered_data = underscore_to_hyphen( - filter_firewall_traffic_class_data(firewall_traffic_class_data) - ) + filtered_data = filter_firewall_traffic_class_data(firewall_traffic_class_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -298,7 +297,7 @@ def firewall_traffic_class(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "traffic-class", data=filtered_data, vdom=vdom) + return fos.set("firewall", "traffic-class", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ttl_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ttl_policy.py index 3922cbf4e..dcb174070 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ttl_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_ttl_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -296,9 +296,8 @@ def firewall_ttl_policy(data, fos, check_mode=False): state = data["state"] firewall_ttl_policy_data = data["firewall_ttl_policy"] - filtered_data = underscore_to_hyphen( - filter_firewall_ttl_policy_data(firewall_ttl_policy_data) - ) + filtered_data = filter_firewall_ttl_policy_data(firewall_ttl_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -362,7 +361,7 @@ def firewall_ttl_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "ttl-policy", data=filtered_data, vdom=vdom) + return fos.set("firewall", "ttl-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "ttl-policy", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vendor_mac.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vendor_mac.py index 6dc0b3d14..d21b53aa3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vendor_mac.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vendor_mac.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,9 +242,8 @@ def firewall_vendor_mac(data, fos, check_mode=False): state = data["state"] firewall_vendor_mac_data = data["firewall_vendor_mac"] - filtered_data = underscore_to_hyphen( - filter_firewall_vendor_mac_data(firewall_vendor_mac_data) - ) + filtered_data = filter_firewall_vendor_mac_data(firewall_vendor_mac_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -308,7 +307,7 @@ def firewall_vendor_mac(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vendor-mac", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vendor-mac", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vendor-mac", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip.py index a26b5db44..43d2a811c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -142,6 +142,29 @@ options: description: - Enable to have the VIP send gratuitous ARPs. 0=disabled. Set from 5 up to 8640000 seconds to enable. type: int + gslb_domain_name: + description: + - Domain to use when integrating with FortiGSLB. + type: str + gslb_hostname: + description: + - Hostname to use within the configured FortiGSLB domain. + type: str + gslb_public_ips: + description: + - Publicly accessible IP addresses for the FortiGSLB service. + type: list + elements: dict + suboptions: + index: + description: + - Index of this public IP setting. see <a href='#notes'>Notes</a>. + required: true + type: int + ip: + description: + - The publicly accessible IP address. + type: str h2_support: description: - Enable/disable HTTP2 support . @@ -323,6 +346,13 @@ options: choices: - 'disable' - 'enable' + one_click_gslb_server: + description: + - Enable/disable one click GSLB server integration with FortiGSLB. + type: str + choices: + - 'disable' + - 'enable' outlook_web_access: description: - Enable to add the Front-End-Https header for Microsoft Outlook Web Access. @@ -557,6 +587,17 @@ options: description: - The name of the certificate to use for SSL handshake. Source vpn.certificate.local.name. type: str + ssl_certificate_dict: + description: + - Name of the certificate to use for SSL handshake. Use the parameter ssl-certificate instead if the fortiOS firmwear <= 7.4.1 + type: list + elements: dict + suboptions: + name: + description: + - Certificate list. Source vpn.certificate.local.name. + required: true + type: str ssl_cipher_suites: description: - SSL/TLS cipher suites acceptable from a client, ordered by priority. @@ -1020,6 +1061,12 @@ EXAMPLES = """ extip: "<your_own_value>" extport: "<your_own_value>" gratuitous_arp_interval: "0" + gslb_domain_name: "<your_own_value>" + gslb_hostname: "myhostname" + gslb_public_ips: + - + index: "<you_own_value>" + ip: "<your_own_value>" h2_support: "enable" h3_support: "enable" http_cookie_age: "60" @@ -1037,7 +1084,7 @@ EXAMPLES = """ http_redirect: "enable" http_supported_max_version: "http1" https_cookie_secure: "disable" - id: "31" + id: "36" ipv6_mappedip: "<your_own_value>" ipv6_mappedport: "<your_own_value>" ldb_method: "static" @@ -1049,11 +1096,12 @@ EXAMPLES = """ max_embryonic_connections: "1000" monitor: - - name: "default_name_41 (source firewall.ldb-monitor.name)" - name: "default_name_42" + name: "default_name_46 (source firewall.ldb-monitor.name)" + name: "default_name_47" nat_source_vip: "disable" nat44: "disable" nat46: "disable" + one_click_gslb_server: "disable" outlook_web_access: "disable" persistence: "none" portforward: "disable" @@ -1075,12 +1123,12 @@ EXAMPLES = """ healthcheck: "disable" holddown_interval: "300" http_host: "myhostname" - id: "66" + id: "72" ip: "<your_own_value>" max_connections: "0" monitor: - - name: "default_name_70 (source firewall.ldb-monitor.name)" + name: "default_name_76 (source firewall.ldb-monitor.name)" port: "0" status: "active" translate_host: "enable" @@ -1089,7 +1137,7 @@ EXAMPLES = """ server_type: "http" service: - - name: "default_name_78 (source firewall.service.custom.name firewall.service.group.name)" + name: "default_name_84 (source firewall.service.custom.name firewall.service.group.name)" src_filter: - range: "<your_own_value>" @@ -1099,6 +1147,9 @@ EXAMPLES = """ ssl_accept_ffdhe_groups: "enable" ssl_algorithm: "high" ssl_certificate: "<your_own_value> (source vpn.certificate.local.name)" + ssl_certificate_dict: + - + name: "default_name_93 (source vpn.certificate.local.name)" ssl_cipher_suites: - cipher: "TLS-AES-128-GCM-SHA256" @@ -1246,6 +1297,9 @@ def filter_firewall_vip_data(json): "extip", "extport", "gratuitous_arp_interval", + "gslb_domain_name", + "gslb_hostname", + "gslb_public_ips", "h2_support", "h3_support", "http_cookie_age", @@ -1276,6 +1330,7 @@ def filter_firewall_vip_data(json): "nat_source_vip", "nat44", "nat46", + "one_click_gslb_server", "outlook_web_access", "persistence", "portforward", @@ -1290,6 +1345,7 @@ def filter_firewall_vip_data(json): "ssl_accept_ffdhe_groups", "ssl_algorithm", "ssl_certificate", + "ssl_certificate_dict", "ssl_cipher_suites", "ssl_client_fallback", "ssl_client_rekey_count", @@ -1382,6 +1438,30 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"ssl-certificate-dict": "ssl-certificate"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def firewall_vip(data, fos, check_mode=False): vdom = data["vdom"] @@ -1389,7 +1469,9 @@ def firewall_vip(data, fos, check_mode=False): firewall_vip_data = data["firewall_vip"] firewall_vip_data = flatten_multilists_attributes(firewall_vip_data) - filtered_data = underscore_to_hyphen(filter_firewall_vip_data(firewall_vip_data)) + filtered_data = filter_firewall_vip_data(firewall_vip_data) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) # check_mode starts from here if check_mode: @@ -1453,7 +1535,7 @@ def firewall_vip(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vip", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vip", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vip", mkey=filtered_data["name"], vdom=vdom) @@ -1827,7 +1909,18 @@ versioned_schema = { "type": "string", "options": [{"value": "half"}, {"value": "full"}], }, - "ssl_certificate": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "ssl_certificate_dict": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "ssl_dh_bits": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -2257,6 +2350,27 @@ versioned_schema = { "color": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "ipv6_mappedip": {"v_range": [["v7.0.1", ""]], "type": "string"}, "ipv6_mappedport": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "one_click_gslb_server": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "gslb_hostname": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "gslb_domain_name": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "gslb_public_ips": { + "type": "list", + "elements": "dict", + "children": { + "index": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + "required": True, + }, + "ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + }, + "v_range": [["v7.4.2", ""]], + }, + "ssl_certificate": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, "http_supported_max_version": { "v_range": [["v7.2.4", "v7.4.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip46.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip46.py index 6eedf95d5..5abeb7d2a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip46.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip46.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -457,9 +457,8 @@ def firewall_vip46(data, fos, check_mode=False): state = data["state"] firewall_vip46_data = data["firewall_vip46"] - filtered_data = underscore_to_hyphen( - filter_firewall_vip46_data(firewall_vip46_data) - ) + filtered_data = filter_firewall_vip46_data(firewall_vip46_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -523,7 +522,7 @@ def firewall_vip46(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vip46", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vip46", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vip46", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip6.py index 916d93599..dc3343463 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -125,6 +125,20 @@ options: description: - Incoming port number range that you want to map to a port number range on the destination network. type: str + h2_support: + description: + - Enable/disable HTTP2 support . + type: str + choices: + - 'enable' + - 'disable' + h3_support: + description: + - Enable/disable HTTP3/QUIC support . + type: str + choices: + - 'enable' + - 'disable' http_cookie_age: description: - Time in minutes that client web browsers should keep a cookie. Default is 60 minutes. 0 = no time limit. @@ -299,6 +313,49 @@ options: - 'tcp' - 'udp' - 'sctp' + quic: + description: + - QUIC setting. + type: dict + suboptions: + ack_delay_exponent: + description: + - ACK delay exponent (1 - 20). + type: int + active_connection_id_limit: + description: + - Active connection ID limit (1 - 8). + type: int + active_migration: + description: + - Enable/disable active migration . + type: str + choices: + - 'enable' + - 'disable' + grease_quic_bit: + description: + - Enable/disable grease QUIC bit . + type: str + choices: + - 'enable' + - 'disable' + max_ack_delay: + description: + - Maximum ACK delay in milliseconds (1 - 16383). + type: int + max_datagram_frame_size: + description: + - Maximum datagram frame size in bytes (1 - 1500). + type: int + max_idle_timeout: + description: + - Maximum idle timeout milliseconds (1 - 60000). + type: int + max_udp_payload_size: + description: + - Maximum UDP payload size in bytes (1200 - 1500). + type: int realservers: description: - Select the real servers that this server load balancing VIP will distribute traffic to. @@ -418,6 +475,17 @@ options: description: - The name of the certificate to use for SSL handshake. Source vpn.certificate.local.name. type: str + ssl_certificate_dict: + description: + - Name of the certificate to use for SSL handshake. Use the parameter ssl-certificate instead if the fortiOS firmwear <= 7.4.1 + type: list + elements: dict + suboptions: + name: + description: + - Certificate list. Source vpn.certificate.local.name. + required: true + type: str ssl_cipher_suites: description: - SSL/TLS cipher suites acceptable from a client, ordered by priority. @@ -866,6 +934,8 @@ EXAMPLES = """ embedded_ipv4_address: "disable" extip: "<your_own_value>" extport: "<your_own_value>" + h2_support: "enable" + h3_support: "enable" http_cookie_age: "60" http_cookie_domain: "<your_own_value>" http_cookie_domain_from_host: "disable" @@ -877,7 +947,7 @@ EXAMPLES = """ http_multiplex: "enable" http_redirect: "enable" https_cookie_secure: "disable" - id: "21" + id: "23" ipv4_mappedip: "<your_own_value>" ipv4_mappedport: "<your_own_value>" ldb_method: "static" @@ -886,8 +956,8 @@ EXAMPLES = """ max_embryonic_connections: "1000" monitor: - - name: "default_name_29 (source firewall.ldb-monitor.name)" - name: "default_name_30" + name: "default_name_31 (source firewall.ldb-monitor.name)" + name: "default_name_32" nat_source_vip: "disable" nat64: "disable" nat66: "disable" @@ -896,18 +966,27 @@ EXAMPLES = """ persistence: "none" portforward: "disable" protocol: "tcp" + quic: + ack_delay_exponent: "3" + active_connection_id_limit: "2" + active_migration: "enable" + grease_quic_bit: "enable" + max_ack_delay: "25" + max_datagram_frame_size: "1500" + max_idle_timeout: "30000" + max_udp_payload_size: "1500" realservers: - client_ip: "<your_own_value>" healthcheck: "disable" holddown_interval: "300" http_host: "myhostname" - id: "44" + id: "55" ip: "<your_own_value>" max_connections: "0" monitor: - - name: "default_name_48 (source firewall.ldb-monitor.name)" + name: "default_name_59 (source firewall.ldb-monitor.name)" port: "0" status: "active" translate_host: "enable" @@ -919,6 +998,9 @@ EXAMPLES = """ ssl_accept_ffdhe_groups: "enable" ssl_algorithm: "high" ssl_certificate: "<your_own_value> (source vpn.certificate.local.name)" + ssl_certificate_dict: + - + name: "default_name_71 (source vpn.certificate.local.name)" ssl_cipher_suites: - cipher: "TLS-AES-128-GCM-SHA256" @@ -1062,6 +1144,8 @@ def filter_firewall_vip6_data(json): "embedded_ipv4_address", "extip", "extport", + "h2_support", + "h3_support", "http_cookie_age", "http_cookie_domain", "http_cookie_domain_from_host", @@ -1090,12 +1174,14 @@ def filter_firewall_vip6_data(json): "persistence", "portforward", "protocol", + "quic", "realservers", "server_type", "src_filter", "ssl_accept_ffdhe_groups", "ssl_algorithm", "ssl_certificate", + "ssl_certificate_dict", "ssl_cipher_suites", "ssl_client_fallback", "ssl_client_rekey_count", @@ -1187,6 +1273,30 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"ssl-certificate-dict": "ssl-certificate"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def firewall_vip6(data, fos, check_mode=False): vdom = data["vdom"] @@ -1194,7 +1304,9 @@ def firewall_vip6(data, fos, check_mode=False): firewall_vip6_data = data["firewall_vip6"] firewall_vip6_data = flatten_multilists_attributes(firewall_vip6_data) - filtered_data = underscore_to_hyphen(filter_firewall_vip6_data(firewall_vip6_data)) + filtered_data = filter_firewall_vip6_data(firewall_vip6_data) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) # check_mode starts from here if check_mode: @@ -1258,7 +1370,7 @@ def firewall_vip6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vip6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vip6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vip6", mkey=filtered_data["name"], vdom=vdom) @@ -1391,6 +1503,47 @@ versioned_schema = { {"value": "ssl-session-id"}, ], }, + "h2_support": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "h3_support": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "quic": { + "v_range": [["v7.4.2", ""]], + "type": "dict", + "children": { + "max_idle_timeout": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "max_udp_payload_size": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, + "active_connection_id_limit": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, + "ack_delay_exponent": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "max_ack_delay": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "max_datagram_frame_size": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, + "active_migration": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "grease_quic_bit": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + }, + }, "nat66": { "v_range": [["v7.0.1", ""]], "type": "string", @@ -1510,7 +1663,18 @@ versioned_schema = { "type": "string", "options": [{"value": "half"}, {"value": "full"}], }, - "ssl_certificate": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "ssl_certificate_dict": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "ssl_dh_bits": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -1944,6 +2108,7 @@ versioned_schema = { }, "ipv4_mappedip": {"v_range": [["v7.0.1", ""]], "type": "string"}, "ipv4_mappedport": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "ssl_certificate": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, "arp_reply": { "v_range": [["v6.0.0", "v7.0.7"], ["v7.2.0", "v7.2.2"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip64.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip64.py index d184b9d33..2beb57f86 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip64.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vip64.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -442,9 +442,8 @@ def firewall_vip64(data, fos, check_mode=False): state = data["state"] firewall_vip64_data = data["firewall_vip64"] - filtered_data = underscore_to_hyphen( - filter_firewall_vip64_data(firewall_vip64_data) - ) + filtered_data = filter_firewall_vip64_data(firewall_vip64_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -508,7 +507,7 @@ def firewall_vip64(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vip64", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vip64", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vip64", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp.py index 3ab54edf5..3ac304e64 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -259,9 +259,8 @@ def firewall_vipgrp(data, fos, check_mode=False): state = data["state"] firewall_vipgrp_data = data["firewall_vipgrp"] - filtered_data = underscore_to_hyphen( - filter_firewall_vipgrp_data(firewall_vipgrp_data) - ) + filtered_data = filter_firewall_vipgrp_data(firewall_vipgrp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -325,7 +324,7 @@ def firewall_vipgrp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vipgrp", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vipgrp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vipgrp", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp46.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp46.py index 82b5d673f..09f81363c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp46.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp46.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,9 +254,8 @@ def firewall_vipgrp46(data, fos, check_mode=False): state = data["state"] firewall_vipgrp46_data = data["firewall_vipgrp46"] - filtered_data = underscore_to_hyphen( - filter_firewall_vipgrp46_data(firewall_vipgrp46_data) - ) + filtered_data = filter_firewall_vipgrp46_data(firewall_vipgrp46_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -320,7 +319,7 @@ def firewall_vipgrp46(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vipgrp46", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vipgrp46", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vipgrp46", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp6.py index d68662679..b3da61e19 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,9 +254,8 @@ def firewall_vipgrp6(data, fos, check_mode=False): state = data["state"] firewall_vipgrp6_data = data["firewall_vipgrp6"] - filtered_data = underscore_to_hyphen( - filter_firewall_vipgrp6_data(firewall_vipgrp6_data) - ) + filtered_data = filter_firewall_vipgrp6_data(firewall_vipgrp6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -320,7 +319,7 @@ def firewall_vipgrp6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vipgrp6", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vipgrp6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vipgrp6", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp64.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp64.py index f7057cd4f..315d3a6d5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp64.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_vipgrp64.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,9 +254,8 @@ def firewall_vipgrp64(data, fos, check_mode=False): state = data["state"] firewall_vipgrp64_data = data["firewall_vipgrp64"] - filtered_data = underscore_to_hyphen( - filter_firewall_vipgrp64_data(firewall_vipgrp64_data) - ) + filtered_data = filter_firewall_vipgrp64_data(firewall_vipgrp64_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -320,7 +319,7 @@ def firewall_vipgrp64(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall", "vipgrp64", data=filtered_data, vdom=vdom) + return fos.set("firewall", "vipgrp64", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("firewall", "vipgrp64", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_custom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_custom.py index a32fa7dcd..e4f609018 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_custom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_custom.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -253,9 +253,10 @@ def firewall_wildcard_fqdn_custom(data, fos, check_mode=False): state = data["state"] firewall_wildcard_fqdn_custom_data = data["firewall_wildcard_fqdn_custom"] - filtered_data = underscore_to_hyphen( - filter_firewall_wildcard_fqdn_custom_data(firewall_wildcard_fqdn_custom_data) + filtered_data = filter_firewall_wildcard_fqdn_custom_data( + firewall_wildcard_fqdn_custom_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -322,7 +323,7 @@ def firewall_wildcard_fqdn_custom(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "firewall.wildcard-fqdn", "custom", data=filtered_data, vdom=vdom + "firewall.wildcard-fqdn", "custom", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_group.py index 18bc8141d..a7f211883 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_wildcard_fqdn_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -262,9 +262,10 @@ def firewall_wildcard_fqdn_group(data, fos, check_mode=False): state = data["state"] firewall_wildcard_fqdn_group_data = data["firewall_wildcard_fqdn_group"] - filtered_data = underscore_to_hyphen( - filter_firewall_wildcard_fqdn_group_data(firewall_wildcard_fqdn_group_data) + filtered_data = filter_firewall_wildcard_fqdn_group_data( + firewall_wildcard_fqdn_group_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -328,7 +329,9 @@ def firewall_wildcard_fqdn_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("firewall.wildcard-fqdn", "group", data=filtered_data, vdom=vdom) + return fos.set( + "firewall.wildcard-fqdn", "group", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ftp_proxy_explicit.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ftp_proxy_explicit.py index 6cd4860de..8d11fb777 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ftp_proxy_explicit.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ftp_proxy_explicit.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -126,6 +126,17 @@ options: description: - Name of certificate for SSL connections to this server . Source certificate.local.name. type: str + ssl_cert_dict: + description: + - List of certificate names to use for SSL connections to this server. Use the parameter ssl-cert if the fortiOS firmware version <= 7.4.1 + type: list + elements: dict + suboptions: + name: + description: + - Certificate list. Source vpn.certificate.local.name. + required: true + type: str ssl_dh_bits: description: - Bit-size of Diffie-Hellman (DH) prime used in DHE-RSA negotiation . @@ -157,6 +168,9 @@ EXAMPLES = """ ssl: "enable" ssl_algorithm: "high" ssl_cert: "<your_own_value> (source certificate.local.name)" + ssl_cert_dict: + - + name: "default_name_12 (source vpn.certificate.local.name)" ssl_dh_bits: "768" status: "enable" """ @@ -250,6 +264,7 @@ def filter_ftp_proxy_explicit_data(json): "ssl", "ssl_algorithm", "ssl_cert", + "ssl_cert_dict", "ssl_dh_bits", "status", ] @@ -306,15 +321,39 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"ssl-cert-dict": "ssl-cert"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def ftp_proxy_explicit(data, fos): vdom = data["vdom"] ftp_proxy_explicit_data = data["ftp_proxy_explicit"] ftp_proxy_explicit_data = flatten_multilists_attributes(ftp_proxy_explicit_data) - filtered_data = underscore_to_hyphen( - filter_ftp_proxy_explicit_data(ftp_proxy_explicit_data) - ) + filtered_data = filter_ftp_proxy_explicit_data(ftp_proxy_explicit_data) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) - return fos.set("ftp-proxy", "explicit", data=filtered_data, vdom=vdom) + return fos.set("ftp-proxy", "explicit", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -377,7 +416,18 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "ssl_cert": {"v_range": [["v6.2.0", ""]], "type": "string"}, + "ssl_cert_dict": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "ssl_dh_bits": { "v_range": [["v6.2.0", ""]], "type": "string", @@ -393,6 +443,7 @@ versioned_schema = { "type": "string", "options": [{"value": "high"}, {"value": "medium"}, {"value": "low"}], }, + "ssl_cert": {"v_range": [["v6.2.0", "v7.4.1"]], "type": "string"}, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn.py index e307af936..b055c52ad 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -230,7 +230,8 @@ def gtp_apn(data, fos, check_mode=False): state = data["state"] gtp_apn_data = data["gtp_apn"] - filtered_data = underscore_to_hyphen(filter_gtp_apn_data(gtp_apn_data)) + filtered_data = filter_gtp_apn_data(gtp_apn_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -294,7 +295,7 @@ def gtp_apn(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("gtp", "apn", data=filtered_data, vdom=vdom) + return fos.set("gtp", "apn", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("gtp", "apn", mkey=filtered_data["name"], vdom=vdom) @@ -336,16 +337,16 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "apn": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn_shaper.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn_shaper.py index 2bac6ddd7..9cbc9ddea 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn_shaper.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apn_shaper.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -259,9 +259,8 @@ def gtp_apn_shaper(data, fos, check_mode=False): state = data["state"] gtp_apn_shaper_data = data["gtp_apn_shaper"] - filtered_data = underscore_to_hyphen( - filter_gtp_apn_shaper_data(gtp_apn_shaper_data) - ) + filtered_data = filter_gtp_apn_shaper_data(gtp_apn_shaper_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -325,7 +324,7 @@ def gtp_apn_shaper(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("gtp", "apn-shaper", data=filtered_data, vdom=vdom) + return fos.set("gtp", "apn-shaper", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("gtp", "apn-shaper", mkey=filtered_data["id"], vdom=vdom) @@ -367,7 +366,7 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", "required": True, }, @@ -376,28 +375,32 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.2.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "required": True, } }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "rate_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "action": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "drop"}, {"value": "reject"}], }, "back_off_time": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apngrp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apngrp.py index 91980c3d2..9750d1506 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apngrp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_apngrp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -239,7 +239,8 @@ def gtp_apngrp(data, fos, check_mode=False): state = data["state"] gtp_apngrp_data = data["gtp_apngrp"] - filtered_data = underscore_to_hyphen(filter_gtp_apngrp_data(gtp_apngrp_data)) + filtered_data = filter_gtp_apngrp_data(gtp_apngrp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -303,7 +304,7 @@ def gtp_apngrp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("gtp", "apngrp", data=filtered_data, vdom=vdom) + return fos.set("gtp", "apngrp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("gtp", "apngrp", mkey=filtered_data["name"], vdom=vdom) @@ -345,7 +346,7 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, @@ -354,15 +355,19 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "required": True, } }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_allow_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_allow_list.py index fbcc7cccb..86c552a00 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_allow_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_allow_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,9 +235,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -246,8 +246,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -263,10 +266,8 @@ def gtp_ie_allow_list(data, fos): state = data["state"] gtp_ie_allow_list_data = data["gtp_ie_allow_list"] - filtered_data = underscore_to_hyphen( - filter_gtp_ie_allow_list_data(gtp_ie_allow_list_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_gtp_ie_allow_list_data(gtp_ie_allow_list_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) if state == "present" or state is True: return fos.set("gtp", "ie-allow-list", data=converted_data, vdom=vdom) @@ -310,7 +311,7 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, @@ -319,23 +320,35 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v7.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, }, "ie": { - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v7.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, "fos_message": { - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v7.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", }, }, - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, }, - "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_white_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_white_list.py index 91f819d3f..57c47d986 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_white_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_ie_white_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -244,9 +244,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -255,8 +255,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -272,10 +275,8 @@ def gtp_ie_white_list(data, fos, check_mode=False): state = data["state"] gtp_ie_white_list_data = data["gtp_ie_white_list"] - filtered_data = underscore_to_hyphen( - filter_gtp_ie_white_list_data(gtp_ie_white_list_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_gtp_ie_white_list_data(gtp_ie_white_list_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v0v1.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v0v1.py index be87b955d..02373cde9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v0v1.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v0v1.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -566,9 +566,8 @@ def gtp_message_filter_v0v1(data, fos, check_mode=False): state = data["state"] gtp_message_filter_v0v1_data = data["gtp_message_filter_v0v1"] - filtered_data = underscore_to_hyphen( - filter_gtp_message_filter_v0v1_data(gtp_message_filter_v0v1_data) - ) + filtered_data = filter_gtp_message_filter_v0v1_data(gtp_message_filter_v0v1_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -632,7 +631,7 @@ def gtp_message_filter_v0v1(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("gtp", "message-filter-v0v1", data=filtered_data, vdom=vdom) + return fos.set("gtp", "message-filter-v0v1", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -676,12 +675,12 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "unknown_message": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, @@ -690,190 +689,194 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, } }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "echo": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "version_not_support": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "node_alive": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "redirection": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "create_pdp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "update_pdp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_pdp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "v0_create_aa_pdp__v1_init_pdp_ctx": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_aa_pdp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "error_indication": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "pdu_notification": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "support_extension": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "send_route": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "failure_report": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "note_ms_present": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "identification": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "sgsn_context": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "fwd_relocation": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "relocation_cancel": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "fwd_srns_context": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "ue_registration_query": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "ran_info": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_notification": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "create_mbms": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "update_mbms": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_mbms": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_registration": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_de_registration": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_session_start": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_session_stop": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_session_update": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "ms_info_change_notif": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "data_record": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "end_marker": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "gtp_pdu": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v2.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v2.py index db35de0e6..26ef6d2d8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v2.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_message_filter_v2.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -665,9 +665,8 @@ def gtp_message_filter_v2(data, fos, check_mode=False): state = data["state"] gtp_message_filter_v2_data = data["gtp_message_filter_v2"] - filtered_data = underscore_to_hyphen( - filter_gtp_message_filter_v2_data(gtp_message_filter_v2_data) - ) + filtered_data = filter_gtp_message_filter_v2_data(gtp_message_filter_v2_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -731,7 +730,7 @@ def gtp_message_filter_v2(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("gtp", "message-filter-v2", data=filtered_data, vdom=vdom) + return fos.set("gtp", "message-filter-v2", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -775,12 +774,12 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "unknown_message": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, @@ -789,245 +788,249 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, } }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "echo": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "version_not_support": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "create_session": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "modify_bearer_req_resp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_session": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "change_notification": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "remote_ue_report_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "modify_bearer_cmd_fail": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_bearer_cmd_fail": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "bearer_resource_cmd_fail": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "dlink_notif_failure": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "trace_session": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "stop_paging_indication": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "create_bearer": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "update_bearer": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_bearer_req_resp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_pdn_connection_set": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "pgw_dlink_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "identification_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "context_req_res_ack": { - "v_range": [["v7.0.2", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.2", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "forward_relocation_req_res": { - "v_range": [["v7.0.2", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.2", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "forward_relocation_cmp_notif_ack": { - "v_range": [["v7.0.2", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.2", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "forward_access_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "relocation_cancel_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "configuration_transfer_tunnel": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "detach_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "cs_paging": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "ran_info_relay": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "alert_mme_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "ue_activity_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "isr_status": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "ue_registration_query_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "create_forwarding_tunnel_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "suspend": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "resume": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "create_indirect_forwarding_tunnel_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "delete_indirect_forwarding_tunnel_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "release_access_bearer_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "dlink_data_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "reserved_for_earlier_version": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "pgw_restart_notif_ack": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "update_pdn_connection_set": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "modify_access_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_session_start_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_session_update_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "mbms_session_stop_req_resp": { - "v_range": [["v7.2.1", "v7.2.4"]], + "v_range": [["v7.2.1", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_rat_timeout_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_rat_timeout_profile.py index cba847d32..9167141ed 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_rat_timeout_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_rat_timeout_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,12 +278,11 @@ def gtp_rat_timeout_profile(data, fos): state = data["state"] gtp_rat_timeout_profile_data = data["gtp_rat_timeout_profile"] - filtered_data = underscore_to_hyphen( - filter_gtp_rat_timeout_profile_data(gtp_rat_timeout_profile_data) - ) + filtered_data = filter_gtp_rat_timeout_profile_data(gtp_rat_timeout_profile_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("gtp", "rat-timeout-profile", data=filtered_data, vdom=vdom) + return fos.set("gtp", "rat-timeout-profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -326,52 +325,52 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "utran_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "geran_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "wlan_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "gan_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "hspa_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "eutran_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "virtual_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "nbiot_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "ltem_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "nr_timeout": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, }, - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_tunnel_limit.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_tunnel_limit.py index 9e675ba64..16184b978 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_tunnel_limit.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_gtp_tunnel_limit.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -230,9 +230,8 @@ def gtp_tunnel_limit(data, fos, check_mode=False): state = data["state"] gtp_tunnel_limit_data = data["gtp_tunnel_limit"] - filtered_data = underscore_to_hyphen( - filter_gtp_tunnel_limit_data(gtp_tunnel_limit_data) - ) + filtered_data = filter_gtp_tunnel_limit_data(gtp_tunnel_limit_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -296,7 +295,7 @@ def gtp_tunnel_limit(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("gtp", "tunnel-limit", data=filtered_data, vdom=vdom) + return fos.set("gtp", "tunnel-limit", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("gtp", "tunnel-limit", mkey=filtered_data["name"], vdom=vdom) @@ -338,16 +337,16 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "tunnel_limit": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, }, - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_nic.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_nic.py index 4e56d4591..07dbc3ab9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_nic.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_nic.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<nic>": "nic"} + speciallist = {"<nic>": "nic"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,8 +228,8 @@ def valid_attr_to_invalid_attrs(data): def hardware_nic(data, fos): vdom = data["vdom"] hardware_nic_data = data["hardware_nic"] - filtered_data = underscore_to_hyphen(filter_hardware_nic_data(hardware_nic_data)) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_hardware_nic_data(hardware_nic_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("hardware", "nic", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_dce.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_dce.py index 10e399dfe..4e7a16b40 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_dce.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_dce.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<dev_id>": "dev_id"} + speciallist = {"<dev_id>": "dev_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def hardware_npu_np6_dce(data, fos): vdom = data["vdom"] hardware_npu_np6_dce_data = data["hardware_npu_np6_dce"] - filtered_data = underscore_to_hyphen( - filter_hardware_npu_np6_dce_data(hardware_npu_np6_dce_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_hardware_npu_np6_dce_data(hardware_npu_np6_dce_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("hardware.npu.np6", "dce", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_session_stats.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_session_stats.py index 04b3cf2d8..45d049ca4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_session_stats.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_session_stats.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<dev_id>": "dev_id"} + speciallist = {"<dev_id>": "dev_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,10 @@ def valid_attr_to_invalid_attrs(data): def hardware_npu_np6_session_stats(data, fos): vdom = data["vdom"] hardware_npu_np6_session_stats_data = data["hardware_npu_np6_session_stats"] - filtered_data = underscore_to_hyphen( - filter_hardware_npu_np6_session_stats_data(hardware_npu_np6_session_stats_data) + filtered_data = filter_hardware_npu_np6_session_stats_data( + hardware_npu_np6_session_stats_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("hardware.npu.np6", "session-stats", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_sse_stats.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_sse_stats.py index 77da4fe6a..19bbd4c26 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_sse_stats.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_hardware_npu_np6_sse_stats.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<dev_id>": "dev_id"} + speciallist = {"<dev_id>": "dev_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,10 @@ def valid_attr_to_invalid_attrs(data): def hardware_npu_np6_sse_stats(data, fos): vdom = data["vdom"] hardware_npu_np6_sse_stats_data = data["hardware_npu_np6_sse_stats"] - filtered_data = underscore_to_hyphen( - filter_hardware_npu_np6_sse_stats_data(hardware_npu_np6_sse_stats_data) + filtered_data = filter_hardware_npu_np6_sse_stats_data( + hardware_npu_np6_sse_stats_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("hardware.npu.np6", "sse-stats", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_profile.py index 1d08a301a..ea1cbeb93 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -576,9 +576,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"204_response": "response_204", "204_size_limit": "size_limit_204"} + speciallist = {"204_response": "response_204", "204_size_limit": "size_limit_204"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -587,8 +587,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -605,8 +608,8 @@ def icap_profile(data, fos, check_mode=False): icap_profile_data = data["icap_profile"] icap_profile_data = flatten_multilists_attributes(icap_profile_data) - filtered_data = underscore_to_hyphen(filter_icap_profile_data(icap_profile_data)) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_icap_profile_data(icap_profile_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server.py index 905bd3464..4ed1fe1fa 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -307,7 +307,8 @@ def icap_server(data, fos, check_mode=False): state = data["state"] icap_server_data = data["icap_server"] - filtered_data = underscore_to_hyphen(filter_icap_server_data(icap_server_data)) + filtered_data = filter_icap_server_data(icap_server_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -371,7 +372,7 @@ def icap_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("icap", "server", data=filtered_data, vdom=vdom) + return fos.set("icap", "server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("icap", "server", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server_group.py index 4d55bacf1..d18165ea5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_icap_server_group.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -245,12 +245,11 @@ def icap_server_group(data, fos): state = data["state"] icap_server_group_data = data["icap_server_group"] - filtered_data = underscore_to_hyphen( - filter_icap_server_group_data(icap_server_group_data) - ) + filtered_data = filter_icap_server_group_data(icap_server_group_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("icap", "server-group", data=filtered_data, vdom=vdom) + return fos.set("icap", "server-group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("icap", "server-group", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_custom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_custom.py index 85dea7158..980e4ccbb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_custom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_custom.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -352,7 +352,8 @@ def ips_custom(data, fos, check_mode=False): ips_custom_data = data["ips_custom"] ips_custom_data = flatten_multilists_attributes(ips_custom_data) - filtered_data = underscore_to_hyphen(filter_ips_custom_data(ips_custom_data)) + filtered_data = filter_ips_custom_data(ips_custom_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -416,7 +417,7 @@ def ips_custom(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("ips", "custom", data=filtered_data, vdom=vdom) + return fos.set("ips", "custom", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("ips", "custom", mkey=filtered_data["tag"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_decoder.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_decoder.py index 07ff2219b..7b135f6d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_decoder.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_decoder.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -244,7 +244,8 @@ def ips_decoder(data, fos, check_mode=False): state = data["state"] ips_decoder_data = data["ips_decoder"] - filtered_data = underscore_to_hyphen(filter_ips_decoder_data(ips_decoder_data)) + filtered_data = filter_ips_decoder_data(ips_decoder_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -308,7 +309,7 @@ def ips_decoder(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("ips", "decoder", data=filtered_data, vdom=vdom) + return fos.set("ips", "decoder", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("ips", "decoder", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_global.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_global.py index dfb46e8db..d8d8c9464 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_global.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_global.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -87,6 +87,11 @@ options: choices: - 'periodical' - 'continuous' + av_mem_limit: + description: + - Maximum percentage of system memory allowed for use on AV scanning (10 - 50). To disable set to zero. When disabled, there is no limit + on the AV memory usage. + type: int cp_accel_mode: description: - IPS Pattern matching acceleration/offloading to CPx processors. @@ -227,6 +232,7 @@ EXAMPLES = """ vdom: "{{ vdom }}" ips_global: anomaly_mode: "periodical" + av_mem_limit: "0" cp_accel_mode: "none" database: "regular" deep_app_insp_db_limit: "0" @@ -334,6 +340,7 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post def filter_ips_global_data(json): option_list = [ "anomaly_mode", + "av_mem_limit", "cp_accel_mode", "database", "deep_app_insp_db_limit", @@ -380,9 +387,10 @@ def underscore_to_hyphen(data): def ips_global(data, fos): vdom = data["vdom"] ips_global_data = data["ips_global"] - filtered_data = underscore_to_hyphen(filter_ips_global_data(ips_global_data)) + filtered_data = filter_ips_global_data(ips_global_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("ips", "global", data=filtered_data, vdom=vdom) + return fos.set("ips", "global", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -462,6 +470,7 @@ versioned_schema = { }, "packet_log_queue_depth": {"v_range": [["v6.2.7", ""]], "type": "integer"}, "ngfw_max_scan_range": {"v_range": [["v6.4.4", ""]], "type": "integer"}, + "av_mem_limit": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "tls_active_probe": { "v_range": [["v6.2.7", "v6.2.7"], ["v6.4.4", ""]], "type": "dict", @@ -499,7 +508,7 @@ versioned_schema = { "options": [{"value": "none"}, {"value": "basic"}], }, "ips_reserve_cpu": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule.py index dba44c177..5f4c8e953 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -373,7 +373,8 @@ def ips_rule(data, fos, check_mode=False): ips_rule_data = data["ips_rule"] ips_rule_data = flatten_multilists_attributes(ips_rule_data) - filtered_data = underscore_to_hyphen(filter_ips_rule_data(ips_rule_data)) + filtered_data = filter_ips_rule_data(ips_rule_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -437,7 +438,7 @@ def ips_rule(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("ips", "rule", data=filtered_data, vdom=vdom) + return fos.set("ips", "rule", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("ips", "rule", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule_settings.py index 833997f50..741cb84fb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_rule_settings.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -227,9 +227,8 @@ def ips_rule_settings(data, fos, check_mode=False): state = data["state"] ips_rule_settings_data = data["ips_rule_settings"] - filtered_data = underscore_to_hyphen( - filter_ips_rule_settings_data(ips_rule_settings_data) - ) + filtered_data = filter_ips_rule_settings_data(ips_rule_settings_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -293,7 +292,7 @@ def ips_rule_settings(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("ips", "rule-settings", data=filtered_data, vdom=vdom) + return fos.set("ips", "rule-settings", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("ips", "rule-settings", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_sensor.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_sensor.py index 6327156b8..216a0c57e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_sensor.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_sensor.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -718,7 +718,8 @@ def ips_sensor(data, fos, check_mode=False): ips_sensor_data = data["ips_sensor"] ips_sensor_data = flatten_multilists_attributes(ips_sensor_data) - filtered_data = underscore_to_hyphen(filter_ips_sensor_data(ips_sensor_data)) + filtered_data = filter_ips_sensor_data(ips_sensor_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -782,7 +783,7 @@ def ips_sensor(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("ips", "sensor", data=filtered_data, vdom=vdom) + return fos.set("ips", "sensor", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("ips", "sensor", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_settings.py index ee1f86b2f..47fca1bfe 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -96,6 +96,13 @@ options: description: - Number of packets to log after the IPS signature is detected (0 - 255). type: int + proxy_inline_ips: + description: + - Enable/disable proxy-mode policy inline IPS support. + type: str + choices: + - 'disable' + - 'enable' """ EXAMPLES = """ @@ -107,6 +114,7 @@ EXAMPLES = """ packet_log_history: "1" packet_log_memory: "256" packet_log_post_attack: "0" + proxy_inline_ips: "disable" """ RETURN = """ @@ -194,6 +202,7 @@ def filter_ips_settings_data(json): "packet_log_history", "packet_log_memory", "packet_log_post_attack", + "proxy_inline_ips", ] json = remove_invalid_fields(json) @@ -222,9 +231,10 @@ def underscore_to_hyphen(data): def ips_settings(data, fos): vdom = data["vdom"] ips_settings_data = data["ips_settings"] - filtered_data = underscore_to_hyphen(filter_ips_settings_data(ips_settings_data)) + filtered_data = filter_ips_settings_data(ips_settings_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("ips", "settings", data=filtered_data, vdom=vdom) + return fos.set("ips", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -263,6 +273,11 @@ versioned_schema = { "packet_log_post_attack": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "packet_log_memory": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "ips_packet_quota": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "proxy_inline_ips": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_view_map.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_view_map.py index dd1460ee9..72980ef6d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_view_map.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ips_view_map.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -255,7 +255,8 @@ def ips_view_map(data, fos, check_mode=False): state = data["state"] ips_view_map_data = data["ips_view_map"] - filtered_data = underscore_to_hyphen(filter_ips_view_map_data(ips_view_map_data)) + filtered_data = filter_ips_view_map_data(ips_view_map_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -319,7 +320,7 @@ def ips_view_map(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("ips", "view-map", data=filtered_data, vdom=vdom) + return fos.set("ips", "view-map", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("ips", "view-map", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_custom_field.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_custom_field.py index f0c480c6c..45f6a35df 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_custom_field.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_custom_field.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,9 +235,8 @@ def log_custom_field(data, fos, check_mode=False): state = data["state"] log_custom_field_data = data["log_custom_field"] - filtered_data = underscore_to_hyphen( - filter_log_custom_field_data(log_custom_field_data) - ) + filtered_data = filter_log_custom_field_data(log_custom_field_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -301,7 +300,7 @@ def log_custom_field(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("log", "custom-field", data=filtered_data, vdom=vdom) + return fos.set("log", "custom-field", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("log", "custom-field", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_filter.py index 8dd65297b..854cce9f8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_filter.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -148,6 +148,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -386,13 +393,14 @@ EXAMPLES = """ event: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "18" + id: "19" gtp: "enable" ha: "enable" ipsec: "enable" @@ -510,6 +518,7 @@ def filter_log_disk_filter_data(json): "event", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -564,11 +573,10 @@ def underscore_to_hyphen(data): def log_disk_filter(data, fos): vdom = data["vdom"] log_disk_filter_data = data["log_disk_filter"] - filtered_data = underscore_to_hyphen( - filter_log_disk_filter_data(log_disk_filter_data) - ) + filtered_data = filter_log_disk_filter_data(log_disk_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.disk", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.disk", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -653,15 +661,23 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "dlp_archive": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + ], }, "gtp": { "v_range": [["v6.0.0", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_setting.py index e23fba23e..20e43407e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_disk_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -475,11 +475,10 @@ def log_disk_setting(data, fos): vdom = data["vdom"] log_disk_setting_data = data["log_disk_setting"] log_disk_setting_data = flatten_multilists_attributes(log_disk_setting_data) - filtered_data = underscore_to_hyphen( - filter_log_disk_setting_data(log_disk_setting_data) - ) + filtered_data = filter_log_disk_setting_data(log_disk_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.disk", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.disk", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -557,7 +556,10 @@ versioned_schema = { }, "log_quota": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "dlp_archive_quota": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "report_quota": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "report_quota": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, "maximum_log_age": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "upload": { "v_range": [["v6.0.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_eventfilter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_eventfilter.py index 5327dfac0..a11c29418 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_eventfilter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_eventfilter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -360,11 +360,10 @@ def underscore_to_hyphen(data): def log_eventfilter(data, fos): vdom = data["vdom"] log_eventfilter_data = data["log_eventfilter"] - filtered_data = underscore_to_hyphen( - filter_log_eventfilter_data(log_eventfilter_data) - ) + filtered_data = filter_log_eventfilter_data(log_eventfilter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log", "eventfilter", data=filtered_data, vdom=vdom) + return fos.set("log", "eventfilter", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_filter.py index 2a1e904fc..3e3b44ba8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortianalyzer2_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -392,11 +401,12 @@ def underscore_to_hyphen(data): def log_fortianalyzer2_filter(data, fos): vdom = data["vdom"] log_fortianalyzer2_filter_data = data["log_fortianalyzer2_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer2_filter_data(log_fortianalyzer2_filter_data) + filtered_data = filter_log_fortianalyzer2_filter_data( + log_fortianalyzer2_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer2", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer2", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -492,6 +502,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_filter.py index fd0afd893..8b78e11b1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -224,13 +231,14 @@ EXAMPLES = """ dlp_archive: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -325,6 +333,7 @@ def filter_log_fortianalyzer2_override_filter_data(json): "dlp_archive", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -362,14 +371,13 @@ def underscore_to_hyphen(data): def log_fortianalyzer2_override_filter(data, fos): vdom = data["vdom"] log_fortianalyzer2_override_filter_data = data["log_fortianalyzer2_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer2_override_filter_data( - log_fortianalyzer2_override_filter_data - ) + filtered_data = filter_log_fortianalyzer2_override_filter_data( + log_fortianalyzer2_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer2", "override-filter", data=filtered_data, vdom=vdom + "log.fortianalyzer2", "override-filter", data=converted_data, vdom=vdom ) @@ -466,6 +474,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_setting.py index fa57164d2..88290a61b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -211,6 +211,10 @@ options: description: - The remote FortiAnalyzer. type: str + server_cert_ca: + description: + - Mandatory CA on FortiGate in certificate chain of server. Source certificate.ca.name vpn.certificate.ca.name. + type: str source_ip: description: - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. @@ -297,6 +301,7 @@ EXAMPLES = """ - name: "default_name_25" server: "192.168.100.40" + server_cert_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" source_ip: "84.230.14.43" ssl_min_proto_version: "default" status: "enable" @@ -411,6 +416,7 @@ def filter_log_fortianalyzer2_override_setting_data(json): "reliable", "serial", "server", + "server_cert_ca", "source_ip", "ssl_min_proto_version", "status", @@ -449,14 +455,13 @@ def log_fortianalyzer2_override_setting(data, fos): log_fortianalyzer2_override_setting_data = data[ "log_fortianalyzer2_override_setting" ] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer2_override_setting_data( - log_fortianalyzer2_override_setting_data - ) + filtered_data = filter_log_fortianalyzer2_override_setting_data( + log_fortianalyzer2_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer2", "override-setting", data=filtered_data, vdom=vdom + "log.fortianalyzer2", "override-setting", data=converted_data, vdom=vdom ) @@ -533,6 +538,7 @@ versioned_schema = { }, "v_range": [["v6.2.0", ""]], }, + "server_cert_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "preshared_key": {"v_range": [["v7.0.0", ""]], "type": "string"}, "access_config": { "v_range": [["v6.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_setting.py index 49a856256..60b247eb8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer2_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -204,6 +204,10 @@ options: description: - The remote FortiAnalyzer. type: str + server_cert_ca: + description: + - Mandatory CA on FortiGate in certificate chain of server. Source certificate.ca.name vpn.certificate.ca.name. + type: str source_ip: description: - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. @@ -282,6 +286,7 @@ EXAMPLES = """ - name: "default_name_24" server: "192.168.100.40" + server_cert_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" source_ip: "84.230.14.43" ssl_min_proto_version: "default" status: "enable" @@ -394,6 +399,7 @@ def filter_log_fortianalyzer2_setting_data(json): "reliable", "serial", "server", + "server_cert_ca", "source_ip", "ssl_min_proto_version", "status", @@ -429,11 +435,12 @@ def underscore_to_hyphen(data): def log_fortianalyzer2_setting(data, fos): vdom = data["vdom"] log_fortianalyzer2_setting_data = data["log_fortianalyzer2_setting"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer2_setting_data(log_fortianalyzer2_setting_data) + filtered_data = filter_log_fortianalyzer2_setting_data( + log_fortianalyzer2_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer2", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer2", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -504,6 +511,7 @@ versioned_schema = { }, "v_range": [["v6.2.0", ""]], }, + "server_cert_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "preshared_key": {"v_range": [["v7.0.0", ""]], "type": "string"}, "access_config": { "v_range": [["v6.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_filter.py index c57dd5685..f900cfec0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortianalyzer3_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -392,11 +401,12 @@ def underscore_to_hyphen(data): def log_fortianalyzer3_filter(data, fos): vdom = data["vdom"] log_fortianalyzer3_filter_data = data["log_fortianalyzer3_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer3_filter_data(log_fortianalyzer3_filter_data) + filtered_data = filter_log_fortianalyzer3_filter_data( + log_fortianalyzer3_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer3", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer3", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -492,6 +502,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_filter.py index 35edeeee7..9cf151b62 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -224,13 +231,14 @@ EXAMPLES = """ dlp_archive: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -325,6 +333,7 @@ def filter_log_fortianalyzer3_override_filter_data(json): "dlp_archive", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -362,14 +371,13 @@ def underscore_to_hyphen(data): def log_fortianalyzer3_override_filter(data, fos): vdom = data["vdom"] log_fortianalyzer3_override_filter_data = data["log_fortianalyzer3_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer3_override_filter_data( - log_fortianalyzer3_override_filter_data - ) + filtered_data = filter_log_fortianalyzer3_override_filter_data( + log_fortianalyzer3_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer3", "override-filter", data=filtered_data, vdom=vdom + "log.fortianalyzer3", "override-filter", data=converted_data, vdom=vdom ) @@ -466,6 +474,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_setting.py index d02478afd..10ff41c88 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -211,6 +211,10 @@ options: description: - The remote FortiAnalyzer. type: str + server_cert_ca: + description: + - Mandatory CA on FortiGate in certificate chain of server. Source certificate.ca.name vpn.certificate.ca.name. + type: str source_ip: description: - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. @@ -297,6 +301,7 @@ EXAMPLES = """ - name: "default_name_25" server: "192.168.100.40" + server_cert_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" source_ip: "84.230.14.43" ssl_min_proto_version: "default" status: "enable" @@ -411,6 +416,7 @@ def filter_log_fortianalyzer3_override_setting_data(json): "reliable", "serial", "server", + "server_cert_ca", "source_ip", "ssl_min_proto_version", "status", @@ -449,14 +455,13 @@ def log_fortianalyzer3_override_setting(data, fos): log_fortianalyzer3_override_setting_data = data[ "log_fortianalyzer3_override_setting" ] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer3_override_setting_data( - log_fortianalyzer3_override_setting_data - ) + filtered_data = filter_log_fortianalyzer3_override_setting_data( + log_fortianalyzer3_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer3", "override-setting", data=filtered_data, vdom=vdom + "log.fortianalyzer3", "override-setting", data=converted_data, vdom=vdom ) @@ -533,6 +538,7 @@ versioned_schema = { }, "v_range": [["v6.2.0", ""]], }, + "server_cert_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "preshared_key": {"v_range": [["v7.0.0", ""]], "type": "string"}, "access_config": { "v_range": [["v6.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_setting.py index 9ad3075c8..8bf654806 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer3_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -204,6 +204,10 @@ options: description: - The remote FortiAnalyzer. type: str + server_cert_ca: + description: + - Mandatory CA on FortiGate in certificate chain of server. Source certificate.ca.name vpn.certificate.ca.name. + type: str source_ip: description: - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. @@ -282,6 +286,7 @@ EXAMPLES = """ - name: "default_name_24" server: "192.168.100.40" + server_cert_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" source_ip: "84.230.14.43" ssl_min_proto_version: "default" status: "enable" @@ -394,6 +399,7 @@ def filter_log_fortianalyzer3_setting_data(json): "reliable", "serial", "server", + "server_cert_ca", "source_ip", "ssl_min_proto_version", "status", @@ -429,11 +435,12 @@ def underscore_to_hyphen(data): def log_fortianalyzer3_setting(data, fos): vdom = data["vdom"] log_fortianalyzer3_setting_data = data["log_fortianalyzer3_setting"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer3_setting_data(log_fortianalyzer3_setting_data) + filtered_data = filter_log_fortianalyzer3_setting_data( + log_fortianalyzer3_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer3", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer3", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -504,6 +511,7 @@ versioned_schema = { }, "v_range": [["v6.2.0", ""]], }, + "server_cert_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "preshared_key": {"v_range": [["v7.0.0", ""]], "type": "string"}, "access_config": { "v_range": [["v6.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_filter.py index 51e23edca..b5757076c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortianalyzer_cloud_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -392,11 +401,12 @@ def underscore_to_hyphen(data): def log_fortianalyzer_cloud_filter(data, fos): vdom = data["vdom"] log_fortianalyzer_cloud_filter_data = data["log_fortianalyzer_cloud_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_cloud_filter_data(log_fortianalyzer_cloud_filter_data) + filtered_data = filter_log_fortianalyzer_cloud_filter_data( + log_fortianalyzer_cloud_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer-cloud", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer-cloud", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -492,6 +502,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_filter.py index 6e14e276f..8104a7893 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortianalyzer_cloud_override_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -394,14 +403,13 @@ def log_fortianalyzer_cloud_override_filter(data, fos): log_fortianalyzer_cloud_override_filter_data = data[ "log_fortianalyzer_cloud_override_filter" ] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_cloud_override_filter_data( - log_fortianalyzer_cloud_override_filter_data - ) + filtered_data = filter_log_fortianalyzer_cloud_override_filter_data( + log_fortianalyzer_cloud_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer-cloud", "override-filter", data=filtered_data, vdom=vdom + "log.fortianalyzer-cloud", "override-filter", data=converted_data, vdom=vdom ) @@ -498,6 +506,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_setting.py index 3f0d0bf4f..1c2d8ecfb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -220,14 +220,13 @@ def log_fortianalyzer_cloud_override_setting(data, fos): log_fortianalyzer_cloud_override_setting_data = data[ "log_fortianalyzer_cloud_override_setting" ] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_cloud_override_setting_data( - log_fortianalyzer_cloud_override_setting_data - ) + filtered_data = filter_log_fortianalyzer_cloud_override_setting_data( + log_fortianalyzer_cloud_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer-cloud", "override-setting", data=filtered_data, vdom=vdom + "log.fortianalyzer-cloud", "override-setting", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_setting.py index 097126848..26eaef91e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_cloud_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -399,13 +399,12 @@ def underscore_to_hyphen(data): def log_fortianalyzer_cloud_setting(data, fos): vdom = data["vdom"] log_fortianalyzer_cloud_setting_data = data["log_fortianalyzer_cloud_setting"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_cloud_setting_data( - log_fortianalyzer_cloud_setting_data - ) + filtered_data = filter_log_fortianalyzer_cloud_setting_data( + log_fortianalyzer_cloud_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer-cloud", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer-cloud", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_filter.py index f1c145d44..6194d0ccf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortianalyzer_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -392,11 +401,10 @@ def underscore_to_hyphen(data): def log_fortianalyzer_filter(data, fos): vdom = data["vdom"] log_fortianalyzer_filter_data = data["log_fortianalyzer_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_filter_data(log_fortianalyzer_filter_data) - ) + filtered_data = filter_log_fortianalyzer_filter_data(log_fortianalyzer_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -492,6 +500,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_filter.py index ebdb97d76..34b68a7b9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortianalyzer_override_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -392,14 +401,13 @@ def underscore_to_hyphen(data): def log_fortianalyzer_override_filter(data, fos): vdom = data["vdom"] log_fortianalyzer_override_filter_data = data["log_fortianalyzer_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_override_filter_data( - log_fortianalyzer_override_filter_data - ) + filtered_data = filter_log_fortianalyzer_override_filter_data( + log_fortianalyzer_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer", "override-filter", data=filtered_data, vdom=vdom + "log.fortianalyzer", "override-filter", data=converted_data, vdom=vdom ) @@ -496,6 +504,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_setting.py index 2dd019c73..04dae34a7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -211,6 +211,10 @@ options: description: - The remote FortiAnalyzer. type: str + server_cert_ca: + description: + - Mandatory CA on FortiGate in certificate chain of server. Source certificate.ca.name vpn.certificate.ca.name. + type: str source_ip: description: - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. @@ -297,6 +301,7 @@ EXAMPLES = """ - name: "default_name_25" server: "192.168.100.40" + server_cert_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" source_ip: "84.230.14.43" ssl_min_proto_version: "default" status: "enable" @@ -411,6 +416,7 @@ def filter_log_fortianalyzer_override_setting_data(json): "reliable", "serial", "server", + "server_cert_ca", "source_ip", "ssl_min_proto_version", "status", @@ -447,14 +453,13 @@ def underscore_to_hyphen(data): def log_fortianalyzer_override_setting(data, fos): vdom = data["vdom"] log_fortianalyzer_override_setting_data = data["log_fortianalyzer_override_setting"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_override_setting_data( - log_fortianalyzer_override_setting_data - ) + filtered_data = filter_log_fortianalyzer_override_setting_data( + log_fortianalyzer_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "log.fortianalyzer", "override-setting", data=filtered_data, vdom=vdom + "log.fortianalyzer", "override-setting", data=converted_data, vdom=vdom ) @@ -531,6 +536,7 @@ versioned_schema = { }, "v_range": [["v6.2.0", ""]], }, + "server_cert_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "preshared_key": {"v_range": [["v7.0.0", ""]], "type": "string"}, "access_config": { "v_range": [["v6.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_setting.py index 13157b88e..f0d68a886 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortianalyzer_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -204,6 +204,10 @@ options: description: - The remote FortiAnalyzer. type: str + server_cert_ca: + description: + - Mandatory CA on FortiGate in certificate chain of server. Source certificate.ca.name vpn.certificate.ca.name. + type: str source_ip: description: - Source IPv4 or IPv6 address used to communicate with FortiAnalyzer. @@ -282,6 +286,7 @@ EXAMPLES = """ - name: "default_name_24" server: "192.168.100.40" + server_cert_ca: "<your_own_value> (source certificate.ca.name vpn.certificate.ca.name)" source_ip: "84.230.14.43" ssl_min_proto_version: "default" status: "enable" @@ -394,6 +399,7 @@ def filter_log_fortianalyzer_setting_data(json): "reliable", "serial", "server", + "server_cert_ca", "source_ip", "ssl_min_proto_version", "status", @@ -429,11 +435,12 @@ def underscore_to_hyphen(data): def log_fortianalyzer_setting(data, fos): vdom = data["vdom"] log_fortianalyzer_setting_data = data["log_fortianalyzer_setting"] - filtered_data = underscore_to_hyphen( - filter_log_fortianalyzer_setting_data(log_fortianalyzer_setting_data) + filtered_data = filter_log_fortianalyzer_setting_data( + log_fortianalyzer_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortianalyzer", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.fortianalyzer", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -504,6 +511,7 @@ versioned_schema = { }, "v_range": [["v6.2.0", ""]], }, + "server_cert_ca": {"v_range": [["v7.4.2", ""]], "type": "string"}, "preshared_key": {"v_range": [["v7.0.0", ""]], "type": "string"}, "access_config": { "v_range": [["v6.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_filter.py index 21092bd9c..109e81b23 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortiguard_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -392,11 +401,10 @@ def underscore_to_hyphen(data): def log_fortiguard_filter(data, fos): vdom = data["vdom"] log_fortiguard_filter_data = data["log_fortiguard_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortiguard_filter_data(log_fortiguard_filter_data) - ) + filtered_data = filter_log_fortiguard_filter_data(log_fortiguard_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortiguard", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.fortiguard", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -485,6 +493,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_filter.py index deb63cca4..3ba5893c3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -112,6 +112,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -247,13 +254,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "13" + id: "14" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -352,6 +360,7 @@ def filter_log_fortiguard_override_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -392,11 +401,12 @@ def underscore_to_hyphen(data): def log_fortiguard_override_filter(data, fos): vdom = data["vdom"] log_fortiguard_override_filter_data = data["log_fortiguard_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_fortiguard_override_filter_data(log_fortiguard_override_filter_data) + filtered_data = filter_log_fortiguard_override_filter_data( + log_fortiguard_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortiguard", "override-filter", data=filtered_data, vdom=vdom) + return fos.set("log.fortiguard", "override-filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -487,6 +497,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_setting.py index d4d447670..d5906376b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -273,13 +273,12 @@ def underscore_to_hyphen(data): def log_fortiguard_override_setting(data, fos): vdom = data["vdom"] log_fortiguard_override_setting_data = data["log_fortiguard_override_setting"] - filtered_data = underscore_to_hyphen( - filter_log_fortiguard_override_setting_data( - log_fortiguard_override_setting_data - ) + filtered_data = filter_log_fortiguard_override_setting_data( + log_fortiguard_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortiguard", "override-setting", data=filtered_data, vdom=vdom) + return fos.set("log.fortiguard", "override-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_setting.py index f62c1197c..0e5d8845c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_fortiguard_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -315,11 +315,10 @@ def underscore_to_hyphen(data): def log_fortiguard_setting(data, fos): vdom = data["vdom"] log_fortiguard_setting_data = data["log_fortiguard_setting"] - filtered_data = underscore_to_hyphen( - filter_log_fortiguard_setting_data(log_fortiguard_setting_data) - ) + filtered_data = filter_log_fortiguard_setting_data(log_fortiguard_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.fortiguard", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.fortiguard", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_gui_display.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_gui_display.py index 20f49acd3..4cf4fc15d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_gui_display.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_gui_display.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -221,11 +221,10 @@ def underscore_to_hyphen(data): def log_gui_display(data, fos): vdom = data["vdom"] log_gui_display_data = data["log_gui_display"] - filtered_data = underscore_to_hyphen( - filter_log_gui_display_data(log_gui_display_data) - ) + filtered_data = filter_log_gui_display_data(log_gui_display_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log", "gui-display", data=filtered_data, vdom=vdom) + return fos.set("log", "gui-display", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_filter.py index 203016b16..7f834c9e3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -140,6 +140,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -377,13 +384,14 @@ EXAMPLES = """ event: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "17" + id: "18" gtp: "enable" ha: "enable" ipsec: "enable" @@ -500,6 +508,7 @@ def filter_log_memory_filter_data(json): "event", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -554,11 +563,10 @@ def underscore_to_hyphen(data): def log_memory_filter(data, fos): vdom = data["vdom"] log_memory_filter_data = data["log_memory_filter"] - filtered_data = underscore_to_hyphen( - filter_log_memory_filter_data(log_memory_filter_data) - ) + filtered_data = filter_log_memory_filter_data(log_memory_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.memory", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.memory", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -647,6 +655,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_global_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_global_setting.py index 10f0ac468..439b828fa 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_global_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_global_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -106,7 +106,7 @@ EXAMPLES = """ full_final_warning_threshold: "95" full_first_warning_threshold: "75" full_second_warning_threshold: "90" - max_size: "20921835" + max_size: "20911636" """ RETURN = """ @@ -222,11 +222,12 @@ def underscore_to_hyphen(data): def log_memory_global_setting(data, fos): vdom = data["vdom"] log_memory_global_setting_data = data["log_memory_global_setting"] - filtered_data = underscore_to_hyphen( - filter_log_memory_global_setting_data(log_memory_global_setting_data) + filtered_data = filter_log_memory_global_setting_data( + log_memory_global_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.memory", "global-setting", data=filtered_data, vdom=vdom) + return fos.set("log.memory", "global-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_setting.py index ebdfc9c6c..90d2f5ef3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_memory_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -212,11 +212,10 @@ def underscore_to_hyphen(data): def log_memory_setting(data, fos): vdom = data["vdom"] log_memory_setting_data = data["log_memory_setting"] - filtered_data = underscore_to_hyphen( - filter_log_memory_setting_data(log_memory_setting_data) - ) + filtered_data = filter_log_memory_setting_data(log_memory_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.memory", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.memory", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_filter.py index f8f78e799..a397e4130 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -239,13 +246,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -343,6 +351,7 @@ def filter_log_null_device_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -383,11 +392,10 @@ def underscore_to_hyphen(data): def log_null_device_filter(data, fos): vdom = data["vdom"] log_null_device_filter_data = data["log_null_device_filter"] - filtered_data = underscore_to_hyphen( - filter_log_null_device_filter_data(log_null_device_filter_data) - ) + filtered_data = filter_log_null_device_filter_data(log_null_device_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.null-device", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.null-device", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -476,6 +484,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_setting.py index bf43353b7..1ffc2141f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_null_device_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -205,11 +205,10 @@ def underscore_to_hyphen(data): def log_null_device_setting(data, fos): vdom = data["vdom"] log_null_device_setting_data = data["log_null_device_setting"] - filtered_data = underscore_to_hyphen( - filter_log_null_device_setting_data(log_null_device_setting_data) - ) + filtered_data = filter_log_null_device_setting_data(log_null_device_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.null-device", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.null-device", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_setting.py index 6885a8beb..77e6aefd6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -214,6 +214,13 @@ options: choices: - 'enable' - 'disable' + long_live_session_stat: + description: + - Enable/disable long-live-session statistics logging. + type: str + choices: + - 'enable' + - 'disable' neighbor_event: description: - Enable/disable neighbor event logging. @@ -291,6 +298,7 @@ EXAMPLES = """ log_policy_comment: "enable" log_policy_name: "enable" log_user_in_upper: "enable" + long_live_session_stat: "enable" neighbor_event: "enable" resolve_ip: "enable" resolve_port: "enable" @@ -400,6 +408,7 @@ def filter_log_setting_data(json): "log_policy_comment", "log_policy_name", "log_user_in_upper", + "long_live_session_stat", "neighbor_event", "resolve_ip", "resolve_port", @@ -435,9 +444,10 @@ def underscore_to_hyphen(data): def log_setting(data, fos): vdom = data["vdom"] log_setting_data = data["log_setting"] - filtered_data = underscore_to_hyphen(filter_log_setting_data(log_setting_data)) + filtered_data = filter_log_setting_data(log_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log", "setting", data=filtered_data, vdom=vdom) + return fos.set("log", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -577,6 +587,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "long_live_session_stat": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "custom_log_fields": { "type": "list", "elements": "dict", @@ -591,7 +606,7 @@ versioned_schema = { }, "anonymization_hash": {"v_range": [["v7.0.2", ""]], "type": "string"}, "fortiview_weekly_data": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_filter.py index 5dff5fad3..776f609ce 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -239,13 +246,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -343,6 +351,7 @@ def filter_log_syslogd2_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -383,11 +392,10 @@ def underscore_to_hyphen(data): def log_syslogd2_filter(data, fos): vdom = data["vdom"] log_syslogd2_filter_data = data["log_syslogd2_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd2_filter_data(log_syslogd2_filter_data) - ) + filtered_data = filter_log_syslogd2_filter_data(log_syslogd2_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd2", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd2", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -476,6 +484,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_filter.py index 5816ea817..a4f72f647 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -98,6 +98,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -216,13 +223,14 @@ EXAMPLES = """ anomaly: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "11" + id: "12" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -316,6 +324,7 @@ def filter_log_syslogd2_override_filter_data(json): "anomaly", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -353,11 +362,12 @@ def underscore_to_hyphen(data): def log_syslogd2_override_filter(data, fos): vdom = data["vdom"] log_syslogd2_override_filter_data = data["log_syslogd2_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd2_override_filter_data(log_syslogd2_override_filter_data) + filtered_data = filter_log_syslogd2_override_filter_data( + log_syslogd2_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd2", "override-filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd2", "override-filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -448,6 +458,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_setting.py index bb29919f9..a08e3dc2f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -379,11 +379,12 @@ def underscore_to_hyphen(data): def log_syslogd2_override_setting(data, fos): vdom = data["vdom"] log_syslogd2_override_setting_data = data["log_syslogd2_override_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd2_override_setting_data(log_syslogd2_override_setting_data) + filtered_data = filter_log_syslogd2_override_setting_data( + log_syslogd2_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd2", "override-setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd2", "override-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_setting.py index 5c6eb00ed..2528eec72 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd2_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -370,11 +370,10 @@ def underscore_to_hyphen(data): def log_syslogd2_setting(data, fos): vdom = data["vdom"] log_syslogd2_setting_data = data["log_syslogd2_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd2_setting_data(log_syslogd2_setting_data) - ) + filtered_data = filter_log_syslogd2_setting_data(log_syslogd2_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd2", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd2", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_filter.py index 672989379..6786e8ad7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -239,13 +246,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -343,6 +351,7 @@ def filter_log_syslogd3_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -383,11 +392,10 @@ def underscore_to_hyphen(data): def log_syslogd3_filter(data, fos): vdom = data["vdom"] log_syslogd3_filter_data = data["log_syslogd3_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd3_filter_data(log_syslogd3_filter_data) - ) + filtered_data = filter_log_syslogd3_filter_data(log_syslogd3_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd3", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd3", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -476,6 +484,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_filter.py index bbf63872c..8c0c72f7a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -98,6 +98,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -216,13 +223,14 @@ EXAMPLES = """ anomaly: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "11" + id: "12" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -316,6 +324,7 @@ def filter_log_syslogd3_override_filter_data(json): "anomaly", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -353,11 +362,12 @@ def underscore_to_hyphen(data): def log_syslogd3_override_filter(data, fos): vdom = data["vdom"] log_syslogd3_override_filter_data = data["log_syslogd3_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd3_override_filter_data(log_syslogd3_override_filter_data) + filtered_data = filter_log_syslogd3_override_filter_data( + log_syslogd3_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd3", "override-filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd3", "override-filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -448,6 +458,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_setting.py index 05e37ea42..cf012828d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -379,11 +379,12 @@ def underscore_to_hyphen(data): def log_syslogd3_override_setting(data, fos): vdom = data["vdom"] log_syslogd3_override_setting_data = data["log_syslogd3_override_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd3_override_setting_data(log_syslogd3_override_setting_data) + filtered_data = filter_log_syslogd3_override_setting_data( + log_syslogd3_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd3", "override-setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd3", "override-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_setting.py index 487a9a652..2434f3152 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd3_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -370,11 +370,10 @@ def underscore_to_hyphen(data): def log_syslogd3_setting(data, fos): vdom = data["vdom"] log_syslogd3_setting_data = data["log_syslogd3_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd3_setting_data(log_syslogd3_setting_data) - ) + filtered_data = filter_log_syslogd3_setting_data(log_syslogd3_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd3", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd3", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_filter.py index ffc3f4e73..351c3dd29 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -239,13 +246,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -343,6 +351,7 @@ def filter_log_syslogd4_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -383,11 +392,10 @@ def underscore_to_hyphen(data): def log_syslogd4_filter(data, fos): vdom = data["vdom"] log_syslogd4_filter_data = data["log_syslogd4_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd4_filter_data(log_syslogd4_filter_data) - ) + filtered_data = filter_log_syslogd4_filter_data(log_syslogd4_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd4", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd4", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -476,6 +484,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_filter.py index f591fc7a0..5e1c6d63c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -98,6 +98,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -216,13 +223,14 @@ EXAMPLES = """ anomaly: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "11" + id: "12" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -316,6 +324,7 @@ def filter_log_syslogd4_override_filter_data(json): "anomaly", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -353,11 +362,12 @@ def underscore_to_hyphen(data): def log_syslogd4_override_filter(data, fos): vdom = data["vdom"] log_syslogd4_override_filter_data = data["log_syslogd4_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd4_override_filter_data(log_syslogd4_override_filter_data) + filtered_data = filter_log_syslogd4_override_filter_data( + log_syslogd4_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd4", "override-filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd4", "override-filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -448,6 +458,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_setting.py index a0dd1f913..affb928ee 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -379,11 +379,12 @@ def underscore_to_hyphen(data): def log_syslogd4_override_setting(data, fos): vdom = data["vdom"] log_syslogd4_override_setting_data = data["log_syslogd4_override_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd4_override_setting_data(log_syslogd4_override_setting_data) + filtered_data = filter_log_syslogd4_override_setting_data( + log_syslogd4_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd4", "override-setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd4", "override-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_setting.py index 8c15e5dc2..d46c003ee 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd4_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -370,11 +370,10 @@ def underscore_to_hyphen(data): def log_syslogd4_setting(data, fos): vdom = data["vdom"] log_syslogd4_setting_data = data["log_syslogd4_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd4_setting_data(log_syslogd4_setting_data) - ) + filtered_data = filter_log_syslogd4_setting_data(log_syslogd4_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd4", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd4", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_filter.py index 46ca283a4..7d04775eb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -239,13 +246,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -343,6 +351,7 @@ def filter_log_syslogd_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -383,11 +392,10 @@ def underscore_to_hyphen(data): def log_syslogd_filter(data, fos): vdom = data["vdom"] log_syslogd_filter_data = data["log_syslogd_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd_filter_data(log_syslogd_filter_data) - ) + filtered_data = filter_log_syslogd_filter_data(log_syslogd_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -476,6 +484,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_filter.py index 6a6ef1760..0a5b129bd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -239,13 +246,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -343,6 +351,7 @@ def filter_log_syslogd_override_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -383,11 +392,12 @@ def underscore_to_hyphen(data): def log_syslogd_override_filter(data, fos): vdom = data["vdom"] log_syslogd_override_filter_data = data["log_syslogd_override_filter"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd_override_filter_data(log_syslogd_override_filter_data) + filtered_data = filter_log_syslogd_override_filter_data( + log_syslogd_override_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd", "override-filter", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd", "override-filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -478,6 +488,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_setting.py index a80972c85..69cd42104 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_override_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -379,11 +379,12 @@ def underscore_to_hyphen(data): def log_syslogd_override_setting(data, fos): vdom = data["vdom"] log_syslogd_override_setting_data = data["log_syslogd_override_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd_override_setting_data(log_syslogd_override_setting_data) + filtered_data = filter_log_syslogd_override_setting_data( + log_syslogd_override_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd", "override-setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd", "override-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_setting.py index 41420e4d0..7c266a211 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_syslogd_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -370,11 +370,10 @@ def underscore_to_hyphen(data): def log_syslogd_setting(data, fos): vdom = data["vdom"] log_syslogd_setting_data = data["log_syslogd_setting"] - filtered_data = underscore_to_hyphen( - filter_log_syslogd_setting_data(log_syslogd_setting_data) - ) + filtered_data = filter_log_syslogd_setting_data(log_syslogd_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.syslogd", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.syslogd", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_filter.py index 28c9bc889..6a9e92838 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -221,13 +221,12 @@ def underscore_to_hyphen(data): def log_tacacsplusaccounting2_filter(data, fos): vdom = data["vdom"] log_tacacsplusaccounting2_filter_data = data["log_tacacsplusaccounting2_filter"] - filtered_data = underscore_to_hyphen( - filter_log_tacacsplusaccounting2_filter_data( - log_tacacsplusaccounting2_filter_data - ) + filtered_data = filter_log_tacacsplusaccounting2_filter_data( + log_tacacsplusaccounting2_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.tacacs+accounting2", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.tacacs+accounting2", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_setting.py index 9c51d1975..ce498e1a2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting2_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -241,13 +241,12 @@ def underscore_to_hyphen(data): def log_tacacsplusaccounting2_setting(data, fos): vdom = data["vdom"] log_tacacsplusaccounting2_setting_data = data["log_tacacsplusaccounting2_setting"] - filtered_data = underscore_to_hyphen( - filter_log_tacacsplusaccounting2_setting_data( - log_tacacsplusaccounting2_setting_data - ) + filtered_data = filter_log_tacacsplusaccounting2_setting_data( + log_tacacsplusaccounting2_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.tacacs+accounting2", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.tacacs+accounting2", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_filter.py index 82502c45f..e76c3d6d3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -221,13 +221,12 @@ def underscore_to_hyphen(data): def log_tacacsplusaccounting3_filter(data, fos): vdom = data["vdom"] log_tacacsplusaccounting3_filter_data = data["log_tacacsplusaccounting3_filter"] - filtered_data = underscore_to_hyphen( - filter_log_tacacsplusaccounting3_filter_data( - log_tacacsplusaccounting3_filter_data - ) + filtered_data = filter_log_tacacsplusaccounting3_filter_data( + log_tacacsplusaccounting3_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.tacacs+accounting3", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.tacacs+accounting3", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_setting.py index c490d4a66..b41aa066e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting3_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -241,13 +241,12 @@ def underscore_to_hyphen(data): def log_tacacsplusaccounting3_setting(data, fos): vdom = data["vdom"] log_tacacsplusaccounting3_setting_data = data["log_tacacsplusaccounting3_setting"] - filtered_data = underscore_to_hyphen( - filter_log_tacacsplusaccounting3_setting_data( - log_tacacsplusaccounting3_setting_data - ) + filtered_data = filter_log_tacacsplusaccounting3_setting_data( + log_tacacsplusaccounting3_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.tacacs+accounting3", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.tacacs+accounting3", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_filter.py index 3163541e1..89199ac32 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -221,13 +221,12 @@ def underscore_to_hyphen(data): def log_tacacsplusaccounting_filter(data, fos): vdom = data["vdom"] log_tacacsplusaccounting_filter_data = data["log_tacacsplusaccounting_filter"] - filtered_data = underscore_to_hyphen( - filter_log_tacacsplusaccounting_filter_data( - log_tacacsplusaccounting_filter_data - ) + filtered_data = filter_log_tacacsplusaccounting_filter_data( + log_tacacsplusaccounting_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.tacacs+accounting", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.tacacs+accounting", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_setting.py index 9ae2bc591..92cf58399 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_tacacsplusaccounting_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -241,13 +241,12 @@ def underscore_to_hyphen(data): def log_tacacsplusaccounting_setting(data, fos): vdom = data["vdom"] log_tacacsplusaccounting_setting_data = data["log_tacacsplusaccounting_setting"] - filtered_data = underscore_to_hyphen( - filter_log_tacacsplusaccounting_setting_data( - log_tacacsplusaccounting_setting_data - ) + filtered_data = filter_log_tacacsplusaccounting_setting_data( + log_tacacsplusaccounting_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.tacacs+accounting", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.tacacs+accounting", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_threat_weight.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_threat_weight.py index 5ecdc883f..3c0560bc1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_threat_weight.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_threat_weight.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -675,11 +675,10 @@ def underscore_to_hyphen(data): def log_threat_weight(data, fos): vdom = data["vdom"] log_threat_weight_data = data["log_threat_weight"] - filtered_data = underscore_to_hyphen( - filter_log_threat_weight_data(log_threat_weight_data) - ) + filtered_data = filter_log_threat_weight_data(log_threat_weight_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log", "threat-weight", data=filtered_data, vdom=vdom) + return fos.set("log", "threat-weight", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_filter.py index 854a17583..d5560cf03 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,6 +105,13 @@ options: choices: - 'include' - 'exclude' + forti_switch: + description: + - Enable/disable Forti-Switch logging. + type: str + choices: + - 'enable' + - 'disable' forward_traffic: description: - Enable/disable forward traffic logging. @@ -239,13 +246,14 @@ EXAMPLES = """ dns: "enable" filter: "<your_own_value>" filter_type: "include" + forti_switch: "enable" forward_traffic: "enable" free_style: - category: "traffic" filter: "<your_own_value>" filter_type: "include" - id: "12" + id: "13" gtp: "enable" local_traffic: "enable" multicast_traffic: "enable" @@ -343,6 +351,7 @@ def filter_log_webtrends_filter_data(json): "dns", "filter", "filter_type", + "forti_switch", "forward_traffic", "free_style", "gtp", @@ -383,11 +392,10 @@ def underscore_to_hyphen(data): def log_webtrends_filter(data, fos): vdom = data["vdom"] log_webtrends_filter_data = data["log_webtrends_filter"] - filtered_data = underscore_to_hyphen( - filter_log_webtrends_filter_data(log_webtrends_filter_data) - ) + filtered_data = filter_log_webtrends_filter_data(log_webtrends_filter_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.webtrends", "filter", data=filtered_data, vdom=vdom) + return fos.set("log.webtrends", "filter", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -476,6 +484,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "forti_switch": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "free_style": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_setting.py index e421898d4..09734b95f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_log_webtrends_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -210,11 +210,10 @@ def underscore_to_hyphen(data): def log_webtrends_setting(data, fos): vdom = data["vdom"] log_webtrends_setting_data = data["log_webtrends_setting"] - filtered_data = underscore_to_hyphen( - filter_log_webtrends_setting_data(log_webtrends_setting_data) - ) + filtered_data = filter_log_webtrends_setting_data(log_webtrends_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("log.webtrends", "setting", data=filtered_data, vdom=vdom) + return fos.set("log.webtrends", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor.py index 70a93ee4c..02eeaea57 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor.py @@ -571,7 +571,7 @@ module_selectors_defs = { "params": { "id": {"type": "int", "required": "False"}, "method": {"type": "string", "required": "False"}, - "admins": {"type": "array", "required": "False"}, + "admins": {"type": "array", "required": "True"}, }, }, "set.system.time": { @@ -1633,7 +1633,7 @@ module_selectors_defs = { "update-global-label.firewall.policy": { "url": "firewall/policy/update-global-label", "params": { - "policyid": {"type": "int", "required": "True"}, + "policyid": {"type": "string", "required": "True"}, "current-label": {"type": "string", "required": "False"}, "new-label": {"type": "string", "required": "False"}, }, @@ -1641,7 +1641,7 @@ module_selectors_defs = { "update-global-label.firewall.security-policy": { "url": "firewall/security-policy/update-global-label", "params": { - "policyid": {"type": "int", "required": "True"}, + "policyid": {"type": "string", "required": "True"}, "current-label": {"type": "string", "required": "False"}, "new-label": {"type": "string", "required": "False"}, }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor_fact.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor_fact.py index 25e11cd21..b23a2df6b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor_fact.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitor_fact.py @@ -445,6 +445,13 @@ options: - 'extension-controller_lan-extension-vdom-status' - 'user_proxy' - 'user_proxy_count' + - 'firewall_check-addrgrp-exclude-mac-member' + - 'firewall_saas-application' + - 'router_sdwan_routes' + - 'router_sdwan_routes6' + - 'router_sdwan_routes-statistics' + - 'extender-controller_extender_modem-firmware' + - 'user_radius_get-test-connect' selector: description: @@ -770,6 +777,13 @@ options: - 'extension-controller_lan-extension-vdom-status' - 'user_proxy' - 'user_proxy_count' + - 'firewall_check-addrgrp-exclude-mac-member' + - 'firewall_saas-application' + - 'router_sdwan_routes' + - 'router_sdwan_routes6' + - 'router_sdwan_routes-statistics' + - 'extender-controller_extender_modem-firmware' + - 'user_radius_get-test-connect' params: description: @@ -1830,6 +1844,7 @@ module_selectors_defs = { "timestamp_to": {"type": "int", "required": "False"}, "filters": {"type": "array", "required": "False"}, "query_type": {"type": "string", "required": "False"}, + "view_type": {"type": "string", "required": "False"}, "query_id": {"type": "int", "required": "False"}, "cache_query": {"type": "boolean", "required": "False"}, "key_only": {"type": "boolean", "required": "False"}, @@ -1926,6 +1941,7 @@ module_selectors_defs = { "scope": {"type": "string", "required": "False"}, "search_tables": {"type": "array", "required": "False"}, "skip_tables": {"type": "array", "required": "False"}, + "exact": {"type": "boolean", "required": "False"}, }, }, "switch-controller_managed-switch_status": { @@ -2320,6 +2336,36 @@ module_selectors_defs = { }, "user_proxy": {"url": "user/proxy", "params": {}}, "user_proxy_count": {"url": "user/proxy/count", "params": {}}, + "firewall_check-addrgrp-exclude-mac-member": { + "url": "firewall/check-addrgrp-exclude-mac-member", + "params": { + "mkey": {"type": "string", "required": "True"}, + "ip_version": {"type": "string", "required": "False"}, + }, + }, + "firewall_saas-application": {"url": "firewall/saas-application", "params": {}}, + "router_sdwan_routes": {"url": "router/sdwan/routes", "params": {}}, + "router_sdwan_routes6": {"url": "router/sdwan/routes6", "params": {}}, + "router_sdwan_routes-statistics": { + "url": "router/sdwan/routes-statistics", + "params": {"ip_version": {"type": "string", "required": "False"}}, + }, + "extender-controller_extender_modem-firmware": { + "url": "extender-controller/extender/modem-firmware", + "params": {"serial": {"type": "string", "required": "True"}}, + }, + "user_radius_get-test-connect": { + "url": "user/radius/get-test-connect", + "params": { + "mkey": {"type": "string", "required": "False"}, + "ordinal": {"type": "string", "required": "False"}, + "server": {"type": "string", "required": "False"}, + "secret": {"type": "string", "required": "False"}, + "auth_type": {"type": "string", "required": "False"}, + "user": {"type": "string", "required": "False"}, + "password": {"type": "string", "required": "False"}, + }, + }, } @@ -2751,6 +2797,13 @@ def main(): "extension-controller_lan-extension-vdom-status", "user_proxy", "user_proxy_count", + "firewall_check-addrgrp-exclude-mac-member", + "firewall_saas-application", + "router_sdwan_routes", + "router_sdwan_routes6", + "router_sdwan_routes-statistics", + "extender-controller_extender_modem-firmware", + "user_radius_get-test-connect", ], }, "selectors": { @@ -3084,6 +3137,13 @@ def main(): "extension-controller_lan-extension-vdom-status", "user_proxy", "user_proxy_count", + "firewall_check-addrgrp-exclude-mac-member", + "firewall_saas-application", + "router_sdwan_routes", + "router_sdwan_routes6", + "router_sdwan_routes-statistics", + "extender-controller_extender_modem-firmware", + "user_radius_get-test-connect", ], }, }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_np6_ipsec_engine.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_np6_ipsec_engine.py index 98588718f..4715f3399 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_np6_ipsec_engine.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_np6_ipsec_engine.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,11 +249,12 @@ def monitoring_np6_ipsec_engine(data, fos): monitoring_np6_ipsec_engine_data = flatten_multilists_attributes( monitoring_np6_ipsec_engine_data ) - filtered_data = underscore_to_hyphen( - filter_monitoring_np6_ipsec_engine_data(monitoring_np6_ipsec_engine_data) + filtered_data = filter_monitoring_np6_ipsec_engine_data( + monitoring_np6_ipsec_engine_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("monitoring", "np6-ipsec-engine", data=filtered_data, vdom=vdom) + return fos.set("monitoring", "np6-ipsec-engine", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -287,17 +288,20 @@ def fortios_monitoring(data, fos): versioned_schema = { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "dict", "children": { "status": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "interval": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, "threshold": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "list", "multiple_values": True, "elements": "str", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_npu_hpe.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_npu_hpe.py index 57e11fe09..965de21c6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_npu_hpe.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_monitoring_npu_hpe.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,11 +246,10 @@ def monitoring_npu_hpe(data, fos): vdom = data["vdom"] monitoring_npu_hpe_data = data["monitoring_npu_hpe"] monitoring_npu_hpe_data = flatten_multilists_attributes(monitoring_npu_hpe_data) - filtered_data = underscore_to_hyphen( - filter_monitoring_npu_hpe_data(monitoring_npu_hpe_data) - ) + filtered_data = filter_monitoring_npu_hpe_data(monitoring_npu_hpe_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("monitoring", "npu-hpe", data=filtered_data, vdom=vdom) + return fos.set("monitoring", "npu-hpe", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_service_chain.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_service_chain.py index 4524adb33..4c448352c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_service_chain.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_service_chain.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -252,12 +252,11 @@ def nsxt_service_chain(data, fos): state = data["state"] nsxt_service_chain_data = data["nsxt_service_chain"] - filtered_data = underscore_to_hyphen( - filter_nsxt_service_chain_data(nsxt_service_chain_data) - ) + filtered_data = filter_nsxt_service_chain_data(nsxt_service_chain_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("nsxt", "service-chain", data=filtered_data, vdom=vdom) + return fos.set("nsxt", "service-chain", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("nsxt", "service-chain", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_setting.py index 72ba3d5e6..f40e1baae 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_nsxt_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -210,9 +210,10 @@ def underscore_to_hyphen(data): def nsxt_setting(data, fos): vdom = data["vdom"] nsxt_setting_data = data["nsxt_setting"] - filtered_data = underscore_to_hyphen(filter_nsxt_setting_data(nsxt_setting_data)) + filtered_data = filter_nsxt_setting_data(nsxt_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("nsxt", "setting", data=filtered_data, vdom=vdom) + return fos.set("nsxt", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_pfcp_message_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_pfcp_message_filter.py index afccb153c..a55f0a35a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_pfcp_message_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_pfcp_message_filter.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -350,12 +350,11 @@ def pfcp_message_filter(data, fos): state = data["state"] pfcp_message_filter_data = data["pfcp_message_filter"] - filtered_data = underscore_to_hyphen( - filter_pfcp_message_filter_data(pfcp_message_filter_data) - ) + filtered_data = filter_pfcp_message_filter_data(pfcp_message_filter_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("pfcp", "message-filter", data=filtered_data, vdom=vdom) + return fos.set("pfcp", "message-filter", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -398,12 +397,12 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "required": True, }, "unknown_message": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, @@ -412,75 +411,79 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v7.0.1", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "integer", "required": True, } }, - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], }, "heartbeat": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "pfd_management": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "version_not_support": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "session_establish": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "session_modification": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "session_deletion": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "session_report": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "association_setup": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "association_update": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "association_release": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "node_report": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, "session_set_deletion": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "allow"}, {"value": "deny"}], }, }, - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_chart.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_chart.py index 8fc46de5c..0f9b254ff 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_chart.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_chart.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -660,7 +660,8 @@ def report_chart(data, fos, check_mode=False): state = data["state"] report_chart_data = data["report_chart"] - filtered_data = underscore_to_hyphen(filter_report_chart_data(report_chart_data)) + filtered_data = filter_report_chart_data(report_chart_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -724,7 +725,7 @@ def report_chart(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("report", "chart", data=filtered_data, vdom=vdom) + return fos.set("report", "chart", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("report", "chart", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_dataset.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_dataset.py index 4954b253e..d8b08c468 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_dataset.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_dataset.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -303,9 +303,8 @@ def report_dataset(data, fos, check_mode=False): state = data["state"] report_dataset_data = data["report_dataset"] - filtered_data = underscore_to_hyphen( - filter_report_dataset_data(report_dataset_data) - ) + filtered_data = filter_report_dataset_data(report_dataset_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -369,7 +368,7 @@ def report_dataset(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("report", "dataset", data=filtered_data, vdom=vdom) + return fos.set("report", "dataset", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("report", "dataset", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_layout.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_layout.py index 660616566..312914cda 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_layout.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_layout.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -713,7 +713,8 @@ def report_layout(data, fos, check_mode=False): report_layout_data = data["report_layout"] report_layout_data = flatten_multilists_attributes(report_layout_data) - filtered_data = underscore_to_hyphen(filter_report_layout_data(report_layout_data)) + filtered_data = filter_report_layout_data(report_layout_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -777,7 +778,7 @@ def report_layout(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("report", "layout", data=filtered_data, vdom=vdom) + return fos.set("report", "layout", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("report", "layout", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_setting.py index 9a4660d31..83f49d2c7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -269,11 +269,10 @@ def report_setting(data, fos): vdom = data["vdom"] report_setting_data = data["report_setting"] report_setting_data = flatten_multilists_attributes(report_setting_data) - filtered_data = underscore_to_hyphen( - filter_report_setting_data(report_setting_data) - ) + filtered_data = filter_report_setting_data(report_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("report", "setting", data=filtered_data, vdom=vdom) + return fos.set("report", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_style.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_style.py index bf97b0094..65a08e158 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_style.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_style.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -438,7 +438,8 @@ def report_style(data, fos, check_mode=False): report_style_data = data["report_style"] report_style_data = flatten_multilists_attributes(report_style_data) - filtered_data = underscore_to_hyphen(filter_report_style_data(report_style_data)) + filtered_data = filter_report_style_data(report_style_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -502,7 +503,7 @@ def report_style(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("report", "style", data=filtered_data, vdom=vdom) + return fos.set("report", "style", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("report", "style", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_theme.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_theme.py index b8a925de9..2766f3dbd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_theme.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_report_theme.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -408,7 +408,8 @@ def report_theme(data, fos, check_mode=False): state = data["state"] report_theme_data = data["report_theme"] - filtered_data = underscore_to_hyphen(filter_report_theme_data(report_theme_data)) + filtered_data = filter_report_theme_data(report_theme_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -472,7 +473,7 @@ def report_theme(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("report", "theme", data=filtered_data, vdom=vdom) + return fos.set("report", "theme", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("report", "theme", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list.py index 16f6e6aae..52dee3961 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -275,9 +275,8 @@ def router_access_list(data, fos, check_mode=False): state = data["state"] router_access_list_data = data["router_access_list"] - filtered_data = underscore_to_hyphen( - filter_router_access_list_data(router_access_list_data) - ) + filtered_data = filter_router_access_list_data(router_access_list_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -341,7 +340,7 @@ def router_access_list(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "access-list", data=filtered_data, vdom=vdom) + return fos.set("router", "access-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list6.py index b359464e5..449c1e75e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_access_list6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -270,9 +270,8 @@ def router_access_list6(data, fos, check_mode=False): state = data["state"] router_access_list6_data = data["router_access_list6"] - filtered_data = underscore_to_hyphen( - filter_router_access_list6_data(router_access_list6_data) - ) + filtered_data = filter_router_access_list6_data(router_access_list6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -336,7 +335,7 @@ def router_access_list6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "access-list6", data=filtered_data, vdom=vdom) + return fos.set("router", "access-list6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_aspath_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_aspath_list.py index 12b2036b1..09dba421c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_aspath_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_aspath_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -252,9 +252,8 @@ def router_aspath_list(data, fos, check_mode=False): state = data["state"] router_aspath_list_data = data["router_aspath_list"] - filtered_data = underscore_to_hyphen( - filter_router_aspath_list_data(router_aspath_list_data) - ) + filtered_data = filter_router_aspath_list_data(router_aspath_list_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -318,7 +317,7 @@ def router_aspath_list(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "aspath-list", data=filtered_data, vdom=vdom) + return fos.set("router", "aspath-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_auth_path.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_auth_path.py index 388b31072..6eb1b3a6d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_auth_path.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_auth_path.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,9 +235,8 @@ def router_auth_path(data, fos, check_mode=False): state = data["state"] router_auth_path_data = data["router_auth_path"] - filtered_data = underscore_to_hyphen( - filter_router_auth_path_data(router_auth_path_data) - ) + filtered_data = filter_router_auth_path_data(router_auth_path_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -301,7 +300,7 @@ def router_auth_path(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "auth-path", data=filtered_data, vdom=vdom) + return fos.set("router", "auth-path", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("router", "auth-path", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd.py index 1fa0d6a93..3f0f2792f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -268,9 +268,10 @@ def underscore_to_hyphen(data): def router_bfd(data, fos): vdom = data["vdom"] router_bfd_data = data["router_bfd"] - filtered_data = underscore_to_hyphen(filter_router_bfd_data(router_bfd_data)) + filtered_data = filter_router_bfd_data(router_bfd_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "bfd", data=filtered_data, vdom=vdom) + return fos.set("router", "bfd", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd6.py index d14e6c2db..4d0035eb1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bfd6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -268,9 +268,10 @@ def underscore_to_hyphen(data): def router_bfd6(data, fos): vdom = data["vdom"] router_bfd6_data = data["router_bfd6"] - filtered_data = underscore_to_hyphen(filter_router_bfd6_data(router_bfd6_data)) + filtered_data = filter_router_bfd6_data(router_bfd6_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "bfd6", data=filtered_data, vdom=vdom) + return fos.set("router", "bfd6", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bgp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bgp.py index 2eccab8e0..a653b57aa 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bgp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_bgp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -95,6 +95,10 @@ options: description: - Number of additional paths to be selected for each VPNv4 NLRI. type: int + additional_path_select_vpnv6: + description: + - Number of additional paths to be selected for each VPNv6 NLRI. + type: int additional_path_select6: description: - Number of additional paths to be selected for each IPv6 NLRI. @@ -106,6 +110,13 @@ options: choices: - 'enable' - 'disable' + additional_path_vpnv6: + description: + - Enable/disable selection of BGP VPNv6 additional paths. + type: str + choices: + - 'enable' + - 'disable' additional_path6: description: - Enable/disable selection of BGP IPv6 additional paths. @@ -437,6 +448,13 @@ options: choices: - 'enable' - 'disable' + activate_vpnv6: + description: + - Enable/disable address family VPNv6 for this neighbor. + type: str + choices: + - 'enable' + - 'disable' activate6: description: - Enable/disable address family IPv6 for this neighbor. @@ -462,6 +480,15 @@ options: - 'receive' - 'both' - 'disable' + additional_path_vpnv6: + description: + - Enable/disable VPNv6 additional-path capability. + type: str + choices: + - 'send' + - 'receive' + - 'both' + - 'disable' additional_path6: description: - Enable/disable IPv6 additional-path capability. @@ -479,6 +506,10 @@ options: description: - Number of VPNv4 additional paths that can be advertised to this neighbor. type: int + adv_additional_path_vpnv6: + description: + - Number of VPNv6 additional paths that can be advertised to this neighbor. + type: int adv_additional_path6: description: - Number of IPv6 additional paths that can be advertised to this neighbor. @@ -512,6 +543,13 @@ options: choices: - 'enable' - 'disable' + allowas_in_enable_vpnv6: + description: + - Enable/disable use of my AS in AS path for VPNv6 route. + type: str + choices: + - 'enable' + - 'disable' allowas_in_enable6: description: - Enable/disable IPv6 Enable to allow my AS in AS path. @@ -527,6 +565,10 @@ options: description: - The maximum number of occurrence of my AS number allowed for VPNv4 route. type: int + allowas_in_vpnv6: + description: + - The maximum number of occurrence of my AS number allowed for VPNv6 route. + type: int allowas_in6: description: - IPv6 The maximum number of occurrence of my AS number allowed. @@ -563,6 +605,15 @@ options: - 'as-path' - 'med' - 'next-hop' + attribute_unchanged_vpnv6: + description: + - List of attributes that should not be changed for VPNv6 route. + type: list + elements: str + choices: + - 'as-path' + - 'med' + - 'next-hop' attribute_unchanged6: description: - IPv6 List of attributes that should be unchanged. @@ -572,6 +623,10 @@ options: - 'as-path' - 'med' - 'next-hop' + auth_options: + description: + - Key-chain name for TCP authentication options. Source router.key-chain.name. + type: str bfd: description: - Enable/disable BFD for this neighbor. @@ -621,6 +676,13 @@ options: choices: - 'enable' - 'disable' + capability_graceful_restart_vpnv6: + description: + - Enable/disable advertisement of VPNv6 graceful restart capability to this neighbor. + type: str + choices: + - 'enable' + - 'disable' capability_graceful_restart6: description: - Enable/disable advertise IPv6 graceful restart capability to this neighbor. @@ -735,6 +797,10 @@ options: description: - Filter for VPNv4 updates from this neighbor. Source router.access-list.name. type: str + distribute_list_in_vpnv6: + description: + - Filter for VPNv6 updates from this neighbor. Source router.access-list6.name. + type: str distribute_list_in6: description: - Filter for IPv6 updates from this neighbor. Source router.access-list6.name. @@ -747,6 +813,10 @@ options: description: - Filter for VPNv4 updates to this neighbor. Source router.access-list.name. type: str + distribute_list_out_vpnv6: + description: + - Filter for VPNv6 updates to this neighbor. Source router.access-list6.name. + type: str distribute_list_out6: description: - Filter for IPv6 updates to this neighbor. Source router.access-list6.name. @@ -777,6 +847,10 @@ options: description: - BGP filter for VPNv4 inbound routes. Source router.aspath-list.name. type: str + filter_list_in_vpnv6: + description: + - BGP filter for VPNv6 inbound routes. Source router.aspath-list.name. + type: str filter_list_in6: description: - BGP filter for IPv6 inbound routes. Source router.aspath-list.name. @@ -789,6 +863,10 @@ options: description: - BGP filter for VPNv4 outbound routes. Source router.aspath-list.name. type: str + filter_list_out_vpnv6: + description: + - BGP filter for VPNv6 outbound routes. Source router.aspath-list.name. + type: str filter_list_out6: description: - BGP filter for IPv6 outbound routes. Source router.aspath-list.name. @@ -856,6 +934,10 @@ options: description: - Maximum VPNv4 prefix threshold value (1 - 100 percent). type: int + maximum_prefix_threshold_vpnv6: + description: + - Maximum VPNv6 prefix threshold value (1 - 100 percent). + type: int maximum_prefix_threshold6: description: - Maximum IPv6 prefix threshold value (1 - 100 percent). @@ -864,6 +946,10 @@ options: description: - Maximum number of VPNv4 prefixes to accept from this peer. type: int + maximum_prefix_vpnv6: + description: + - Maximum number of VPNv6 prefixes to accept from this peer. + type: int maximum_prefix_warning_only: description: - Enable/disable IPv4 Only give warning message when limit is exceeded. @@ -885,6 +971,13 @@ options: choices: - 'enable' - 'disable' + maximum_prefix_warning_only_vpnv6: + description: + - Enable/disable warning message when limit is exceeded for VPNv6 routes. + type: str + choices: + - 'enable' + - 'disable' maximum_prefix_warning_only6: description: - Enable/disable IPv6 Only give warning message when limit is exceeded. @@ -924,6 +1017,13 @@ options: choices: - 'enable' - 'disable' + next_hop_self_vpnv6: + description: + - Enable/disable use of outgoing interface"s IP address as VPNv6 next-hop for this neighbor. + type: str + choices: + - 'enable' + - 'disable' next_hop_self6: description: - Enable/disable IPv6 next-hop calculation for this neighbor. @@ -957,6 +1057,10 @@ options: description: - Inbound filter for VPNv4 updates from this neighbor. Source router.prefix-list.name. type: str + prefix_list_in_vpnv6: + description: + - Inbound filter for VPNv6 updates from this neighbor. Source router.prefix-list6.name. + type: str prefix_list_in6: description: - IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name. @@ -969,6 +1073,10 @@ options: description: - Outbound filter for VPNv4 updates to this neighbor. Source router.prefix-list.name. type: str + prefix_list_out_vpnv6: + description: + - Outbound filter for VPNv6 updates to this neighbor. Source router.prefix-list6.name. + type: str prefix_list_out6: description: - IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name. @@ -998,6 +1106,13 @@ options: choices: - 'enable' - 'disable' + remove_private_as_vpnv6: + description: + - Enable/disable to remove private AS number from VPNv6 outbound updates. + type: str + choices: + - 'enable' + - 'disable' remove_private_as6: description: - Enable/disable remove private AS number from IPv6 outbound updates. @@ -1025,6 +1140,10 @@ options: description: - VPNv4 inbound route map filter. Source router.route-map.name. type: str + route_map_in_vpnv6: + description: + - VPNv6 inbound route map filter. Source router.route-map.name. + type: str route_map_in6: description: - IPv6 Inbound route map filter. Source router.route-map.name. @@ -1049,6 +1168,14 @@ options: description: - VPNv4 outbound route map filter if the peer is preferred. Source router.route-map.name. type: str + route_map_out_vpnv6: + description: + - VPNv6 outbound route map filter. Source router.route-map.name. + type: str + route_map_out_vpnv6_preferable: + description: + - VPNv6 outbound route map filter if this neighbor is preferred. Source router.route-map.name. + type: str route_map_out6: description: - IPv6 Outbound route map filter. Source router.route-map.name. @@ -1078,6 +1205,13 @@ options: choices: - 'enable' - 'disable' + route_reflector_client_vpnv6: + description: + - Enable/disable VPNv6 AS route reflector client for this neighbor. + type: str + choices: + - 'enable' + - 'disable' route_reflector_client6: description: - Enable/disable IPv6 AS route reflector client. @@ -1106,6 +1240,13 @@ options: choices: - 'enable' - 'disable' + route_server_client_vpnv6: + description: + - Enable/disable VPNv6 AS route server client for this neighbor. + type: str + choices: + - 'enable' + - 'disable' route_server_client6: description: - Enable/disable IPv6 AS route server client. @@ -1140,6 +1281,15 @@ options: - 'extended' - 'both' - 'disable' + send_community_vpnv6: + description: + - Enable/disable sending community attribute to this neighbor for VPNv6 address family. + type: str + choices: + - 'standard' + - 'extended' + - 'both' + - 'disable' send_community6: description: - IPv6 Send community attribute to neighbor. @@ -1177,6 +1327,13 @@ options: choices: - 'enable' - 'disable' + soft_reconfiguration_vpnv6: + description: + - Enable/disable VPNv6 inbound soft reconfiguration. + type: str + choices: + - 'enable' + - 'disable' soft_reconfiguration6: description: - Enable/disable allow IPv6 inbound soft reconfiguration. @@ -1241,6 +1398,13 @@ options: choices: - 'enable' - 'disable' + activate_vpnv6: + description: + - Enable/disable address family VPNv6 for this neighbor. + type: str + choices: + - 'enable' + - 'disable' activate6: description: - Enable/disable address family IPv6 for this neighbor. @@ -1266,6 +1430,15 @@ options: - 'receive' - 'both' - 'disable' + additional_path_vpnv6: + description: + - Enable/disable VPNv6 additional-path capability. + type: str + choices: + - 'send' + - 'receive' + - 'both' + - 'disable' additional_path6: description: - Enable/disable IPv6 additional-path capability. @@ -1283,6 +1456,10 @@ options: description: - Number of VPNv4 additional paths that can be advertised to this neighbor. type: int + adv_additional_path_vpnv6: + description: + - Number of VPNv6 additional paths that can be advertised to this neighbor. + type: int adv_additional_path6: description: - Number of IPv6 additional paths that can be advertised to this neighbor. @@ -1316,6 +1493,13 @@ options: choices: - 'enable' - 'disable' + allowas_in_enable_vpnv6: + description: + - Enable/disable use of my AS in AS path for VPNv6 route. + type: str + choices: + - 'enable' + - 'disable' allowas_in_enable6: description: - Enable/disable IPv6 Enable to allow my AS in AS path. @@ -1331,6 +1515,10 @@ options: description: - The maximum number of occurrence of my AS number allowed for VPNv4 route. type: int + allowas_in_vpnv6: + description: + - The maximum number of occurrence of my AS number allowed for VPNv6 route. + type: int allowas_in6: description: - IPv6 The maximum number of occurrence of my AS number allowed. @@ -1367,6 +1555,15 @@ options: - 'as-path' - 'med' - 'next-hop' + attribute_unchanged_vpnv6: + description: + - List of attributes that should not be changed for VPNv6 route. + type: list + elements: str + choices: + - 'as-path' + - 'med' + - 'next-hop' attribute_unchanged6: description: - IPv6 List of attributes that should be unchanged. @@ -1376,6 +1573,10 @@ options: - 'as-path' - 'med' - 'next-hop' + auth_options: + description: + - Key-chain name for TCP authentication options. Source router.key-chain.name. + type: str bfd: description: - Enable/disable BFD for this neighbor. @@ -1425,6 +1626,13 @@ options: choices: - 'enable' - 'disable' + capability_graceful_restart_vpnv6: + description: + - Enable/disable advertisement of VPNv6 graceful restart capability to this neighbor. + type: str + choices: + - 'enable' + - 'disable' capability_graceful_restart6: description: - Enable/disable advertise IPv6 graceful restart capability to this neighbor. @@ -1481,6 +1689,10 @@ options: description: - Filter for VPNv4 updates from this neighbor. Source router.access-list.name. type: str + distribute_list_in_vpnv6: + description: + - Filter for VPNv6 updates from this neighbor. Source router.access-list6.name. + type: str distribute_list_in6: description: - Filter for IPv6 updates from this neighbor. Source router.access-list6.name. @@ -1493,6 +1705,10 @@ options: description: - Filter for VPNv4 updates to this neighbor. Source router.access-list.name. type: str + distribute_list_out_vpnv6: + description: + - Filter for VPNv6 updates to this neighbor. Source router.access-list6.name. + type: str distribute_list_out6: description: - Filter for IPv6 updates to this neighbor. Source router.access-list6.name. @@ -1523,6 +1739,10 @@ options: description: - BGP filter for VPNv4 inbound routes. Source router.aspath-list.name. type: str + filter_list_in_vpnv6: + description: + - BGP filter for VPNv6 inbound routes. Source router.aspath-list.name. + type: str filter_list_in6: description: - BGP filter for IPv6 inbound routes. Source router.aspath-list.name. @@ -1535,6 +1755,10 @@ options: description: - BGP filter for VPNv4 outbound routes. Source router.aspath-list.name. type: str + filter_list_out_vpnv6: + description: + - BGP filter for VPNv6 outbound routes. Source router.aspath-list.name. + type: str filter_list_out6: description: - BGP filter for IPv6 outbound routes. Source router.aspath-list.name. @@ -1597,6 +1821,10 @@ options: description: - Maximum VPNv4 prefix threshold value (1 - 100 percent). type: int + maximum_prefix_threshold_vpnv6: + description: + - Maximum VPNv6 prefix threshold value (1 - 100 percent). + type: int maximum_prefix_threshold6: description: - Maximum IPv6 prefix threshold value (1 - 100 percent). @@ -1605,6 +1833,10 @@ options: description: - Maximum number of VPNv4 prefixes to accept from this peer. type: int + maximum_prefix_vpnv6: + description: + - Maximum number of VPNv6 prefixes to accept from this peer. + type: int maximum_prefix_warning_only: description: - Enable/disable IPv4 Only give warning message when limit is exceeded. @@ -1626,6 +1858,13 @@ options: choices: - 'enable' - 'disable' + maximum_prefix_warning_only_vpnv6: + description: + - Enable/disable warning message when limit is exceeded for VPNv6 routes. + type: str + choices: + - 'enable' + - 'disable' maximum_prefix_warning_only6: description: - Enable/disable IPv6 Only give warning message when limit is exceeded. @@ -1670,6 +1909,13 @@ options: choices: - 'enable' - 'disable' + next_hop_self_vpnv6: + description: + - Enable/disable use of outgoing interface"s IP address as VPNv6 next-hop for this neighbor. + type: str + choices: + - 'enable' + - 'disable' next_hop_self6: description: - Enable/disable IPv6 next-hop calculation for this neighbor. @@ -1703,6 +1949,10 @@ options: description: - Inbound filter for VPNv4 updates from this neighbor. Source router.prefix-list.name. type: str + prefix_list_in_vpnv6: + description: + - Inbound filter for VPNv6 updates from this neighbor. Source router.prefix-list6.name. + type: str prefix_list_in6: description: - IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name. @@ -1715,6 +1965,10 @@ options: description: - Outbound filter for VPNv4 updates to this neighbor. Source router.prefix-list.name. type: str + prefix_list_out_vpnv6: + description: + - Outbound filter for VPNv6 updates to this neighbor. Source router.prefix-list6.name. + type: str prefix_list_out6: description: - IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name. @@ -1744,6 +1998,13 @@ options: choices: - 'enable' - 'disable' + remove_private_as_vpnv6: + description: + - Enable/disable to remove private AS number from VPNv6 outbound updates. + type: str + choices: + - 'enable' + - 'disable' remove_private_as6: description: - Enable/disable remove private AS number from IPv6 outbound updates. @@ -1771,6 +2032,10 @@ options: description: - VPNv4 inbound route map filter. Source router.route-map.name. type: str + route_map_in_vpnv6: + description: + - VPNv6 inbound route map filter. Source router.route-map.name. + type: str route_map_in6: description: - IPv6 Inbound route map filter. Source router.route-map.name. @@ -1795,6 +2060,14 @@ options: description: - VPNv4 outbound route map filter if the peer is preferred. Source router.route-map.name. type: str + route_map_out_vpnv6: + description: + - VPNv6 outbound route map filter. Source router.route-map.name. + type: str + route_map_out_vpnv6_preferable: + description: + - VPNv6 outbound route map filter if this neighbor is preferred. Source router.route-map.name. + type: str route_map_out6: description: - IPv6 Outbound route map filter. Source router.route-map.name. @@ -1824,6 +2097,13 @@ options: choices: - 'enable' - 'disable' + route_reflector_client_vpnv6: + description: + - Enable/disable VPNv6 AS route reflector client for this neighbor. + type: str + choices: + - 'enable' + - 'disable' route_reflector_client6: description: - Enable/disable IPv6 AS route reflector client. @@ -1852,6 +2132,13 @@ options: choices: - 'enable' - 'disable' + route_server_client_vpnv6: + description: + - Enable/disable VPNv6 AS route server client for this neighbor. + type: str + choices: + - 'enable' + - 'disable' route_server_client6: description: - Enable/disable IPv6 AS route server client. @@ -1886,6 +2173,15 @@ options: - 'extended' - 'both' - 'disable' + send_community_vpnv6: + description: + - Enable/disable sending community attribute to this neighbor for VPNv6 address family. + type: str + choices: + - 'standard' + - 'extended' + - 'both' + - 'disable' send_community6: description: - IPv6 Send community attribute to neighbor. @@ -1923,6 +2219,13 @@ options: choices: - 'enable' - 'disable' + soft_reconfiguration_vpnv6: + description: + - Enable/disable VPNv6 inbound soft reconfiguration. + type: str + choices: + - 'enable' + - 'disable' soft_reconfiguration6: description: - Enable/disable allow IPv6 inbound soft reconfiguration. @@ -2296,6 +2599,32 @@ options: type: list elements: dict suboptions: + export_rt: + description: + - List of export route target. + type: list + elements: dict + suboptions: + route_target: + description: + - 'Attribute: AA:NN|A.B.C.D:NN.' + required: true + type: str + import_route_map: + description: + - Import route map. Source router.route-map.name. + type: str + import_rt: + description: + - List of import route target. + type: list + elements: dict + suboptions: + route_target: + description: + - 'Attribute: AA:NN|A.B.C.D:NN' + required: true + type: str leak_target: description: - Target VRF table. @@ -2315,6 +2644,18 @@ options: - Target VRF ID (0 - 251). required: true type: str + rd: + description: + - 'Route Distinguisher: AA:NN|A.B.C.D:NN.' + type: str + role: + description: + - VRF role. + type: str + choices: + - 'standalone' + - 'ce' + - 'pe' vrf: description: - Origin VRF ID (0 - 251). @@ -2330,25 +2671,27 @@ EXAMPLES = """ additional_path: "enable" additional_path_select: "2" additional_path_select_vpnv4: "2" + additional_path_select_vpnv6: "2" additional_path_select6: "2" additional_path_vpnv4: "enable" + additional_path_vpnv6: "enable" additional_path6: "enable" admin_distance: - distance: "0" - id: "11" + id: "13" neighbour_prefix: "<your_own_value>" route_list: "<your_own_value> (source router.access-list.name)" aggregate_address: - as_set: "enable" - id: "16" + id: "18" prefix: "<your_own_value>" summary_only: "enable" aggregate_address6: - as_set: "enable" - id: "21" + id: "23" prefix6: "<your_own_value>" summary_only: "enable" always_compare_med: "enable" @@ -2396,27 +2739,34 @@ EXAMPLES = """ activate: "enable" activate_evpn: "enable" activate_vpnv4: "enable" + activate_vpnv6: "enable" activate6: "enable" additional_path: "send" additional_path_vpnv4: "send" + additional_path_vpnv6: "send" additional_path6: "send" adv_additional_path: "2" adv_additional_path_vpnv4: "2" + adv_additional_path_vpnv6: "2" adv_additional_path6: "2" advertisement_interval: "30" allowas_in: "3" allowas_in_enable: "enable" allowas_in_enable_evpn: "enable" allowas_in_enable_vpnv4: "enable" + allowas_in_enable_vpnv6: "enable" allowas_in_enable6: "enable" allowas_in_evpn: "3" allowas_in_vpnv4: "3" + allowas_in_vpnv6: "3" allowas_in6: "3" as_override: "enable" as_override6: "enable" attribute_unchanged: "as-path" attribute_unchanged_vpnv4: "as-path" + attribute_unchanged_vpnv6: "as-path" attribute_unchanged6: "as-path" + auth_options: "<your_own_value> (source router.key-chain.name)" bfd: "enable" capability_default_originate: "enable" capability_default_originate6: "enable" @@ -2424,6 +2774,7 @@ EXAMPLES = """ capability_graceful_restart: "enable" capability_graceful_restart_evpn: "enable" capability_graceful_restart_vpnv4: "enable" + capability_graceful_restart_vpnv6: "enable" capability_graceful_restart6: "enable" capability_orf: "none" capability_orf6: "none" @@ -2433,14 +2784,14 @@ EXAMPLES = """ advertise_routemap: "<your_own_value> (source router.route-map.name)" condition_routemap: - - name: "default_name_102 (source router.route-map.name)" + name: "default_name_112 (source router.route-map.name)" condition_type: "exist" conditional_advertise6: - advertise_routemap: "<your_own_value> (source router.route-map.name)" condition_routemap: - - name: "default_name_107 (source router.route-map.name)" + name: "default_name_117 (source router.route-map.name)" condition_type: "exist" connect_timer: "4294967295" default_originate_routemap: "<your_own_value> (source router.route-map.name)" @@ -2448,18 +2799,22 @@ EXAMPLES = """ description: "<your_own_value>" distribute_list_in: "<your_own_value> (source router.access-list.name)" distribute_list_in_vpnv4: "<your_own_value> (source router.access-list.name)" + distribute_list_in_vpnv6: "<your_own_value> (source router.access-list6.name)" distribute_list_in6: "<your_own_value> (source router.access-list6.name)" distribute_list_out: "<your_own_value> (source router.access-list.name)" distribute_list_out_vpnv4: "<your_own_value> (source router.access-list.name)" + distribute_list_out_vpnv6: "<your_own_value> (source router.access-list6.name)" distribute_list_out6: "<your_own_value> (source router.access-list6.name)" dont_capability_negotiate: "enable" ebgp_enforce_multihop: "enable" ebgp_multihop_ttl: "255" filter_list_in: "<your_own_value> (source router.aspath-list.name)" filter_list_in_vpnv4: "<your_own_value> (source router.aspath-list.name)" + filter_list_in_vpnv6: "<your_own_value> (source router.aspath-list.name)" filter_list_in6: "<your_own_value> (source router.aspath-list.name)" filter_list_out: "<your_own_value> (source router.aspath-list.name)" filter_list_out_vpnv4: "<your_own_value> (source router.aspath-list.name)" + filter_list_out_vpnv6: "<your_own_value> (source router.aspath-list.name)" filter_list_out6: "<your_own_value> (source router.aspath-list.name)" holdtime_timer: "4294967295" interface: "<your_own_value> (source system.interface.name)" @@ -2474,61 +2829,75 @@ EXAMPLES = """ maximum_prefix_threshold: "75" maximum_prefix_threshold_evpn: "75" maximum_prefix_threshold_vpnv4: "75" + maximum_prefix_threshold_vpnv6: "75" maximum_prefix_threshold6: "75" maximum_prefix_vpnv4: "0" + maximum_prefix_vpnv6: "0" maximum_prefix_warning_only: "enable" maximum_prefix_warning_only_evpn: "enable" maximum_prefix_warning_only_vpnv4: "enable" + maximum_prefix_warning_only_vpnv6: "enable" maximum_prefix_warning_only6: "enable" maximum_prefix6: "0" next_hop_self: "enable" next_hop_self_rr: "enable" next_hop_self_rr6: "enable" next_hop_self_vpnv4: "enable" + next_hop_self_vpnv6: "enable" next_hop_self6: "enable" override_capability: "enable" passive: "enable" password: "<your_own_value>" prefix_list_in: "<your_own_value> (source router.prefix-list.name)" prefix_list_in_vpnv4: "<your_own_value> (source router.prefix-list.name)" + prefix_list_in_vpnv6: "<your_own_value> (source router.prefix-list6.name)" prefix_list_in6: "<your_own_value> (source router.prefix-list6.name)" prefix_list_out: "<your_own_value> (source router.prefix-list.name)" prefix_list_out_vpnv4: "<your_own_value> (source router.prefix-list.name)" + prefix_list_out_vpnv6: "<your_own_value> (source router.prefix-list6.name)" prefix_list_out6: "<your_own_value> (source router.prefix-list6.name)" remote_as: "<your_own_value>" remove_private_as: "enable" remove_private_as_evpn: "enable" remove_private_as_vpnv4: "enable" + remove_private_as_vpnv6: "enable" remove_private_as6: "enable" restart_time: "0" retain_stale_time: "0" route_map_in: "<your_own_value> (source router.route-map.name)" route_map_in_evpn: "<your_own_value> (source router.route-map.name)" route_map_in_vpnv4: "<your_own_value> (source router.route-map.name)" + route_map_in_vpnv6: "<your_own_value> (source router.route-map.name)" route_map_in6: "<your_own_value> (source router.route-map.name)" route_map_out: "<your_own_value> (source router.route-map.name)" route_map_out_evpn: "<your_own_value> (source router.route-map.name)" route_map_out_preferable: "<your_own_value> (source router.route-map.name)" route_map_out_vpnv4: "<your_own_value> (source router.route-map.name)" route_map_out_vpnv4_preferable: "<your_own_value> (source router.route-map.name)" + route_map_out_vpnv6: "<your_own_value> (source router.route-map.name)" + route_map_out_vpnv6_preferable: "<your_own_value> (source router.route-map.name)" route_map_out6: "<your_own_value> (source router.route-map.name)" route_map_out6_preferable: "<your_own_value> (source router.route-map.name)" route_reflector_client: "enable" route_reflector_client_evpn: "enable" route_reflector_client_vpnv4: "enable" + route_reflector_client_vpnv6: "enable" route_reflector_client6: "enable" route_server_client: "enable" route_server_client_evpn: "enable" route_server_client_vpnv4: "enable" + route_server_client_vpnv6: "enable" route_server_client6: "enable" send_community: "standard" send_community_evpn: "standard" send_community_vpnv4: "standard" + send_community_vpnv6: "standard" send_community6: "standard" shutdown: "enable" soft_reconfiguration: "enable" soft_reconfiguration_evpn: "enable" soft_reconfiguration_vpnv4: "enable" + soft_reconfiguration_vpnv6: "enable" soft_reconfiguration6: "enable" stale_route: "enable" strict_capability_match: "enable" @@ -2541,27 +2910,34 @@ EXAMPLES = """ activate: "enable" activate_evpn: "enable" activate_vpnv4: "enable" + activate_vpnv6: "enable" activate6: "enable" additional_path: "send" additional_path_vpnv4: "send" + additional_path_vpnv6: "send" additional_path6: "send" adv_additional_path: "2" adv_additional_path_vpnv4: "2" + adv_additional_path_vpnv6: "2" adv_additional_path6: "2" advertisement_interval: "30" allowas_in: "3" allowas_in_enable: "enable" allowas_in_enable_evpn: "enable" allowas_in_enable_vpnv4: "enable" + allowas_in_enable_vpnv6: "enable" allowas_in_enable6: "enable" allowas_in_evpn: "3" allowas_in_vpnv4: "3" + allowas_in_vpnv6: "3" allowas_in6: "3" as_override: "enable" as_override6: "enable" attribute_unchanged: "as-path" attribute_unchanged_vpnv4: "as-path" + attribute_unchanged_vpnv6: "as-path" attribute_unchanged6: "as-path" + auth_options: "<your_own_value> (source router.key-chain.name)" bfd: "enable" capability_default_originate: "enable" capability_default_originate6: "enable" @@ -2569,6 +2945,7 @@ EXAMPLES = """ capability_graceful_restart: "enable" capability_graceful_restart_evpn: "enable" capability_graceful_restart_vpnv4: "enable" + capability_graceful_restart_vpnv6: "enable" capability_graceful_restart6: "enable" capability_orf: "none" capability_orf6: "none" @@ -2579,18 +2956,22 @@ EXAMPLES = """ description: "<your_own_value>" distribute_list_in: "<your_own_value> (source router.access-list.name)" distribute_list_in_vpnv4: "<your_own_value> (source router.access-list.name)" + distribute_list_in_vpnv6: "<your_own_value> (source router.access-list6.name)" distribute_list_in6: "<your_own_value> (source router.access-list6.name)" distribute_list_out: "<your_own_value> (source router.access-list.name)" distribute_list_out_vpnv4: "<your_own_value> (source router.access-list.name)" + distribute_list_out_vpnv6: "<your_own_value> (source router.access-list6.name)" distribute_list_out6: "<your_own_value> (source router.access-list6.name)" dont_capability_negotiate: "enable" ebgp_enforce_multihop: "enable" ebgp_multihop_ttl: "255" filter_list_in: "<your_own_value> (source router.aspath-list.name)" filter_list_in_vpnv4: "<your_own_value> (source router.aspath-list.name)" + filter_list_in_vpnv6: "<your_own_value> (source router.aspath-list.name)" filter_list_in6: "<your_own_value> (source router.aspath-list.name)" filter_list_out: "<your_own_value> (source router.aspath-list.name)" filter_list_out_vpnv4: "<your_own_value> (source router.aspath-list.name)" + filter_list_out_vpnv6: "<your_own_value> (source router.aspath-list.name)" filter_list_out6: "<your_own_value> (source router.aspath-list.name)" holdtime_timer: "4294967295" interface: "<your_own_value> (source system.interface.name)" @@ -2604,62 +2985,76 @@ EXAMPLES = """ maximum_prefix_threshold: "75" maximum_prefix_threshold_evpn: "75" maximum_prefix_threshold_vpnv4: "75" + maximum_prefix_threshold_vpnv6: "75" maximum_prefix_threshold6: "75" maximum_prefix_vpnv4: "0" + maximum_prefix_vpnv6: "0" maximum_prefix_warning_only: "enable" maximum_prefix_warning_only_evpn: "enable" maximum_prefix_warning_only_vpnv4: "enable" + maximum_prefix_warning_only_vpnv6: "enable" maximum_prefix_warning_only6: "enable" maximum_prefix6: "0" - name: "default_name_277" + name: "default_name_320" next_hop_self: "enable" next_hop_self_rr: "enable" next_hop_self_rr6: "enable" next_hop_self_vpnv4: "enable" + next_hop_self_vpnv6: "enable" next_hop_self6: "enable" override_capability: "enable" passive: "enable" password: "<your_own_value>" prefix_list_in: "<your_own_value> (source router.prefix-list.name)" prefix_list_in_vpnv4: "<your_own_value> (source router.prefix-list.name)" + prefix_list_in_vpnv6: "<your_own_value> (source router.prefix-list6.name)" prefix_list_in6: "<your_own_value> (source router.prefix-list6.name)" prefix_list_out: "<your_own_value> (source router.prefix-list.name)" prefix_list_out_vpnv4: "<your_own_value> (source router.prefix-list.name)" + prefix_list_out_vpnv6: "<your_own_value> (source router.prefix-list6.name)" prefix_list_out6: "<your_own_value> (source router.prefix-list6.name)" remote_as: "<your_own_value>" remove_private_as: "enable" remove_private_as_evpn: "enable" remove_private_as_vpnv4: "enable" + remove_private_as_vpnv6: "enable" remove_private_as6: "enable" restart_time: "0" retain_stale_time: "0" route_map_in: "<your_own_value> (source router.route-map.name)" route_map_in_evpn: "<your_own_value> (source router.route-map.name)" route_map_in_vpnv4: "<your_own_value> (source router.route-map.name)" + route_map_in_vpnv6: "<your_own_value> (source router.route-map.name)" route_map_in6: "<your_own_value> (source router.route-map.name)" route_map_out: "<your_own_value> (source router.route-map.name)" route_map_out_evpn: "<your_own_value> (source router.route-map.name)" route_map_out_preferable: "<your_own_value> (source router.route-map.name)" route_map_out_vpnv4: "<your_own_value> (source router.route-map.name)" route_map_out_vpnv4_preferable: "<your_own_value> (source router.route-map.name)" + route_map_out_vpnv6: "<your_own_value> (source router.route-map.name)" + route_map_out_vpnv6_preferable: "<your_own_value> (source router.route-map.name)" route_map_out6: "<your_own_value> (source router.route-map.name)" route_map_out6_preferable: "<your_own_value> (source router.route-map.name)" route_reflector_client: "enable" route_reflector_client_evpn: "enable" route_reflector_client_vpnv4: "enable" + route_reflector_client_vpnv6: "enable" route_reflector_client6: "enable" route_server_client: "enable" route_server_client_evpn: "enable" route_server_client_vpnv4: "enable" + route_server_client_vpnv6: "enable" route_server_client6: "enable" send_community: "standard" send_community_evpn: "standard" send_community_vpnv4: "standard" + send_community_vpnv6: "standard" send_community6: "standard" shutdown: "enable" soft_reconfiguration: "enable" soft_reconfiguration_evpn: "enable" soft_reconfiguration_vpnv4: "enable" + soft_reconfiguration_vpnv6: "enable" soft_reconfiguration6: "enable" stale_route: "enable" strict_capability_match: "enable" @@ -2669,20 +3064,20 @@ EXAMPLES = """ weight: "4294967295" neighbor_range: - - id: "334" + id: "388" max_neighbor_num: "0" neighbor_group: "<your_own_value> (source router.bgp.neighbor-group.name)" prefix: "<your_own_value>" neighbor_range6: - - id: "339" + id: "393" max_neighbor_num: "0" neighbor_group: "<your_own_value> (source router.bgp.neighbor-group.name)" prefix6: "<your_own_value>" network: - backdoor: "enable" - id: "345" + id: "399" network_import_check: "global" prefix: "<your_own_value>" route_map: "<your_own_value> (source router.route-map.name)" @@ -2690,7 +3085,7 @@ EXAMPLES = """ network6: - backdoor: "enable" - id: "352" + id: "406" network_import_check: "global" prefix6: "<your_own_value>" route_map: "<your_own_value> (source router.route-map.name)" @@ -2698,12 +3093,12 @@ EXAMPLES = """ recursive_next_hop: "enable" redistribute: - - name: "default_name_359" + name: "default_name_413" route_map: "<your_own_value> (source router.route-map.name)" status: "enable" redistribute6: - - name: "default_name_363" + name: "default_name_417" route_map: "<your_own_value> (source router.route-map.name)" status: "enable" router_id: "<your_own_value>" @@ -2745,11 +3140,20 @@ EXAMPLES = """ vrf: "<your_own_value>" vrf6: - + export_rt: + - + route_target: "<your_own_value>" + import_route_map: "<your_own_value> (source router.route-map.name)" + import_rt: + - + route_target: "<your_own_value>" leak_target: - interface: "<your_own_value> (source system.interface.name)" route_map: "<your_own_value> (source router.route-map.name)" vrf: "<your_own_value>" + rd: "<your_own_value>" + role: "standalone" vrf: "<your_own_value>" """ @@ -2837,8 +3241,10 @@ def filter_router_bgp_data(json): "additional_path", "additional_path_select", "additional_path_select_vpnv4", + "additional_path_select_vpnv6", "additional_path_select6", "additional_path_vpnv4", + "additional_path_vpnv6", "additional_path6", "admin_distance", "aggregate_address", @@ -2935,9 +3341,11 @@ def flatten_multilists_attributes(data): ["neighbor", "attribute_unchanged"], ["neighbor", "attribute_unchanged6"], ["neighbor", "attribute_unchanged_vpnv4"], + ["neighbor", "attribute_unchanged_vpnv6"], ["neighbor_group", "attribute_unchanged"], ["neighbor_group", "attribute_unchanged6"], ["neighbor_group", "attribute_unchanged_vpnv4"], + ["neighbor_group", "attribute_unchanged_vpnv6"], ] for attr in multilist_attrs: @@ -2963,9 +3371,10 @@ def router_bgp(data, fos): vdom = data["vdom"] router_bgp_data = data["router_bgp"] router_bgp_data = flatten_multilists_attributes(router_bgp_data) - filtered_data = underscore_to_hyphen(filter_router_bgp_data(router_bgp_data)) + filtered_data = filter_router_bgp_data(router_bgp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "bgp", data=filtered_data, vdom=vdom) + return fos.set("router", "bgp", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -3099,6 +3508,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "additional_path_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "multipath_recursive_distance": { "v_range": [["v6.4.0", "v6.4.0"], ["v6.4.4", ""]], "type": "string", @@ -3178,6 +3592,10 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "integer", }, + "additional_path_select_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "cross_family_conditional_adv": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3253,6 +3671,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "allowas_in_enable_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "allowas_in_enable_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3261,6 +3684,7 @@ versioned_schema = { "allowas_in": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "allowas_in6": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "allowas_in_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "integer"}, + "allowas_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "allowas_in_evpn": {"v_range": [["v7.4.0", ""]], "type": "integer"}, "attribute_unchanged": { "v_range": [["v6.0.0", ""]], @@ -3295,6 +3719,17 @@ versioned_schema = { "multiple_values": True, "elements": "str", }, + "attribute_unchanged_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "list", + "options": [ + {"value": "as-path"}, + {"value": "med"}, + {"value": "next-hop"}, + ], + "multiple_values": True, + "elements": "str", + }, "activate": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -3310,6 +3745,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "activate_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "activate_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3360,6 +3800,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "capability_graceful_restart_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "capability_graceful_restart_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3425,6 +3870,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "next_hop_self_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "override_capability": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -3450,6 +3900,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "remove_private_as_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "remove_private_as_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3470,6 +3925,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "route_reflector_client_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "route_reflector_client_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3490,6 +3950,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "route_server_client_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "route_server_client_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3515,6 +3980,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "soft_reconfiguration_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "soft_reconfiguration_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3550,22 +4020,35 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "string", }, + "distribute_list_in_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "distribute_list_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "distribute_list_out6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "distribute_list_out_vpnv4": { "v_range": [["v7.2.0", ""]], "type": "string", }, + "distribute_list_out_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "ebgp_multihop_ttl": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "filter_list_in": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_in6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_in_vpnv4": {"v_range": [["v7.4.1", ""]], "type": "string"}, + "filter_list_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "filter_list_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_out6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_out_vpnv4": { "v_range": [["v7.4.1", ""]], "type": "string", }, + "filter_list_out_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "interface": {"v_range": [["v6.0.0", ""]], "type": "string"}, "maximum_prefix": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "maximum_prefix6": {"v_range": [["v6.0.0", ""]], "type": "integer"}, @@ -3573,6 +4056,10 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "integer", }, + "maximum_prefix_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "maximum_prefix_evpn": {"v_range": [["v7.4.0", ""]], "type": "integer"}, "maximum_prefix_threshold": { "v_range": [["v6.0.0", ""]], @@ -3586,6 +4073,10 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "integer", }, + "maximum_prefix_threshold_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "maximum_prefix_threshold_evpn": { "v_range": [["v7.4.0", ""]], "type": "integer", @@ -3605,6 +4096,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "maximum_prefix_warning_only_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "maximum_prefix_warning_only_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3613,12 +4109,17 @@ versioned_schema = { "prefix_list_in": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_in6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_in_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "string"}, + "prefix_list_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "prefix_list_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_out6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_out_vpnv4": { "v_range": [["v7.2.0", ""]], "type": "string", }, + "prefix_list_out_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "remote_as": {"v_range": [["v6.0.0", ""]], "type": "string"}, "local_as": {"v_range": [["v6.0.0", ""]], "type": "string"}, "local_as_no_prepend": { @@ -3635,6 +4136,7 @@ versioned_schema = { "route_map_in": {"v_range": [["v6.0.0", ""]], "type": "string"}, "route_map_in6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "route_map_in_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "string"}, + "route_map_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "route_map_in_evpn": {"v_range": [["v7.4.0", ""]], "type": "string"}, "route_map_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "route_map_out_preferable": { @@ -3647,10 +4149,15 @@ versioned_schema = { "type": "string", }, "route_map_out_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "string"}, + "route_map_out_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "route_map_out_vpnv4_preferable": { "v_range": [["v7.2.0", ""]], "type": "string", }, + "route_map_out_vpnv6_preferable": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "route_map_out_evpn": {"v_range": [["v7.4.0", ""]], "type": "string"}, "send_community": { "v_range": [["v6.0.0", ""]], @@ -3682,6 +4189,16 @@ versioned_schema = { {"value": "disable"}, ], }, + "send_community_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "standard"}, + {"value": "extended"}, + {"value": "both"}, + {"value": "disable"}, + ], + }, "send_community_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3730,6 +4247,16 @@ versioned_schema = { {"value": "disable"}, ], }, + "additional_path_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "send"}, + {"value": "receive"}, + {"value": "both"}, + {"value": "disable"}, + ], + }, "adv_additional_path": {"v_range": [["v6.2.0", ""]], "type": "integer"}, "adv_additional_path6": { "v_range": [["v6.2.0", ""]], @@ -3739,7 +4266,12 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "integer", }, + "adv_additional_path_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "password": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "auth_options": {"v_range": [["v7.4.2", ""]], "type": "string"}, "conditional_advertise": { "type": "list", "elements": "dict", @@ -3829,6 +4361,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "allowas_in_enable_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "allowas_in_enable_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3837,6 +4374,7 @@ versioned_schema = { "allowas_in": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "allowas_in6": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "allowas_in_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "integer"}, + "allowas_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "allowas_in_evpn": {"v_range": [["v7.4.0", ""]], "type": "integer"}, "attribute_unchanged": { "v_range": [["v6.0.0", ""]], @@ -3871,6 +4409,17 @@ versioned_schema = { "multiple_values": True, "elements": "str", }, + "attribute_unchanged_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "list", + "options": [ + {"value": "as-path"}, + {"value": "med"}, + {"value": "next-hop"}, + ], + "multiple_values": True, + "elements": "str", + }, "activate": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -3886,6 +4435,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "activate_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "activate_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -3936,6 +4490,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "capability_graceful_restart_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "capability_graceful_restart_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -4001,6 +4560,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "next_hop_self_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "override_capability": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -4026,6 +4590,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "remove_private_as_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "remove_private_as_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -4046,6 +4615,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "route_reflector_client_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "route_reflector_client_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -4066,6 +4640,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "route_server_client_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "route_server_client_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -4091,6 +4670,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "soft_reconfiguration_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "soft_reconfiguration_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -4126,22 +4710,35 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "string", }, + "distribute_list_in_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "distribute_list_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "distribute_list_out6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "distribute_list_out_vpnv4": { "v_range": [["v7.2.0", ""]], "type": "string", }, + "distribute_list_out_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "ebgp_multihop_ttl": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "filter_list_in": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_in6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_in_vpnv4": {"v_range": [["v7.4.1", ""]], "type": "string"}, + "filter_list_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "filter_list_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_out6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "filter_list_out_vpnv4": { "v_range": [["v7.4.1", ""]], "type": "string", }, + "filter_list_out_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "interface": {"v_range": [["v6.0.0", ""]], "type": "string"}, "maximum_prefix": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "maximum_prefix6": {"v_range": [["v6.0.0", ""]], "type": "integer"}, @@ -4149,6 +4746,10 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "integer", }, + "maximum_prefix_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "maximum_prefix_evpn": {"v_range": [["v7.4.0", ""]], "type": "integer"}, "maximum_prefix_threshold": { "v_range": [["v6.0.0", ""]], @@ -4162,6 +4763,10 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "integer", }, + "maximum_prefix_threshold_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "maximum_prefix_threshold_evpn": { "v_range": [["v7.4.0", ""]], "type": "integer", @@ -4181,6 +4786,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "maximum_prefix_warning_only_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "maximum_prefix_warning_only_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -4189,12 +4799,17 @@ versioned_schema = { "prefix_list_in": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_in6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_in_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "string"}, + "prefix_list_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "prefix_list_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_out6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "prefix_list_out_vpnv4": { "v_range": [["v7.2.0", ""]], "type": "string", }, + "prefix_list_out_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "remote_as": {"v_range": [["v6.0.0", ""]], "type": "string"}, "local_as": {"v_range": [["v6.0.0", ""]], "type": "string"}, "local_as_no_prepend": { @@ -4211,6 +4826,7 @@ versioned_schema = { "route_map_in": {"v_range": [["v6.0.0", ""]], "type": "string"}, "route_map_in6": {"v_range": [["v6.0.0", ""]], "type": "string"}, "route_map_in_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "string"}, + "route_map_in_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "route_map_in_evpn": {"v_range": [["v7.4.0", ""]], "type": "string"}, "route_map_out": {"v_range": [["v6.0.0", ""]], "type": "string"}, "route_map_out_preferable": { @@ -4223,10 +4839,15 @@ versioned_schema = { "type": "string", }, "route_map_out_vpnv4": {"v_range": [["v7.2.0", ""]], "type": "string"}, + "route_map_out_vpnv6": {"v_range": [["v7.4.2", ""]], "type": "string"}, "route_map_out_vpnv4_preferable": { "v_range": [["v7.2.0", ""]], "type": "string", }, + "route_map_out_vpnv6_preferable": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "route_map_out_evpn": {"v_range": [["v7.4.0", ""]], "type": "string"}, "send_community": { "v_range": [["v6.0.0", ""]], @@ -4258,6 +4879,16 @@ versioned_schema = { {"value": "disable"}, ], }, + "send_community_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "standard"}, + {"value": "extended"}, + {"value": "both"}, + {"value": "disable"}, + ], + }, "send_community_evpn": { "v_range": [["v7.4.0", ""]], "type": "string", @@ -4306,6 +4937,16 @@ versioned_schema = { {"value": "disable"}, ], }, + "additional_path_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "send"}, + {"value": "receive"}, + {"value": "both"}, + {"value": "disable"}, + ], + }, "adv_additional_path": {"v_range": [["v6.2.0", ""]], "type": "integer"}, "adv_additional_path6": { "v_range": [["v6.2.0", ""]], @@ -4315,7 +4956,12 @@ versioned_schema = { "v_range": [["v7.2.0", ""]], "type": "integer", }, + "adv_additional_path_vpnv6": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "password": {"v_range": [["v7.2.4", ""]], "type": "string"}, + "auth_options": {"v_range": [["v7.4.2", ""]], "type": "string"}, }, "v_range": [["v6.0.0", ""]], }, @@ -4490,6 +5136,41 @@ versioned_schema = { "type": "string", "required": True, }, + "role": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "standalone"}, + {"value": "ce"}, + {"value": "pe"}, + ], + }, + "rd": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "export_rt": { + "type": "list", + "elements": "dict", + "children": { + "route_target": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, + "import_rt": { + "type": "list", + "elements": "dict", + "children": { + "route_target": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, + "import_route_map": {"v_range": [["v7.4.2", ""]], "type": "string"}, "leak_target": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_community_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_community_list.py index b3845c220..c3d6de5af 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_community_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_community_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -265,9 +265,8 @@ def router_community_list(data, fos, check_mode=False): state = data["state"] router_community_list_data = data["router_community_list"] - filtered_data = underscore_to_hyphen( - filter_router_community_list_data(router_community_list_data) - ) + filtered_data = filter_router_community_list_data(router_community_list_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -331,7 +330,7 @@ def router_community_list(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "community-list", data=filtered_data, vdom=vdom) + return fos.set("router", "community-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_extcommunity_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_extcommunity_list.py index 025bd7f12..7180a58c6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_extcommunity_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_extcommunity_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -264,12 +264,11 @@ def router_extcommunity_list(data, fos): state = data["state"] router_extcommunity_list_data = data["router_extcommunity_list"] - filtered_data = underscore_to_hyphen( - filter_router_extcommunity_list_data(router_extcommunity_list_data) - ) + filtered_data = filter_router_extcommunity_list_data(router_extcommunity_list_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("router", "extcommunity-list", data=filtered_data, vdom=vdom) + return fos.set("router", "extcommunity-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_isis.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_isis.py index 7d1743993..5d92a78d1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_isis.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_isis.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -881,9 +881,10 @@ def router_isis(data, fos): vdom = data["vdom"] router_isis_data = data["router_isis"] router_isis_data = flatten_multilists_attributes(router_isis_data) - filtered_data = underscore_to_hyphen(filter_router_isis_data(router_isis_data)) + filtered_data = filter_router_isis_data(router_isis_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "isis", data=filtered_data, vdom=vdom) + return fos.set("router", "isis", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_key_chain.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_key_chain.py index 0622d5bd5..a15ab8834 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_key_chain.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_key_chain.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -108,6 +108,7 @@ options: - 'hmac-sha256' - 'hmac-sha384' - 'hmac-sha512' + - 'cmac-aes128' id: description: - Key ID (0 - 2147483647). @@ -265,9 +266,8 @@ def router_key_chain(data, fos, check_mode=False): state = data["state"] router_key_chain_data = data["router_key_chain"] - filtered_data = underscore_to_hyphen( - filter_router_key_chain_data(router_key_chain_data) - ) + filtered_data = filter_router_key_chain_data(router_key_chain_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -331,7 +331,7 @@ def router_key_chain(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "key-chain", data=filtered_data, vdom=vdom) + return fos.set("router", "key-chain", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("router", "key-chain", mkey=filtered_data["name"], vdom=vdom) @@ -390,6 +390,7 @@ versioned_schema = { {"value": "hmac-sha256"}, {"value": "hmac-sha384"}, {"value": "hmac-sha512"}, + {"value": "cmac-aes128", "v_range": [["v7.4.2", ""]]}, ], }, }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast.py index acb75a009..b9c61dc3a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -430,7 +430,7 @@ EXAMPLES = """ bfd: "enable" cisco_exclude_genid: "enable" dr_priority: "1" - hello_holdtime: "" + hello_holdtime: "105" hello_interval: "30" igmp: access_group: "<your_own_value> (source router.access-list.name)" @@ -611,11 +611,10 @@ def underscore_to_hyphen(data): def router_multicast(data, fos): vdom = data["vdom"] router_multicast_data = data["router_multicast"] - filtered_data = underscore_to_hyphen( - filter_router_multicast_data(router_multicast_data) - ) + filtered_data = filter_router_multicast_data(router_multicast_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "multicast", data=filtered_data, vdom=vdom) + return fos.set("router", "multicast", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast6.py index f6f490dde..c408a01f5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -267,11 +267,10 @@ def underscore_to_hyphen(data): def router_multicast6(data, fos): vdom = data["vdom"] router_multicast6_data = data["router_multicast6"] - filtered_data = underscore_to_hyphen( - filter_router_multicast6_data(router_multicast6_data) - ) + filtered_data = filter_router_multicast6_data(router_multicast6_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "multicast6", data=filtered_data, vdom=vdom) + return fos.set("router", "multicast6", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast_flow.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast_flow.py index df238ec09..0e2f8cf72 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast_flow.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_multicast_flow.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,9 +254,8 @@ def router_multicast_flow(data, fos, check_mode=False): state = data["state"] router_multicast_flow_data = data["router_multicast_flow"] - filtered_data = underscore_to_hyphen( - filter_router_multicast_flow_data(router_multicast_flow_data) - ) + filtered_data = filter_router_multicast_flow_data(router_multicast_flow_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -320,7 +319,7 @@ def router_multicast_flow(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "multicast-flow", data=filtered_data, vdom=vdom) + return fos.set("router", "multicast-flow", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf.py index 3d896d83b..107453eea 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -989,9 +989,10 @@ def underscore_to_hyphen(data): def router_ospf(data, fos): vdom = data["vdom"] router_ospf_data = data["router_ospf"] - filtered_data = underscore_to_hyphen(filter_router_ospf_data(router_ospf_data)) + filtered_data = filter_router_ospf_data(router_ospf_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "ospf", data=filtered_data, vdom=vdom) + return fos.set("router", "ospf", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf6.py index e61090a42..825fdb518 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ospf6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -845,9 +845,10 @@ def underscore_to_hyphen(data): def router_ospf6(data, fos): vdom = data["vdom"] router_ospf6_data = data["router_ospf6"] - filtered_data = underscore_to_hyphen(filter_router_ospf6_data(router_ospf6_data)) + filtered_data = filter_router_ospf6_data(router_ospf6_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "ospf6", data=filtered_data, vdom=vdom) + return fos.set("router", "ospf6", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy.py index 0531df11b..162d681d3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -439,7 +439,8 @@ def router_policy(data, fos, check_mode=False): state = data["state"] router_policy_data = data["router_policy"] - filtered_data = underscore_to_hyphen(filter_router_policy_data(router_policy_data)) + filtered_data = filter_router_policy_data(router_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -503,7 +504,7 @@ def router_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "policy", data=filtered_data, vdom=vdom) + return fos.set("router", "policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("router", "policy", mkey=filtered_data["seq-num"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy6.py index 5fe015159..80ca57612 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_policy6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -439,9 +439,8 @@ def router_policy6(data, fos, check_mode=False): state = data["state"] router_policy6_data = data["router_policy6"] - filtered_data = underscore_to_hyphen( - filter_router_policy6_data(router_policy6_data) - ) + filtered_data = filter_router_policy6_data(router_policy6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -505,7 +504,7 @@ def router_policy6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "policy6", data=filtered_data, vdom=vdom) + return fos.set("router", "policy6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("router", "policy6", mkey=filtered_data["seq-num"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list.py index 58a0d9e2a..d32afdad8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -272,9 +272,8 @@ def router_prefix_list(data, fos, check_mode=False): state = data["state"] router_prefix_list_data = data["router_prefix_list"] - filtered_data = underscore_to_hyphen( - filter_router_prefix_list_data(router_prefix_list_data) - ) + filtered_data = filter_router_prefix_list_data(router_prefix_list_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -338,7 +337,7 @@ def router_prefix_list(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "prefix-list", data=filtered_data, vdom=vdom) + return fos.set("router", "prefix-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list6.py index 5943ff3ba..214fab158 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_prefix_list6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -272,9 +272,8 @@ def router_prefix_list6(data, fos, check_mode=False): state = data["state"] router_prefix_list6_data = data["router_prefix_list6"] - filtered_data = underscore_to_hyphen( - filter_router_prefix_list6_data(router_prefix_list6_data) - ) + filtered_data = filter_router_prefix_list6_data(router_prefix_list6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -338,7 +337,7 @@ def router_prefix_list6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "prefix-list6", data=filtered_data, vdom=vdom) + return fos.set("router", "prefix-list6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_rip.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_rip.py index 416cbc629..040caf889 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_rip.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_rip.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -569,9 +569,10 @@ def router_rip(data, fos): vdom = data["vdom"] router_rip_data = data["router_rip"] router_rip_data = flatten_multilists_attributes(router_rip_data) - filtered_data = underscore_to_hyphen(filter_router_rip_data(router_rip_data)) + filtered_data = filter_router_rip_data(router_rip_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "rip", data=filtered_data, vdom=vdom) + return fos.set("router", "rip", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ripng.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ripng.py index 4fcc98607..9b90d4778 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ripng.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_ripng.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -503,9 +503,10 @@ def underscore_to_hyphen(data): def router_ripng(data, fos): vdom = data["vdom"] router_ripng_data = data["router_ripng"] - filtered_data = underscore_to_hyphen(filter_router_ripng_data(router_ripng_data)) + filtered_data = filter_router_ripng_data(router_ripng_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "ripng", data=filtered_data, vdom=vdom) + return fos.set("router", "ripng", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_route_map.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_route_map.py index 71e4f7e28..f2782ab4e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_route_map.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_route_map.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -360,6 +360,14 @@ options: description: - IP address of VPNv4 next-hop. type: str + set_vpnv6_nexthop: + description: + - IPv6 global address of VPNv6 next-hop. + type: str + set_vpnv6_nexthop_local: + description: + - IPv6 link-local address of VPNv6 next-hop. + type: str set_weight: description: - BGP weight for routing table. @@ -432,6 +440,8 @@ EXAMPLES = """ set_route_tag: "" set_tag: "" set_vpnv4_nexthop: "<your_own_value>" + set_vpnv6_nexthop: "<your_own_value>" + set_vpnv6_nexthop_local: "<your_own_value>" set_weight: "" """ @@ -555,9 +565,8 @@ def router_route_map(data, fos, check_mode=False): state = data["state"] router_route_map_data = data["router_route_map"] - filtered_data = underscore_to_hyphen( - filter_router_route_map_data(router_route_map_data) - ) + filtered_data = filter_router_route_map_data(router_route_map_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -621,7 +630,7 @@ def router_route_map(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "route-map", data=filtered_data, vdom=vdom) + return fos.set("router", "route-map", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("router", "route-map", mkey=filtered_data["name"], vdom=vdom) @@ -811,6 +820,11 @@ versioned_schema = { "v_range": [["v6.0.0", ""]], "type": "string", }, + "set_vpnv6_nexthop": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "set_vpnv6_nexthop_local": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "set_local_preference": { "v_range": [["v6.0.0", ""]], "type": "integer", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_setting.py index 72153d238..52d56bd52 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -354,11 +354,10 @@ def underscore_to_hyphen(data): def router_setting(data, fos): vdom = data["vdom"] router_setting_data = data["router_setting"] - filtered_data = underscore_to_hyphen( - filter_router_setting_data(router_setting_data) - ) + filtered_data = filter_router_setting_data(router_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("router", "setting", data=filtered_data, vdom=vdom) + return fos.set("router", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static.py index 1f8f121ef..7b02d3473 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -391,7 +391,8 @@ def router_static(data, fos, check_mode=False): state = data["state"] router_static_data = data["router_static"] - filtered_data = underscore_to_hyphen(filter_router_static_data(router_static_data)) + filtered_data = filter_router_static_data(router_static_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -455,7 +456,7 @@ def router_static(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "static", data=filtered_data, vdom=vdom) + return fos.set("router", "static", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("router", "static", mkey=filtered_data["seq-num"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static6.py index 12f9514e6..11e54085f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_router_static6.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -367,9 +367,8 @@ def router_static6(data, fos, check_mode=False): state = data["state"] router_static6_data = data["router_static6"] - filtered_data = underscore_to_hyphen( - filter_router_static6_data(router_static6_data) - ) + filtered_data = filter_router_static6_data(router_static6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -433,7 +432,7 @@ def router_static6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("router", "static6", data=filtered_data, vdom=vdom) + return fos.set("router", "static6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("router", "static6", mkey=filtered_data["seq-num"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_sctp_filter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_sctp_filter_profile.py index 842bfaafc..40d10e821 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_sctp_filter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_sctp_filter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,12 +254,11 @@ def sctp_filter_profile(data, fos): state = data["state"] sctp_filter_profile_data = data["sctp_filter_profile"] - filtered_data = underscore_to_hyphen( - filter_sctp_filter_profile_data(sctp_filter_profile_data) - ) + filtered_data = filter_sctp_filter_profile_data(sctp_filter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("sctp-filter", "profile", data=filtered_data, vdom=vdom) + return fos.set("sctp-filter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bwl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bwl.py index 1bb9aa9d1..76d96c6b1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bwl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bwl.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -307,9 +307,8 @@ def spamfilter_bwl(data, fos, check_mode=False): state = data["state"] spamfilter_bwl_data = data["spamfilter_bwl"] - filtered_data = underscore_to_hyphen( - filter_spamfilter_bwl_data(spamfilter_bwl_data) - ) + filtered_data = filter_spamfilter_bwl_data(spamfilter_bwl_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -373,7 +372,7 @@ def spamfilter_bwl(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("spamfilter", "bwl", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "bwl", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("spamfilter", "bwl", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bword.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bword.py index 470f9c4d0..9aa1f5776 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bword.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_bword.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -308,9 +308,8 @@ def spamfilter_bword(data, fos, check_mode=False): state = data["state"] spamfilter_bword_data = data["spamfilter_bword"] - filtered_data = underscore_to_hyphen( - filter_spamfilter_bword_data(spamfilter_bword_data) - ) + filtered_data = filter_spamfilter_bword_data(spamfilter_bword_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -374,7 +373,7 @@ def spamfilter_bword(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("spamfilter", "bword", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "bword", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("spamfilter", "bword", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_dnsbl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_dnsbl.py index eda06eb82..c7d3587d9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_dnsbl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_dnsbl.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -272,9 +272,8 @@ def spamfilter_dnsbl(data, fos, check_mode=False): state = data["state"] spamfilter_dnsbl_data = data["spamfilter_dnsbl"] - filtered_data = underscore_to_hyphen( - filter_spamfilter_dnsbl_data(spamfilter_dnsbl_data) - ) + filtered_data = filter_spamfilter_dnsbl_data(spamfilter_dnsbl_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -338,7 +337,7 @@ def spamfilter_dnsbl(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("spamfilter", "dnsbl", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "dnsbl", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("spamfilter", "dnsbl", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_fortishield.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_fortishield.py index 4ffbc6364..e3378a853 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_fortishield.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_fortishield.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -218,11 +218,10 @@ def underscore_to_hyphen(data): def spamfilter_fortishield(data, fos): vdom = data["vdom"] spamfilter_fortishield_data = data["spamfilter_fortishield"] - filtered_data = underscore_to_hyphen( - filter_spamfilter_fortishield_data(spamfilter_fortishield_data) - ) + filtered_data = filter_spamfilter_fortishield_data(spamfilter_fortishield_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("spamfilter", "fortishield", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "fortishield", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_iptrust.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_iptrust.py index 4667c9b44..154bd3fd2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_iptrust.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_iptrust.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -277,9 +277,8 @@ def spamfilter_iptrust(data, fos, check_mode=False): state = data["state"] spamfilter_iptrust_data = data["spamfilter_iptrust"] - filtered_data = underscore_to_hyphen( - filter_spamfilter_iptrust_data(spamfilter_iptrust_data) - ) + filtered_data = filter_spamfilter_iptrust_data(spamfilter_iptrust_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -343,7 +342,7 @@ def spamfilter_iptrust(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("spamfilter", "iptrust", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "iptrust", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("spamfilter", "iptrust", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_mheader.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_mheader.py index d7e57b847..a0f27482e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_mheader.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_mheader.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -285,9 +285,8 @@ def spamfilter_mheader(data, fos, check_mode=False): state = data["state"] spamfilter_mheader_data = data["spamfilter_mheader"] - filtered_data = underscore_to_hyphen( - filter_spamfilter_mheader_data(spamfilter_mheader_data) - ) + filtered_data = filter_spamfilter_mheader_data(spamfilter_mheader_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -351,7 +350,7 @@ def spamfilter_mheader(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("spamfilter", "mheader", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "mheader", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("spamfilter", "mheader", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_options.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_options.py index 8d286d03c..93c7f38dd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_options.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_options.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -202,11 +202,10 @@ def underscore_to_hyphen(data): def spamfilter_options(data, fos): vdom = data["vdom"] spamfilter_options_data = data["spamfilter_options"] - filtered_data = underscore_to_hyphen( - filter_spamfilter_options_data(spamfilter_options_data) - ) + filtered_data = filter_spamfilter_options_data(spamfilter_options_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("spamfilter", "options", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "options", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_profile.py index ecb7ecb08..c64149b32 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_spamfilter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -571,9 +571,8 @@ def spamfilter_profile(data, fos, check_mode=False): spamfilter_profile_data = data["spamfilter_profile"] spamfilter_profile_data = flatten_multilists_attributes(spamfilter_profile_data) - filtered_data = underscore_to_hyphen( - filter_spamfilter_profile_data(spamfilter_profile_data) - ) + filtered_data = filter_spamfilter_profile_data(spamfilter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -637,7 +636,7 @@ def spamfilter_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("spamfilter", "profile", data=filtered_data, vdom=vdom) + return fos.set("spamfilter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ssh_filter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ssh_filter_profile.py index a30e505aa..8f2c36a86 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_ssh_filter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_ssh_filter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -459,9 +459,8 @@ def ssh_filter_profile(data, fos, check_mode=False): ssh_filter_profile_data = data["ssh_filter_profile"] ssh_filter_profile_data = flatten_multilists_attributes(ssh_filter_profile_data) - filtered_data = underscore_to_hyphen( - filter_ssh_filter_profile_data(ssh_filter_profile_data) - ) + filtered_data = filter_ssh_filter_profile_data(ssh_filter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -525,7 +524,7 @@ def ssh_filter_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("ssh-filter", "profile", data=filtered_data, vdom=vdom) + return fos.set("ssh-filter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_802_1x_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_802_1x_settings.py index f4b2ef197..3effb7a26 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_802_1x_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_802_1x_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -94,6 +94,49 @@ options: choices: - 'disable' - 'enable' + mac_called_station_delimiter: + description: + - MAC called station delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' + mac_calling_station_delimiter: + description: + - MAC calling station delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' + mac_case: + description: + - MAC case . + type: str + choices: + - 'lowercase' + - 'uppercase' + mac_password_delimiter: + description: + - MAC authentication password delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' + mac_username_delimiter: + description: + - MAC authentication username delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' max_reauth_attempt: description: - Maximum number of authentication attempts (0 - 15). @@ -115,6 +158,11 @@ EXAMPLES = """ switch_controller_802_1x_settings: link_down_auth: "set-unauth" mab_reauth: "disable" + mac_called_station_delimiter: "colon" + mac_calling_station_delimiter: "colon" + mac_case: "lowercase" + mac_password_delimiter: "colon" + mac_username_delimiter: "colon" max_reauth_attempt: "3" reauth_period: "60" tx_period: "30" @@ -203,6 +251,11 @@ def filter_switch_controller_802_1x_settings_data(json): option_list = [ "link_down_auth", "mab_reauth", + "mac_called_station_delimiter", + "mac_calling_station_delimiter", + "mac_case", + "mac_password_delimiter", + "mac_username_delimiter", "max_reauth_attempt", "reauth_period", "tx_period", @@ -234,14 +287,13 @@ def underscore_to_hyphen(data): def switch_controller_802_1x_settings(data, fos): vdom = data["vdom"] switch_controller_802_1x_settings_data = data["switch_controller_802_1x_settings"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_802_1x_settings_data( - switch_controller_802_1x_settings_data - ) + filtered_data = filter_switch_controller_802_1x_settings_data( + switch_controller_802_1x_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "switch-controller", "802-1X-settings", data=filtered_data, vdom=vdom + "switch-controller", "802-1X-settings", data=converted_data, vdom=vdom ) @@ -292,6 +344,51 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, + "mac_username_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_password_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_calling_station_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_called_station_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_case": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "lowercase"}, {"value": "uppercase"}], + }, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_group.py index 3e473bc4f..1a54d87d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -230,12 +230,13 @@ def switch_controller_acl_group(data, fos): state = data["state"] switch_controller_acl_group_data = data["switch_controller_acl_group"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_acl_group_data(switch_controller_acl_group_data) + filtered_data = filter_switch_controller_acl_group_data( + switch_controller_acl_group_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("switch-controller.acl", "group", data=filtered_data, vdom=vdom) + return fos.set("switch-controller.acl", "group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_ingress.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_ingress.py index 5b6798d08..9b637cce1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_ingress.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_acl_ingress.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -276,13 +276,14 @@ def switch_controller_acl_ingress(data, fos): state = data["state"] switch_controller_acl_ingress_data = data["switch_controller_acl_ingress"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_acl_ingress_data(switch_controller_acl_ingress_data) + filtered_data = filter_switch_controller_acl_ingress_data( + switch_controller_acl_ingress_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "switch-controller.acl", "ingress", data=filtered_data, vdom=vdom + "switch-controller.acl", "ingress", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_custom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_custom.py index b469bd463..54eeeb1a5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_custom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_custom.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,11 +246,10 @@ def switch_controller_auto_config_custom(data, fos, check_mode=False): switch_controller_auto_config_custom_data = data[ "switch_controller_auto_config_custom" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_auto_config_custom_data( - switch_controller_auto_config_custom_data - ) + filtered_data = filter_switch_controller_auto_config_custom_data( + switch_controller_auto_config_custom_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -319,7 +318,7 @@ def switch_controller_auto_config_custom(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller.auto-config", "custom", data=filtered_data, vdom=vdom + "switch-controller.auto-config", "custom", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_default.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_default.py index 5075f7804..cb4d85161 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_default.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_default.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -214,14 +214,13 @@ def switch_controller_auto_config_default(data, fos): switch_controller_auto_config_default_data = data[ "switch_controller_auto_config_default" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_auto_config_default_data( - switch_controller_auto_config_default_data - ) + filtered_data = filter_switch_controller_auto_config_default_data( + switch_controller_auto_config_default_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "switch-controller.auto-config", "default", data=filtered_data, vdom=vdom + "switch-controller.auto-config", "default", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_policy.py index 5f1575ea4..1dd8e0a8c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_auto_config_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -268,11 +268,10 @@ def switch_controller_auto_config_policy(data, fos, check_mode=False): switch_controller_auto_config_policy_data = data[ "switch_controller_auto_config_policy" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_auto_config_policy_data( - switch_controller_auto_config_policy_data - ) + filtered_data = filter_switch_controller_auto_config_policy_data( + switch_controller_auto_config_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -341,7 +340,7 @@ def switch_controller_auto_config_policy(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller.auto-config", "policy", data=filtered_data, vdom=vdom + "switch-controller.auto-config", "policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_custom_command.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_custom_command.py index a85aea787..aadd930de 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_custom_command.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_custom_command.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -236,11 +236,10 @@ def switch_controller_custom_command(data, fos, check_mode=False): state = data["state"] switch_controller_custom_command_data = data["switch_controller_custom_command"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_custom_command_data( - switch_controller_custom_command_data - ) + filtered_data = filter_switch_controller_custom_command_data( + switch_controller_custom_command_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -309,7 +308,7 @@ def switch_controller_custom_command(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "custom-command", data=filtered_data, vdom=vdom + "switch-controller", "custom-command", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_dynamic_port_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_dynamic_port_policy.py index 00c8c6a36..be4da2842 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_dynamic_port_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_dynamic_port_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -325,9 +325,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"802_1x": "set_802_1x"} + speciallist = {"802_1x": "set_802_1x"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -336,8 +336,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -355,12 +358,10 @@ def switch_controller_dynamic_port_policy(data, fos): switch_controller_dynamic_port_policy_data = data[ "switch_controller_dynamic_port_policy" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_dynamic_port_policy_data( - switch_controller_dynamic_port_policy_data - ) + filtered_data = filter_switch_controller_dynamic_port_policy_data( + switch_controller_dynamic_port_policy_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) if state == "present" or state is True: return fos.set( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_flow_tracking.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_flow_tracking.py index 8701a1206..a8bd09f3d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_flow_tracking.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_flow_tracking.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -367,13 +367,12 @@ def underscore_to_hyphen(data): def switch_controller_flow_tracking(data, fos): vdom = data["vdom"] switch_controller_flow_tracking_data = data["switch_controller_flow_tracking"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_flow_tracking_data( - switch_controller_flow_tracking_data - ) + filtered_data = filter_switch_controller_flow_tracking_data( + switch_controller_flow_tracking_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "flow-tracking", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "flow-tracking", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_fortilink_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_fortilink_settings.py index a9b8df6ce..2d869b919 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_fortilink_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_fortilink_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -309,15 +309,14 @@ def switch_controller_fortilink_settings(data, fos): switch_controller_fortilink_settings_data = data[ "switch_controller_fortilink_settings" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_fortilink_settings_data( - switch_controller_fortilink_settings_data - ) + filtered_data = filter_switch_controller_fortilink_settings_data( + switch_controller_fortilink_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "switch-controller", "fortilink-settings", data=filtered_data, vdom=vdom + "switch-controller", "fortilink-settings", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_global.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_global.py index d5e837e5a..f811bbeac 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_global.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_global.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -476,11 +476,10 @@ def switch_controller_global(data, fos): switch_controller_global_data = flatten_multilists_attributes( switch_controller_global_data ) - filtered_data = underscore_to_hyphen( - filter_switch_controller_global_data(switch_controller_global_data) - ) + filtered_data = filter_switch_controller_global_data(switch_controller_global_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "global", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "global", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_igmp_snooping.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_igmp_snooping.py index ac5ef6436..13539177c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_igmp_snooping.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_igmp_snooping.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -215,13 +215,12 @@ def underscore_to_hyphen(data): def switch_controller_igmp_snooping(data, fos): vdom = data["vdom"] switch_controller_igmp_snooping_data = data["switch_controller_igmp_snooping"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_igmp_snooping_data( - switch_controller_igmp_snooping_data - ) + filtered_data = filter_switch_controller_igmp_snooping_data( + switch_controller_igmp_snooping_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "igmp-snooping", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "igmp-snooping", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_template.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_template.py index 10a586a4b..c2ab1a58e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_template.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_template.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -303,11 +303,10 @@ def switch_controller_initial_config_template(data, fos, check_mode=False): switch_controller_initial_config_template_data = flatten_multilists_attributes( switch_controller_initial_config_template_data ) - filtered_data = underscore_to_hyphen( - filter_switch_controller_initial_config_template_data( - switch_controller_initial_config_template_data - ) + filtered_data = filter_switch_controller_initial_config_template_data( + switch_controller_initial_config_template_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -378,7 +377,7 @@ def switch_controller_initial_config_template(data, fos, check_mode=False): return fos.set( "switch-controller.initial-config", "template", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_vlans.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_vlans.py index ef91f4419..81992eee9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_vlans.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_initial_config_vlans.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,14 +242,13 @@ def switch_controller_initial_config_vlans(data, fos): switch_controller_initial_config_vlans_data = data[ "switch_controller_initial_config_vlans" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_initial_config_vlans_data( - switch_controller_initial_config_vlans_data - ) + filtered_data = filter_switch_controller_initial_config_vlans_data( + switch_controller_initial_config_vlans_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "switch-controller.initial-config", "vlans", data=filtered_data, vdom=vdom + "switch-controller.initial-config", "vlans", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_profile.py index 6ddfed159..e2700b2db 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -474,9 +474,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"802.1_tlvs": "tlvs_802dot1", "802.3_tlvs": "tlvs_802dot3"} + speciallist = {"802.1_tlvs": "tlvs_802dot1", "802.3_tlvs": "tlvs_802dot3"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -485,8 +485,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -505,10 +508,10 @@ def switch_controller_lldp_profile(data, fos, check_mode=False): switch_controller_lldp_profile_data = flatten_multilists_attributes( switch_controller_lldp_profile_data ) - filtered_data = underscore_to_hyphen( - filter_switch_controller_lldp_profile_data(switch_controller_lldp_profile_data) + filtered_data = filter_switch_controller_lldp_profile_data( + switch_controller_lldp_profile_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_settings.py index 87e592664..2d4de2a5d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_lldp_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -243,13 +243,12 @@ def underscore_to_hyphen(data): def switch_controller_lldp_settings(data, fos): vdom = data["vdom"] switch_controller_lldp_settings_data = data["switch_controller_lldp_settings"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_lldp_settings_data( - switch_controller_lldp_settings_data - ) + filtered_data = filter_switch_controller_lldp_settings_data( + switch_controller_lldp_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "lldp-settings", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "lldp-settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_location.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_location.py index 29911a7ab..3e7359ad5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_location.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_location.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -460,9 +460,10 @@ def switch_controller_location(data, fos, check_mode=False): state = data["state"] switch_controller_location_data = data["switch_controller_location"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_location_data(switch_controller_location_data) + filtered_data = filter_switch_controller_location_data( + switch_controller_location_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -526,7 +527,7 @@ def switch_controller_location(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("switch-controller", "location", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "location", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_policy.py index a54d3465f..c1e658d35 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,9 +278,10 @@ def switch_controller_mac_policy(data, fos, check_mode=False): state = data["state"] switch_controller_mac_policy_data = data["switch_controller_mac_policy"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_mac_policy_data(switch_controller_mac_policy_data) + filtered_data = filter_switch_controller_mac_policy_data( + switch_controller_mac_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -344,7 +345,9 @@ def switch_controller_mac_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("switch-controller", "mac-policy", data=filtered_data, vdom=vdom) + return fos.set( + "switch-controller", "mac-policy", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_sync_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_sync_settings.py index 4a5109d1e..2f0a33073 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_sync_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_mac_sync_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -204,14 +204,13 @@ def switch_controller_mac_sync_settings(data, fos): switch_controller_mac_sync_settings_data = data[ "switch_controller_mac_sync_settings" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_mac_sync_settings_data( - switch_controller_mac_sync_settings_data - ) + filtered_data = filter_switch_controller_mac_sync_settings_data( + switch_controller_mac_sync_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "switch-controller", "mac-sync-settings", data=filtered_data, vdom=vdom + "switch-controller", "mac-sync-settings", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_managed_switch.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_managed_switch.py index 371802cc2..de1c3567c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_managed_switch.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_managed_switch.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -114,6 +114,49 @@ options: choices: - 'disable' - 'enable' + mac_called_station_delimiter: + description: + - MAC called station delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' + mac_calling_station_delimiter: + description: + - MAC calling station delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' + mac_case: + description: + - MAC case . + type: str + choices: + - 'lowercase' + - 'uppercase' + mac_password_delimiter: + description: + - MAC authentication password delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' + mac_username_delimiter: + description: + - MAC authentication username delimiter . + type: str + choices: + - 'colon' + - 'hyphen' + - 'none' + - 'single-hyphen' max_reauth_attempt: description: - Maximum number of authentication attempts (0 - 15). @@ -355,6 +398,10 @@ options: choices: - 'enable' - 'disable' + mgmt_mode: + description: + - FortiLink management mode. + type: int mirror: description: - Configuration method to edit FortiSwitch packet mirror. @@ -612,6 +659,7 @@ options: - 'disabled' - 'cl74' - 'cl91' + - 'detect-by-module' fgt_peer_device_name: description: - FGT peer device name. @@ -1133,6 +1181,20 @@ options: choices: - 'disable' - 'enable' + purdue_level: + description: + - Purdue Level of this FortiSwitch. + type: str + choices: + - '1' + - '1.5' + - '2' + - '2.5' + - '3' + - '3.5' + - '4' + - '5' + - '5.5' qos_drop_policy: description: - Set QoS drop-policy. @@ -1144,6 +1206,17 @@ options: description: - Set QoS RED/WRED drop probability. type: int + radius_nas_ip: + description: + - NAS-IP address. + type: str + radius_nas_ip_override: + description: + - Use locally defined NAS-IP. + type: str + choices: + - 'disable' + - 'enable' remote_log: description: - Configure logging by FortiSwitch device to a remote syslog server. @@ -1689,6 +1762,21 @@ options: description: - FortiSwitch version. type: int + vlan: + description: + - Configure VLAN assignment priority. + type: list + elements: dict + suboptions: + assignment_priority: + description: + - 802.1x Radius (Tunnel-Private-Group-Id) VLANID assign-by-name priority. A smaller value has a higher priority. + type: int + vlan_name: + description: + - VLAN name. Source system.interface.name. + required: true + type: str """ EXAMPLES = """ @@ -1702,6 +1790,11 @@ EXAMPLES = """ link_down_auth: "set-unauth" local_override: "enable" mab_reauth: "disable" + mac_called_station_delimiter: "colon" + mac_calling_station_delimiter: "colon" + mac_case: "lowercase" + mac_password_delimiter: "colon" + mac_username_delimiter: "colon" max_reauth_attempt: "3" reauth_period: "60" tx_period: "30" @@ -1717,7 +1810,7 @@ EXAMPLES = """ - ip: "<your_own_value>" mac: "<your_own_value>" - name: "default_name_20" + name: "default_name_25" port: "<your_own_value>" vlan: "<your_own_value> (source system.interface.name)" directly_connected: "0" @@ -1754,19 +1847,20 @@ EXAMPLES = """ l3_discovered: "0" max_allowed_trunk_members: "0" mclag_igmp_snooping_aware: "enable" + mgmt_mode: "0" mirror: - dst: "<your_own_value>" - name: "default_name_56" + name: "default_name_62" src_egress: - - name: "default_name_58" + name: "default_name_64" src_ingress: - - name: "default_name_60" + name: "default_name_66" status: "active" switching_packet: "enable" - name: "default_name_63" + name: "default_name_69" override_snmp_community: "enable" override_snmp_sysinfo: "disable" override_snmp_trap_threshold: "enable" @@ -1780,7 +1874,7 @@ EXAMPLES = """ access_mode: "dynamic" acl_group: - - name: "default_name_75 (source switch-controller.acl.group.name)" + name: "default_name_81 (source switch-controller.acl.group.name)" aggregator_mode: "bandwidth" allowed_vlans: - @@ -1818,7 +1912,7 @@ EXAMPLES = """ fortilink_port: "0" fortiswitch_acls: - - id: "109" + id: "115" igmp_snooping: "enable" igmp_snooping_flood_reports: "enable" igmps_flood_reports: "enable" @@ -1899,13 +1993,16 @@ EXAMPLES = """ pre_provisioned: "0" ptp_profile: "<your_own_value> (source switch-controller.ptp.profile.name)" ptp_status: "disable" + purdue_level: "1" qos_drop_policy: "taildrop" qos_red_probability: "12" + radius_nas_ip: "<your_own_value>" + radius_nas_ip_override: "disable" remote_log: - csv: "enable" facility: "kernel" - name: "default_name_192" + name: "default_name_201" port: "514" server: "192.168.100.40" severity: "emergency" @@ -1922,10 +2019,10 @@ EXAMPLES = """ events: "cpu-high" hosts: - - id: "206" + id: "215" ip: "<your_own_value>" - id: "208" - name: "default_name_209" + id: "217" + name: "default_name_218" query_v1_port: "161" query_v1_status: "disable" query_v2c_port: "161" @@ -1951,7 +2048,7 @@ EXAMPLES = """ - auth_proto: "md5" auth_pwd: "<your_own_value>" - name: "default_name_234" + name: "default_name_243" priv_proto: "aes128" priv_pwd: "<your_own_value>" queries: "disable" @@ -1961,7 +2058,7 @@ EXAMPLES = """ static_mac: - description: "<your_own_value>" - id: "243" + id: "252" interface: "<your_own_value>" mac: "<your_own_value>" type: "static" @@ -1974,7 +2071,7 @@ EXAMPLES = """ unknown_unicast: "enable" stp_instance: - - id: "255" + id: "264" priority: "0" stp_settings: forward_time: "15" @@ -1982,7 +2079,7 @@ EXAMPLES = """ local_override: "enable" max_age: "20" max_hops: "20" - name: "default_name_263" + name: "default_name_272" pending_timer: "4" revision: "0" status: "enable" @@ -1999,6 +2096,10 @@ EXAMPLES = """ tdr_supported: "<your_own_value>" type: "virtual" version: "0" + vlan: + - + assignment_priority: "128" + vlan_name: "<your_own_value> (source system.interface.name)" """ RETURN = """ @@ -2114,6 +2215,7 @@ def filter_switch_controller_managed_switch_data(json): "l3_discovered", "max_allowed_trunk_members", "mclag_igmp_snooping_aware", + "mgmt_mode", "mirror", "name", "override_snmp_community", @@ -2128,8 +2230,11 @@ def filter_switch_controller_managed_switch_data(json): "pre_provisioned", "ptp_profile", "ptp_status", + "purdue_level", "qos_drop_policy", "qos_red_probability", + "radius_nas_ip", + "radius_nas_ip_override", "remote_log", "route_offload", "route_offload_mclag", @@ -2153,6 +2258,7 @@ def filter_switch_controller_managed_switch_data(json): "tdr_supported", "type", "version", + "vlan", ] json = remove_invalid_fields(json) @@ -2208,9 +2314,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"802_1X_settings": "settings_802_1X"} + speciallist = {"802_1X_settings": "settings_802_1X"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -2219,8 +2325,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -2239,12 +2348,10 @@ def switch_controller_managed_switch(data, fos, check_mode=False): switch_controller_managed_switch_data = flatten_multilists_attributes( switch_controller_managed_switch_data ) - filtered_data = underscore_to_hyphen( - filter_switch_controller_managed_switch_data( - switch_controller_managed_switch_data - ) + filtered_data = filter_switch_controller_managed_switch_data( + switch_controller_managed_switch_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: @@ -2367,6 +2474,21 @@ versioned_schema = { "description": {"v_range": [["v6.0.0", ""]], "type": "string"}, "switch_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "access_profile": {"v_range": [["v6.2.0", ""]], "type": "string"}, + "purdue_level": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "1"}, + {"value": "1.5"}, + {"value": "2"}, + {"value": "2.5"}, + {"value": "3"}, + {"value": "3.5"}, + {"value": "4"}, + {"value": "5"}, + {"value": "5.5"}, + ], + }, "fsw_wan1_peer": {"v_range": [["v6.0.0", ""]], "type": "string"}, "fsw_wan1_admin": { "v_range": [["v6.0.0", ""]], @@ -2399,6 +2521,7 @@ versioned_schema = { "type": "integer", }, "pre_provisioned": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "mgmt_mode": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "dynamic_capability": {"v_range": [["v6.0.0", ""]], "type": "string"}, "switch_device_tag": {"v_range": [["v6.0.0", ""]], "type": "string"}, "switch_dhcp_opt43_key": {"v_range": [["v6.4.0", ""]], "type": "string"}, @@ -2413,6 +2536,12 @@ versioned_schema = { "options": [{"value": "disable"}, {"value": "enable"}], }, "ptp_profile": {"v_range": [["v7.4.1", ""]], "type": "string"}, + "radius_nas_ip_override": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "radius_nas_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, "route_offload": { "v_range": [["v7.4.1", ""]], "type": "string", @@ -2436,6 +2565,19 @@ versioned_schema = { }, "v_range": [["v7.4.1", ""]], }, + "vlan": { + "type": "list", + "elements": "dict", + "children": { + "vlan_name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + }, + "assignment_priority": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + }, + "v_range": [["v7.4.2", ""]], + }, "type": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -2831,6 +2973,7 @@ versioned_schema = { {"value": "disabled"}, {"value": "cl74"}, {"value": "cl91"}, + {"value": "detect-by-module", "v_range": [["v7.4.2", ""]]}, ], }, "flow_control": { @@ -3665,6 +3808,51 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, + "mac_username_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_password_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_calling_station_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_called_station_delimiter": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "colon"}, + {"value": "hyphen"}, + {"value": "none"}, + {"value": "single-hyphen"}, + ], + }, + "mac_case": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "lowercase"}, {"value": "uppercase"}], + }, }, }, }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_device.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_device.py index e713a3b8a..15f2234d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_device.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_device.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -277,12 +277,15 @@ def switch_controller_nac_device(data, fos): state = data["state"] switch_controller_nac_device_data = data["switch_controller_nac_device"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_nac_device_data(switch_controller_nac_device_data) + filtered_data = filter_switch_controller_nac_device_data( + switch_controller_nac_device_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("switch-controller", "nac-device", data=filtered_data, vdom=vdom) + return fos.set( + "switch-controller", "nac-device", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_settings.py index 8712ab0e3..516efed77 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_nac_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -277,9 +277,10 @@ def switch_controller_nac_settings(data, fos, check_mode=False): state = data["state"] switch_controller_nac_settings_data = data["switch_controller_nac_settings"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_nac_settings_data(switch_controller_nac_settings_data) + filtered_data = filter_switch_controller_nac_settings_data( + switch_controller_nac_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -348,7 +349,7 @@ def switch_controller_nac_settings(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "nac-settings", data=filtered_data, vdom=vdom + "switch-controller", "nac-settings", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_network_monitor_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_network_monitor_settings.py index f44991fd4..b2b21590a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_network_monitor_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_network_monitor_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -207,14 +207,13 @@ def switch_controller_network_monitor_settings(data, fos): switch_controller_network_monitor_settings_data = data[ "switch_controller_network_monitor_settings" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_network_monitor_settings_data( - switch_controller_network_monitor_settings_data - ) + filtered_data = filter_switch_controller_network_monitor_settings_data( + switch_controller_network_monitor_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "switch-controller", "network-monitor-settings", data=filtered_data, vdom=vdom + "switch-controller", "network-monitor-settings", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_poe.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_poe.py index 2ae26feca..e6be7670b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_poe.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_poe.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<fortiswitch_id>": "fortiswitch_id"} + speciallist = {"<fortiswitch_id>": "fortiswitch_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def switch_controller_poe(data, fos): vdom = data["vdom"] switch_controller_poe_data = data["switch_controller_poe"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_poe_data(switch_controller_poe_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_switch_controller_poe_data(switch_controller_poe_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("switch-controller", "poe", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_port_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_port_policy.py index f29345bd9..cf2d69a75 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_port_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_port_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -269,9 +269,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"802_1x": "set_802_1x"} + speciallist = {"802_1x": "set_802_1x"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -280,8 +280,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -297,10 +300,10 @@ def switch_controller_port_policy(data, fos, check_mode=False): state = data["state"] switch_controller_port_policy_data = data["switch_controller_port_policy"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_port_policy_data(switch_controller_port_policy_data) + filtered_data = filter_switch_controller_port_policy_data( + switch_controller_port_policy_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_interface_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_interface_policy.py index 7dca2d320..eedeeb8f7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_interface_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_interface_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -233,15 +233,14 @@ def switch_controller_ptp_interface_policy(data, fos): switch_controller_ptp_interface_policy_data = data[ "switch_controller_ptp_interface_policy" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_ptp_interface_policy_data( - switch_controller_ptp_interface_policy_data - ) + filtered_data = filter_switch_controller_ptp_interface_policy_data( + switch_controller_ptp_interface_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "switch-controller.ptp", "interface-policy", data=filtered_data, vdom=vdom + "switch-controller.ptp", "interface-policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_policy.py index 826ae004d..4de4f7785 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -233,9 +233,10 @@ def switch_controller_ptp_policy(data, fos, check_mode=False): state = data["state"] switch_controller_ptp_policy_data = data["switch_controller_ptp_policy"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_ptp_policy_data(switch_controller_ptp_policy_data) + filtered_data = filter_switch_controller_ptp_policy_data( + switch_controller_ptp_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -299,7 +300,9 @@ def switch_controller_ptp_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("switch-controller.ptp", "policy", data=filtered_data, vdom=vdom) + return fos.set( + "switch-controller.ptp", "policy", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_profile.py index f8ac99a13..d006fd741 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -268,13 +268,14 @@ def switch_controller_ptp_profile(data, fos): state = data["state"] switch_controller_ptp_profile_data = data["switch_controller_ptp_profile"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_ptp_profile_data(switch_controller_ptp_profile_data) + filtered_data = filter_switch_controller_ptp_profile_data( + switch_controller_ptp_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "switch-controller.ptp", "profile", data=filtered_data, vdom=vdom + "switch-controller.ptp", "profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_settings.py index 4629bb179..521a8a023 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_ptp_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -206,11 +206,12 @@ def underscore_to_hyphen(data): def switch_controller_ptp_settings(data, fos): vdom = data["vdom"] switch_controller_ptp_settings_data = data["switch_controller_ptp_settings"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_ptp_settings_data(switch_controller_ptp_settings_data) + filtered_data = filter_switch_controller_ptp_settings_data( + switch_controller_ptp_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller.ptp", "settings", data=filtered_data, vdom=vdom) + return fos.set("switch-controller.ptp", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_dot1p_map.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_dot1p_map.py index 843855b76..c8e2978a5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_dot1p_map.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_dot1p_map.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -362,11 +362,10 @@ def switch_controller_qos_dot1p_map(data, fos, check_mode=False): state = data["state"] switch_controller_qos_dot1p_map_data = data["switch_controller_qos_dot1p_map"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_qos_dot1p_map_data( - switch_controller_qos_dot1p_map_data - ) + filtered_data = filter_switch_controller_qos_dot1p_map_data( + switch_controller_qos_dot1p_map_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -435,7 +434,7 @@ def switch_controller_qos_dot1p_map(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller.qos", "dot1p-map", data=filtered_data, vdom=vdom + "switch-controller.qos", "dot1p-map", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_ip_dscp_map.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_ip_dscp_map.py index 0824b7a1c..678ccc078 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_ip_dscp_map.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_ip_dscp_map.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -330,11 +330,10 @@ def switch_controller_qos_ip_dscp_map(data, fos, check_mode=False): switch_controller_qos_ip_dscp_map_data = flatten_multilists_attributes( switch_controller_qos_ip_dscp_map_data ) - filtered_data = underscore_to_hyphen( - filter_switch_controller_qos_ip_dscp_map_data( - switch_controller_qos_ip_dscp_map_data - ) + filtered_data = filter_switch_controller_qos_ip_dscp_map_data( + switch_controller_qos_ip_dscp_map_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -403,7 +402,7 @@ def switch_controller_qos_ip_dscp_map(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller.qos", "ip-dscp-map", data=filtered_data, vdom=vdom + "switch-controller.qos", "ip-dscp-map", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_qos_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_qos_policy.py index 43c79f344..439e00e4a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_qos_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_qos_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -251,11 +251,10 @@ def switch_controller_qos_qos_policy(data, fos, check_mode=False): state = data["state"] switch_controller_qos_qos_policy_data = data["switch_controller_qos_qos_policy"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_qos_qos_policy_data( - switch_controller_qos_qos_policy_data - ) + filtered_data = filter_switch_controller_qos_qos_policy_data( + switch_controller_qos_qos_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -324,7 +323,7 @@ def switch_controller_qos_qos_policy(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller.qos", "qos-policy", data=filtered_data, vdom=vdom + "switch-controller.qos", "qos-policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_queue_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_queue_policy.py index 36812dace..e24b31d59 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_queue_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_qos_queue_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -302,11 +302,10 @@ def switch_controller_qos_queue_policy(data, fos, check_mode=False): state = data["state"] switch_controller_qos_queue_policy_data = data["switch_controller_qos_queue_policy"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_qos_queue_policy_data( - switch_controller_qos_queue_policy_data - ) + filtered_data = filter_switch_controller_qos_queue_policy_data( + switch_controller_qos_queue_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -375,7 +374,7 @@ def switch_controller_qos_queue_policy(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller.qos", "queue-policy", data=filtered_data, vdom=vdom + "switch-controller.qos", "queue-policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_quarantine.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_quarantine.py index 912ca70cc..1ba572005 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_quarantine.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_quarantine.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -243,11 +243,12 @@ def underscore_to_hyphen(data): def switch_controller_quarantine(data, fos): vdom = data["vdom"] switch_controller_quarantine_data = data["switch_controller_quarantine"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_quarantine_data(switch_controller_quarantine_data) + filtered_data = filter_switch_controller_quarantine_data( + switch_controller_quarantine_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "quarantine", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "quarantine", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_remote_log.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_remote_log.py index 1299aaab0..764215e6e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_remote_log.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_remote_log.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -295,9 +295,10 @@ def switch_controller_remote_log(data, fos, check_mode=False): state = data["state"] switch_controller_remote_log_data = data["switch_controller_remote_log"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_remote_log_data(switch_controller_remote_log_data) + filtered_data = filter_switch_controller_remote_log_data( + switch_controller_remote_log_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -361,7 +362,9 @@ def switch_controller_remote_log(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("switch-controller", "remote-log", data=filtered_data, vdom=vdom) + return fos.set( + "switch-controller", "remote-log", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_802_1x.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_802_1x.py index a118f082f..5d339252b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_802_1x.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_802_1x.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -384,11 +384,10 @@ def switch_controller_security_policy_802_1x(data, fos, check_mode=False): switch_controller_security_policy_802_1x_data = data[ "switch_controller_security_policy_802_1x" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_security_policy_802_1x_data( - switch_controller_security_policy_802_1x_data - ) + filtered_data = filter_switch_controller_security_policy_802_1x_data( + switch_controller_security_policy_802_1x_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -457,7 +456,10 @@ def switch_controller_security_policy_802_1x(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller.security-policy", "802-1X", data=filtered_data, vdom=vdom + "switch-controller.security-policy", + "802-1X", + data=converted_data, + vdom=vdom, ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_captive_portal.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_captive_portal.py index 06ddb93e7..c990132f4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_captive_portal.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_captive_portal.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -239,11 +239,10 @@ def switch_controller_security_policy_captive_portal(data, fos, check_mode=False switch_controller_security_policy_captive_portal_data = data[ "switch_controller_security_policy_captive_portal" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_security_policy_captive_portal_data( - switch_controller_security_policy_captive_portal_data - ) + filtered_data = filter_switch_controller_security_policy_captive_portal_data( + switch_controller_security_policy_captive_portal_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -317,7 +316,7 @@ def switch_controller_security_policy_captive_portal(data, fos, check_mode=False return fos.set( "switch-controller.security-policy", "captive-portal", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_local_access.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_local_access.py index d589a81e8..f66658474 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_local_access.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_security_policy_local_access.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -288,11 +288,10 @@ def switch_controller_security_policy_local_access(data, fos, check_mode=False): switch_controller_security_policy_local_access_data = flatten_multilists_attributes( switch_controller_security_policy_local_access_data ) - filtered_data = underscore_to_hyphen( - filter_switch_controller_security_policy_local_access_data( - switch_controller_security_policy_local_access_data - ) + filtered_data = filter_switch_controller_security_policy_local_access_data( + switch_controller_security_policy_local_access_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -366,7 +365,7 @@ def switch_controller_security_policy_local_access(data, fos, check_mode=False): return fos.set( "switch-controller.security-policy", "local-access", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_sflow.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_sflow.py index 8c2d6a975..ce5ab5fbb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_sflow.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_sflow.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -207,11 +207,10 @@ def underscore_to_hyphen(data): def switch_controller_sflow(data, fos): vdom = data["vdom"] switch_controller_sflow_data = data["switch_controller_sflow"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_sflow_data(switch_controller_sflow_data) - ) + filtered_data = filter_switch_controller_sflow_data(switch_controller_sflow_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "sflow", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "sflow", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_community.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_community.py index 19ff03854..a0e466d90 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_community.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_community.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -381,11 +381,10 @@ def switch_controller_snmp_community(data, fos, check_mode=False): switch_controller_snmp_community_data = flatten_multilists_attributes( switch_controller_snmp_community_data ) - filtered_data = underscore_to_hyphen( - filter_switch_controller_snmp_community_data( - switch_controller_snmp_community_data - ) + filtered_data = filter_switch_controller_snmp_community_data( + switch_controller_snmp_community_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -454,7 +453,7 @@ def switch_controller_snmp_community(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "snmp-community", data=filtered_data, vdom=vdom + "switch-controller", "snmp-community", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_sysinfo.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_sysinfo.py index 6bdbd18f5..1b0618324 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_sysinfo.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_sysinfo.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -225,11 +225,12 @@ def underscore_to_hyphen(data): def switch_controller_snmp_sysinfo(data, fos): vdom = data["vdom"] switch_controller_snmp_sysinfo_data = data["switch_controller_snmp_sysinfo"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_snmp_sysinfo_data(switch_controller_snmp_sysinfo_data) + filtered_data = filter_switch_controller_snmp_sysinfo_data( + switch_controller_snmp_sysinfo_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "snmp-sysinfo", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "snmp-sysinfo", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_trap_threshold.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_trap_threshold.py index 6131cc366..4b130261d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_trap_threshold.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_trap_threshold.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -218,14 +218,13 @@ def switch_controller_snmp_trap_threshold(data, fos): switch_controller_snmp_trap_threshold_data = data[ "switch_controller_snmp_trap_threshold" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_snmp_trap_threshold_data( - switch_controller_snmp_trap_threshold_data - ) + filtered_data = filter_switch_controller_snmp_trap_threshold_data( + switch_controller_snmp_trap_threshold_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "switch-controller", "snmp-trap-threshold", data=filtered_data, vdom=vdom + "switch-controller", "snmp-trap-threshold", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_user.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_user.py index b87c9e5de..b6d6892eb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_user.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_snmp_user.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -292,9 +292,10 @@ def switch_controller_snmp_user(data, fos, check_mode=False): state = data["state"] switch_controller_snmp_user_data = data["switch_controller_snmp_user"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_snmp_user_data(switch_controller_snmp_user_data) + filtered_data = filter_switch_controller_snmp_user_data( + switch_controller_snmp_user_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -358,7 +359,7 @@ def switch_controller_snmp_user(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("switch-controller", "snmp-user", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "snmp-user", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control.py index 9c3e92953..9d62eaf06 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -226,13 +226,12 @@ def underscore_to_hyphen(data): def switch_controller_storm_control(data, fos): vdom = data["vdom"] switch_controller_storm_control_data = data["switch_controller_storm_control"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_storm_control_data( - switch_controller_storm_control_data - ) + filtered_data = filter_switch_controller_storm_control_data( + switch_controller_storm_control_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "storm-control", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "storm-control", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control_policy.py index 7f8ab0592..b836bbd50 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_storm_control_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,11 +278,10 @@ def switch_controller_storm_control_policy(data, fos, check_mode=False): switch_controller_storm_control_policy_data = data[ "switch_controller_storm_control_policy" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_storm_control_policy_data( - switch_controller_storm_control_policy_data - ) + filtered_data = filter_switch_controller_storm_control_policy_data( + switch_controller_storm_control_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -351,7 +350,7 @@ def switch_controller_storm_control_policy(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "storm-control-policy", data=filtered_data, vdom=vdom + "switch-controller", "storm-control-policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_instance.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_instance.py index 2b9af5201..cbdccc05c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_instance.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_instance.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -239,9 +239,10 @@ def switch_controller_stp_instance(data, fos, check_mode=False): state = data["state"] switch_controller_stp_instance_data = data["switch_controller_stp_instance"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_stp_instance_data(switch_controller_stp_instance_data) + filtered_data = filter_switch_controller_stp_instance_data( + switch_controller_stp_instance_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -310,7 +311,7 @@ def switch_controller_stp_instance(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "stp-instance", data=filtered_data, vdom=vdom + "switch-controller", "stp-instance", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_settings.py index b81753ff2..3e7c4e41b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_stp_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,11 +249,12 @@ def underscore_to_hyphen(data): def switch_controller_stp_settings(data, fos): vdom = data["vdom"] switch_controller_stp_settings_data = data["switch_controller_stp_settings"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_stp_settings_data(switch_controller_stp_settings_data) + filtered_data = filter_switch_controller_stp_settings_data( + switch_controller_stp_settings_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "stp-settings", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "stp-settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_group.py index b2f2657b7..3f8b86ddb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,9 +254,10 @@ def switch_controller_switch_group(data, fos, check_mode=False): state = data["state"] switch_controller_switch_group_data = data["switch_controller_switch_group"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_switch_group_data(switch_controller_switch_group_data) + filtered_data = filter_switch_controller_switch_group_data( + switch_controller_switch_group_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -325,7 +326,7 @@ def switch_controller_switch_group(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "switch-group", data=filtered_data, vdom=vdom + "switch-controller", "switch-group", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_interface_tag.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_interface_tag.py index 6bc14b534..543999a6c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_interface_tag.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_interface_tag.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -227,11 +227,10 @@ def switch_controller_switch_interface_tag(data, fos, check_mode=False): switch_controller_switch_interface_tag_data = data[ "switch_controller_switch_interface_tag" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_switch_interface_tag_data( - switch_controller_switch_interface_tag_data - ) + filtered_data = filter_switch_controller_switch_interface_tag_data( + switch_controller_switch_interface_tag_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -300,7 +299,7 @@ def switch_controller_switch_interface_tag(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "switch-interface-tag", data=filtered_data, vdom=vdom + "switch-controller", "switch-interface-tag", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_log.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_log.py index 64ae1f08b..c2495d60e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_log.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_log.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -219,11 +219,12 @@ def underscore_to_hyphen(data): def switch_controller_switch_log(data, fos): vdom = data["vdom"] switch_controller_switch_log_data = data["switch_controller_switch_log"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_switch_log_data(switch_controller_switch_log_data) + filtered_data = filter_switch_controller_switch_log_data( + switch_controller_switch_log_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "switch-log", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "switch-log", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_profile.py index ce6ed48e6..a73419154 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_switch_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -270,11 +270,10 @@ def switch_controller_switch_profile(data, fos, check_mode=False): state = data["state"] switch_controller_switch_profile_data = data["switch_controller_switch_profile"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_switch_profile_data( - switch_controller_switch_profile_data - ) + filtered_data = filter_switch_controller_switch_profile_data( + switch_controller_switch_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -343,7 +342,7 @@ def switch_controller_switch_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "switch-profile", data=filtered_data, vdom=vdom + "switch-controller", "switch-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_system.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_system.py index fe364887f..380693c8d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_system.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_system.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -133,6 +133,7 @@ options: type: str choices: - 'compatible' + - 'moderate' - 'strict' """ @@ -276,11 +277,10 @@ def underscore_to_hyphen(data): def switch_controller_system(data, fos): vdom = data["vdom"] switch_controller_system_data = data["switch_controller_system"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_system_data(switch_controller_system_data) - ) + filtered_data = filter_switch_controller_system_data(switch_controller_system_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("switch-controller", "system", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "system", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -333,7 +333,11 @@ versioned_schema = { "tunnel_mode": { "v_range": [["v7.0.0", ""]], "type": "string", - "options": [{"value": "compatible"}, {"value": "strict"}], + "options": [ + {"value": "compatible"}, + {"value": "moderate", "v_range": [["v7.4.2", ""]]}, + {"value": "strict"}, + ], }, "caputp_echo_interval": {"v_range": [["v7.4.0", ""]], "type": "integer"}, "caputp_max_retransmit": {"v_range": [["v7.4.0", ""]], "type": "integer"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_policy.py index 5a77f22b4..3cd250349 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -281,11 +281,10 @@ def switch_controller_traffic_policy(data, fos, check_mode=False): state = data["state"] switch_controller_traffic_policy_data = data["switch_controller_traffic_policy"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_traffic_policy_data( - switch_controller_traffic_policy_data - ) + filtered_data = filter_switch_controller_traffic_policy_data( + switch_controller_traffic_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -354,7 +353,7 @@ def switch_controller_traffic_policy(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "traffic-policy", data=filtered_data, vdom=vdom + "switch-controller", "traffic-policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_sniffer.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_sniffer.py index 18661d727..65d74c38b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_sniffer.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_traffic_sniffer.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -316,14 +316,13 @@ def underscore_to_hyphen(data): def switch_controller_traffic_sniffer(data, fos): vdom = data["vdom"] switch_controller_traffic_sniffer_data = data["switch_controller_traffic_sniffer"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_traffic_sniffer_data( - switch_controller_traffic_sniffer_data - ) + filtered_data = filter_switch_controller_traffic_sniffer_data( + switch_controller_traffic_sniffer_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "switch-controller", "traffic-sniffer", data=filtered_data, vdom=vdom + "switch-controller", "traffic-sniffer", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_virtual_port_pool.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_virtual_port_pool.py index 0080d51b0..db220aa1b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_virtual_port_pool.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_virtual_port_pool.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,11 +232,10 @@ def switch_controller_virtual_port_pool(data, fos, check_mode=False): switch_controller_virtual_port_pool_data = data[ "switch_controller_virtual_port_pool" ] - filtered_data = underscore_to_hyphen( - filter_switch_controller_virtual_port_pool_data( - switch_controller_virtual_port_pool_data - ) + filtered_data = filter_switch_controller_virtual_port_pool_data( + switch_controller_virtual_port_pool_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -305,7 +304,7 @@ def switch_controller_virtual_port_pool(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "virtual-port-pool", data=filtered_data, vdom=vdom + "switch-controller", "virtual-port-pool", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan.py index 059f692f2..12f64fee3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -330,9 +330,8 @@ def switch_controller_vlan(data, fos, check_mode=False): state = data["state"] switch_controller_vlan_data = data["switch_controller_vlan"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_vlan_data(switch_controller_vlan_data) - ) + filtered_data = filter_switch_controller_vlan_data(switch_controller_vlan_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -396,7 +395,7 @@ def switch_controller_vlan(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("switch-controller", "vlan", data=filtered_data, vdom=vdom) + return fos.set("switch-controller", "vlan", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan_policy.py index 211974fba..bdaa8d63e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_switch_controller_vlan_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -294,9 +294,10 @@ def switch_controller_vlan_policy(data, fos, check_mode=False): state = data["state"] switch_controller_vlan_policy_data = data["switch_controller_vlan_policy"] - filtered_data = underscore_to_hyphen( - filter_switch_controller_vlan_policy_data(switch_controller_vlan_policy_data) + filtered_data = filter_switch_controller_vlan_policy_data( + switch_controller_vlan_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -363,7 +364,7 @@ def switch_controller_vlan_policy(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "switch-controller", "vlan-policy", data=filtered_data, vdom=vdom + "switch-controller", "vlan-policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_3g_modem_custom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_3g_modem_custom.py index 1545f0c8a..0f70b7a51 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_3g_modem_custom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_3g_modem_custom.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -271,9 +271,8 @@ def system_3g_modem_custom(data, fos, check_mode=False): state = data["state"] system_3g_modem_custom_data = data["system_3g_modem_custom"] - filtered_data = underscore_to_hyphen( - filter_system_3g_modem_custom_data(system_3g_modem_custom_data) - ) + filtered_data = filter_system_3g_modem_custom_data(system_3g_modem_custom_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -337,7 +336,7 @@ def system_3g_modem_custom(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.3g-modem", "custom", data=filtered_data, vdom=vdom) + return fos.set("system.3g-modem", "custom", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_accprofile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_accprofile.py index 9d34cf510..114e3c03f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_accprofile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_accprofile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -107,6 +107,41 @@ options: - 'none' - 'read' - 'read-write' + cli_config: + description: + - Enable/disable permission to run config commands. + type: str + choices: + - 'enable' + - 'disable' + cli_diagnose: + description: + - Enable/disable permission to run diagnostic commands. + type: str + choices: + - 'enable' + - 'disable' + cli_exec: + description: + - Enable/disable permission to run execute commands. + type: str + choices: + - 'enable' + - 'disable' + cli_get: + description: + - Enable/disable permission to run get commands. + type: str + choices: + - 'enable' + - 'disable' + cli_show: + description: + - Enable/disable permission to run show commands. + type: str + choices: + - 'enable' + - 'disable' comments: description: - Comment. @@ -538,6 +573,11 @@ EXAMPLES = """ admintimeout: "10" admintimeout_override: "enable" authgrp: "none" + cli_config: "enable" + cli_diagnose: "enable" + cli_exec: "enable" + cli_get: "enable" + cli_show: "enable" comments: "<your_own_value>" ftviewgrp: "none" fwgrp: "none" @@ -553,7 +593,7 @@ EXAMPLES = """ data_access: "none" report_access: "none" threat_weight: "none" - name: "default_name_21" + name: "default_name_26" netgrp: "none" netgrp_permission: cfg: "none" @@ -688,6 +728,11 @@ def filter_system_accprofile_data(json): "admintimeout", "admintimeout_override", "authgrp", + "cli_config", + "cli_diagnose", + "cli_exec", + "cli_get", + "cli_show", "comments", "ftviewgrp", "fwgrp", @@ -740,9 +785,8 @@ def system_accprofile(data, fos, check_mode=False): state = data["state"] system_accprofile_data = data["system_accprofile"] - filtered_data = underscore_to_hyphen( - filter_system_accprofile_data(system_accprofile_data) - ) + filtered_data = filter_system_accprofile_data(system_accprofile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -806,7 +850,7 @@ def system_accprofile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "accprofile", data=filtered_data, vdom=vdom) + return fos.set("system", "accprofile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "accprofile", mkey=filtered_data["name"], vdom=vdom) @@ -925,9 +969,13 @@ versioned_schema = { ], }, "wanoptgrp": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "none"}, {"value": "read"}, {"value": "read-write"}], + "options": [ + {"value": "none", "v_range": [["v6.0.0", ""]]}, + {"value": "read", "v_range": [["v6.0.0", ""]]}, + {"value": "read-write", "v_range": [["v6.0.0", ""]]}, + ], }, "wifi": { "v_range": [["v6.0.0", ""]], @@ -1242,7 +1290,11 @@ versioned_schema = { ], }, "mmsgtp": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [ {"value": "none"}, @@ -1276,8 +1328,28 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "admintimeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "system_diagnostics": { - "v_range": [["v6.4.0", ""]], + "cli_diagnose": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "cli_get": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "cli_show": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "cli_exec": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "cli_config": { + "v_range": [["v7.4.2", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, @@ -1291,6 +1363,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "system_diagnostics": { + "v_range": [["v6.4.0", "v7.4.1"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_acme.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_acme.py index 880b838f8..8f7cd0dc2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_acme.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_acme.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -268,9 +268,10 @@ def underscore_to_hyphen(data): def system_acme(data, fos): vdom = data["vdom"] system_acme_data = data["system_acme"] - filtered_data = underscore_to_hyphen(filter_system_acme_data(system_acme_data)) + filtered_data = filter_system_acme_data(system_acme_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "acme", data=filtered_data, vdom=vdom) + return fos.set("system", "acme", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_admin.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_admin.py index ac992d2ee..3e15ce662 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_admin.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_admin.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -904,7 +904,8 @@ def system_admin(data, fos, check_mode=False): state = data["state"] system_admin_data = data["system_admin"] - filtered_data = underscore_to_hyphen(filter_system_admin_data(system_admin_data)) + filtered_data = filter_system_admin_data(system_admin_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -968,7 +969,7 @@ def system_admin(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "admin", data=filtered_data, vdom=vdom) + return fos.set("system", "admin", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "admin", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_interrupt.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_interrupt.py index 8513a3a40..ca038d049 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_interrupt.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_interrupt.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -228,12 +228,13 @@ def system_affinity_interrupt(data, fos): state = data["state"] system_affinity_interrupt_data = data["system_affinity_interrupt"] - filtered_data = underscore_to_hyphen( - filter_system_affinity_interrupt_data(system_affinity_interrupt_data) + filtered_data = filter_system_affinity_interrupt_data( + system_affinity_interrupt_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system", "affinity-interrupt", data=filtered_data, vdom=vdom) + return fos.set("system", "affinity-interrupt", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_packet_redistribution.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_packet_redistribution.py index 449b38e3e..180d81671 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_packet_redistribution.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_affinity_packet_redistribution.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -243,15 +243,14 @@ def system_affinity_packet_redistribution(data, fos): system_affinity_packet_redistribution_data = data[ "system_affinity_packet_redistribution" ] - filtered_data = underscore_to_hyphen( - filter_system_affinity_packet_redistribution_data( - system_affinity_packet_redistribution_data - ) + filtered_data = filter_system_affinity_packet_redistribution_data( + system_affinity_packet_redistribution_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "system", "affinity-packet-redistribution", data=filtered_data, vdom=vdom + "system", "affinity-packet-redistribution", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alarm.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alarm.py index 95dec2dcb..f590dfbd2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alarm.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alarm.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -326,9 +326,10 @@ def underscore_to_hyphen(data): def system_alarm(data, fos): vdom = data["vdom"] system_alarm_data = data["system_alarm"] - filtered_data = underscore_to_hyphen(filter_system_alarm_data(system_alarm_data)) + filtered_data = filter_system_alarm_data(system_alarm_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "alarm", data=filtered_data, vdom=vdom) + return fos.set("system", "alarm", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alias.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alias.py index 1c9625ea3..0ba2c2a51 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alias.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_alias.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -230,7 +230,8 @@ def system_alias(data, fos, check_mode=False): state = data["state"] system_alias_data = data["system_alias"] - filtered_data = underscore_to_hyphen(filter_system_alias_data(system_alias_data)) + filtered_data = filter_system_alias_data(system_alias_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -294,7 +295,7 @@ def system_alias(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "alias", data=filtered_data, vdom=vdom) + return fos.set("system", "alias", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "alias", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_api_user.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_api_user.py index 35ed7120d..aaec1f1ec 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_api_user.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_api_user.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -320,9 +320,8 @@ def system_api_user(data, fos, check_mode=False): state = data["state"] system_api_user_data = data["system_api_user"] - filtered_data = underscore_to_hyphen( - filter_system_api_user_data(system_api_user_data) - ) + filtered_data = filter_system_api_user_data(system_api_user_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -386,7 +385,7 @@ def system_api_user(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "api-user", data=filtered_data, vdom=vdom) + return fos.set("system", "api-user", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "api-user", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_arp_table.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_arp_table.py index 6bea2102d..e65543ca1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_arp_table.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_arp_table.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,9 +242,8 @@ def system_arp_table(data, fos, check_mode=False): state = data["state"] system_arp_table_data = data["system_arp_table"] - filtered_data = underscore_to_hyphen( - filter_system_arp_table_data(system_arp_table_data) - ) + filtered_data = filter_system_arp_table_data(system_arp_table_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -308,7 +307,7 @@ def system_arp_table(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "arp-table", data=filtered_data, vdom=vdom) + return fos.set("system", "arp-table", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "arp-table", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_install.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_install.py index 47a086983..1f0ef0325 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_install.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_install.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -228,11 +228,10 @@ def underscore_to_hyphen(data): def system_auto_install(data, fos): vdom = data["vdom"] system_auto_install_data = data["system_auto_install"] - filtered_data = underscore_to_hyphen( - filter_system_auto_install_data(system_auto_install_data) - ) + filtered_data = filter_system_auto_install_data(system_auto_install_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "auto-install", data=filtered_data, vdom=vdom) + return fos.set("system", "auto-install", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_script.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_script.py index cca20c843..38a30f09d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_script.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_auto_script.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -266,9 +266,8 @@ def system_auto_script(data, fos, check_mode=False): state = data["state"] system_auto_script_data = data["system_auto_script"] - filtered_data = underscore_to_hyphen( - filter_system_auto_script_data(system_auto_script_data) - ) + filtered_data = filter_system_auto_script_data(system_auto_script_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -332,7 +331,7 @@ def system_auto_script(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "auto-script", data=filtered_data, vdom=vdom) + return fos.set("system", "auto-script", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_action.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_action.py index 6f1e61dd4..c0b2b5411 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_action.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_action.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -656,9 +656,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -667,8 +667,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -684,10 +687,8 @@ def system_automation_action(data, fos, check_mode=False): state = data["state"] system_automation_action_data = data["system_automation_action"] - filtered_data = underscore_to_hyphen( - filter_system_automation_action_data(system_automation_action_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_system_automation_action_data(system_automation_action_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_destination.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_destination.py index 5520e0609..b6dbe36fc 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_destination.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_destination.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -252,9 +252,10 @@ def system_automation_destination(data, fos, check_mode=False): state = data["state"] system_automation_destination_data = data["system_automation_destination"] - filtered_data = underscore_to_hyphen( - filter_system_automation_destination_data(system_automation_destination_data) + filtered_data = filter_system_automation_destination_data( + system_automation_destination_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -321,7 +322,7 @@ def system_automation_destination(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "system", "automation-destination", data=filtered_data, vdom=vdom + "system", "automation-destination", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_stitch.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_stitch.py index 60f1f7f89..f3691e362 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_stitch.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_stitch.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -311,9 +311,8 @@ def system_automation_stitch(data, fos, check_mode=False): state = data["state"] system_automation_stitch_data = data["system_automation_stitch"] - filtered_data = underscore_to_hyphen( - filter_system_automation_stitch_data(system_automation_stitch_data) - ) + filtered_data = filter_system_automation_stitch_data(system_automation_stitch_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -377,7 +376,7 @@ def system_automation_stitch(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "automation-stitch", data=filtered_data, vdom=vdom) + return fos.set("system", "automation-stitch", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_trigger.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_trigger.py index 123cca8cf..114426715 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_trigger.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_automation_trigger.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -448,9 +448,10 @@ def system_automation_trigger(data, fos, check_mode=False): state = data["state"] system_automation_trigger_data = data["system_automation_trigger"] - filtered_data = underscore_to_hyphen( - filter_system_automation_trigger_data(system_automation_trigger_data) + filtered_data = filter_system_automation_trigger_data( + system_automation_trigger_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -514,7 +515,7 @@ def system_automation_trigger(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "automation-trigger", data=filtered_data, vdom=vdom) + return fos.set("system", "automation-trigger", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_push_update.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_push_update.py index 5f83d51da..9ffb401f8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_push_update.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_push_update.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -223,11 +223,12 @@ def underscore_to_hyphen(data): def system_autoupdate_push_update(data, fos): vdom = data["vdom"] system_autoupdate_push_update_data = data["system_autoupdate_push_update"] - filtered_data = underscore_to_hyphen( - filter_system_autoupdate_push_update_data(system_autoupdate_push_update_data) + filtered_data = filter_system_autoupdate_push_update_data( + system_autoupdate_push_update_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system.autoupdate", "push-update", data=filtered_data, vdom=vdom) + return fos.set("system.autoupdate", "push-update", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_schedule.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_schedule.py index f6a5b3d76..fad0ce4a0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_schedule.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_schedule.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -233,11 +233,12 @@ def underscore_to_hyphen(data): def system_autoupdate_schedule(data, fos): vdom = data["vdom"] system_autoupdate_schedule_data = data["system_autoupdate_schedule"] - filtered_data = underscore_to_hyphen( - filter_system_autoupdate_schedule_data(system_autoupdate_schedule_data) + filtered_data = filter_system_autoupdate_schedule_data( + system_autoupdate_schedule_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system.autoupdate", "schedule", data=filtered_data, vdom=vdom) + return fos.set("system.autoupdate", "schedule", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_tunneling.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_tunneling.py index fcfa5218b..b88821f43 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_tunneling.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_autoupdate_tunneling.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -225,11 +225,12 @@ def underscore_to_hyphen(data): def system_autoupdate_tunneling(data, fos): vdom = data["vdom"] system_autoupdate_tunneling_data = data["system_autoupdate_tunneling"] - filtered_data = underscore_to_hyphen( - filter_system_autoupdate_tunneling_data(system_autoupdate_tunneling_data) + filtered_data = filter_system_autoupdate_tunneling_data( + system_autoupdate_tunneling_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system.autoupdate", "tunneling", data=filtered_data, vdom=vdom) + return fos.set("system.autoupdate", "tunneling", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_central_management.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_central_management.py index 4ee9a808f..e062c650d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_central_management.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_central_management.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -446,11 +446,12 @@ def system_central_management(data, fos): system_central_management_data = flatten_multilists_attributes( system_central_management_data ) - filtered_data = underscore_to_hyphen( - filter_system_central_management_data(system_central_management_data) + filtered_data = filter_system_central_management_data( + system_central_management_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "central-management", data=filtered_data, vdom=vdom) + return fos.set("system", "central-management", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_cluster_sync.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_cluster_sync.py index e07446961..751fee999 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_cluster_sync.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_cluster_sync.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -400,9 +400,8 @@ def system_cluster_sync(data, fos, check_mode=False): state = data["state"] system_cluster_sync_data = data["system_cluster_sync"] - filtered_data = underscore_to_hyphen( - filter_system_cluster_sync_data(system_cluster_sync_data) - ) + filtered_data = filter_system_cluster_sync_data(system_cluster_sync_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -466,7 +465,7 @@ def system_cluster_sync(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "cluster-sync", data=filtered_data, vdom=vdom) + return fos.set("system", "cluster-sync", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_console.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_console.py index d6024d795..924d59a69 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_console.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_console.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -240,11 +240,10 @@ def underscore_to_hyphen(data): def system_console(data, fos): vdom = data["vdom"] system_console_data = data["system_console"] - filtered_data = underscore_to_hyphen( - filter_system_console_data(system_console_data) - ) + filtered_data = filter_system_console_data(system_console_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "console", data=filtered_data, vdom=vdom) + return fos.set("system", "console", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -279,17 +278,6 @@ versioned_schema = { "v_range": [["v6.0.0", ""]], "type": "dict", "children": { - "baudrate": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [ - {"value": "9600"}, - {"value": "19200"}, - {"value": "38400"}, - {"value": "57600"}, - {"value": "115200"}, - ], - }, "output": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -305,6 +293,17 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "baudrate": { + "v_range": [["v6.0.0", "v7.4.1"]], + "type": "string", + "options": [ + {"value": "9600"}, + {"value": "19200"}, + {"value": "38400"}, + {"value": "57600"}, + {"value": "115200"}, + ], + }, "mode": { "v_range": [["v6.0.0", "v7.4.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_csf.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_csf.py index 5fabacb2c..b45a7662e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_csf.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_csf.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -310,6 +310,10 @@ options: description: - Serial. type: str + uid: + description: + - Unique ID of the current CSF node + type: str upstream: description: - IP/FQDN of the FortiGate upstream from this FortiGate in the Security Fabric. @@ -376,6 +380,7 @@ EXAMPLES = """ index: "0" name: "default_name_44" serial: "<your_own_value>" + uid: "<your_own_value>" upstream: "<your_own_value>" upstream_ip: "<your_own_value>" upstream_port: "8013" @@ -485,6 +490,7 @@ def filter_system_csf_data(json): "saml_configuration_sync", "status", "trusted_list", + "uid", "upstream", "upstream_ip", "upstream_port", @@ -546,9 +552,10 @@ def system_csf(data, fos): vdom = data["vdom"] system_csf_data = data["system_csf"] system_csf_data = flatten_multilists_attributes(system_csf_data) - filtered_data = underscore_to_hyphen(filter_system_csf_data(system_csf_data)) + filtered_data = filter_system_csf_data(system_csf_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "csf", data=filtered_data, vdom=vdom) + return fos.set("system", "csf", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -588,6 +595,7 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "uid": {"v_range": [["v7.4.2", ""]], "type": "string"}, "upstream": {"v_range": [["v7.0.2", ""]], "type": "string"}, "upstream_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "group_name": {"v_range": [["v6.0.0", ""]], "type": "string"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_custom_language.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_custom_language.py index 07c26ba1f..a9e3c7595 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_custom_language.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_custom_language.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,9 +235,8 @@ def system_custom_language(data, fos, check_mode=False): state = data["state"] system_custom_language_data = data["system_custom_language"] - filtered_data = underscore_to_hyphen( - filter_system_custom_language_data(system_custom_language_data) - ) + filtered_data = filter_system_custom_language_data(system_custom_language_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -301,7 +300,7 @@ def system_custom_language(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "custom-language", data=filtered_data, vdom=vdom) + return fos.set("system", "custom-language", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ddns.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ddns.py index c9b288a75..addc1ccee 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ddns.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ddns.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -394,7 +394,8 @@ def system_ddns(data, fos, check_mode=False): state = data["state"] system_ddns_data = data["system_ddns"] - filtered_data = underscore_to_hyphen(filter_system_ddns_data(system_ddns_data)) + filtered_data = filter_system_ddns_data(system_ddns_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -458,7 +459,7 @@ def system_ddns(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "ddns", data=filtered_data, vdom=vdom) + return fos.set("system", "ddns", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "ddns", mkey=filtered_data["ddnsid"], vdom=vdom) @@ -517,6 +518,11 @@ versioned_schema = { {"value": "noip.com"}, ], }, + "addr_type": { + "v_range": [["v7.0.0", ""]], + "type": "string", + "options": [{"value": "ipv4"}, {"value": "ipv6"}], + }, "server_type": { "v_range": [["v7.0.0", ""]], "type": "string", @@ -552,11 +558,6 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, - "addr_type": { - "v_range": [["v7.0.0", ""]], - "type": "string", - "options": [{"value": "ipv4"}, {"value": "ipv6"}], - }, "update_interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "clear_text": { "v_range": [["v6.0.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dedicated_mgmt.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dedicated_mgmt.py index 9ccd23b3b..738ad0bd8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dedicated_mgmt.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dedicated_mgmt.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,11 +246,10 @@ def underscore_to_hyphen(data): def system_dedicated_mgmt(data, fos): vdom = data["vdom"] system_dedicated_mgmt_data = data["system_dedicated_mgmt"] - filtered_data = underscore_to_hyphen( - filter_system_dedicated_mgmt_data(system_dedicated_mgmt_data) - ) + filtered_data = filter_system_dedicated_mgmt_data(system_dedicated_mgmt_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "dedicated-mgmt", data=filtered_data, vdom=vdom) + return fos.set("system", "dedicated-mgmt", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_device_upgrade.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_device_upgrade.py index 091908c9a..8caa221e4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_device_upgrade.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_device_upgrade.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -93,6 +93,7 @@ options: - Fortinet device type. type: str choices: + - 'fortigate' - 'fortiswitch' - 'fortiap' - 'fortiextender' @@ -117,6 +118,21 @@ options: - 'config-error-log-nonempty' - 'csf-tree-not-supported' - 'node-failed' + ha_reboot_controller: + description: + - Serial number of the FortiGate unit that will control the reboot process for the federated upgrade of the HA cluster. + type: str + known_ha_members: + description: + - Known members of the HA cluster. If a member is missing at upgrade time, the upgrade will be cancelled. + type: list + elements: dict + suboptions: + serial: + description: + - Serial number of HA member + required: true + type: str maximum_minutes: description: - Maximum number of minutes to allow for immediate upgrade preparation. @@ -172,8 +188,12 @@ EXAMPLES = """ state: "present" access_token: "<your_own_value>" system_device_upgrade: - device_type: "fortiswitch" + device_type: "fortigate" failure_reason: "none" + ha_reboot_controller: "<your_own_value>" + known_ha_members: + - + serial: "<your_own_value>" maximum_minutes: "15" serial: "<your_own_value>" setup_time: "<your_own_value>" @@ -266,6 +286,8 @@ def filter_system_device_upgrade_data(json): option_list = [ "device_type", "failure_reason", + "ha_reboot_controller", + "known_ha_members", "maximum_minutes", "serial", "setup_time", @@ -304,12 +326,11 @@ def system_device_upgrade(data, fos): state = data["state"] system_device_upgrade_data = data["system_device_upgrade"] - filtered_data = underscore_to_hyphen( - filter_system_device_upgrade_data(system_device_upgrade_data) - ) + filtered_data = filter_system_device_upgrade_data(system_device_upgrade_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system", "device-upgrade", data=filtered_data, vdom=vdom) + return fos.set("system", "device-upgrade", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -365,6 +386,7 @@ versioned_schema = { "v_range": [["v7.2.4", ""]], "type": "string", "options": [ + {"value": "fortigate", "v_range": [["v7.4.2", ""]]}, {"value": "fortiswitch"}, {"value": "fortiap"}, {"value": "fortiextender"}, @@ -411,6 +433,19 @@ versioned_schema = { {"value": "node-failed"}, ], }, + "ha_reboot_controller": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "known_ha_members": { + "type": "list", + "elements": "dict", + "children": { + "serial": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, }, "v_range": [["v7.2.4", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp6_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp6_server.py index b1d64e836..f49f7edb4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp6_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp6_server.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -417,9 +417,8 @@ def system_dhcp6_server(data, fos, check_mode=False): state = data["state"] system_dhcp6_server_data = data["system_dhcp6_server"] - filtered_data = underscore_to_hyphen( - filter_system_dhcp6_server_data(system_dhcp6_server_data) - ) + filtered_data = filter_system_dhcp6_server_data(system_dhcp6_server_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -483,7 +482,7 @@ def system_dhcp6_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.dhcp6", "server", data=filtered_data, vdom=vdom) + return fos.set("system.dhcp6", "server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system.dhcp6", "server", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp_server.py index ef55a21b3..38d5f8a4f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dhcp_server.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -549,7 +549,7 @@ options: type: str timezone: description: - - Select the time zone to be assigned to DHCP clients. + - Select the time zone to be assigned to DHCP clients. Source system.timezone.name. type: str choices: - '01' @@ -1014,9 +1014,8 @@ def system_dhcp_server(data, fos, check_mode=False): system_dhcp_server_data = data["system_dhcp_server"] system_dhcp_server_data = flatten_multilists_attributes(system_dhcp_server_data) - filtered_data = underscore_to_hyphen( - filter_system_dhcp_server_data(system_dhcp_server_data) - ) + filtered_data = filter_system_dhcp_server_data(system_dhcp_server_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1080,7 +1079,7 @@ def system_dhcp_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.dhcp", "server", data=filtered_data, vdom=vdom) + return fos.set("system.dhcp", "server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system.dhcp", "server", mkey=filtered_data["id"], vdom=vdom) @@ -1232,94 +1231,94 @@ versioned_schema = { "v_range": [["v6.0.0", ""]], "type": "string", "options": [ - {"value": "01"}, - {"value": "02"}, - {"value": "03"}, - {"value": "04"}, - {"value": "05"}, - {"value": "81"}, - {"value": "06"}, - {"value": "07"}, - {"value": "08"}, - {"value": "09"}, - {"value": "10"}, - {"value": "11"}, - {"value": "12"}, - {"value": "13"}, - {"value": "74"}, - {"value": "14"}, - {"value": "77"}, - {"value": "15"}, - {"value": "87"}, - {"value": "16"}, - {"value": "17"}, - {"value": "18"}, - {"value": "19"}, - {"value": "20"}, - {"value": "75"}, - {"value": "21"}, - {"value": "22"}, - {"value": "23"}, - {"value": "24"}, - {"value": "80"}, - {"value": "79"}, - {"value": "25"}, - {"value": "26"}, - {"value": "27"}, - {"value": "28"}, - {"value": "78"}, - {"value": "29"}, - {"value": "30"}, - {"value": "31"}, - {"value": "32"}, - {"value": "33"}, - {"value": "34"}, - {"value": "35"}, - {"value": "36"}, - {"value": "37"}, - {"value": "38"}, - {"value": "83"}, - {"value": "84"}, - {"value": "40"}, - {"value": "85"}, - {"value": "39"}, - {"value": "41"}, - {"value": "42"}, - {"value": "43"}, - {"value": "44"}, - {"value": "45"}, - {"value": "46"}, - {"value": "47"}, - {"value": "51"}, - {"value": "48"}, - {"value": "49"}, - {"value": "50"}, - {"value": "52"}, - {"value": "53"}, - {"value": "54"}, - {"value": "55"}, - {"value": "56"}, - {"value": "57"}, - {"value": "58"}, - {"value": "59"}, - {"value": "60"}, - {"value": "61"}, - {"value": "62"}, - {"value": "63"}, - {"value": "64"}, - {"value": "65"}, - {"value": "66"}, - {"value": "67"}, - {"value": "68"}, - {"value": "69"}, - {"value": "70"}, - {"value": "71"}, - {"value": "72"}, - {"value": "00"}, - {"value": "82"}, - {"value": "73"}, - {"value": "86"}, - {"value": "76"}, + {"value": "01", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "02", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "03", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "04", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "05", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "81", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "06", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "07", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "08", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "09", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "10", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "11", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "12", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "13", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "74", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "14", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "77", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "15", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "87", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "16", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "17", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "18", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "19", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "20", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "75", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "21", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "22", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "23", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "24", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "80", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "79", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "25", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "26", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "27", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "28", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "78", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "29", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "30", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "31", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "32", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "33", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "34", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "35", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "36", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "37", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "38", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "83", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "84", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "40", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "85", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "39", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "41", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "42", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "43", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "44", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "45", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "46", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "47", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "51", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "48", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "49", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "50", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "52", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "53", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "54", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "55", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "56", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "57", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "58", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "59", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "60", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "61", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "62", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "63", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "64", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "65", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "66", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "67", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "68", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "69", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "70", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "71", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "72", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "00", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "82", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "73", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "86", "v_range": [["v6.0.0", "v7.4.1"]]}, + {"value": "76", "v_range": [["v6.0.0", "v7.4.1"]]}, ], }, "tftp_server": { diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns.py index 4a6bbcb4f..1c8400943 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -413,9 +413,10 @@ def system_dns(data, fos): vdom = data["vdom"] system_dns_data = data["system_dns"] system_dns_data = flatten_multilists_attributes(system_dns_data) - filtered_data = underscore_to_hyphen(filter_system_dns_data(system_dns_data)) + filtered_data = filter_system_dns_data(system_dns_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "dns", data=filtered_data, vdom=vdom) + return fos.set("system", "dns", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns64.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns64.py index eac6ad65a..79bfb9cc8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns64.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns64.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -218,9 +218,10 @@ def underscore_to_hyphen(data): def system_dns64(data, fos): vdom = data["vdom"] system_dns64_data = data["system_dns64"] - filtered_data = underscore_to_hyphen(filter_system_dns64_data(system_dns64_data)) + filtered_data = filter_system_dns64_data(system_dns64_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "dns64", data=filtered_data, vdom=vdom) + return fos.set("system", "dns64", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_database.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_database.py index 5bf067739..1a6aa161a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_database.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_database.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -439,9 +439,8 @@ def system_dns_database(data, fos, check_mode=False): system_dns_database_data = data["system_dns_database"] system_dns_database_data = flatten_multilists_attributes(system_dns_database_data) - filtered_data = underscore_to_hyphen( - filter_system_dns_database_data(system_dns_database_data) - ) + filtered_data = filter_system_dns_database_data(system_dns_database_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -505,7 +504,7 @@ def system_dns_database(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "dns-database", data=filtered_data, vdom=vdom) + return fos.set("system", "dns-database", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_server.py index d12995beb..e9b5cfec5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dns_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -263,9 +263,8 @@ def system_dns_server(data, fos, check_mode=False): state = data["state"] system_dns_server_data = data["system_dns_server"] - filtered_data = underscore_to_hyphen( - filter_system_dns_server_data(system_dns_server_data) - ) + filtered_data = filter_system_dns_server_data(system_dns_server_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -329,7 +328,7 @@ def system_dns_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "dns-server", data=filtered_data, vdom=vdom) + return fos.set("system", "dns-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "dns-server", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dscp_based_priority.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dscp_based_priority.py index 3a68444fb..890e40df0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dscp_based_priority.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_dscp_based_priority.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -241,9 +241,10 @@ def system_dscp_based_priority(data, fos, check_mode=False): state = data["state"] system_dscp_based_priority_data = data["system_dscp_based_priority"] - filtered_data = underscore_to_hyphen( - filter_system_dscp_based_priority_data(system_dscp_based_priority_data) + filtered_data = filter_system_dscp_based_priority_data( + system_dscp_based_priority_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -307,7 +308,7 @@ def system_dscp_based_priority(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "dscp-based-priority", data=filtered_data, vdom=vdom) + return fos.set("system", "dscp-based-priority", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_email_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_email_server.py index f01c8c544..4d55d8518 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_email_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_email_server.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -308,11 +308,10 @@ def underscore_to_hyphen(data): def system_email_server(data, fos): vdom = data["vdom"] system_email_server_data = data["system_email_server"] - filtered_data = underscore_to_hyphen( - filter_system_email_server_data(system_email_server_data) - ) + filtered_data = filter_system_email_server_data(system_email_server_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "email-server", data=filtered_data, vdom=vdom) + return fos.set("system", "email-server", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_evpn.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_evpn.py index fef5bdb27..543d27c8b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_evpn.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_evpn.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -274,10 +274,11 @@ def system_evpn(data, fos): state = data["state"] system_evpn_data = data["system_evpn"] - filtered_data = underscore_to_hyphen(filter_system_evpn_data(system_evpn_data)) + filtered_data = filter_system_evpn_data(system_evpn_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system", "evpn", data=filtered_data, vdom=vdom) + return fos.set("system", "evpn", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "evpn", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_external_resource.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_external_resource.py index 1fb156cfc..ca231074f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_external_resource.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_external_resource.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -154,6 +154,7 @@ options: - 'domain' - 'malware' - 'mac-address' + - 'data' update_method: description: - External resource update method. @@ -337,9 +338,8 @@ def system_external_resource(data, fos, check_mode=False): state = data["state"] system_external_resource_data = data["system_external_resource"] - filtered_data = underscore_to_hyphen( - filter_system_external_resource_data(system_external_resource_data) - ) + filtered_data = filter_system_external_resource_data(system_external_resource_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -403,7 +403,7 @@ def system_external_resource(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "external-resource", data=filtered_data, vdom=vdom) + return fos.set("system", "external-resource", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -464,6 +464,7 @@ versioned_schema = { {"value": "domain"}, {"value": "malware", "v_range": [["v6.2.0", ""]]}, {"value": "mac-address", "v_range": [["v7.4.0", ""]]}, + {"value": "data", "v_range": [["v7.4.2", ""]]}, ], }, "update_method": { diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fabric_vpn.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fabric_vpn.py index e82f3643f..e0b62afa9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fabric_vpn.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fabric_vpn.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -429,11 +429,10 @@ def system_fabric_vpn(data, fos): vdom = data["vdom"] system_fabric_vpn_data = data["system_fabric_vpn"] system_fabric_vpn_data = flatten_multilists_attributes(system_fabric_vpn_data) - filtered_data = underscore_to_hyphen( - filter_system_fabric_vpn_data(system_fabric_vpn_data) - ) + filtered_data = filter_system_fabric_vpn_data(system_fabric_vpn_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fabric-vpn", data=filtered_data, vdom=vdom) + return fos.set("system", "fabric-vpn", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_federated_upgrade.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_federated_upgrade.py index 0c683b26c..73dd6ba40 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_federated_upgrade.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_federated_upgrade.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -109,6 +109,17 @@ options: description: - Serial number of the FortiGate unit that will control the reboot process for the federated upgrade of the HA cluster. type: str + known_ha_members: + description: + - Known members of the HA cluster. If a member is missing at upgrade time, the upgrade will be cancelled. + type: list + elements: dict + suboptions: + serial: + description: + - Serial number of HA member + required: true + type: str next_path_index: description: - The index of the next image to upgrade to. @@ -193,6 +204,9 @@ EXAMPLES = """ failure_device: "<your_own_value>" failure_reason: "none" ha_reboot_controller: "<your_own_value>" + known_ha_members: + - + serial: "<your_own_value>" next_path_index: "0" node_list: - @@ -292,6 +306,7 @@ def filter_system_federated_upgrade_data(json): "failure_device", "failure_reason", "ha_reboot_controller", + "known_ha_members", "next_path_index", "node_list", "status", @@ -324,11 +339,10 @@ def underscore_to_hyphen(data): def system_federated_upgrade(data, fos): vdom = data["vdom"] system_federated_upgrade_data = data["system_federated_upgrade"] - filtered_data = underscore_to_hyphen( - filter_system_federated_upgrade_data(system_federated_upgrade_data) - ) + filtered_data = filter_system_federated_upgrade_data(system_federated_upgrade_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "federated-upgrade", data=filtered_data, vdom=vdom) + return fos.set("system", "federated-upgrade", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -411,6 +425,18 @@ versioned_schema = { "upgrade_id": {"v_range": [["v7.0.0", ""]], "type": "integer"}, "next_path_index": {"v_range": [["v7.0.4", ""]], "type": "integer"}, "ha_reboot_controller": {"v_range": [["v7.4.0", ""]], "type": "string"}, + "known_ha_members": { + "type": "list", + "elements": "dict", + "children": { + "serial": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, "node_list": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fips_cc.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fips_cc.py index 3feeec573..7f200f90d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fips_cc.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fips_cc.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,11 +232,10 @@ def underscore_to_hyphen(data): def system_fips_cc(data, fos): vdom = data["vdom"] system_fips_cc_data = data["system_fips_cc"] - filtered_data = underscore_to_hyphen( - filter_system_fips_cc_data(system_fips_cc_data) - ) + filtered_data = filter_system_fips_cc_data(system_fips_cc_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fips-cc", data=filtered_data, vdom=vdom) + return fos.set("system", "fips-cc", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fm.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fm.py index 26d875516..3175a942b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fm.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fm.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -252,9 +252,10 @@ def underscore_to_hyphen(data): def system_fm(data, fos): vdom = data["vdom"] system_fm_data = data["system_fm"] - filtered_data = underscore_to_hyphen(filter_system_fm_data(system_fm_data)) + filtered_data = filter_system_fm_data(system_fm_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fm", data=filtered_data, vdom=vdom) + return fos.set("system", "fm", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiai.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiai.py index b06398f9f..0202b83fa 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiai.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiai.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -224,11 +224,10 @@ def underscore_to_hyphen(data): def system_fortiai(data, fos): vdom = data["vdom"] system_fortiai_data = data["system_fortiai"] - filtered_data = underscore_to_hyphen( - filter_system_fortiai_data(system_fortiai_data) - ) + filtered_data = filter_system_fortiai_data(system_fortiai_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fortiai", data=filtered_data, vdom=vdom) + return fos.set("system", "fortiai", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiguard.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiguard.py index 1faf14d6c..8ac457935 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiguard.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortiguard.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -698,11 +698,10 @@ def system_fortiguard(data, fos): vdom = data["vdom"] system_fortiguard_data = data["system_fortiguard"] system_fortiguard_data = flatten_multilists_attributes(system_fortiguard_data) - filtered_data = underscore_to_hyphen( - filter_system_fortiguard_data(system_fortiguard_data) - ) + filtered_data = filter_system_fortiguard_data(system_fortiguard_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fortiguard", data=filtered_data, vdom=vdom) + return fos.set("system", "fortiguard", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortimanager.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortimanager.py index 2bdfae1c6..4391dbb92 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortimanager.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortimanager.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -255,11 +255,10 @@ def underscore_to_hyphen(data): def system_fortimanager(data, fos): vdom = data["vdom"] system_fortimanager_data = data["system_fortimanager"] - filtered_data = underscore_to_hyphen( - filter_system_fortimanager_data(system_fortimanager_data) - ) + filtered_data = filter_system_fortimanager_data(system_fortimanager_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fortimanager", data=filtered_data, vdom=vdom) + return fos.set("system", "fortimanager", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortindr.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortindr.py index e460aa910..666617a8e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortindr.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortindr.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -224,11 +224,10 @@ def underscore_to_hyphen(data): def system_fortindr(data, fos): vdom = data["vdom"] system_fortindr_data = data["system_fortindr"] - filtered_data = underscore_to_hyphen( - filter_system_fortindr_data(system_fortindr_data) - ) + filtered_data = filter_system_fortindr_data(system_fortindr_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fortindr", data=filtered_data, vdom=vdom) + return fos.set("system", "fortindr", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortisandbox.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortisandbox.py index f3e2e86a6..bcd31fadb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortisandbox.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fortisandbox.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -282,11 +282,10 @@ def underscore_to_hyphen(data): def system_fortisandbox(data, fos): vdom = data["vdom"] system_fortisandbox_data = data["system_fortisandbox"] - filtered_data = underscore_to_hyphen( - filter_system_fortisandbox_data(system_fortisandbox_data) - ) + filtered_data = filter_system_fortisandbox_data(system_fortisandbox_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fortisandbox", data=filtered_data, vdom=vdom) + return fos.set("system", "fortisandbox", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fsso_polling.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fsso_polling.py index 25e6dc747..e36bb55aa 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fsso_polling.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_fsso_polling.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -223,11 +223,10 @@ def underscore_to_hyphen(data): def system_fsso_polling(data, fos): vdom = data["vdom"] system_fsso_polling_data = data["system_fsso_polling"] - filtered_data = underscore_to_hyphen( - filter_system_fsso_polling_data(system_fsso_polling_data) - ) + filtered_data = filter_system_fsso_polling_data(system_fsso_polling_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "fsso-polling", data=filtered_data, vdom=vdom) + return fos.set("system", "fsso-polling", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ftm_push.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ftm_push.py index ee1a109db..1b739163e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ftm_push.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ftm_push.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -240,11 +240,10 @@ def underscore_to_hyphen(data): def system_ftm_push(data, fos): vdom = data["vdom"] system_ftm_push_data = data["system_ftm_push"] - filtered_data = underscore_to_hyphen( - filter_system_ftm_push_data(system_ftm_push_data) - ) + filtered_data = filter_system_ftm_push_data(system_ftm_push_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ftm-push", data=filtered_data, vdom=vdom) + return fos.set("system", "ftm-push", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geneve.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geneve.py index f265df516..29fe00424 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geneve.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geneve.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -275,7 +275,8 @@ def system_geneve(data, fos, check_mode=False): state = data["state"] system_geneve_data = data["system_geneve"] - filtered_data = underscore_to_hyphen(filter_system_geneve_data(system_geneve_data)) + filtered_data = filter_system_geneve_data(system_geneve_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -339,7 +340,7 @@ def system_geneve(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "geneve", data=filtered_data, vdom=vdom) + return fos.set("system", "geneve", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "geneve", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_country.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_country.py index 94f57bf81..36f459774 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_country.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_country.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -230,9 +230,8 @@ def system_geoip_country(data, fos, check_mode=False): state = data["state"] system_geoip_country_data = data["system_geoip_country"] - filtered_data = underscore_to_hyphen( - filter_system_geoip_country_data(system_geoip_country_data) - ) + filtered_data = filter_system_geoip_country_data(system_geoip_country_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -296,7 +295,7 @@ def system_geoip_country(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "geoip-country", data=filtered_data, vdom=vdom) + return fos.set("system", "geoip-country", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_override.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_override.py index 67169ad4d..15a47d604 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_override.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_geoip_override.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -283,9 +283,8 @@ def system_geoip_override(data, fos, check_mode=False): state = data["state"] system_geoip_override_data = data["system_geoip_override"] - filtered_data = underscore_to_hyphen( - filter_system_geoip_override_data(system_geoip_override_data) - ) + filtered_data = filter_system_geoip_override_data(system_geoip_override_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -349,7 +348,7 @@ def system_geoip_override(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "geoip-override", data=filtered_data, vdom=vdom) + return fos.set("system", "geoip-override", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gi_gk.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gi_gk.py index 0a6ea42b3..870d4ce7c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gi_gk.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gi_gk.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -207,9 +207,10 @@ def underscore_to_hyphen(data): def system_gi_gk(data, fos): vdom = data["vdom"] system_gi_gk_data = data["system_gi_gk"] - filtered_data = underscore_to_hyphen(filter_system_gi_gk_data(system_gi_gk_data)) + filtered_data = filter_system_gi_gk_data(system_gi_gk_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "gi-gk", data=filtered_data, vdom=vdom) + return fos.set("system", "gi-gk", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -241,15 +242,15 @@ def fortios_system(data, fos): versioned_schema = { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "dict", "children": { "context": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, "port": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "integer", }, }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_global.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_global.py index d7ec79eb3..419429593 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_global.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_global.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -204,7 +204,7 @@ options: - 'disable' admin_scp: description: - - Enable/disable using SCP to download the system configuration. You can use SCP as an alternative method for backing up the configuration. + - Enable/disable SCP support for system configuration backup, restore, and firmware file upload. type: str choices: - 'enable' @@ -355,6 +355,10 @@ options: choices: - 'enable' - 'disable' + bfd_affinity: + description: + - Affinity setting for BFD daemon (hexadecimal value up to 256 bits in the format of xxxxxxxxxxxxxxxx). + type: str block_session_timer: description: - Duration in seconds for blocked sessions (1 - 300 sec (5 minutes)). @@ -603,6 +607,13 @@ options: choices: - 'enable' - 'disable' + fortigslb_integration: + description: + - Enable/disable integration with the FortiGSLB cloud service. + type: str + choices: + - 'disable' + - 'enable' fortiipam_integration: description: - Enable/disable integration with the FortiIPAM cloud service. @@ -1233,6 +1244,20 @@ options: description: - Proxy worker count. type: int + purdue_level: + description: + - Purdue Level of this FortiGate. + type: str + choices: + - '1' + - '1.5' + - '2' + - '2.5' + - '3' + - '3.5' + - '4' + - '5' + - '5.5' quic_ack_thresold: description: - Maximum number of unacknowledged packets before sending ACK (2 - 5). @@ -1364,11 +1389,43 @@ options: choices: - 'enable' - 'disable' + speedtestd_ctrl_port: + description: + - Speedtest server controller port number. + type: int + speedtestd_server_port: + description: + - Speedtest server port number. + type: int split_port: description: - Split port(s) to multiple 10Gbps ports. type: list elements: str + split_port_mode: + description: + - Configure split port mode of ports. + type: list + elements: dict + suboptions: + interface: + description: + - Split port interface. + required: true + type: str + split_mode: + description: + - The configuration mode for the split port interface. + type: str + choices: + - 'disable' + - '4x10G' + - '4x25G' + - '4x50G' + - '8x25G' + - '8x50G' + - '4x100G' + - '2x200G' ssd_trim_date: description: - Date within a month to run ssd trim. @@ -1439,6 +1496,10 @@ options: choices: - 'enable' - 'disable' + ssh_hostkey: + description: + - Config SSH host key. + type: str ssh_hostkey_algo: description: - Select one or more SSH hostkey algorithms. @@ -1447,9 +1508,22 @@ options: choices: - 'ssh-rsa' - 'ecdsa-sha2-nistp521' + - 'ecdsa-sha2-nistp384' + - 'ecdsa-sha2-nistp256' - 'rsa-sha2-256' - 'rsa-sha2-512' - 'ssh-ed25519' + ssh_hostkey_override: + description: + - Enable/disable SSH host key override in SSH daemon. + type: str + choices: + - 'disable' + - 'enable' + ssh_hostkey_password: + description: + - Password for ssh-hostkey. + type: str ssh_kex_algo: description: - Select one or more SSH kex algorithms. @@ -1630,98 +1704,8 @@ options: - 'disable' timezone: description: - - Number corresponding to your time zone from 00 to 86. Enter set timezone ? to view the list of time zones and the numbers that represent - them. - type: str - choices: - - '01' - - '02' - - '03' - - '04' - - '05' - - '81' - - '06' - - '07' - - '08' - - '09' - - '10' - - '11' - - '12' - - '13' - - '74' - - '14' - - '77' - - '15' - - '87' - - '16' - - '17' - - '18' - - '19' - - '20' - - '75' - - '21' - - '22' - - '23' - - '24' - - '80' - - '79' - - '25' - - '26' - - '27' - - '28' - - '78' - - '29' - - '30' - - '31' - - '32' - - '33' - - '34' - - '35' - - '36' - - '37' - - '38' - - '83' - - '84' - - '40' - - '85' - - '39' - - '41' - - '42' - - '43' - - '44' - - '45' - - '46' - - '47' - - '51' - - '48' - - '49' - - '50' - - '52' - - '53' - - '54' - - '55' - - '56' - - '57' - - '58' - - '59' - - '60' - - '61' - - '62' - - '63' - - '64' - - '65' - - '66' - - '67' - - '68' - - '69' - - '70' - - '71' - - '72' - - '00' - - '82' - - '73' - - '86' - - '76' + - Timezone database name. Enter ? to view the list of timezone. Source system.timezone.name. + type: str tp_mc_skip_policy: description: - Enable/disable skip policy check and allow multicast through. @@ -1825,6 +1809,13 @@ options: choices: - 'disable' - 'enable' + virtual_switch_vlan: + description: + - Enable/disable virtual switch VLAN. + type: str + choices: + - 'enable' + - 'disable' vpn_ems_sn_check: description: - Enable/disable verification of EMS serial number in SSL-VPN and IPsec VPN connection. @@ -1954,6 +1945,7 @@ EXAMPLES = """ av_failopen: "pass" av_failopen_session: "enable" batch_cmdb: "enable" + bfd_affinity: "<your_own_value>" block_session_timer: "30" br_fdb_max_entry: "8192" cert_chain_max: "8" @@ -1995,6 +1987,7 @@ EXAMPLES = """ fortiextender_discovery_lockdown: "disable" fortiextender_provision_on_authorization: "enable" fortiextender_vlan_mode: "enable" + fortigslb_integration: "disable" fortiipam_integration: "enable" fortiservice_port: "8013" fortitoken_cloud: "enable" @@ -2034,7 +2027,7 @@ EXAMPLES = """ internet_service_database: "mini" internet_service_download_list: - - id: "126 (source firewall.internet-service.id)" + id: "128 (source firewall.internet-service.id)" interval: "5" ip_fragment_mem_thresholds: "32" ip_src_port_range: "<your_own_value>" @@ -2065,7 +2058,7 @@ EXAMPLES = """ management_port: "443" management_port_use_admin_sport: "enable" management_vdom: "<your_own_value> (source system.vdom.name)" - max_dlpstat_memory: "157" + max_dlpstat_memory: "159" max_route_cache_size: "0" mc_ttl_notchange: "enable" memory_use_threshold_extreme: "95" @@ -2095,6 +2088,7 @@ EXAMPLES = """ proxy_re_authentication_time: "30" proxy_resource_mode: "enable" proxy_worker_count: "0" + purdue_level: "1" quic_ack_thresold: "3" quic_congestion_control_algo: "cubic" quic_max_datagram_size: "1500" @@ -2117,7 +2111,13 @@ EXAMPLES = """ snat_route_change: "enable" special_file_23_support: "disable" speedtest_server: "enable" + speedtestd_ctrl_port: "5200" + speedtestd_server_port: "5201" split_port: "<your_own_value>" + split_port_mode: + - + interface: "<your_own_value>" + split_mode: "disable" ssd_trim_date: "1" ssd_trim_freq: "never" ssd_trim_hour: "1" @@ -2126,7 +2126,10 @@ EXAMPLES = """ ssh_cbc_cipher: "enable" ssh_enc_algo: "chacha20-poly1305@openssh.com" ssh_hmac_md5: "enable" + ssh_hostkey: "myhostname" ssh_hostkey_algo: "ssh-rsa" + ssh_hostkey_override: "disable" + ssh_hostkey_password: "myhostname" ssh_kex_algo: "diffie-hellman-group1-sha1" ssh_kex_sha1: "enable" ssh_mac_algo: "hmac-md5" @@ -2151,7 +2154,7 @@ EXAMPLES = """ tcp_rst_timer: "5" tcp_timewait_timer: "1" tftp: "enable" - timezone: "01" + timezone: "<your_own_value> (source system.timezone.name)" tp_mc_skip_policy: "enable" traffic_priority: "tos" traffic_priority_level: "low" @@ -2163,15 +2166,16 @@ EXAMPLES = """ udp_idle_timer: "180" url_filter_affinity: "<your_own_value>" url_filter_count: "1" - user_device_store_max_devices: "20921" - user_device_store_max_unified_mem: "104609177" - user_device_store_max_users: "20921" + user_device_store_max_devices: "20911" + user_device_store_max_unified_mem: "104558182" + user_device_store_max_users: "20911" user_server_cert: "<your_own_value> (source certificate.local.name)" vdom_admin: "enable" vdom_mode: "no-vdom" vip_arp_range: "unlimited" virtual_server_count: "20" virtual_server_hardware_acceleration: "disable" + virtual_switch_vlan: "enable" vpn_ems_sn_check: "enable" wad_affinity: "<your_own_value>" wad_csvc_cs_count: "1" @@ -2314,6 +2318,7 @@ def filter_system_global_data(json): "av_failopen", "av_failopen_session", "batch_cmdb", + "bfd_affinity", "block_session_timer", "br_fdb_max_entry", "cert_chain_max", @@ -2355,6 +2360,7 @@ def filter_system_global_data(json): "fortiextender_discovery_lockdown", "fortiextender_provision_on_authorization", "fortiextender_vlan_mode", + "fortigslb_integration", "fortiipam_integration", "fortiservice_port", "fortitoken_cloud", @@ -2453,6 +2459,7 @@ def filter_system_global_data(json): "proxy_re_authentication_time", "proxy_resource_mode", "proxy_worker_count", + "purdue_level", "quic_ack_thresold", "quic_congestion_control_algo", "quic_max_datagram_size", @@ -2475,7 +2482,10 @@ def filter_system_global_data(json): "snat_route_change", "special_file_23_support", "speedtest_server", + "speedtestd_ctrl_port", + "speedtestd_server_port", "split_port", + "split_port_mode", "ssd_trim_date", "ssd_trim_freq", "ssd_trim_hour", @@ -2484,7 +2494,10 @@ def filter_system_global_data(json): "ssh_cbc_cipher", "ssh_enc_algo", "ssh_hmac_md5", + "ssh_hostkey", "ssh_hostkey_algo", + "ssh_hostkey_override", + "ssh_hostkey_password", "ssh_kex_algo", "ssh_kex_sha1", "ssh_mac_algo", @@ -2530,6 +2543,7 @@ def filter_system_global_data(json): "vip_arp_range", "virtual_server_count", "virtual_server_hardware_acceleration", + "virtual_switch_vlan", "vpn_ems_sn_check", "wad_affinity", "wad_csvc_cs_count", @@ -2611,9 +2625,10 @@ def system_global(data, fos): vdom = data["vdom"] system_global_data = data["system_global"] system_global_data = flatten_multilists_attributes(system_global_data) - filtered_data = underscore_to_hyphen(filter_system_global_data(system_global_data)) + filtered_data = filter_system_global_data(system_global_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "global", data=filtered_data, vdom=vdom) + return fos.set("system", "global", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -2789,32 +2804,41 @@ versioned_schema = { "admintimeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "admin_console_timeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "ssd_trim_freq": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ - {"value": "never"}, - {"value": "hourly"}, - {"value": "daily"}, - {"value": "weekly"}, - {"value": "monthly"}, + {"value": "never", "v_range": [["v6.0.0", ""]]}, + {"value": "hourly", "v_range": [["v6.0.0", ""]]}, + {"value": "daily", "v_range": [["v6.0.0", ""]]}, + {"value": "weekly", "v_range": [["v6.0.0", ""]]}, + {"value": "monthly", "v_range": [["v6.0.0", ""]]}, ], }, - "ssd_trim_hour": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "ssd_trim_min": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "ssd_trim_hour": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "ssd_trim_min": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, "ssd_trim_weekday": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ - {"value": "sunday"}, - {"value": "monday"}, - {"value": "tuesday"}, - {"value": "wednesday"}, - {"value": "thursday"}, - {"value": "friday"}, - {"value": "saturday"}, + {"value": "sunday", "v_range": [["v6.0.0", ""]]}, + {"value": "monday", "v_range": [["v6.0.0", ""]]}, + {"value": "tuesday", "v_range": [["v6.0.0", ""]]}, + {"value": "wednesday", "v_range": [["v6.0.0", ""]]}, + {"value": "thursday", "v_range": [["v6.0.0", ""]]}, + {"value": "friday", "v_range": [["v6.0.0", ""]]}, + {"value": "saturday", "v_range": [["v6.0.0", ""]]}, ], }, - "ssd_trim_date": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "ssd_trim_date": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, "admin_concurrent": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -2825,6 +2849,21 @@ versioned_schema = { "refresh": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "failtime": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "purdue_level": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "1"}, + {"value": "1.5"}, + {"value": "2"}, + {"value": "2.5"}, + {"value": "3"}, + {"value": "3.5"}, + {"value": "4"}, + {"value": "5"}, + {"value": "5.5"}, + ], + }, "daily_restart": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -2839,6 +2878,8 @@ versioned_schema = { "wad_restart_start_time": {"v_range": [["v7.2.4", ""]], "type": "string"}, "wad_restart_end_time": {"v_range": [["v7.2.4", ""]], "type": "string"}, "radius_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "speedtestd_server_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "speedtestd_ctrl_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "admin_login_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "remoteauthtimeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "ldapconntimeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, @@ -2868,100 +2909,7 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "timezone": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [ - {"value": "01"}, - {"value": "02"}, - {"value": "03"}, - {"value": "04"}, - {"value": "05"}, - {"value": "81"}, - {"value": "06"}, - {"value": "07"}, - {"value": "08"}, - {"value": "09"}, - {"value": "10"}, - {"value": "11"}, - {"value": "12"}, - {"value": "13"}, - {"value": "74"}, - {"value": "14"}, - {"value": "77"}, - {"value": "15"}, - {"value": "87"}, - {"value": "16"}, - {"value": "17"}, - {"value": "18"}, - {"value": "19"}, - {"value": "20"}, - {"value": "75"}, - {"value": "21"}, - {"value": "22"}, - {"value": "23"}, - {"value": "24"}, - {"value": "80"}, - {"value": "79"}, - {"value": "25"}, - {"value": "26"}, - {"value": "27"}, - {"value": "28"}, - {"value": "78"}, - {"value": "29"}, - {"value": "30"}, - {"value": "31"}, - {"value": "32"}, - {"value": "33"}, - {"value": "34"}, - {"value": "35"}, - {"value": "36"}, - {"value": "37"}, - {"value": "38"}, - {"value": "83"}, - {"value": "84"}, - {"value": "40"}, - {"value": "85"}, - {"value": "39"}, - {"value": "41"}, - {"value": "42"}, - {"value": "43"}, - {"value": "44"}, - {"value": "45"}, - {"value": "46"}, - {"value": "47"}, - {"value": "51"}, - {"value": "48"}, - {"value": "49"}, - {"value": "50"}, - {"value": "52"}, - {"value": "53"}, - {"value": "54"}, - {"value": "55"}, - {"value": "56"}, - {"value": "57"}, - {"value": "58"}, - {"value": "59"}, - {"value": "60"}, - {"value": "61"}, - {"value": "62"}, - {"value": "63"}, - {"value": "64"}, - {"value": "65"}, - {"value": "66"}, - {"value": "67"}, - {"value": "68"}, - {"value": "69"}, - {"value": "70"}, - {"value": "71"}, - {"value": "72"}, - {"value": "00"}, - {"value": "82"}, - {"value": "73"}, - {"value": "86"}, - {"value": "76"}, - ], - }, + "timezone": {"v_range": [["v6.0.0", ""]], "type": "string"}, "traffic_priority": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -3112,6 +3060,8 @@ versioned_schema = { "options": [ {"value": "ssh-rsa"}, {"value": "ecdsa-sha2-nistp521"}, + {"value": "ecdsa-sha2-nistp384", "v_range": [["v7.4.2", ""]]}, + {"value": "ecdsa-sha2-nistp256", "v_range": [["v7.4.2", ""]]}, {"value": "rsa-sha2-256"}, {"value": "rsa-sha2-512"}, {"value": "ssh-ed25519"}, @@ -3119,6 +3069,13 @@ versioned_schema = { "multiple_values": True, "elements": "str", }, + "ssh_hostkey_override": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "ssh_hostkey_password": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "ssh_hostkey": {"v_range": [["v7.4.2", ""]], "type": "string"}, "snat_route_change": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -3536,10 +3493,14 @@ versioned_schema = { }, "arp_max_entry": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "ha_affinity": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "bfd_affinity": {"v_range": [["v7.4.2", ""]], "type": "string"}, "cmdbsvr_affinity": {"v_range": [["v7.0.1", ""]], "type": "string"}, "av_affinity": {"v_range": [["v6.0.0", ""]], "type": "string"}, "wad_affinity": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "ips_affinity": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "ips_affinity": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "string", + }, "miglog_affinity": {"v_range": [["v6.0.0", ""]], "type": "string"}, "syslog_affinity": {"v_range": [["v7.2.4", ""]], "type": "string"}, "url_filter_affinity": {"v_range": [["v6.2.0", ""]], "type": "string"}, @@ -3568,11 +3529,6 @@ versioned_schema = { }, ], }, - "ipsec_soft_dec_async": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, "device_idle_timeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "user_device_store_max_devices": { "v_range": [["v6.4.4", ""]], @@ -3705,8 +3661,13 @@ versioned_schema = { "options": [{"value": "disable"}, {"value": "enable"}], }, "sflowd_max_children_num": {"v_range": [["v7.2.4", ""]], "type": "integer"}, + "fortigslb_integration": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, "split_port": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "list", "multiple_values": True, "elements": "str", @@ -3745,6 +3706,42 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "virtual_switch_vlan": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "split_port_mode": { + "type": "list", + "elements": "dict", + "children": { + "interface": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + }, + "split_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "disable"}, + {"value": "4x10G"}, + {"value": "4x25G"}, + {"value": "4x50G"}, + {"value": "8x25G"}, + {"value": "8x50G"}, + {"value": "4x100G"}, + {"value": "2x200G"}, + ], + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "ipsec_soft_dec_async": { + "v_range": [["v6.0.0", "v7.4.1"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "gui_allow_default_hostname": { "v_range": [["v6.2.0", "v7.4.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gre_tunnel.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gre_tunnel.py index a1bdf2013..3cdee19e7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gre_tunnel.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_gre_tunnel.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -88,6 +88,13 @@ options: default: null type: dict suboptions: + auto_asic_offload: + description: + - Enable/disable automatic ASIC offloading. + type: str + choices: + - 'enable' + - 'disable' checksum_reception: description: - Enable/disable validating checksums in received GRE packets. @@ -191,6 +198,7 @@ EXAMPLES = """ state: "present" access_token: "<your_own_value>" system_gre_tunnel: + auto_asic_offload: "enable" checksum_reception: "disable" checksum_transmission: "disable" diffservcode: "<your_own_value>" @@ -203,7 +211,7 @@ EXAMPLES = """ key_outbound: "0" local_gw: "<your_own_value>" local_gw6: "<your_own_value>" - name: "default_name_15" + name: "default_name_16" remote_gw: "<your_own_value>" remote_gw6: "<your_own_value>" sequence_number_reception: "disable" @@ -301,6 +309,7 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.compariso def filter_system_gre_tunnel_data(json): option_list = [ + "auto_asic_offload", "checksum_reception", "checksum_transmission", "diffservcode", @@ -350,9 +359,8 @@ def system_gre_tunnel(data, fos, check_mode=False): state = data["state"] system_gre_tunnel_data = data["system_gre_tunnel"] - filtered_data = underscore_to_hyphen( - filter_system_gre_tunnel_data(system_gre_tunnel_data) - ) + filtered_data = filter_system_gre_tunnel_data(system_gre_tunnel_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -416,7 +424,7 @@ def system_gre_tunnel(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "gre-tunnel", data=filtered_data, vdom=vdom) + return fos.set("system", "gre-tunnel", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "gre-tunnel", mkey=filtered_data["name"], vdom=vdom) @@ -577,6 +585,11 @@ versioned_schema = { "diffservcode": {"v_range": [["v6.2.0", ""]], "type": "string"}, "keepalive_interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "keepalive_failtimes": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "auto_asic_offload": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha.py index af4bb8263..adf6f5586 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -225,6 +225,27 @@ options: choices: - 'enable' - 'disable' + ipsec_phase2_proposal: + description: + - IPsec phase2 proposal. + type: list + elements: str + choices: + - 'aes128-sha1' + - 'aes128-sha256' + - 'aes128-sha384' + - 'aes128-sha512' + - 'aes192-sha1' + - 'aes192-sha256' + - 'aes192-sha384' + - 'aes192-sha512' + - 'aes256-sha1' + - 'aes256-sha256' + - 'aes256-sha384' + - 'aes256-sha512' + - 'aes128gcm' + - 'aes256gcm' + - 'chacha20poly1305' key: description: - Key. @@ -607,6 +628,10 @@ options: description: - Remote IP monitoring failover threshold (0 - 50). type: int + pingserver_flip_timeout: + description: + - Time to wait in minutes before renegotiating after a remote IP monitoring failover. + type: int pingserver_monitor_interface: description: - Interfaces to check for remote IP monitoring. Source system.interface.name. @@ -710,6 +735,7 @@ EXAMPLES = """ http_proxy_threshold: "<your_own_value>" imap_proxy_threshold: "<your_own_value>" inter_cluster_session_sync: "enable" + ipsec_phase2_proposal: "aes128-sha1" key: "<your_own_value>" l2ep_eth_type: "<your_own_value>" link_failed_signal: "enable" @@ -769,7 +795,7 @@ EXAMPLES = """ unicast_hb_peerip: "<your_own_value>" unicast_peers: - - id: "91" + id: "92" peer_ip: "<your_own_value>" unicast_status: "enable" uninterruptible_primary_wait: "30" @@ -781,6 +807,7 @@ EXAMPLES = """ override: "enable" override_wait_time: "0" pingserver_failover_threshold: "0" + pingserver_flip_timeout: "60" pingserver_monitor_interface: "<your_own_value> (source system.interface.name)" pingserver_secondary_force_reset: "enable" pingserver_slave_force_reset: "enable" @@ -788,7 +815,7 @@ EXAMPLES = """ vcluster_id: "<you_own_value>" vdom: - - name: "default_name_108 (source system.vdom.name)" + name: "default_name_110 (source system.vdom.name)" vcluster_id: "0" vcluster_status: "enable" vcluster2: "enable" @@ -902,6 +929,7 @@ def filter_system_ha_data(json): "http_proxy_threshold", "imap_proxy_threshold", "inter_cluster_session_sync", + "ipsec_phase2_proposal", "key", "l2ep_eth_type", "link_failed_signal", @@ -998,6 +1026,7 @@ def flatten_multilists_attributes(data): ["pingserver_monitor_interface"], ["vcluster", "monitor"], ["vcluster", "pingserver_monitor_interface"], + ["ipsec_phase2_proposal"], ["secondary_vcluster", "monitor"], ["secondary_vcluster", "pingserver_monitor_interface"], ] @@ -1025,9 +1054,10 @@ def system_ha(data, fos): vdom = data["vdom"] system_ha_data = data["system_ha"] system_ha_data = flatten_multilists_attributes(system_ha_data) - filtered_data = underscore_to_hyphen(filter_system_ha_data(system_ha_data)) + filtered_data = filter_system_ha_data(system_ha_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ha", data=filtered_data, vdom=vdom) + return fos.set("system", "ha", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -1377,6 +1407,10 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "pingserver_flip_timeout": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, "vdom": { "type": "list", "elements": "dict", @@ -1403,9 +1437,12 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "ssd_failover": { - "v_range": [["v6.2.0", ""]], + "v_range": [["v6.2.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable", "v_range": [["v6.2.0", ""]]}, + {"value": "disable", "v_range": [["v6.2.0", ""]]}, + ], }, "memory_compatible_mode": { "v_range": [["v6.0.0", ""]], @@ -1428,6 +1465,29 @@ versioned_schema = { "type": "integer", }, "failover_hold_time": {"v_range": [["v7.0.0", ""]], "type": "integer"}, + "ipsec_phase2_proposal": { + "v_range": [["v7.4.2", ""]], + "type": "list", + "options": [ + {"value": "aes128-sha1"}, + {"value": "aes128-sha256"}, + {"value": "aes128-sha384"}, + {"value": "aes128-sha512"}, + {"value": "aes192-sha1"}, + {"value": "aes192-sha256"}, + {"value": "aes192-sha384"}, + {"value": "aes192-sha512"}, + {"value": "aes256-sha1"}, + {"value": "aes256-sha256"}, + {"value": "aes256-sha384"}, + {"value": "aes256-sha512"}, + {"value": "aes128gcm"}, + {"value": "aes256gcm"}, + {"value": "chacha20poly1305"}, + ], + "multiple_values": True, + "elements": "str", + }, "uninterruptible_upgrade": { "v_range": [["v6.0.0", "v7.4.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha_monitor.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha_monitor.py index e3f8b92f2..0acadf59c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha_monitor.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ha_monitor.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -215,11 +215,10 @@ def underscore_to_hyphen(data): def system_ha_monitor(data, fos): vdom = data["vdom"] system_ha_monitor_data = data["system_ha_monitor"] - filtered_data = underscore_to_hyphen( - filter_system_ha_monitor_data(system_ha_monitor_data) - ) + filtered_data = filter_system_ha_monitor_data(system_ha_monitor_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ha-monitor", data=filtered_data, vdom=vdom) + return fos.set("system", "ha-monitor", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ike.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ike.py index b7ceac35e..69b42f962 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ike.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ike.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -745,9 +745,10 @@ def underscore_to_hyphen(data): def system_ike(data, fos): vdom = data["vdom"] system_ike_data = data["system_ike"] - filtered_data = underscore_to_hyphen(filter_system_ike_data(system_ike_data)) + filtered_data = filter_system_ike_data(system_ike_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ike", data=filtered_data, vdom=vdom) + return fos.set("system", "ike", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py index a1ee1706b..ae4f0e1d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_interface.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -690,6 +690,16 @@ options: description: - Transparent mode forward domain. type: int + forward_error_correction: + description: + - Configure forward error correction (FEC). + type: str + choices: + - 'none' + - 'disable' + - 'cl91-rs-fec' + - 'cl74-fc-fec' + - 'auto' gi_gk: description: - Enable/disable Gi Gatekeeper. @@ -763,6 +773,14 @@ options: description: - Ingress Spillover threshold (0 - 16776000 kbps), 0 means unlimited. type: int + interconnect_profile: + description: + - Set interconnect profile. + type: str + choices: + - 'default' + - 'profile1' + - 'profile2' interface: description: - Interface name. Source system.interface.name. @@ -1201,6 +1219,13 @@ options: description: - Advertisement interval (1 - 255 seconds). type: int + ignore_default_route: + description: + - Enable/disable ignoring of default route when checking destination. + type: str + choices: + - 'enable' + - 'disable' preempt: description: - Enable/disable preempt mode. @@ -1358,6 +1383,21 @@ options: - Select SFP media interface type type: str choices: + - 'none' + - 'gmii' + - 'sgmii' + - 'sr' + - 'lr' + - 'cr' + - 'sr2' + - 'lr2' + - 'cr2' + - 'sr4' + - 'lr4' + - 'cr4' + - 'sr8' + - 'lr8' + - 'cr8' - 'cfp2-sr10' - 'cfp2-lr4' member: @@ -1382,6 +1422,43 @@ options: choices: - 'operational' - 'administrative' + mirroring_direction: + description: + - Port mirroring direction. + type: str + choices: + - 'rx' + - 'tx' + - 'both' + mirroring_filter: + description: + - Mirroring filter. + type: dict + suboptions: + filter_dport: + description: + - Destinatin port of mirroring filter. + type: int + filter_dstip: + description: + - Destinatin IP and mask of mirroring filter. + type: str + filter_protocol: + description: + - Protocol of mirroring filter. + type: int + filter_sport: + description: + - Source port of mirroring filter. + type: int + filter_srcip: + description: + - Source IP and mask of mirroring filter. + type: str + mirroring_port: + description: + - Mirroring port. Source system.interface.name. + type: str mode: description: - Addressing mode (static, DHCP, PPPoE). @@ -1436,6 +1513,10 @@ options: - 'tx' - 'rx' - 'both' + np_qos_profile: + description: + - NP QoS profile ID. + type: int outbandwidth: description: - Bandwidth limit for outgoing traffic (0 - 80000000 kbps). @@ -1456,6 +1537,13 @@ options: description: - sFlow polling interval in seconds (1 - 255). type: int + port_mirroring: + description: + - Enable/disable NP port mirroring. + type: str + choices: + - 'disable' + - 'enable' pppoe_unnumbered_negotiate: description: - Enable/disable PPPoE unnumbered negotiation. @@ -1648,6 +1736,30 @@ options: - DHCP relay IP address. type: list elements: str + security_8021x_dynamic_vlan_id: + description: + - VLAN ID for virtual switch. + type: int + security_8021x_master: + description: + - 802.1X master virtual-switch. + type: str + security_8021x_member_mode: + description: + - 802.1X member mode. + type: str + choices: + - 'switch' + - 'disable' + security_8021x_mode: + description: + - 802.1X mode. + type: str + choices: + - 'default' + - 'dynamic-vlan' + - 'fallback' + - 'slave' security_exempt_list: description: - Name of security-exempt-list. @@ -1722,7 +1834,19 @@ options: - '10000auto' - '40000full' - '40000auto' + - '100auto' + - '2500auto' + - '5000auto' + - '25000full' + - '25000auto' + - '50000full' + - '50000auto' - '100Gfull' + - '100Gauto' + - '200Gfull' + - '200Gauto' + - '400Gfull' + - '400Gauto' - '1000half' spillover_threshold: description: @@ -1749,6 +1873,13 @@ options: choices: - 'disable' - 'enable' + stp_edge: + description: + - Enable/disable as STP edge port. + type: str + choices: + - 'disable' + - 'enable' stp_ha_secondary: description: - Control STP behavior on HA secondary. @@ -1987,6 +2118,13 @@ options: description: - TCP maximum segment size. 0 means do not change segment size. type: int + trunk: + description: + - Enable/disable VLAN trunk. + type: str + choices: + - 'enable' + - 'disable' trust_ip_1: description: - Trusted host for dedicated management traffic (0.0.0.0/24 for all hosts). @@ -2295,6 +2433,7 @@ EXAMPLES = """ fortilink_split_interface: "enable" fortilink_stacking: "enable" forward_domain: "0" + forward_error_correction: "none" gi_gk: "enable" gwdetect: "enable" ha_priority: "1" @@ -2307,6 +2446,7 @@ EXAMPLES = """ ingress_cos: "disable" ingress_shaping_profile: "<your_own_value> (source firewall.shaping-profile.profile-name)" ingress_spillover_threshold: "0" + interconnect_profile: "default" interface: "<your_own_value> (source system.interface.name)" internal: "0" ip: "<your_own_value>" @@ -2336,7 +2476,7 @@ EXAMPLES = """ dhcp6_relay_source_ip: "<your_own_value>" dhcp6_relay_type: "regular" icmp6_send_redirect: "enable" - interface_identifier: "myId_145" + interface_identifier: "myId_147" ip6_address: "<your_own_value>" ip6_allowaccess: "ping" ip6_default_life: "1800" @@ -2393,6 +2533,7 @@ EXAMPLES = """ - accept_mode: "enable" adv_interval: "1" + ignore_default_route: "enable" preempt: "enable" priority: "100" start_time: "3" @@ -2415,30 +2556,40 @@ EXAMPLES = """ macaddr: "<your_own_value>" managed_device: - - name: "default_name_218" + name: "default_name_221" managed_subnetwork_size: "32" management_ip: "<your_own_value>" measured_downstream_bandwidth: "0" measured_upstream_bandwidth: "0" - mediatype: "cfp2-sr10" + mediatype: "none" member: - interface_name: "<your_own_value> (source system.interface.name)" min_links: "1" min_links_down: "operational" + mirroring_direction: "rx" + mirroring_filter: + filter_dport: "0" + filter_dstip: "<your_own_value>" + filter_protocol: "0" + filter_sport: "0" + filter_srcip: "<your_own_value>" + mirroring_port: "<your_own_value> (source system.interface.name)" mode: "static" monitor_bandwidth: "enable" mtu: "1500" mtu_override: "enable" - name: "default_name_232" + name: "default_name_243" ndiscforward: "enable" netbios_forward: "disable" netflow_sampler: "disable" + np_qos_profile: "0" outbandwidth: "0" padt_retry_timeout: "1" password: "<your_own_value>" ping_serv_status: "0" polling_interval: "20" + port_mirroring: "disable" pppoe_unnumbered_negotiate: "enable" pptp_auth_type: "auto" pptp_client: "enable" @@ -2468,16 +2619,20 @@ EXAMPLES = """ detectserver: "<your_own_value>" gwdetect: "enable" ha_priority: "1" - id: "269" + id: "282" ip: "<your_own_value>" ping_serv_status: "0" secip_relay_ip: "<your_own_value>" + security_8021x_dynamic_vlan_id: "0" + security_8021x_master: "<your_own_value>" + security_8021x_member_mode: "switch" + security_8021x_mode: "default" security_exempt_list: "<your_own_value>" security_external_logout: "<your_own_value>" security_external_web: "<your_own_value>" security_groups: - - name: "default_name_277 (source user.group.name)" + name: "default_name_294 (source user.group.name)" security_mac_auth_bypass: "mac-auth-only" security_mode: "none" security_redirect_url: "<your_own_value>" @@ -2489,6 +2644,7 @@ EXAMPLES = """ src_check: "enable" status: "up" stp: "disable" + stp_edge: "disable" stp_ha_secondary: "disable" stp_ha_slave: "disable" stpforward: "enable" @@ -2525,11 +2681,12 @@ EXAMPLES = """ tagging: - category: "<your_own_value> (source system.object-tagging.category)" - name: "default_name_324" + name: "default_name_342" tags: - - name: "default_name_326 (source system.object-tagging.tags.name)" + name: "default_name_344 (source system.object-tagging.tags.name)" tcp_mss: "0" + trunk: "enable" trust_ip_1: "<your_own_value>" trust_ip_2: "<your_own_value>" trust_ip_3: "<your_own_value>" @@ -2553,7 +2710,7 @@ EXAMPLES = """ priority: "100" proxy_arp: - - id: "349" + id: "368" ip: "<your_own_value>" start_time: "3" status: "enable" @@ -2745,6 +2902,7 @@ def filter_system_interface_data(json): "fortilink_split_interface", "fortilink_stacking", "forward_domain", + "forward_error_correction", "gi_gk", "gwdetect", "ha_priority", @@ -2757,6 +2915,7 @@ def filter_system_interface_data(json): "ingress_cos", "ingress_shaping_profile", "ingress_spillover_threshold", + "interconnect_profile", "interface", "internal", "ip", @@ -2786,6 +2945,9 @@ def filter_system_interface_data(json): "member", "min_links", "min_links_down", + "mirroring_direction", + "mirroring_filter", + "mirroring_port", "mode", "monitor_bandwidth", "mtu", @@ -2794,11 +2956,13 @@ def filter_system_interface_data(json): "ndiscforward", "netbios_forward", "netflow_sampler", + "np_qos_profile", "outbandwidth", "padt_retry_timeout", "password", "ping_serv_status", "polling_interval", + "port_mirroring", "pppoe_unnumbered_negotiate", "pptp_auth_type", "pptp_client", @@ -2822,6 +2986,10 @@ def filter_system_interface_data(json): "scan_botnet_connections", "secondary_IP", "secondaryip", + "security_8021x_dynamic_vlan_id", + "security_8021x_master", + "security_8021x_member_mode", + "security_8021x_mode", "security_exempt_list", "security_external_logout", "security_external_web", @@ -2837,6 +3005,7 @@ def filter_system_interface_data(json): "src_check", "status", "stp", + "stp_edge", "stp_ha_secondary", "stp_ha_slave", "stpforward", @@ -2872,6 +3041,7 @@ def filter_system_interface_data(json): "system_id_type", "tagging", "tcp_mss", + "trunk", "trust_ip_1", "trust_ip_2", "trust_ip_3", @@ -2967,9 +3137,8 @@ def system_interface(data, fos, check_mode=False): system_interface_data = data["system_interface"] system_interface_data = flatten_multilists_attributes(system_interface_data) - filtered_data = underscore_to_hyphen( - filter_system_interface_data(system_interface_data) - ) + filtered_data = filter_system_interface_data(system_interface_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -3033,7 +3202,7 @@ def system_interface(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "interface", data=filtered_data, vdom=vdom) + return fos.set("system", "interface", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "interface", mkey=filtered_data["name"], vdom=vdom) @@ -3416,14 +3585,27 @@ versioned_schema = { {"value": "10000auto"}, {"value": "40000full"}, {"value": "40000auto", "v_range": [["v7.4.0", ""]]}, + {"value": "100auto", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "2500auto", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "5000auto", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "25000full", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "25000auto", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "50000full", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "50000auto", "v_range": [["v7.4.2", "v7.4.2"]]}, { "value": "100Gfull", "v_range": [ ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], }, + {"value": "100Gauto", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "200Gfull", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "200Gauto", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "400Gfull", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "400Gauto", "v_range": [["v7.4.2", "v7.4.2"]]}, {"value": "1000half", "v_range": [["v6.0.0", "v7.0.3"]]}, ], }, @@ -3466,6 +3648,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], }, ], @@ -4375,6 +4558,11 @@ versioned_schema = { "multiple_values": True, "elements": "str", }, + "ignore_default_route": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "status": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -4412,20 +4600,31 @@ versioned_schema = { }, }, }, + "gi_gk": { + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "sw_algorithm": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "l2"}, {"value": "l3"}, {"value": "eh"}], }, "egress_queues": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "dict", "children": { "cos0": { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -4433,7 +4632,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -4441,7 +4641,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -4449,7 +4650,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -4457,7 +4659,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -4465,7 +4668,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -4473,7 +4677,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -4481,14 +4686,20 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, }, }, "ingress_cos": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [ {"value": "disable"}, @@ -4503,7 +4714,12 @@ versioned_schema = { ], }, "egress_cos": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [ {"value": "disable"}, @@ -4517,32 +4733,89 @@ versioned_schema = { {"value": "cos7"}, ], }, - "disconnect_threshold": {"v_range": [["v6.0.0", "v7.4.0"]], "type": "integer"}, "mediatype": { "v_range": [ ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", - "options": [{"value": "cfp2-sr10"}, {"value": "cfp2-lr4"}], + "options": [ + {"value": "none", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "gmii", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "sgmii", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "sr", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "lr", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "cr", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "sr2", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "lr2", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "cr2", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "sr4", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "lr4", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "cr4", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "sr8", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "lr8", "v_range": [["v7.4.2", "v7.4.2"]]}, + {"value": "cr8", "v_range": [["v7.4.2", "v7.4.2"]]}, + { + "value": "cfp2-sr10", + "v_range": [ + ["v6.0.0", "v6.2.7"], + ["v6.4.1", "v7.0.12"], + ["v7.2.1", "v7.2.4"], + ], + }, + { + "value": "cfp2-lr4", + "v_range": [ + ["v6.0.0", "v6.2.7"], + ["v6.4.1", "v7.0.12"], + ["v7.2.1", "v7.2.4"], + ], + }, + ], }, - "gi_gk": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "trunk": { + "v_range": [["v7.4.2", "v7.4.2"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "security_8021x_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "default"}, + {"value": "dynamic-vlan"}, + {"value": "fallback"}, + {"value": "slave"}, + ], + }, + "security_8021x_master": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "security_8021x_dynamic_vlan_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "security_8021x_member_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "switch"}, {"value": "disable"}], + }, "stp": { "v_range": [ ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, "stp_ha_secondary": { - "v_range": [["v7.0.0", "v7.0.12"], ["v7.2.1", "v7.2.4"]], + "v_range": [ + ["v7.0.0", "v7.0.12"], + ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], + ], "type": "string", "options": [ {"value": "disable"}, @@ -4550,6 +4823,58 @@ versioned_schema = { {"value": "priority-adjust"}, ], }, + "stp_edge": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "forward_error_correction": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "none"}, + {"value": "disable"}, + {"value": "cl91-rs-fec"}, + {"value": "cl74-fc-fec"}, + {"value": "auto"}, + ], + }, + "interconnect_profile": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "default"}, + {"value": "profile1"}, + {"value": "profile2"}, + ], + }, + "np_qos_profile": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "port_mirroring": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "mirroring_direction": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "rx"}, {"value": "tx"}, {"value": "both"}], + }, + "mirroring_port": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "mirroring_filter": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "filter_srcip": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "filter_dstip": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "filter_sport": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "filter_dport": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "filter_protocol": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + }, + "disconnect_threshold": {"v_range": [["v6.0.0", "v7.4.0"]], "type": "integer"}, "cli_conn_status": { "v_range": [["v6.0.0", "v7.0.5"], ["v7.2.0", "v7.2.0"]], "type": "integer", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipam.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipam.py index 007b3caf7..d0eea2c46 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipam.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipam.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -131,6 +131,13 @@ options: description: - Configure IPAM pool subnet, Class A - Class B subnet. type: str + require_subnet_size_match: + description: + - Enable/disable reassignment of subnets to make requested and actual sizes match. + type: str + choices: + - 'disable' + - 'enable' rules: description: - Configure IPAM allocation rules. @@ -227,20 +234,21 @@ EXAMPLES = """ description: "<your_own_value>" name: "default_name_10" subnet: "<your_own_value>" + require_subnet_size_match: "disable" rules: - description: "<your_own_value>" device: - - name: "default_name_15" + name: "default_name_16" dhcp: "enable" interface: - - name: "default_name_18" - name: "default_name_19" + name: "default_name_19" + name: "default_name_20" pool: - - name: "default_name_21 (source system.ipam.pools.name)" + name: "default_name_22 (source system.ipam.pools.name)" role: "any" server_type: "fabric-root" status: "enable" @@ -333,6 +341,7 @@ def filter_system_ipam_data(json): "manage_ssid_addresses", "pool_subnet", "pools", + "require_subnet_size_match", "rules", "server_type", "status", @@ -364,9 +373,10 @@ def underscore_to_hyphen(data): def system_ipam(data, fos): vdom = data["vdom"] system_ipam_data = data["system_ipam"] - filtered_data = underscore_to_hyphen(filter_system_ipam_data(system_ipam_data)) + filtered_data = filter_system_ipam_data(system_ipam_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ipam", data=filtered_data, vdom=vdom) + return fos.set("system", "ipam", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -419,6 +429,11 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, + "require_subnet_size_match": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, "manage_lan_addresses": { "v_range": [["v7.4.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipip_tunnel.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipip_tunnel.py index 97ce80dae..20af2cc33 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipip_tunnel.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipip_tunnel.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -263,9 +263,8 @@ def system_ipip_tunnel(data, fos, check_mode=False): state = data["state"] system_ipip_tunnel_data = data["system_ipip_tunnel"] - filtered_data = underscore_to_hyphen( - filter_system_ipip_tunnel_data(system_ipip_tunnel_data) - ) + filtered_data = filter_system_ipip_tunnel_data(system_ipip_tunnel_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -329,7 +328,7 @@ def system_ipip_tunnel(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "ipip-tunnel", data=filtered_data, vdom=vdom) + return fos.set("system", "ipip-tunnel", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips.py index 448dff5cd..4130aead1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -210,9 +210,10 @@ def underscore_to_hyphen(data): def system_ips(data, fos): vdom = data["vdom"] system_ips_data = data["system_ips"] - filtered_data = underscore_to_hyphen(filter_system_ips_data(system_ips_data)) + filtered_data = filter_system_ips_data(system_ips_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ips", data=filtered_data, vdom=vdom) + return fos.set("system", "ips", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns.py index cb2cde784..96f786cbb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -241,9 +241,8 @@ def system_ips_urlfilter_dns(data, fos, check_mode=False): state = data["state"] system_ips_urlfilter_dns_data = data["system_ips_urlfilter_dns"] - filtered_data = underscore_to_hyphen( - filter_system_ips_urlfilter_dns_data(system_ips_urlfilter_dns_data) - ) + filtered_data = filter_system_ips_urlfilter_dns_data(system_ips_urlfilter_dns_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -307,7 +306,7 @@ def system_ips_urlfilter_dns(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "ips-urlfilter-dns", data=filtered_data, vdom=vdom) + return fos.set("system", "ips-urlfilter-dns", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns6.py index 93e162334..277886834 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ips_urlfilter_dns6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -233,9 +233,10 @@ def system_ips_urlfilter_dns6(data, fos, check_mode=False): state = data["state"] system_ips_urlfilter_dns6_data = data["system_ips_urlfilter_dns6"] - filtered_data = underscore_to_hyphen( - filter_system_ips_urlfilter_dns6_data(system_ips_urlfilter_dns6_data) + filtered_data = filter_system_ips_urlfilter_dns6_data( + system_ips_urlfilter_dns6_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -299,7 +300,7 @@ def system_ips_urlfilter_dns6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "ips-urlfilter-dns6", data=filtered_data, vdom=vdom) + return fos.set("system", "ips-urlfilter-dns6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipsec_aggregate.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipsec_aggregate.py index 136ac5927..0a14183e6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipsec_aggregate.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipsec_aggregate.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -250,9 +250,8 @@ def system_ipsec_aggregate(data, fos, check_mode=False): state = data["state"] system_ipsec_aggregate_data = data["system_ipsec_aggregate"] - filtered_data = underscore_to_hyphen( - filter_system_ipsec_aggregate_data(system_ipsec_aggregate_data) - ) + filtered_data = filter_system_ipsec_aggregate_data(system_ipsec_aggregate_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -316,7 +315,7 @@ def system_ipsec_aggregate(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "ipsec-aggregate", data=filtered_data, vdom=vdom) + return fos.set("system", "ipsec-aggregate", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_neighbor_cache.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_neighbor_cache.py index 40614d64b..56737ccb9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_neighbor_cache.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_neighbor_cache.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,9 +242,10 @@ def system_ipv6_neighbor_cache(data, fos, check_mode=False): state = data["state"] system_ipv6_neighbor_cache_data = data["system_ipv6_neighbor_cache"] - filtered_data = underscore_to_hyphen( - filter_system_ipv6_neighbor_cache_data(system_ipv6_neighbor_cache_data) + filtered_data = filter_system_ipv6_neighbor_cache_data( + system_ipv6_neighbor_cache_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -308,7 +309,7 @@ def system_ipv6_neighbor_cache(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "ipv6-neighbor-cache", data=filtered_data, vdom=vdom) + return fos.set("system", "ipv6-neighbor-cache", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_tunnel.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_tunnel.py index dc33a6c30..1f294db35 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_tunnel.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ipv6_tunnel.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -263,9 +263,8 @@ def system_ipv6_tunnel(data, fos, check_mode=False): state = data["state"] system_ipv6_tunnel_data = data["system_ipv6_tunnel"] - filtered_data = underscore_to_hyphen( - filter_system_ipv6_tunnel_data(system_ipv6_tunnel_data) - ) + filtered_data = filter_system_ipv6_tunnel_data(system_ipv6_tunnel_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -329,7 +328,7 @@ def system_ipv6_tunnel(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "ipv6-tunnel", data=filtered_data, vdom=vdom) + return fos.set("system", "ipv6-tunnel", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_isf_queue_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_isf_queue_profile.py index 129f0e3f5..b4f1c00d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_isf_queue_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_isf_queue_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -287,9 +287,8 @@ def system_isf_queue_profile(data, fos, check_mode=False): state = data["state"] system_isf_queue_profile_data = data["system_isf_queue_profile"] - filtered_data = underscore_to_hyphen( - filter_system_isf_queue_profile_data(system_isf_queue_profile_data) - ) + filtered_data = filter_system_isf_queue_profile_data(system_isf_queue_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -353,7 +352,7 @@ def system_isf_queue_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "isf-queue-profile", data=filtered_data, vdom=vdom) + return fos.set("system", "isf-queue-profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -399,25 +398,45 @@ versioned_schema = { "elements": "dict", "children": { "name": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "required": True, }, "guaranteed_bandwidth": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "integer", }, "maximum_bandwidth": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "integer", }, "bandwidth_unit": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "kbps"}, {"value": "pps"}], }, "burst_bps_granularity": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "disable"}, @@ -431,7 +450,7 @@ versioned_schema = { ], }, "burst_pps_granularity": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "disable"}, @@ -450,7 +469,12 @@ versioned_schema = { "options": [{"value": "disable"}, {"value": "enable"}], }, }, - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_link_monitor.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_link_monitor.py index 57f3b9d94..101445feb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_link_monitor.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_link_monitor.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -547,9 +547,8 @@ def system_link_monitor(data, fos, check_mode=False): system_link_monitor_data = data["system_link_monitor"] system_link_monitor_data = flatten_multilists_attributes(system_link_monitor_data) - filtered_data = underscore_to_hyphen( - filter_system_link_monitor_data(system_link_monitor_data) - ) + filtered_data = filter_system_link_monitor_data(system_link_monitor_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -613,7 +612,7 @@ def system_link_monitor(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "link-monitor", data=filtered_data, vdom=vdom) + return fos.set("system", "link-monitor", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lldp_network_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lldp_network_policy.py index f70e735bd..f752a5a07 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lldp_network_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lldp_network_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -545,9 +545,10 @@ def system_lldp_network_policy(data, fos, check_mode=False): state = data["state"] system_lldp_network_policy_data = data["system_lldp_network_policy"] - filtered_data = underscore_to_hyphen( - filter_system_lldp_network_policy_data(system_lldp_network_policy_data) + filtered_data = filter_system_lldp_network_policy_data( + system_lldp_network_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -611,7 +612,7 @@ def system_lldp_network_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.lldp", "network-policy", data=filtered_data, vdom=vdom) + return fos.set("system.lldp", "network-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lte_modem.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lte_modem.py index 2e7db2145..1b8559912 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lte_modem.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_lte_modem.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -276,11 +276,10 @@ def underscore_to_hyphen(data): def system_lte_modem(data, fos): vdom = data["vdom"] system_lte_modem_data = data["system_lte_modem"] - filtered_data = underscore_to_hyphen( - filter_system_lte_modem_data(system_lte_modem_data) - ) + filtered_data = filter_system_lte_modem_data(system_lte_modem_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "lte-modem", data=filtered_data, vdom=vdom) + return fos.set("system", "lte-modem", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mac_address_table.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mac_address_table.py index 63855474f..8f0af4ba9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mac_address_table.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mac_address_table.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,9 +235,8 @@ def system_mac_address_table(data, fos, check_mode=False): state = data["state"] system_mac_address_table_data = data["system_mac_address_table"] - filtered_data = underscore_to_hyphen( - filter_system_mac_address_table_data(system_mac_address_table_data) - ) + filtered_data = filter_system_mac_address_table_data(system_mac_address_table_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -301,7 +300,7 @@ def system_mac_address_table(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "mac-address-table", data=filtered_data, vdom=vdom) + return fos.set("system", "mac-address-table", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_management_tunnel.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_management_tunnel.py index 4be0173f5..ccaccda4e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_management_tunnel.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_management_tunnel.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -258,11 +258,10 @@ def underscore_to_hyphen(data): def system_management_tunnel(data, fos): vdom = data["vdom"] system_management_tunnel_data = data["system_management_tunnel"] - filtered_data = underscore_to_hyphen( - filter_system_management_tunnel_data(system_management_tunnel_data) - ) + filtered_data = filter_system_management_tunnel_data(system_management_tunnel_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "management-tunnel", data=filtered_data, vdom=vdom) + return fos.set("system", "management-tunnel", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mem_mgr.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mem_mgr.py index 9a7ca1724..b0e904424 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mem_mgr.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mem_mgr.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -202,11 +202,10 @@ def underscore_to_hyphen(data): def system_mem_mgr(data, fos): vdom = data["vdom"] system_mem_mgr_data = data["system_mem_mgr"] - filtered_data = underscore_to_hyphen( - filter_system_mem_mgr_data(system_mem_mgr_data) - ) + filtered_data = filter_system_mem_mgr_data(system_mem_mgr_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "mem-mgr", data=filtered_data, vdom=vdom) + return fos.set("system", "mem-mgr", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mobile_tunnel.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mobile_tunnel.py index c9427d43f..77fdba7bf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mobile_tunnel.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_mobile_tunnel.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -341,9 +341,8 @@ def system_mobile_tunnel(data, fos, check_mode=False): state = data["state"] system_mobile_tunnel_data = data["system_mobile_tunnel"] - filtered_data = underscore_to_hyphen( - filter_system_mobile_tunnel_data(system_mobile_tunnel_data) - ) + filtered_data = filter_system_mobile_tunnel_data(system_mobile_tunnel_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -407,7 +406,7 @@ def system_mobile_tunnel(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "mobile-tunnel", data=filtered_data, vdom=vdom) + return fos.set("system", "mobile-tunnel", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_modem.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_modem.py index a2b3b6c88..4d67234e1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_modem.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_modem.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -588,9 +588,10 @@ def system_modem(data, fos): vdom = data["vdom"] system_modem_data = data["system_modem"] system_modem_data = flatten_multilists_attributes(system_modem_data) - filtered_data = underscore_to_hyphen(filter_system_modem_data(system_modem_data)) + filtered_data = filter_system_modem_data(system_modem_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "modem", data=filtered_data, vdom=vdom) + return fos.set("system", "modem", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nat64.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nat64.py index ce83f7469..d42390e4e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nat64.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nat64.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -269,9 +269,10 @@ def underscore_to_hyphen(data): def system_nat64(data, fos): vdom = data["vdom"] system_nat64_data = data["system_nat64"] - filtered_data = underscore_to_hyphen(filter_system_nat64_data(system_nat64_data)) + filtered_data = filter_system_nat64_data(system_nat64_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "nat64", data=filtered_data, vdom=vdom) + return fos.set("system", "nat64", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nd_proxy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nd_proxy.py index 2aa0107ed..2a7408443 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nd_proxy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_nd_proxy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -219,11 +219,10 @@ def underscore_to_hyphen(data): def system_nd_proxy(data, fos): vdom = data["vdom"] system_nd_proxy_data = data["system_nd_proxy"] - filtered_data = underscore_to_hyphen( - filter_system_nd_proxy_data(system_nd_proxy_data) - ) + filtered_data = filter_system_nd_proxy_data(system_nd_proxy_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "nd-proxy", data=filtered_data, vdom=vdom) + return fos.set("system", "nd-proxy", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_netflow.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_netflow.py index 3b1ea6d5d..c24156dc5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_netflow.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_netflow.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -92,6 +92,41 @@ options: description: - NetFlow collector port number. type: int + collectors: + description: + - Netflow collectors. + type: list + elements: dict + suboptions: + collector_ip: + description: + - Collector IP. + type: str + collector_port: + description: + - NetFlow collector port number. + type: int + id: + description: + - ID. see <a href='#notes'>Notes</a>. + required: true + type: int + interface: + description: + - Specify outgoing interface to reach server. Source system.interface.name. + type: str + interface_select_method: + description: + - Specify how to select outgoing interface to reach server. + type: str + choices: + - 'auto' + - 'sdwan' + - 'specify' + source_ip: + description: + - Source IP address for communication with the NetFlow agent. + type: str inactive_flow_timeout: description: - Timeout for periodic report of finished flows (10 - 600 sec). @@ -130,6 +165,14 @@ EXAMPLES = """ active_flow_timeout: "1800" collector_ip: "<your_own_value>" collector_port: "2055" + collectors: + - + collector_ip: "<your_own_value>" + collector_port: "2055" + id: "9" + interface: "<your_own_value> (source system.interface.name)" + interface_select_method: "auto" + source_ip: "84.230.14.43" inactive_flow_timeout: "15" interface: "<your_own_value> (source system.interface.name)" interface_select_method: "auto" @@ -222,6 +265,7 @@ def filter_system_netflow_data(json): "active_flow_timeout", "collector_ip", "collector_port", + "collectors", "inactive_flow_timeout", "interface", "interface_select_method", @@ -256,11 +300,10 @@ def underscore_to_hyphen(data): def system_netflow(data, fos): vdom = data["vdom"] system_netflow_data = data["system_netflow"] - filtered_data = underscore_to_hyphen( - filter_system_netflow_data(system_netflow_data) - ) + filtered_data = filter_system_netflow_data(system_netflow_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "netflow", data=filtered_data, vdom=vdom) + return fos.set("system", "netflow", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -295,19 +338,44 @@ versioned_schema = { "v_range": [["v6.0.0", ""]], "type": "dict", "children": { - "collector_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "collector_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "source_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, "active_flow_timeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "inactive_flow_timeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "template_tx_timeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "template_tx_counter": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "collectors": { + "type": "list", + "elements": "dict", + "children": { + "id": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + "required": True, + }, + "collector_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "collector_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "source_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "interface_select_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "auto"}, + {"value": "sdwan"}, + {"value": "specify"}, + ], + }, + "interface": {"v_range": [["v7.4.2", ""]], "type": "string"}, + }, + "v_range": [["v7.4.2", ""]], + }, + "collector_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, + "collector_port": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "integer"}, + "source_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, "interface_select_method": { - "v_range": [["v7.0.1", ""]], + "v_range": [["v7.0.1", "v7.4.1"]], "type": "string", "options": [{"value": "auto"}, {"value": "sdwan"}, {"value": "specify"}], }, - "interface": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "interface": {"v_range": [["v7.0.1", "v7.4.1"]], "type": "string"}, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_network_visibility.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_network_visibility.py index 338c2224c..bb395eb64 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_network_visibility.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_network_visibility.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,11 +246,12 @@ def underscore_to_hyphen(data): def system_network_visibility(data, fos): vdom = data["vdom"] system_network_visibility_data = data["system_network_visibility"] - filtered_data = underscore_to_hyphen( - filter_system_network_visibility_data(system_network_visibility_data) + filtered_data = filter_system_network_visibility_data( + system_network_visibility_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "network-visibility", data=filtered_data, vdom=vdom) + return fos.set("system", "network-visibility", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_np6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_np6.py index c6b435c5d..4ad316367 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_np6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_np6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -708,7 +708,8 @@ def system_np6(data, fos, check_mode=False): state = data["state"] system_np6_data = data["system_np6"] - filtered_data = underscore_to_hyphen(filter_system_np6_data(system_np6_data)) + filtered_data = filter_system_np6_data(system_np6_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -772,7 +773,7 @@ def system_np6(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "np6", data=filtered_data, vdom=vdom) + return fos.set("system", "np6", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "np6", mkey=filtered_data["name"], vdom=vdom) @@ -813,19 +814,23 @@ versioned_schema = { "type": "list", "elements": "dict", "children": { - "name": {"v_range": [["v6.0.0", ""]], "type": "string", "required": True}, + "name": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "string", + "required": True, + }, "fastpath": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, "low_latency_mode": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, "per_session_accounting": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "disable"}, @@ -834,54 +839,100 @@ versioned_schema = { ], }, "garbage_session_collector": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, - "session_collector_interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "session_timeout_interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "session_collector_interval": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "session_timeout_interval": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, "session_timeout_random_range": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "integer", }, "session_timeout_fixed": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, "hpe": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "dict", "children": { - "tcpsyn_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "tcpsyn_ack_max": {"v_range": [["v7.0.0", ""]], "type": "integer"}, - "tcpfin_rst_max": {"v_range": [["v7.0.0", ""]], "type": "integer"}, - "tcp_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "udp_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "icmp_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "sctp_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "esp_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "ip_frag_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "ip_others_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "arp_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "l2_others_max": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "tcpsyn_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "tcpsyn_ack_max": { + "v_range": [["v7.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "tcpfin_rst_max": { + "v_range": [["v7.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "tcp_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "udp_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "icmp_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "sctp_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "esp_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "ip_frag_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "ip_others_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "arp_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, + "l2_others_max": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "integer", + }, "pri_type_max": { - "v_range": [["v6.0.0", "v6.0.0"], ["v6.0.11", ""]], + "v_range": [ + ["v6.0.0", "v6.0.0"], + ["v6.0.11", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "integer", }, "enable_shaper": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, }, }, "fp_anomaly": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "dict", "children": { "tcp_syn_fin": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -890,7 +941,7 @@ versioned_schema = { ], }, "tcp_fin_noack": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -899,7 +950,7 @@ versioned_schema = { ], }, "tcp_fin_only": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -908,7 +959,7 @@ versioned_schema = { ], }, "tcp_no_flag": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -917,7 +968,7 @@ versioned_schema = { ], }, "tcp_syn_data": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -926,7 +977,7 @@ versioned_schema = { ], }, "tcp_winnuke": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -935,7 +986,7 @@ versioned_schema = { ], }, "tcp_land": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -944,7 +995,7 @@ versioned_schema = { ], }, "udp_land": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -953,7 +1004,7 @@ versioned_schema = { ], }, "icmp_land": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -962,7 +1013,7 @@ versioned_schema = { ], }, "icmp_frag": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -971,7 +1022,7 @@ versioned_schema = { ], }, "ipv4_land": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -980,7 +1031,7 @@ versioned_schema = { ], }, "ipv4_proto_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -989,7 +1040,7 @@ versioned_schema = { ], }, "ipv4_unknopt": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -998,7 +1049,7 @@ versioned_schema = { ], }, "ipv4_optrr": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1007,7 +1058,7 @@ versioned_schema = { ], }, "ipv4_optssrr": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1016,7 +1067,7 @@ versioned_schema = { ], }, "ipv4_optlsrr": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1025,7 +1076,7 @@ versioned_schema = { ], }, "ipv4_optstream": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1034,7 +1085,7 @@ versioned_schema = { ], }, "ipv4_optsecurity": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1043,7 +1094,7 @@ versioned_schema = { ], }, "ipv4_opttimestamp": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1052,27 +1103,27 @@ versioned_schema = { ], }, "ipv4_csum_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "drop"}, {"value": "trap-to-host"}], }, "tcp_csum_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "drop"}, {"value": "trap-to-host"}], }, "udp_csum_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "drop"}, {"value": "trap-to-host"}], }, "icmp_csum_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "drop"}, {"value": "trap-to-host"}], }, "ipv6_land": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1081,7 +1132,7 @@ versioned_schema = { ], }, "ipv6_proto_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1090,7 +1141,7 @@ versioned_schema = { ], }, "ipv6_unknopt": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1099,7 +1150,7 @@ versioned_schema = { ], }, "ipv6_saddr_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1108,7 +1159,7 @@ versioned_schema = { ], }, "ipv6_daddr_err": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1117,7 +1168,7 @@ versioned_schema = { ], }, "ipv6_optralert": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1126,7 +1177,7 @@ versioned_schema = { ], }, "ipv6_optjumbo": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1135,7 +1186,7 @@ versioned_schema = { ], }, "ipv6_opttunnel": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1144,7 +1195,7 @@ versioned_schema = { ], }, "ipv6_opthomeaddr": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1153,7 +1204,7 @@ versioned_schema = { ], }, "ipv6_optnsap": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1162,7 +1213,7 @@ versioned_schema = { ], }, "ipv6_optendpid": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1171,7 +1222,7 @@ versioned_schema = { ], }, "ipv6_optinvld": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "allow"}, @@ -1200,7 +1251,7 @@ versioned_schema = { "options": [{"value": "global-hash"}, {"value": "round-robin-global"}], }, }, - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_npu.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_npu.py index f63ed6a29..e00da6cf8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_npu.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_npu.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -98,6 +98,163 @@ options: choices: - 'enable' - 'disable' + default_qos_type: + description: + - Set default QoS type. + type: str + choices: + - 'policing' + - 'shaping' + - 'policing-enhanced' + dos_options: + description: + - NPU DoS configurations. + type: dict + suboptions: + npu_dos_meter_mode: + description: + - Set DoS meter NPU offloading mode. + type: str + choices: + - 'global' + - 'local' + npu_dos_tpe_mode: + description: + - Enable/disable insertion of DoS meter ID to session table. + type: str + choices: + - 'enable' + - 'disable' + double_level_mcast_offload: + description: + - Enable double level mcast offload. + type: str + choices: + - 'enable' + - 'disable' + dsw_dts_profile: + description: + - Configure NPU DSW DTS profile. + type: list + elements: dict + suboptions: + action: + description: + - Set NPU DSW DTS profile action. + type: str + choices: + - 'wait' + - 'drop' + - 'drop_tmr_0' + - 'drop_tmr_1' + - 'enque' + - 'enque_0' + - 'enque_1' + min_limit: + description: + - Set NPU DSW DTS profile min-limt. + type: int + profile_id: + description: + - Set NPU DSW DTS profile profile id. see <a href='#notes'>Notes</a>. + required: true + type: int + step: + description: + - Set NPU DSW DTS profile step. + type: int + dsw_queue_dts_profile: + description: + - Configure NPU DSW Queue DTS profile. + type: list + elements: dict + suboptions: + iport: + description: + - Set NPU DSW DTS in port. + type: str + choices: + - 'eif0' + - 'eif1' + - 'eif2' + - 'eif3' + - 'eif4' + - 'eif5' + - 'eif6' + - 'eif7' + - 'htx0' + - 'htx1' + - 'sse0' + - 'sse1' + - 'sse2' + - 'sse3' + - 'rlt' + - 'dfr' + - 'ipseci' + - 'ipseco' + - 'ipti' + - 'ipto' + - 'vep0' + - 'vep2' + - 'vep4' + - 'vep6' + - 'ivs' + - 'l2ti1' + - 'l2to' + - 'l2ti0' + - 'ple' + - 'spath' + - 'qtm' + name: + description: + - Name. + required: true + type: str + oport: + description: + - Set NPU DSW DTS out port. + type: str + choices: + - 'eif0' + - 'eif1' + - 'eif2' + - 'eif3' + - 'eif4' + - 'eif5' + - 'eif6' + - 'eif7' + - 'hrx' + - 'sse0' + - 'sse1' + - 'sse2' + - 'sse3' + - 'rlt' + - 'dfr' + - 'ipseci' + - 'ipseco' + - 'ipti' + - 'ipto' + - 'vep0' + - 'vep2' + - 'vep4' + - 'vep6' + - 'ivs' + - 'l2ti1' + - 'l2to' + - 'l2ti0' + - 'ple' + - 'sync' + - 'nss' + - 'tsk' + - 'qtm' + profile_id: + description: + - Set NPU DSW DTS profile ID. + type: int + queue_select: + description: + - Set NPU DSW DTS queue ID select (0 - reset to default). + type: int fastpath: description: - Enable/disable NP6 offloading (also called fast path). @@ -105,6 +262,287 @@ options: choices: - 'disable' - 'enable' + fp_anomaly: + description: + - IPv4/IPv6 anomaly protection. + type: dict + suboptions: + icmp_csum_err: + description: + - Invalid IPv4 ICMP checksum anomalies. + type: str + choices: + - 'drop' + - 'trap-to-host' + icmp_frag: + description: + - Layer 3 fragmented packets that could be part of layer 4 ICMP anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + icmp_land: + description: + - ICMP land anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_csum_err: + description: + - Invalid IPv4 IP checksum anomalies. + type: str + choices: + - 'drop' + - 'trap-to-host' + ipv4_land: + description: + - Land anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_optlsrr: + description: + - Loose source record route option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_optrr: + description: + - Record route option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_optsecurity: + description: + - Security option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_optssrr: + description: + - Strict source record route option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_optstream: + description: + - Stream option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_opttimestamp: + description: + - Timestamp option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_proto_err: + description: + - Invalid layer 4 protocol anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv4_unknopt: + description: + - Unknown option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_daddr_err: + description: + - Destination address as unspecified or loopback address anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_land: + description: + - Land anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_optendpid: + description: + - End point identification anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_opthomeaddr: + description: + - Home address option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_optinvld: + description: + - Invalid option anomalies.Invalid option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_optjumbo: + description: + - Jumbo options anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_optnsap: + description: + - Network service access point address option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_optralert: + description: + - Router alert option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_opttunnel: + description: + - Tunnel encapsulation limit option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_proto_err: + description: + - Layer 4 invalid protocol anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_saddr_err: + description: + - Source address as multicast anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + ipv6_unknopt: + description: + - Unknown option anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + tcp_csum_err: + description: + - Invalid IPv4 TCP checksum anomalies. + type: str + choices: + - 'drop' + - 'trap-to-host' + tcp_fin_noack: + description: + - TCP SYN flood with FIN flag set without ACK setting anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + tcp_fin_only: + description: + - TCP SYN flood with only FIN flag set anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + tcp_land: + description: + - TCP land anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + tcp_no_flag: + description: + - TCP SYN flood with no flag set anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + tcp_syn_data: + description: + - TCP SYN flood packets with data anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + tcp_syn_fin: + description: + - TCP SYN flood SYN/FIN flag set anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + tcp_winnuke: + description: + - TCP WinNuke anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' + udp_csum_err: + description: + - Invalid IPv4 UDP checksum anomalies. + type: str + choices: + - 'drop' + - 'trap-to-host' + udp_land: + description: + - UDP land anomalies. + type: str + choices: + - 'allow' + - 'drop' + - 'trap-to-host' gtp_enhanced_cpu_range: description: - GTP enhanced CPU range option. @@ -120,6 +558,118 @@ options: choices: - 'enable' - 'disable' + gtp_support: + description: + - Enable/Disable NP7 GTP support + type: str + choices: + - 'enable' + - 'disable' + hash_tbl_spread: + description: + - Enable/disable hash table entry spread . + type: str + choices: + - 'enable' + - 'disable' + hpe: + description: + - Host protection engine configuration. + type: dict + suboptions: + all_protocol: + description: + - Maximum packet rate of each host queue except high priority traffic(1K - 32M pps), set 0 to disable. + type: int + arp_max: + description: + - Maximum ARP packet rate (1K - 32M pps). Entry is valid when ARP is removed from high-priority traffic. + type: int + enable_shaper: + description: + - Enable/Disable NPU Host Protection Engine (HPE) for packet type shaper. + type: str + choices: + - 'disable' + - 'enable' + esp_max: + description: + - Maximum ESP packet rate (1K - 32M pps). + type: int + high_priority: + description: + - Maximum packet rate for high priority traffic packets (1K - 32M pps). + type: int + icmp_max: + description: + - Maximum ICMP packet rate (1K - 32M pps). + type: int + ip_frag_max: + description: + - Maximum fragmented IP packet rate (1K - 32M pps). + type: int + ip_others_max: + description: + - Maximum IP packet rate for other packets (packet types that cannot be set with other options) (1K - 32G pps). + type: int + l2_others_max: + description: + - Maximum L2 packet rate for L2 packets that are not ARP packets (1K - 32M pps). + type: int + sctp_max: + description: + - Maximum SCTP packet rate (1K - 32M pps). + type: int + tcp_max: + description: + - Maximum TCP packet rate (1K - 32M pps). + type: int + tcpfin_rst_max: + description: + - Maximum TCP carries FIN or RST flags packet rate (1K - 32M pps). + type: int + tcpsyn_ack_max: + description: + - Maximum TCP carries SYN and ACK flags packet rate (1K - 32M pps). + type: int + tcpsyn_max: + description: + - Maximum TCP SYN packet rate (1K - 40M pps). + type: int + udp_max: + description: + - Maximum UDP packet rate (1K - 32M pps). + type: int + htab_dedi_queue_nr: + description: + - Set the number of dedicate queue for hash table messages. + type: int + htab_msg_queue: + description: + - Set hash table message queue mode. + type: str + choices: + - 'data' + - 'idle' + - 'dedicated' + htx_icmp_csum_chk: + description: + - Set HTX icmp csum checking mode. + type: str + choices: + - 'drop' + - 'pass' + inbound_dscp_copy_port: + description: + - Physical interfaces that support inbound-dscp-copy. + type: list + elements: dict + suboptions: + interface: + description: + - Physical interface name. + required: true + type: str intf_shaping_offload: description: - Enable/disable NPU offload when doing interface-based traffic shaping according to the egress-shaping-profile. @@ -127,6 +677,33 @@ options: choices: - 'enable' - 'disable' + ip_fragment_offload: + description: + - Enable/disable NP7 NPU IP fragment offload. + type: str + choices: + - 'disable' + - 'enable' + ip_reassembly: + description: + - IP reassebmly engine configuration. + type: dict + suboptions: + max_timeout: + description: + - Maximum timeout value for IP reassembly (5 us - 600,000,000 us). + type: int + min_timeout: + description: + - Minimum timeout value for IP reassembly (5 us - 600,000,000 us). + type: int + status: + description: + - Set IP reassembly processing status. + type: str + choices: + - 'disable' + - 'enable' ipsec_dec_subengine_mask: description: - IPsec decryption subengine mask (0x1 - 0xff). @@ -149,6 +726,14 @@ options: choices: - 'disable' - 'enable' + ipsec_ob_np_sel: + description: + - IPsec NP selection for OB SA offloading. + type: str + choices: + - 'rr' + - 'Packet' + - 'Hash' ipsec_over_vlink: description: - Enable/disable IPsec over vlink. @@ -200,6 +785,14 @@ options: choices: - 'disable' - 'enable' + max_receive_unit: + description: + - Set the maximum packet size for receive, larger packets will be silently dropped. + type: int + max_session_timeout: + description: + - Maximum time interval for refreshing NPU-offloaded sessions (10 - 1000 sec). + type: int mcast_session_accounting: description: - Enable/disable traffic accounting for each multicast session through TAE counter. @@ -208,6 +801,2224 @@ options: - 'tpe-based' - 'session-based' - 'disable' + napi_break_interval: + description: + - NAPI break interval . + type: int + np_queues: + description: + - Configure queue assignment on NP7. + type: dict + suboptions: + ethernet_type: + description: + - Configure a NP7 QoS Ethernet Type. + type: list + elements: dict + suboptions: + name: + description: + - Ethernet Type Name. + required: true + type: str + queue: + description: + - Queue Number. + type: int + type: + description: + - Ethernet Type. + type: str + weight: + description: + - Class Weight. + type: int + ip_protocol: + description: + - Configure a NP7 QoS IP Protocol. + type: list + elements: dict + suboptions: + name: + description: + - IP Protocol Name. + required: true + type: str + protocol: + description: + - IP Protocol. + type: int + queue: + description: + - Queue Number. + type: int + weight: + description: + - Class Weight. + type: int + ip_service: + description: + - Configure a NP7 QoS IP Service. + type: list + elements: dict + suboptions: + dport: + description: + - Destination port. + type: int + name: + description: + - IP service name. + required: true + type: str + protocol: + description: + - IP protocol. + type: int + queue: + description: + - Queue number. + type: int + sport: + description: + - Source port. + type: int + weight: + description: + - Class weight. + type: int + profile: + description: + - Configure a NP7 class profile. + type: list + elements: dict + suboptions: + cos0: + description: + - Queue number of CoS 0. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + cos1: + description: + - Queue number of CoS 1. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + cos2: + description: + - Queue number of CoS 2. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + cos3: + description: + - Queue number of CoS 3. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + cos4: + description: + - Queue number of CoS 4. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + cos5: + description: + - Queue number of CoS 5. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + cos6: + description: + - Queue number of CoS 6. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + cos7: + description: + - Queue number of CoS 7. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp0: + description: + - Queue number of DSCP 0. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp1: + description: + - Queue number of DSCP 1. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp10: + description: + - Queue number of DSCP 10. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp11: + description: + - Queue number of DSCP 11. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp12: + description: + - Queue number of DSCP 12. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp13: + description: + - Queue number of DSCP 13. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp14: + description: + - Queue number of DSCP 14. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp15: + description: + - Queue number of DSCP 15. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp16: + description: + - Queue number of DSCP 16. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp17: + description: + - Queue number of DSCP 17. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp18: + description: + - Queue number of DSCP 18. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp19: + description: + - Queue number of DSCP 19. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp2: + description: + - Queue number of DSCP 2. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp20: + description: + - Queue number of DSCP 20. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp21: + description: + - Queue number of DSCP 21. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp22: + description: + - Queue number of DSCP 22. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp23: + description: + - Queue number of DSCP 23. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp24: + description: + - Queue number of DSCP 24. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp25: + description: + - Queue number of DSCP 25. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp26: + description: + - Queue number of DSCP 26. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp27: + description: + - Queue number of DSCP 27. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp28: + description: + - Queue number of DSCP 28. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp29: + description: + - Queue number of DSCP 29. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp3: + description: + - Queue number of DSCP 3. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp30: + description: + - Queue number of DSCP 30. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp31: + description: + - Queue number of DSCP 31. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp32: + description: + - Queue number of DSCP 32. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp33: + description: + - Queue number of DSCP 33. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp34: + description: + - Queue number of DSCP 34. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp35: + description: + - Queue number of DSCP 35. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp36: + description: + - Queue number of DSCP 36. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp37: + description: + - Queue number of DSCP 37. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp38: + description: + - Queue number of DSCP 38. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp39: + description: + - Queue number of DSCP 39. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp4: + description: + - Queue number of DSCP 4. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp40: + description: + - Queue number of DSCP 40. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp41: + description: + - Queue number of DSCP 41. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp42: + description: + - Queue number of DSCP 42. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp43: + description: + - Queue number of DSCP 43. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp44: + description: + - Queue number of DSCP 44. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp45: + description: + - Queue number of DSCP 45. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp46: + description: + - Queue number of DSCP 46. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp47: + description: + - Queue number of DSCP 47. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp48: + description: + - Queue number of DSCP 48. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp49: + description: + - Queue number of DSCP 49. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp5: + description: + - Queue number of DSCP 5. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp50: + description: + - Queue number of DSCP 50. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp51: + description: + - Queue number of DSCP 51. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp52: + description: + - Queue number of DSCP 52. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp53: + description: + - Queue number of DSCP 53. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp54: + description: + - Queue number of DSCP 54. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp55: + description: + - Queue number of DSCP 55. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp56: + description: + - Queue number of DSCP 56. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp57: + description: + - Queue number of DSCP 57. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp58: + description: + - Queue number of DSCP 58. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp59: + description: + - Queue number of DSCP 59. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp6: + description: + - Queue number of DSCP 6. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp60: + description: + - Queue number of DSCP 60. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp61: + description: + - Queue number of DSCP 61. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp62: + description: + - Queue number of DSCP 62. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp63: + description: + - Queue number of DSCP 63. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp7: + description: + - Queue number of DSCP 7. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp8: + description: + - Queue number of DSCP 8. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + dscp9: + description: + - Queue number of DSCP 9. + type: str + choices: + - 'queue0' + - 'queue1' + - 'queue2' + - 'queue3' + - 'queue4' + - 'queue5' + - 'queue6' + - 'queue7' + id: + description: + - Profile ID. see <a href='#notes'>Notes</a>. + required: true + type: int + type: + description: + - Profile type. + type: str + choices: + - 'cos' + - 'dscp' + weight: + description: + - Class weight. + type: int + scheduler: + description: + - Configure a NP7 QoS Scheduler. + type: list + elements: dict + suboptions: + mode: + description: + - Scheduler mode. + type: str + choices: + - 'none' + - 'priority' + - 'round-robin' + name: + description: + - Scheduler name. + required: true + type: str + npu_group_effective_scope: + description: + - npu-group-effective-scope defines under which npu-group cmds such as list/purge will be excecuted. Default scope is for all four HS-ok + groups. (0-3). + type: int + npu_tcam: + description: + - Configure NPU TCAM policies. + type: list + elements: dict + suboptions: + data: + description: + - Data fields of TCAM. + type: dict + suboptions: + df: + description: + - tcam data ip flag df. + type: str + choices: + - 'enable' + - 'disable' + dstip: + description: + - tcam data dst ipv4 address. + type: str + dstipv6: + description: + - tcam data dst ipv6 address. + type: str + dstmac: + description: + - tcam data dst macaddr. + type: str + dstport: + description: + - tcam data L4 dst port. + type: int + ethertype: + description: + - tcam data ethertype. + type: str + ext_tag: + description: + - tcam data extension tag. + type: str + choices: + - 'enable' + - 'disable' + frag_off: + description: + - tcam data ip flag fragment offset. + type: int + gen_buf_cnt: + description: + - tcam data gen info buffer count. + type: int + gen_iv: + description: + - tcam data gen info iv. + type: str + choices: + - 'valid' + - 'invalid' + gen_l3_flags: + description: + - tcam data gen info L3 flags. + type: int + gen_l4_flags: + description: + - tcam data gen info L4 flags. + type: int + gen_pkt_ctrl: + description: + - tcam data gen info packet control. + type: int + gen_pri: + description: + - tcam data gen info priority. + type: int + gen_pri_v: + description: + - tcam data gen info priority valid. + type: str + choices: + - 'valid' + - 'invalid' + gen_tv: + description: + - tcam data gen info tv. + type: str + choices: + - 'valid' + - 'invalid' + ihl: + description: + - tcam data ipv4 IHL. + type: int + ip4_id: + description: + - tcam data ipv4 id. + type: int + ip6_fl: + description: + - tcam data ipv6 flow label. + type: int + ipver: + description: + - tcam data ip header version. + type: int + l4_wd10: + description: + - tcam data L4 word10. + type: int + l4_wd11: + description: + - tcam data L4 word11. + type: int + l4_wd8: + description: + - tcam data L4 word8. + type: int + l4_wd9: + description: + - tcam data L4 word9. + type: int + mf: + description: + - tcam data ip flag mf. + type: str + choices: + - 'enable' + - 'disable' + protocol: + description: + - tcam data ip protocol. + type: int + slink: + description: + - tcam data sublink. + type: int + smac_change: + description: + - tcam data source MAC change. + type: str + choices: + - 'enable' + - 'disable' + sp: + description: + - tcam data source port. + type: int + src_cfi: + description: + - tcam data source cfi. + type: str + choices: + - 'enable' + - 'disable' + src_prio: + description: + - tcam data source priority. + type: int + src_updt: + description: + - tcam data source update. + type: str + choices: + - 'enable' + - 'disable' + srcip: + description: + - tcam data src ipv4 address. + type: str + srcipv6: + description: + - tcam data src ipv6 address. + type: str + srcmac: + description: + - tcam data src macaddr. + type: str + srcport: + description: + - tcam data L4 src port. + type: int + svid: + description: + - tcam data source vid. + type: int + tcp_ack: + description: + - tcam data tcp flag ack. + type: str + choices: + - 'enable' + - 'disable' + tcp_cwr: + description: + - tcam data tcp flag cwr. + type: str + choices: + - 'enable' + - 'disable' + tcp_ece: + description: + - tcam data tcp flag ece. + type: str + choices: + - 'enable' + - 'disable' + tcp_fin: + description: + - tcam data tcp flag fin. + type: str + choices: + - 'enable' + - 'disable' + tcp_push: + description: + - tcam data tcp flag push. + type: str + choices: + - 'enable' + - 'disable' + tcp_rst: + description: + - tcam data tcp flag rst. + type: str + choices: + - 'enable' + - 'disable' + tcp_syn: + description: + - tcam data tcp flag syn. + type: str + choices: + - 'enable' + - 'disable' + tcp_urg: + description: + - tcam data tcp flag urg. + type: str + choices: + - 'enable' + - 'disable' + tgt_cfi: + description: + - tcam data target cfi. + type: str + choices: + - 'enable' + - 'disable' + tgt_prio: + description: + - tcam data target priority. + type: int + tgt_updt: + description: + - tcam data target port update. + type: str + choices: + - 'enable' + - 'disable' + tgt_v: + description: + - tcam data target valid. + type: str + choices: + - 'valid' + - 'invalid' + tos: + description: + - tcam data ip tos. + type: int + tp: + description: + - tcam data target port. + type: int + ttl: + description: + - tcam data ip ttl. + type: int + tvid: + description: + - tcam data target vid. + type: int + vdid: + description: + - tcam data vdom id. + type: int + mask: + description: + - Mask fields of TCAM. + type: dict + suboptions: + df: + description: + - tcam mask ip flag df. + type: str + choices: + - 'enable' + - 'disable' + dstip: + description: + - tcam mask dst ipv4 address. + type: str + dstipv6: + description: + - tcam mask dst ipv6 address. + type: str + dstmac: + description: + - tcam mask dst macaddr. + type: str + dstport: + description: + - tcam mask L4 dst port. + type: int + ethertype: + description: + - tcam mask ethertype. + type: str + ext_tag: + description: + - tcam mask extension tag. + type: str + choices: + - 'enable' + - 'disable' + frag_off: + description: + - tcam data ip flag fragment offset. + type: int + gen_buf_cnt: + description: + - tcam mask gen info buffer count. + type: int + gen_iv: + description: + - tcam mask gen info iv. + type: str + choices: + - 'valid' + - 'invalid' + gen_l3_flags: + description: + - tcam mask gen info L3 flags. + type: int + gen_l4_flags: + description: + - tcam mask gen info L4 flags. + type: int + gen_pkt_ctrl: + description: + - tcam mask gen info packet control. + type: int + gen_pri: + description: + - tcam mask gen info priority. + type: int + gen_pri_v: + description: + - tcam mask gen info priority valid. + type: str + choices: + - 'valid' + - 'invalid' + gen_tv: + description: + - tcam mask gen info tv. + type: str + choices: + - 'valid' + - 'invalid' + ihl: + description: + - tcam mask ipv4 IHL. + type: int + ip4_id: + description: + - tcam mask ipv4 id. + type: int + ip6_fl: + description: + - tcam mask ipv6 flow label. + type: int + ipver: + description: + - tcam mask ip header version. + type: int + l4_wd10: + description: + - tcam mask L4 word10. + type: int + l4_wd11: + description: + - tcam mask L4 word11. + type: int + l4_wd8: + description: + - tcam mask L4 word8. + type: int + l4_wd9: + description: + - tcam mask L4 word9. + type: int + mf: + description: + - tcam mask ip flag mf. + type: str + choices: + - 'enable' + - 'disable' + protocol: + description: + - tcam mask ip protocol. + type: int + slink: + description: + - tcam mask sublink. + type: int + smac_change: + description: + - tcam mask source MAC change. + type: str + choices: + - 'enable' + - 'disable' + sp: + description: + - tcam mask source port. + type: int + src_cfi: + description: + - tcam mask source cfi. + type: str + choices: + - 'enable' + - 'disable' + src_prio: + description: + - tcam mask source priority. + type: int + src_updt: + description: + - tcam mask source update. + type: str + choices: + - 'enable' + - 'disable' + srcip: + description: + - tcam mask src ipv4 address. + type: str + srcipv6: + description: + - tcam mask src ipv6 address. + type: str + srcmac: + description: + - tcam mask src macaddr. + type: str + srcport: + description: + - tcam mask L4 src port. + type: int + svid: + description: + - tcam mask source vid. + type: int + tcp_ack: + description: + - tcam mask tcp flag ack. + type: str + choices: + - 'enable' + - 'disable' + tcp_cwr: + description: + - tcam mask tcp flag cwr. + type: str + choices: + - 'enable' + - 'disable' + tcp_ece: + description: + - tcam mask tcp flag ece. + type: str + choices: + - 'enable' + - 'disable' + tcp_fin: + description: + - tcam mask tcp flag fin. + type: str + choices: + - 'enable' + - 'disable' + tcp_push: + description: + - tcam mask tcp flag push. + type: str + choices: + - 'enable' + - 'disable' + tcp_rst: + description: + - tcam mask tcp flag rst. + type: str + choices: + - 'enable' + - 'disable' + tcp_syn: + description: + - tcam mask tcp flag syn. + type: str + choices: + - 'enable' + - 'disable' + tcp_urg: + description: + - tcam mask tcp flag urg. + type: str + choices: + - 'enable' + - 'disable' + tgt_cfi: + description: + - tcam mask target cfi. + type: str + choices: + - 'enable' + - 'disable' + tgt_prio: + description: + - tcam mask target priority. + type: int + tgt_updt: + description: + - tcam mask target port update. + type: str + choices: + - 'enable' + - 'disable' + tgt_v: + description: + - tcam mask target valid. + type: str + choices: + - 'valid' + - 'invalid' + tos: + description: + - tcam mask ip tos. + type: int + tp: + description: + - tcam mask target port. + type: int + ttl: + description: + - tcam mask ip ttl. + type: int + tvid: + description: + - tcam mask target vid. + type: int + vdid: + description: + - tcam mask vdom id. + type: int + mir_act: + description: + - Mirror action of TCAM. + type: dict + suboptions: + vlif: + description: + - tcam mirror action vlif. + type: int + name: + description: + - NPU TCAM policies name. + required: true + type: str + oid: + description: + - NPU TCAM OID. + type: int + pri_act: + description: + - Priority action of TCAM. + type: dict + suboptions: + priority: + description: + - tcam priority action priority. + type: int + weight: + description: + - tcam priority action weight. + type: int + sact: + description: + - Source action of TCAM. + type: dict + suboptions: + act: + description: + - tcam sact act. + type: int + act_v: + description: + - Enable to set sact act. + type: str + choices: + - 'enable' + - 'disable' + bmproc: + description: + - tcam sact bmproc. + type: int + bmproc_v: + description: + - Enable to set sact bmproc. + type: str + choices: + - 'enable' + - 'disable' + df_lif: + description: + - tcam sact df-lif. + type: int + df_lif_v: + description: + - Enable to set sact df-lif. + type: str + choices: + - 'enable' + - 'disable' + dfr: + description: + - tcam sact dfr. + type: int + dfr_v: + description: + - Enable to set sact dfr. + type: str + choices: + - 'enable' + - 'disable' + dmac_skip: + description: + - tcam sact dmac-skip. + type: int + dmac_skip_v: + description: + - Enable to set sact dmac-skip. + type: str + choices: + - 'enable' + - 'disable' + dosen: + description: + - tcam sact dosen. + type: int + dosen_v: + description: + - Enable to set sact dosen. + type: str + choices: + - 'enable' + - 'disable' + espff_proc: + description: + - tcam sact espff-proc. + type: int + espff_proc_v: + description: + - Enable to set sact espff-proc. + type: str + choices: + - 'enable' + - 'disable' + etype_pid: + description: + - tcam sact etype-pid. + type: int + etype_pid_v: + description: + - Enable to set sact etype-pid. + type: str + choices: + - 'enable' + - 'disable' + frag_proc: + description: + - tcam sact frag-proc. + type: int + frag_proc_v: + description: + - Enable to set sact frag-proc. + type: str + choices: + - 'enable' + - 'disable' + fwd: + description: + - tcam sact fwd. + type: int + fwd_lif: + description: + - tcam sact fwd-lif. + type: int + fwd_lif_v: + description: + - Enable to set sact fwd-lif. + type: str + choices: + - 'enable' + - 'disable' + fwd_tvid: + description: + - tcam sact fwd-tvid. + type: int + fwd_tvid_v: + description: + - Enable to set sact fwd-vid. + type: str + choices: + - 'enable' + - 'disable' + fwd_v: + description: + - Enable to set sact fwd. + type: str + choices: + - 'enable' + - 'disable' + icpen: + description: + - tcam sact icpen. + type: int + icpen_v: + description: + - Enable to set sact icpen. + type: str + choices: + - 'enable' + - 'disable' + igmp_mld_snp: + description: + - tcam sact igmp-mld-snp. + type: int + igmp_mld_snp_v: + description: + - Enable to set sact igmp-mld-snp. + type: str + choices: + - 'enable' + - 'disable' + learn: + description: + - tcam sact learn. + type: int + learn_v: + description: + - Enable to set sact learn. + type: str + choices: + - 'enable' + - 'disable' + m_srh_ctrl: + description: + - tcam sact m-srh-ctrl. + type: int + m_srh_ctrl_v: + description: + - Enable to set sact m-srh-ctrl. + type: str + choices: + - 'enable' + - 'disable' + mac_id: + description: + - tcam sact mac-id. + type: int + mac_id_v: + description: + - Enable to set sact mac-id. + type: str + choices: + - 'enable' + - 'disable' + mss: + description: + - tcam sact mss. + type: int + mss_v: + description: + - Enable to set sact mss. + type: str + choices: + - 'enable' + - 'disable' + pleen: + description: + - tcam sact pleen. + type: int + pleen_v: + description: + - Enable to set sact pleen. + type: str + choices: + - 'enable' + - 'disable' + prio_pid: + description: + - tcam sact prio-pid. + type: int + prio_pid_v: + description: + - Enable to set sact prio-pid. + type: str + choices: + - 'enable' + - 'disable' + promis: + description: + - tcam sact promis. + type: int + promis_v: + description: + - Enable to set sact promis. + type: str + choices: + - 'enable' + - 'disable' + rfsh: + description: + - tcam sact rfsh. + type: int + rfsh_v: + description: + - Enable to set sact rfsh. + type: str + choices: + - 'enable' + - 'disable' + smac_skip: + description: + - tcam sact smac-skip. + type: int + smac_skip_v: + description: + - Enable to set sact smac-skip. + type: str + choices: + - 'enable' + - 'disable' + tp_smchk: + description: + - tcam sact tp mode. + type: int + tp_smchk_v: + description: + - Enable to set sact tp mode. + type: str + choices: + - 'enable' + - 'disable' + tpe_id: + description: + - tcam sact tpe-id. + type: int + tpe_id_v: + description: + - Enable to set sact tpe-id. + type: str + choices: + - 'enable' + - 'disable' + vdm: + description: + - tcam sact vdm. + type: int + vdm_v: + description: + - Enable to set sact vdm. + type: str + choices: + - 'enable' + - 'disable' + vdom_id: + description: + - tcam sact vdom-id. + type: int + vdom_id_v: + description: + - Enable to set sact vdom-id. + type: str + choices: + - 'enable' + - 'disable' + x_mode: + description: + - tcam sact x-mode. + type: int + x_mode_v: + description: + - Enable to set sact x-mode. + type: str + choices: + - 'enable' + - 'disable' + tact: + description: + - Target action of TCAM. + type: dict + suboptions: + act: + description: + - tcam tact act. + type: int + act_v: + description: + - Enable to set tact act. + type: str + choices: + - 'enable' + - 'disable' + fmtuv4_s: + description: + - tcam tact fmtuv4-s. + type: int + fmtuv4_s_v: + description: + - Enable to set tact fmtuv4-s. + type: str + choices: + - 'enable' + - 'disable' + fmtuv6_s: + description: + - tcam tact fmtuv6-s. + type: int + fmtuv6_s_v: + description: + - Enable to set tact fmtuv6-s. + type: str + choices: + - 'enable' + - 'disable' + lnkid: + description: + - tcam tact lnkid. + type: int + lnkid_v: + description: + - Enable to set tact lnkid. + type: str + choices: + - 'enable' + - 'disable' + mac_id: + description: + - tcam tact mac-id. + type: int + mac_id_v: + description: + - Enable to set tact mac-id. + type: str + choices: + - 'enable' + - 'disable' + mss_t: + description: + - tcam tact mss. + type: int + mss_t_v: + description: + - Enable to set tact mss. + type: str + choices: + - 'enable' + - 'disable' + mtuv4: + description: + - tcam tact mtuv4. + type: int + mtuv4_v: + description: + - Enable to set tact mtuv4. + type: str + choices: + - 'enable' + - 'disable' + mtuv6: + description: + - tcam tact mtuv6. + type: int + mtuv6_v: + description: + - Enable to set tact mtuv6. + type: str + choices: + - 'enable' + - 'disable' + slif_act: + description: + - tcam tact slif-act. + type: int + slif_act_v: + description: + - Enable to set tact slif-act. + type: str + choices: + - 'enable' + - 'disable' + sublnkid: + description: + - tcam tact sublnkid. + type: int + sublnkid_v: + description: + - Enable to set tact sublnkid. + type: str + choices: + - 'enable' + - 'disable' + tgtv_act: + description: + - tcam tact tgtv-act. + type: int + tgtv_act_v: + description: + - Enable to set tact tgtv-act. + type: str + choices: + - 'enable' + - 'disable' + tlif_act: + description: + - tcam tact tlif-act. + type: int + tlif_act_v: + description: + - Enable to set tact tlif-act. + type: str + choices: + - 'enable' + - 'disable' + tpeid: + description: + - tcam tact tpeid. + type: int + tpeid_v: + description: + - Enable to set tact tpeid. + type: str + choices: + - 'enable' + - 'disable' + v6fe: + description: + - tcam tact v6fe. + type: int + v6fe_v: + description: + - Enable to set tact v6fe. + type: str + choices: + - 'enable' + - 'disable' + vep_en: + description: + - tcam tact vep_en. + type: int + vep_en_v: + description: + - Enable to set tact vep-en. + type: str + choices: + - 'enable' + - 'disable' + vep_slid: + description: + - tcam tact vep_slid. + type: int + vep_slid_v: + description: + - Enable to set tact vep-slid. + type: str + choices: + - 'enable' + - 'disable' + xlt_lif: + description: + - tcam tact xlt-lif. + type: int + xlt_lif_v: + description: + - Enable to set tact xlt-lif. + type: str + choices: + - 'enable' + - 'disable' + xlt_vid: + description: + - tcam tact xlt-vid. + type: int + xlt_vid_v: + description: + - Enable to set tact xlt-vid. + type: str + choices: + - 'enable' + - 'disable' + type: + description: + - TCAM policy type. + type: str + choices: + - 'L2_src_tc' + - 'L2_tgt_tc' + - 'L2_src_mir' + - 'L2_tgt_mir' + - 'L2_src_act' + - 'L2_tgt_act' + - 'IPv4_src_tc' + - 'IPv4_tgt_tc' + - 'IPv4_src_mir' + - 'IPv4_tgt_mir' + - 'IPv4_src_act' + - 'IPv4_tgt_act' + - 'IPv6_src_tc' + - 'IPv6_tgt_tc' + - 'IPv6_src_mir' + - 'IPv6_tgt_mir' + - 'IPv6_src_act' + - 'IPv6_tgt_act' + vid: + description: + - NPU TCAM VID. + type: int + per_session_accounting: + description: + - Set per-session accounting. + type: str + choices: + - 'traffic-log-only' + - 'disable' + - 'enable' port_cpu_map: description: - Configure NPU interface to CPU core mapping. @@ -238,6 +3049,22 @@ options: description: - Mapping NPU group index. type: int + port_path_option: + description: + - Configure port using NPU or Intel-NIC. + type: dict + suboptions: + ports_using_npu: + description: + - Set ha/aux ports to handle traffic with NPU (otherwise traffic goes to Intel-NIC and then CPU). + type: list + elements: dict + suboptions: + interface_name: + description: + - Available interfaces for NPU path. + required: true + type: str priority_protocol: description: - Configure NPU priority protocol. @@ -272,6 +3099,13 @@ options: - 'disable' - 'priority' - 'round-robin' + qtm_buf_mode: + description: + - QTM channel configuration for packet buffer. + type: str + choices: + - '6ch' + - '4ch' rdp_offload: description: - Enable/disable RDP offload. @@ -279,6 +3113,10 @@ options: choices: - 'enable' - 'disable' + session_acct_interval: + description: + - Session accounting update interval (1 - 10 sec). + type: int session_denied_offload: description: - Enable/disable offloading of denied sessions. Requires ses-denied-traffic to be set. @@ -286,6 +3124,13 @@ options: choices: - 'disable' - 'enable' + shaping_stats: + description: + - Enable/disable NP7 traffic shaping statistics . + type: str + choices: + - 'disable' + - 'enable' sse_backpressure: description: - Enable/disable SSE backpressure. @@ -413,6 +3258,20 @@ options: choices: - 'enable' - 'disable' + ull_port_mode: + description: + - Set ULL port"s speed to 10G/25G . + type: str + choices: + - '10G' + - '25G' + vlan_lookup_cache: + description: + - Enable/disable vlan lookup cache . + type: str + choices: + - 'enable' + - 'disable' """ EXAMPLES = """ @@ -423,14 +3282,98 @@ EXAMPLES = """ capwap_offload: "enable" dedicated_management_affinity: "<your_own_value>" dedicated_management_cpu: "enable" + default_qos_type: "policing" + dos_options: + npu_dos_meter_mode: "global" + npu_dos_tpe_mode: "enable" + double_level_mcast_offload: "enable" + dsw_dts_profile: + - + action: "wait" + min_limit: "0" + profile_id: "<you_own_value>" + step: "0" + dsw_queue_dts_profile: + - + iport: "eif0" + name: "default_name_18" + oport: "eif0" + profile_id: "0" + queue_select: "0" fastpath: "disable" + fp_anomaly: + icmp_csum_err: "drop" + icmp_frag: "allow" + icmp_land: "allow" + ipv4_csum_err: "drop" + ipv4_land: "allow" + ipv4_optlsrr: "allow" + ipv4_optrr: "allow" + ipv4_optsecurity: "allow" + ipv4_optssrr: "allow" + ipv4_optstream: "allow" + ipv4_opttimestamp: "allow" + ipv4_proto_err: "allow" + ipv4_unknopt: "allow" + ipv6_daddr_err: "allow" + ipv6_land: "allow" + ipv6_optendpid: "allow" + ipv6_opthomeaddr: "allow" + ipv6_optinvld: "allow" + ipv6_optjumbo: "allow" + ipv6_optnsap: "allow" + ipv6_optralert: "allow" + ipv6_opttunnel: "allow" + ipv6_proto_err: "allow" + ipv6_saddr_err: "allow" + ipv6_unknopt: "allow" + tcp_csum_err: "drop" + tcp_fin_noack: "allow" + tcp_fin_only: "allow" + tcp_land: "allow" + tcp_no_flag: "allow" + tcp_syn_data: "allow" + tcp_syn_fin: "allow" + tcp_winnuke: "allow" + udp_csum_err: "drop" + udp_land: "allow" gtp_enhanced_cpu_range: "0" gtp_enhanced_mode: "enable" + gtp_support: "enable" + hash_tbl_spread: "enable" + hpe: + all_protocol: "400000" + arp_max: "5000" + enable_shaper: "disable" + esp_max: "5000" + high_priority: "400000" + icmp_max: "5000" + ip_frag_max: "5000" + ip_others_max: "5000" + l2_others_max: "5000" + sctp_max: "5000" + tcp_max: "40000" + tcpfin_rst_max: "40000" + tcpsyn_ack_max: "40000" + tcpsyn_max: "40000" + udp_max: "40000" + htab_dedi_queue_nr: "4" + htab_msg_queue: "data" + htx_icmp_csum_chk: "drop" + inbound_dscp_copy_port: + - + interface: "<your_own_value>" intf_shaping_offload: "enable" + ip_fragment_offload: "disable" + ip_reassembly: + max_timeout: "200000" + min_timeout: "64" + status: "disable" ipsec_dec_subengine_mask: "<your_own_value>" ipsec_enc_subengine_mask: "<your_own_value>" ipsec_inbound_cache: "enable" ipsec_mtu_override: "disable" + ipsec_ob_np_sel: "rr" ipsec_over_vlink: "enable" isf_np_queues: cos0: "<your_own_value> (source system.isf-queue-profile.name)" @@ -442,7 +3385,329 @@ EXAMPLES = """ cos6: "<your_own_value> (source system.isf-queue-profile.name)" cos7: "<your_own_value> (source system.isf-queue-profile.name)" lag_out_port_select: "disable" + max_receive_unit: "0" + max_session_timeout: "40" mcast_session_accounting: "tpe-based" + napi_break_interval: "0" + np_queues: + ethernet_type: + - + name: "default_name_112" + queue: "0" + type: "<your_own_value>" + weight: "15" + ip_protocol: + - + name: "default_name_117" + protocol: "0" + queue: "0" + weight: "14" + ip_service: + - + dport: "0" + name: "default_name_123" + protocol: "0" + queue: "0" + sport: "0" + weight: "13" + profile: + - + cos0: "queue0" + cos1: "queue0" + cos2: "queue0" + cos3: "queue0" + cos4: "queue0" + cos5: "queue0" + cos6: "queue0" + cos7: "queue0" + dscp0: "queue0" + dscp1: "queue0" + dscp10: "queue0" + dscp11: "queue0" + dscp12: "queue0" + dscp13: "queue0" + dscp14: "queue0" + dscp15: "queue0" + dscp16: "queue0" + dscp17: "queue0" + dscp18: "queue0" + dscp19: "queue0" + dscp2: "queue0" + dscp20: "queue0" + dscp21: "queue0" + dscp22: "queue0" + dscp23: "queue0" + dscp24: "queue0" + dscp25: "queue0" + dscp26: "queue0" + dscp27: "queue0" + dscp28: "queue0" + dscp29: "queue0" + dscp3: "queue0" + dscp30: "queue0" + dscp31: "queue0" + dscp32: "queue0" + dscp33: "queue0" + dscp34: "queue0" + dscp35: "queue0" + dscp36: "queue0" + dscp37: "queue0" + dscp38: "queue0" + dscp39: "queue0" + dscp4: "queue0" + dscp40: "queue0" + dscp41: "queue0" + dscp42: "queue0" + dscp43: "queue0" + dscp44: "queue0" + dscp45: "queue0" + dscp46: "queue0" + dscp47: "queue0" + dscp48: "queue0" + dscp49: "queue0" + dscp5: "queue0" + dscp50: "queue0" + dscp51: "queue0" + dscp52: "queue0" + dscp53: "queue0" + dscp54: "queue0" + dscp55: "queue0" + dscp56: "queue0" + dscp57: "queue0" + dscp58: "queue0" + dscp59: "queue0" + dscp6: "queue0" + dscp60: "queue0" + dscp61: "queue0" + dscp62: "queue0" + dscp63: "queue0" + dscp7: "queue0" + dscp8: "queue0" + dscp9: "queue0" + id: "201" + type: "cos" + weight: "6" + scheduler: + - + mode: "none" + name: "default_name_206" + npu_group_effective_scope: "255" + npu_tcam: + - + data: + df: "enable" + dstip: "<your_own_value>" + dstipv6: "<your_own_value>" + dstmac: "<your_own_value>" + dstport: "0" + ethertype: "<your_own_value>" + ext_tag: "enable" + frag_off: "0" + gen_buf_cnt: "0" + gen_iv: "valid" + gen_l3_flags: "0" + gen_l4_flags: "0" + gen_pkt_ctrl: "0" + gen_pri: "0" + gen_pri_v: "valid" + gen_tv: "valid" + ihl: "0" + ip4_id: "0" + ip6_fl: "0" + ipver: "0" + l4_wd10: "0" + l4_wd11: "0" + l4_wd8: "0" + l4_wd9: "0" + mf: "enable" + protocol: "0" + slink: "0" + smac_change: "enable" + sp: "0" + src_cfi: "enable" + src_prio: "0" + src_updt: "enable" + srcip: "<your_own_value>" + srcipv6: "<your_own_value>" + srcmac: "<your_own_value>" + srcport: "0" + svid: "0" + tcp_ack: "enable" + tcp_cwr: "enable" + tcp_ece: "enable" + tcp_fin: "enable" + tcp_push: "enable" + tcp_rst: "enable" + tcp_syn: "enable" + tcp_urg: "enable" + tgt_cfi: "enable" + tgt_prio: "0" + tgt_updt: "enable" + tgt_v: "valid" + tos: "0" + tp: "0" + ttl: "0" + tvid: "0" + vdid: "0" + mask: + df: "enable" + dstip: "<your_own_value>" + dstipv6: "<your_own_value>" + dstmac: "<your_own_value>" + dstport: "0" + ethertype: "<your_own_value>" + ext_tag: "enable" + frag_off: "0" + gen_buf_cnt: "0" + gen_iv: "valid" + gen_l3_flags: "0" + gen_l4_flags: "0" + gen_pkt_ctrl: "0" + gen_pri: "0" + gen_pri_v: "valid" + gen_tv: "valid" + ihl: "0" + ip4_id: "0" + ip6_fl: "0" + ipver: "0" + l4_wd10: "0" + l4_wd11: "0" + l4_wd8: "0" + l4_wd9: "0" + mf: "enable" + protocol: "0" + slink: "0" + smac_change: "enable" + sp: "0" + src_cfi: "enable" + src_prio: "0" + src_updt: "enable" + srcip: "<your_own_value>" + srcipv6: "<your_own_value>" + srcmac: "<your_own_value>" + srcport: "0" + svid: "0" + tcp_ack: "enable" + tcp_cwr: "enable" + tcp_ece: "enable" + tcp_fin: "enable" + tcp_push: "enable" + tcp_rst: "enable" + tcp_syn: "enable" + tcp_urg: "enable" + tgt_cfi: "enable" + tgt_prio: "0" + tgt_updt: "enable" + tgt_v: "valid" + tos: "0" + tp: "0" + ttl: "0" + tvid: "0" + vdid: "0" + mir_act: + vlif: "0" + name: "default_name_321" + oid: "0" + pri_act: + priority: "0" + weight: "0" + sact: + act: "0" + act_v: "enable" + bmproc: "0" + bmproc_v: "enable" + df_lif: "0" + df_lif_v: "enable" + dfr: "0" + dfr_v: "enable" + dmac_skip: "0" + dmac_skip_v: "enable" + dosen: "0" + dosen_v: "enable" + espff_proc: "0" + espff_proc_v: "enable" + etype_pid: "0" + etype_pid_v: "enable" + frag_proc: "0" + frag_proc_v: "enable" + fwd: "0" + fwd_lif: "0" + fwd_lif_v: "enable" + fwd_tvid: "0" + fwd_tvid_v: "enable" + fwd_v: "enable" + icpen: "0" + icpen_v: "enable" + igmp_mld_snp: "0" + igmp_mld_snp_v: "enable" + learn: "0" + learn_v: "enable" + m_srh_ctrl: "0" + m_srh_ctrl_v: "enable" + mac_id: "0" + mac_id_v: "enable" + mss: "0" + mss_v: "enable" + pleen: "0" + pleen_v: "enable" + prio_pid: "0" + prio_pid_v: "enable" + promis: "0" + promis_v: "enable" + rfsh: "0" + rfsh_v: "enable" + smac_skip: "0" + smac_skip_v: "enable" + tp_smchk: "0" + tp_smchk_v: "enable" + tpe_id: "0" + tpe_id_v: "enable" + vdm: "0" + vdm_v: "enable" + vdom_id: "0" + vdom_id_v: "enable" + x_mode: "0" + x_mode_v: "enable" + tact: + act: "0" + act_v: "enable" + fmtuv4_s: "0" + fmtuv4_s_v: "enable" + fmtuv6_s: "0" + fmtuv6_s_v: "enable" + lnkid: "0" + lnkid_v: "enable" + mac_id: "0" + mac_id_v: "enable" + mss_t: "0" + mss_t_v: "enable" + mtuv4: "0" + mtuv4_v: "enable" + mtuv6: "0" + mtuv6_v: "enable" + slif_act: "0" + slif_act_v: "enable" + sublnkid: "0" + sublnkid_v: "enable" + tgtv_act: "0" + tgtv_act_v: "enable" + tlif_act: "0" + tlif_act_v: "enable" + tpeid: "0" + tpeid_v: "enable" + v6fe: "0" + v6fe_v: "enable" + vep_en: "0" + vep_en_v: "enable" + vep_slid: "0" + vep_slid_v: "enable" + xlt_lif: "0" + xlt_lif_v: "enable" + xlt_vid: "0" + xlt_vid_v: "enable" + type: "L2_src_tc" + vid: "0" + per_session_accounting: "traffic-log-only" port_cpu_map: - cpu_core: "<your_own_value>" @@ -451,13 +3716,20 @@ EXAMPLES = """ - interface: "<your_own_value>" npu_group_index: "0" + port_path_option: + ports_using_npu: + - + interface_name: "<your_own_value>" priority_protocol: bfd: "enable" bgp: "enable" slbc: "enable" qos_mode: "disable" + qtm_buf_mode: "6ch" rdp_offload: "enable" + session_acct_interval: "5" session_denied_offload: "disable" + shaping_stats: "disable" sse_backpressure: "enable" strip_clear_text_padding: "enable" strip_esp_padding: "enable" @@ -476,6 +3748,8 @@ EXAMPLES = """ draco15: "enable" tcp_udp_port: "include" uesp_offload: "enable" + ull_port_mode: "10G" + vlan_lookup_cache: "enable" """ RETURN = """ @@ -562,24 +3836,51 @@ def filter_system_npu_data(json): "capwap_offload", "dedicated_management_affinity", "dedicated_management_cpu", + "default_qos_type", + "dos_options", + "double_level_mcast_offload", + "dsw_dts_profile", + "dsw_queue_dts_profile", "fastpath", + "fp_anomaly", "gtp_enhanced_cpu_range", "gtp_enhanced_mode", + "gtp_support", + "hash_tbl_spread", + "hpe", + "htab_dedi_queue_nr", + "htab_msg_queue", + "htx_icmp_csum_chk", + "inbound_dscp_copy_port", "intf_shaping_offload", + "ip_fragment_offload", + "ip_reassembly", "ipsec_dec_subengine_mask", "ipsec_enc_subengine_mask", "ipsec_inbound_cache", "ipsec_mtu_override", + "ipsec_ob_np_sel", "ipsec_over_vlink", "isf_np_queues", "lag_out_port_select", + "max_receive_unit", + "max_session_timeout", "mcast_session_accounting", + "napi_break_interval", + "np_queues", + "npu_group_effective_scope", + "npu_tcam", + "per_session_accounting", "port_cpu_map", "port_npu_map", + "port_path_option", "priority_protocol", "qos_mode", + "qtm_buf_mode", "rdp_offload", + "session_acct_interval", "session_denied_offload", + "shaping_stats", "sse_backpressure", "strip_clear_text_padding", "strip_esp_padding", @@ -587,6 +3888,8 @@ def filter_system_npu_data(json): "sw_np_bandwidth", "sw_tr_hash", "uesp_offload", + "ull_port_mode", + "vlan_lookup_cache", ] json = remove_invalid_fields(json) @@ -615,9 +3918,10 @@ def underscore_to_hyphen(data): def system_npu(data, fos): vdom = data["vdom"] system_npu_data = data["system_npu"] - filtered_data = underscore_to_hyphen(filter_system_npu_data(system_npu_data)) + filtered_data = filter_system_npu_data(system_npu_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "npu", data=filtered_data, vdom=vdom) + return fos.set("system", "npu", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -669,7 +3973,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", "required": True, @@ -678,15 +3983,21 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, }, - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], }, "fastpath": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, @@ -695,10 +4006,16 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "ipsec_enc_subengine_mask": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "ipsec_dec_subengine_mask": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "ipsec_enc_subengine_mask": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "string", + }, + "ipsec_dec_subengine_mask": { + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], + "type": "string", + }, "sw_np_bandwidth": { - "v_range": [["v6.2.0", ""]], + "v_range": [["v6.2.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [ {"value": "0G"}, @@ -706,9 +4023,9 @@ versioned_schema = { {"value": "4G"}, {"value": "5G"}, {"value": "6G"}, - {"value": "7G", "v_range": [["v7.4.0", ""]]}, - {"value": "8G", "v_range": [["v7.4.0", ""]]}, - {"value": "9G", "v_range": [["v7.4.0", ""]]}, + {"value": "7G", "v_range": [["v7.4.0", "v7.4.1"], ["v7.4.3", ""]]}, + {"value": "8G", "v_range": [["v7.4.0", "v7.4.1"], ["v7.4.3", ""]]}, + {"value": "9G", "v_range": [["v7.4.0", "v7.4.1"], ["v7.4.3", ""]]}, ], }, "gtp_enhanced_mode": { @@ -717,52 +4034,57 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "gtp_enhanced_cpu_range": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "0"}, {"value": "1"}, {"value": "2"}], }, "intf_shaping_offload": { - "v_range": [["v6.4.0", ""]], + "v_range": [["v6.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "strip_esp_padding": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "strip_clear_text_padding": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "ipsec_inbound_cache": { - "v_range": [["v6.2.0", ""]], + "v_range": [["v6.2.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "sse_backpressure": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "rdp_offload": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "ipsec_over_vlink": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "uesp_offload": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "qos_mode": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [ {"value": "disable"}, @@ -771,14 +4093,20 @@ versioned_schema = { ], }, "isf_np_queues": { - "v_range": [["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v6.4.0", "v6.4.0"], + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "dict", "children": { "cos0": { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -786,7 +4114,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -794,7 +4123,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -802,7 +4132,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -810,7 +4141,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -818,7 +4150,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -826,7 +4159,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -834,7 +4168,8 @@ versioned_schema = { "v_range": [ ["v6.4.0", "v6.4.0"], ["v7.2.0", "v7.2.0"], - ["v7.4.0", ""], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", }, @@ -845,7 +4180,8 @@ versioned_schema = { ["v6.0.0", "v6.0.0"], ["v6.0.11", "v6.2.0"], ["v6.2.5", "v6.2.7"], - ["v6.4.4", ""], + ["v6.4.4", "v7.4.1"], + ["v7.4.3", ""], ], "type": "string", "options": [ @@ -855,21 +4191,30 @@ versioned_schema = { ], }, "ipsec_mtu_override": { - "v_range": [["v6.2.0", "v6.2.0"], ["v6.2.7", "v6.2.7"], ["v6.4.4", ""]], + "v_range": [ + ["v6.2.0", "v6.2.0"], + ["v6.2.7", "v6.2.7"], + ["v6.4.4", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, "lag_out_port_select": { - "v_range": [["v6.2.0", "v6.2.7"], ["v6.4.1", ""]], + "v_range": [["v6.2.0", "v6.2.7"], ["v6.4.1", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, "sw_eh_hash": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "dict", "children": { "computation": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [ {"value": "xor16"}, @@ -879,88 +4224,150 @@ versioned_schema = { ], }, "ip_protocol": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, "source_ip_upper_16": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, "source_ip_lower_16": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, "destination_ip_upper_16": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, "destination_ip_lower_16": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, "source_port": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, "destination_port": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, "netmask_length": { - "v_range": [["v7.2.0", "v7.2.0"], ["v7.4.0", ""]], + "v_range": [ + ["v7.2.0", "v7.2.0"], + ["v7.4.0", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "integer", }, }, }, "sw_tr_hash": { - "v_range": [["v7.4.0", ""]], + "v_range": [["v7.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "dict", "children": { "draco15": { - "v_range": [["v7.4.0", ""]], + "v_range": [["v7.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "tcp_udp_port": { - "v_range": [["v7.4.0", ""]], + "v_range": [["v7.4.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "include"}, {"value": "exclude"}], }, }, }, "session_denied_offload": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, "priority_protocol": { - "v_range": [["v6.0.0", "v6.0.0"], ["v6.0.11", ""]], + "v_range": [["v6.0.0", "v6.0.0"], ["v6.0.11", "v7.4.1"], ["v7.4.3", ""]], "type": "dict", "children": { "bgp": { - "v_range": [["v6.0.0", "v6.0.0"], ["v6.0.11", ""]], + "v_range": [ + ["v6.0.0", "v6.0.0"], + ["v6.0.11", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "slbc": { - "v_range": [["v6.0.0", "v6.0.0"], ["v6.0.11", ""]], + "v_range": [ + ["v6.0.0", "v6.0.0"], + ["v6.0.11", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "bfd": { - "v_range": [["v6.0.0", "v6.0.0"], ["v6.0.11", ""]], + "v_range": [ + ["v6.0.0", "v6.0.0"], + ["v6.0.11", "v7.4.1"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, }, }, + "port_path_option": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "ports_using_npu": { + "type": "list", + "elements": "dict", + "children": { + "interface_name": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", "v7.4.2"]], + } + }, + }, "port_npu_map": { "type": "list", "elements": "dict", @@ -970,6 +4377,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", "required": True, @@ -979,6 +4387,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "integer", }, @@ -987,8 +4396,2536 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], + ], + }, + "ipsec_ob_np_sel": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "rr"}, {"value": "Packet"}, {"value": "Hash"}], + }, + "npu_group_effective_scope": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "dos_options": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "npu_dos_meter_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "global"}, {"value": "local"}], + }, + "npu_dos_tpe_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + }, + }, + "napi_break_interval": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "hpe": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "all_protocol": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tcpsyn_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tcpsyn_ack_max": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tcpfin_rst_max": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tcp_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "udp_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "icmp_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "sctp_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "esp_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "ip_frag_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "ip_others_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "arp_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "l2_others_max": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "high_priority": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "enable_shaper": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + }, + }, + "default_qos_type": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "policing"}, + {"value": "shaping"}, + {"value": "policing-enhanced"}, + ], + }, + "shaping_stats": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "gtp_support": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "per_session_accounting": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "traffic-log-only"}, + {"value": "disable"}, + {"value": "enable"}, ], }, + "session_acct_interval": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "max_session_timeout": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "fp_anomaly": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "tcp_syn_fin": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "tcp_fin_noack": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "tcp_fin_only": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "tcp_no_flag": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "tcp_syn_data": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "tcp_winnuke": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "tcp_land": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "udp_land": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "icmp_land": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "icmp_frag": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_land": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_proto_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_unknopt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_optrr": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_optssrr": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_optlsrr": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_optstream": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_optsecurity": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_opttimestamp": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv4_csum_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "drop"}, {"value": "trap-to-host"}], + }, + "tcp_csum_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "drop"}, {"value": "trap-to-host"}], + }, + "udp_csum_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "drop"}, {"value": "trap-to-host"}], + }, + "icmp_csum_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "drop"}, {"value": "trap-to-host"}], + }, + "ipv6_land": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_proto_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_unknopt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_saddr_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_daddr_err": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_optralert": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_optjumbo": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_opttunnel": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_opthomeaddr": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_optnsap": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_optendpid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + "ipv6_optinvld": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "drop"}, + {"value": "trap-to-host"}, + ], + }, + }, + }, + "ip_reassembly": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "min_timeout": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "max_timeout": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "status": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + }, + }, + "hash_tbl_spread": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "vlan_lookup_cache": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "ip_fragment_offload": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "htx_icmp_csum_chk": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "drop"}, {"value": "pass"}], + }, + "htab_msg_queue": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "data"}, {"value": "idle"}, {"value": "dedicated"}], + }, + "htab_dedi_queue_nr": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "dsw_dts_profile": { + "type": "list", + "elements": "dict", + "children": { + "profile_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + "required": True, + }, + "min_limit": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "step": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "action": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "wait"}, + {"value": "drop"}, + {"value": "drop_tmr_0"}, + {"value": "drop_tmr_1"}, + {"value": "enque"}, + {"value": "enque_0"}, + {"value": "enque_1"}, + ], + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "dsw_queue_dts_profile": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + }, + "iport": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "eif0"}, + {"value": "eif1"}, + {"value": "eif2"}, + {"value": "eif3"}, + {"value": "eif4"}, + {"value": "eif5"}, + {"value": "eif6"}, + {"value": "eif7"}, + {"value": "htx0"}, + {"value": "htx1"}, + {"value": "sse0"}, + {"value": "sse1"}, + {"value": "sse2"}, + {"value": "sse3"}, + {"value": "rlt"}, + {"value": "dfr"}, + {"value": "ipseci"}, + {"value": "ipseco"}, + {"value": "ipti"}, + {"value": "ipto"}, + {"value": "vep0"}, + {"value": "vep2"}, + {"value": "vep4"}, + {"value": "vep6"}, + {"value": "ivs"}, + {"value": "l2ti1"}, + {"value": "l2to"}, + {"value": "l2ti0"}, + {"value": "ple"}, + {"value": "spath"}, + {"value": "qtm"}, + ], + }, + "oport": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "eif0"}, + {"value": "eif1"}, + {"value": "eif2"}, + {"value": "eif3"}, + {"value": "eif4"}, + {"value": "eif5"}, + {"value": "eif6"}, + {"value": "eif7"}, + {"value": "hrx"}, + {"value": "sse0"}, + {"value": "sse1"}, + {"value": "sse2"}, + {"value": "sse3"}, + {"value": "rlt"}, + {"value": "dfr"}, + {"value": "ipseci"}, + {"value": "ipseco"}, + {"value": "ipti"}, + {"value": "ipto"}, + {"value": "vep0"}, + {"value": "vep2"}, + {"value": "vep4"}, + {"value": "vep6"}, + {"value": "ivs"}, + {"value": "l2ti1"}, + {"value": "l2to"}, + {"value": "l2ti0"}, + {"value": "ple"}, + {"value": "sync"}, + {"value": "nss"}, + {"value": "tsk"}, + {"value": "qtm"}, + ], + }, + "profile_id": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "queue_select": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "npu_tcam": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + }, + "type": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "L2_src_tc"}, + {"value": "L2_tgt_tc"}, + {"value": "L2_src_mir"}, + {"value": "L2_tgt_mir"}, + {"value": "L2_src_act"}, + {"value": "L2_tgt_act"}, + {"value": "IPv4_src_tc"}, + {"value": "IPv4_tgt_tc"}, + {"value": "IPv4_src_mir"}, + {"value": "IPv4_tgt_mir"}, + {"value": "IPv4_src_act"}, + {"value": "IPv4_tgt_act"}, + {"value": "IPv6_src_tc"}, + {"value": "IPv6_tgt_tc"}, + {"value": "IPv6_src_mir"}, + {"value": "IPv6_tgt_mir"}, + {"value": "IPv6_src_act"}, + {"value": "IPv6_tgt_act"}, + ], + }, + "oid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "vid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "data": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "gen_buf_cnt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_pri": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_pri_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "gen_iv": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "gen_tv": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "gen_pkt_ctrl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_l3_flags": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_l4_flags": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "vdid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tp": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tgt_updt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "smac_change": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "ext_tag": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tgt_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "tvid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tgt_cfi": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tgt_prio": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "sp": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "src_updt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "slink": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "svid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "src_cfi": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "src_prio": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "srcmac": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "dstmac": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "ethertype": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + }, + "ipver": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "ihl": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "ip4_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "srcip": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "dstip": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "ip6_fl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "srcipv6": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + }, + "dstipv6": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + }, + "ttl": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "protocol": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tos": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "frag_off": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "mf": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "df": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "srcport": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "dstport": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tcp_fin": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_syn": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_rst": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_push": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_ack": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_urg": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_ece": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_cwr": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "l4_wd8": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "l4_wd9": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "l4_wd10": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "l4_wd11": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + }, + "mask": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "gen_buf_cnt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_pri": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_pri_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "gen_iv": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "gen_tv": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "gen_pkt_ctrl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_l3_flags": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "gen_l4_flags": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "vdid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tp": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tgt_updt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "smac_change": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "ext_tag": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tgt_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "valid"}, {"value": "invalid"}], + }, + "tvid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tgt_cfi": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tgt_prio": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "sp": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "src_updt": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "slink": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "svid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "src_cfi": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "src_prio": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "srcmac": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "dstmac": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "ethertype": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + }, + "ipver": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "ihl": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "ip4_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "srcip": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "dstip": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "ip6_fl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "srcipv6": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + }, + "dstipv6": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + }, + "ttl": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "protocol": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tos": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "frag_off": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "mf": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "df": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "srcport": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "dstport": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tcp_fin": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_syn": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_rst": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_push": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_ack": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_urg": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_ece": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tcp_cwr": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "l4_wd8": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "l4_wd9": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "l4_wd10": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "l4_wd11": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + }, + "mir_act": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "vlif": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"} + }, + }, + "pri_act": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "priority": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "weight": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + }, + "sact": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "fwd_lif_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "fwd_lif": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "fwd_tvid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "fwd_tvid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "df_lif_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "df_lif": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "act_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "act": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "pleen_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "pleen": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "icpen_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "icpen": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "vdm_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "vdm": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "learn_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "learn": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "rfsh_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "rfsh": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "fwd_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "fwd": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "x_mode_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "x_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "promis_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "promis": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "bmproc_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "bmproc": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "mac_id_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "mac_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "dosen_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "dosen": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "dfr_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "dfr": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "m_srh_ctrl_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "m_srh_ctrl": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tpe_id_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tpe_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "vdom_id_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "vdom_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "mss_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "mss": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "tp_smchk_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tp_smchk": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "etype_pid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "etype_pid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "frag_proc_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "frag_proc": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "espff_proc_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "espff_proc": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "prio_pid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "prio_pid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "igmp_mld_snp_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "igmp_mld_snp": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "smac_skip_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "smac_skip": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "dmac_skip_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "dmac_skip": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + }, + "tact": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "act_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "act": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "mtuv4_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "mtuv4": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "mtuv6_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "mtuv6": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "mac_id_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "mac_id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "slif_act_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "slif_act": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tlif_act_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tlif_act": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tgtv_act_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tgtv_act": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "tpeid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "tpeid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "v6fe_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "v6fe": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "xlt_vid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "xlt_vid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "xlt_lif_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "xlt_lif": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "mss_t_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "mss_t": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "lnkid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "lnkid": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "sublnkid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "sublnkid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "fmtuv4_s_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "fmtuv4_s": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "fmtuv6_s_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "fmtuv6_s": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "vep_en_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "vep_en": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "vep_slid_v": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "vep_slid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "np_queues": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "dict", + "children": { + "profile": { + "type": "list", + "elements": "dict", + "children": { + "id": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + "required": True, + }, + "type": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "cos"}, {"value": "dscp"}], + }, + "weight": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "cos0": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "cos1": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "cos2": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "cos3": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "cos4": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "cos5": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "cos6": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "cos7": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp0": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp1": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp2": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp3": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp4": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp5": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp6": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp7": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp8": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp9": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp10": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp11": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp12": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp13": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp14": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp15": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp16": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp17": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp18": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp19": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp20": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp21": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp22": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp23": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp24": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp25": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp26": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp27": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp28": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp29": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp30": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp31": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp32": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp33": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp34": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp35": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp36": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp37": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp38": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp39": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp40": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp41": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp42": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp43": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp44": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp45": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp46": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp47": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp48": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp49": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp50": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp51": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp52": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp53": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp54": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp55": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp56": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp57": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp58": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp59": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp60": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp61": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp62": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + "dscp63": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "queue0"}, + {"value": "queue1"}, + {"value": "queue2"}, + {"value": "queue3"}, + {"value": "queue4"}, + {"value": "queue5"}, + {"value": "queue6"}, + {"value": "queue7"}, + ], + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "ethernet_type": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + }, + "type": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string"}, + "queue": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "weight": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "ip_protocol": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + }, + "protocol": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "queue": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "weight": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "ip_service": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + }, + "protocol": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "sport": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "dport": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "queue": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, + "weight": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "scheduler": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + }, + "mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [ + {"value": "none"}, + {"value": "priority"}, + {"value": "round-robin"}, + ], + }, + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + }, + }, + "inbound_dscp_copy_port": { + "type": "list", + "elements": "dict", + "children": { + "interface": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, + "double_level_mcast_offload": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "qtm_buf_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "6ch"}, {"value": "4ch"}], + }, + "ull_port_mode": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "string", + "options": [{"value": "10G"}, {"value": "25G"}], + }, + "max_receive_unit": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_npu_vlink.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_npu_vlink.py new file mode 100644 index 000000000..fe1f2505a --- /dev/null +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_npu_vlink.py @@ -0,0 +1,352 @@ +#!/usr/bin/python +from __future__ import absolute_import, division, print_function + +# Copyright: (c) 2022 Fortinet +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +__metaclass__ = type + +ANSIBLE_METADATA = { + "status": ["preview"], + "supported_by": "community", + "metadata_version": "1.1", +} + +DOCUMENTATION = """ +--- +module: fortios_system_npu_vlink +short_description: Configure NPU VDOM link in Fortinet's FortiOS and FortiGate. +description: + - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the + user to set and modify system feature and npu_vlink category. + Examples include all parameters and values need to be adjusted to datasources before usage. + Tested with FOS v6.0.0 +version_added: "2.0.0" +author: + - Link Zheng (@chillancezen) + - Jie Xue (@JieX19) + - Hongbin Lu (@fgtdev-hblu) + - Frank Shen (@frankshen01) + - Miguel Angel Munoz (@mamunozgonzalez) + - Nicolas Thomas (@thomnico) +notes: + - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks + +requirements: + - ansible>=2.15 +options: + access_token: + description: + - Token-based authentication. + Generated from GUI of Fortigate. + type: str + required: false + enable_log: + description: + - Enable/Disable logging for task. + type: bool + required: false + default: false + vdom: + description: + - Virtual domain, among those defined previously. A vdom is a + virtual instance of the FortiGate that can be configured and + used as a different unit. + type: str + default: root + member_path: + type: str + description: + - Member attribute path to operate on. + - Delimited by a slash character if there are more than one attribute. + - Parameter marked with member_path is legitimate for doing member operation. + member_state: + type: str + description: + - Add or delete a member under specified attribute path. + - When member_state is specified, the state option is ignored. + choices: + - 'present' + - 'absent' + + state: + description: + - Indicates whether to create or remove the object. + type: str + required: true + choices: + - 'present' + - 'absent' + system_npu_vlink: + description: + - Configure NPU VDOM link. + default: null + type: dict + suboptions: + name: + description: + - NPU VDOM link name in format npuX_vlink.X means x-th pair of npu-vlink.Maximum 14 characters. + required: true + type: str +""" + +EXAMPLES = """ +- name: Configure NPU VDOM link. + fortinet.fortios.fortios_system_npu_vlink: + vdom: "{{ vdom }}" + state: "present" + access_token: "<your_own_value>" + system_npu_vlink: + name: "default_name_3" +""" + +RETURN = """ +build: + description: Build number of the fortigate image + returned: always + type: str + sample: '1547' +http_method: + description: Last method used to provision the content into FortiGate + returned: always + type: str + sample: 'PUT' +http_status: + description: Last result given by FortiGate on last operation applied + returned: always + type: str + sample: "200" +mkey: + description: Master key (id) used in the last call to FortiGate + returned: success + type: str + sample: "id" +name: + description: Name of the table used to fulfill the request + returned: always + type: str + sample: "urlfilter" +path: + description: Path of the table used to fulfill the request + returned: always + type: str + sample: "webfilter" +revision: + description: Internal revision number + returned: always + type: str + sample: "17.0.2.10658" +serial: + description: Serial number of the unit + returned: always + type: str + sample: "FGVMEVYYQT3AB5352" +status: + description: Indication of the operation's result + returned: always + type: str + sample: "success" +vdom: + description: Virtual domain used + returned: always + type: str + sample: "root" +version: + description: Version of the FortiGate + returned: always + type: str + sample: "v5.6.3" +""" +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.connection import Connection +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + FortiOSHandler, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_legacy_fortiosapi, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + schema_to_module_spec, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_schema_versioning, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import ( + FAIL_SOCKET_MSG, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post_processor import ( + remove_invalid_fields, +) + + +def filter_system_npu_vlink_data(json): + option_list = ["name"] + + json = remove_invalid_fields(json) + dictionary = {} + + for attribute in option_list: + if attribute in json and json[attribute] is not None: + dictionary[attribute] = json[attribute] + + return dictionary + + +def underscore_to_hyphen(data): + if isinstance(data, list): + for i, elem in enumerate(data): + data[i] = underscore_to_hyphen(elem) + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[k.replace("_", "-")] = underscore_to_hyphen(v) + data = new_data + + return data + + +def system_npu_vlink(data, fos): + vdom = data["vdom"] + + state = data["state"] + + system_npu_vlink_data = data["system_npu_vlink"] + filtered_data = filter_system_npu_vlink_data(system_npu_vlink_data) + converted_data = underscore_to_hyphen(filtered_data) + + if state == "present" or state is True: + return fos.set("system", "npu-vlink", data=converted_data, vdom=vdom) + + elif state == "absent": + return fos.delete("system", "npu-vlink", mkey=filtered_data["name"], vdom=vdom) + else: + fos._module.fail_json(msg="state must be present or absent!") + + +def is_successful_status(resp): + return ( + "status" in resp + and resp["status"] == "success" + or "http_status" in resp + and resp["http_status"] == 200 + or "http_method" in resp + and resp["http_method"] == "DELETE" + and resp["http_status"] == 404 + ) + + +def fortios_system(data, fos): + fos.do_member_operation("system", "npu-vlink") + if data["system_npu_vlink"]: + resp = system_npu_vlink(data, fos) + else: + fos._module.fail_json(msg="missing task body: %s" % ("system_npu_vlink")) + + return ( + not is_successful_status(resp), + is_successful_status(resp) + and (resp["revision_changed"] if "revision_changed" in resp else True), + resp, + {}, + ) + + +versioned_schema = { + "type": "list", + "elements": "dict", + "children": { + "name": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "string", "required": True} + }, + "v_range": [["v7.4.2", "v7.4.2"]], +} + + +def main(): + module_spec = schema_to_module_spec(versioned_schema) + mkeyname = "name" + fields = { + "access_token": {"required": False, "type": "str", "no_log": True}, + "enable_log": {"required": False, "type": "bool", "default": False}, + "vdom": {"required": False, "type": "str", "default": "root"}, + "member_path": {"required": False, "type": "str"}, + "member_state": { + "type": "str", + "required": False, + "choices": ["present", "absent"], + }, + "state": {"required": True, "type": "str", "choices": ["present", "absent"]}, + "system_npu_vlink": { + "required": False, + "type": "dict", + "default": None, + "options": {}, + }, + } + for attribute_name in module_spec["options"]: + fields["system_npu_vlink"]["options"][attribute_name] = module_spec["options"][ + attribute_name + ] + if mkeyname and mkeyname == attribute_name: + fields["system_npu_vlink"]["options"][attribute_name]["required"] = True + + module = AnsibleModule(argument_spec=fields, supports_check_mode=False) + check_legacy_fortiosapi(module) + + is_error = False + has_changed = False + result = None + diff = None + + versions_check_result = None + if module._socket_path: + connection = Connection(module._socket_path) + if "access_token" in module.params: + connection.set_option("access_token", module.params["access_token"]) + + if "enable_log" in module.params: + connection.set_option("enable_log", module.params["enable_log"]) + else: + connection.set_option("enable_log", False) + fos = FortiOSHandler(connection, module, mkeyname) + versions_check_result = check_schema_versioning( + fos, versioned_schema, "system_npu_vlink" + ) + + is_error, has_changed, result, diff = fortios_system(module.params, fos) + + else: + module.fail_json(**FAIL_SOCKET_MSG) + + if versions_check_result and versions_check_result["matched"] is False: + module.warn( + "Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv" + ) + + if not is_error: + if versions_check_result and versions_check_result["matched"] is False: + module.exit_json( + changed=has_changed, + version_check_warning=versions_check_result, + meta=result, + diff=diff, + ) + else: + module.exit_json(changed=has_changed, meta=result, diff=diff) + else: + if versions_check_result and versions_check_result["matched"] is False: + module.fail_json( + msg="Error in repo", + version_check_warning=versions_check_result, + meta=result, + ) + else: + module.fail_json(msg="Error in repo", meta=result) + + +if __name__ == "__main__": + main() diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ntp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ntp.py index 26877a2b7..cc4ba6591 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ntp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ntp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -143,6 +143,14 @@ options: - 'auto' - 'sdwan' - 'specify' + ip_type: + description: + - Choose to connect to IPv4 or/and IPv6 NTP server. + type: str + choices: + - 'IPv6' + - 'IPv4' + - 'Both' key: description: - Key for MD5(NTPv3)/SHA1(NTPv4) authentication. @@ -216,6 +224,7 @@ EXAMPLES = """ id: "11" interface: "<your_own_value> (source system.interface.name)" interface_select_method: "auto" + ip_type: "IPv6" key: "<your_own_value>" key_id: "0" ntpv3: "enable" @@ -349,9 +358,10 @@ def underscore_to_hyphen(data): def system_ntp(data, fos): vdom = data["vdom"] system_ntp_data = data["system_ntp"] - filtered_data = underscore_to_hyphen(filter_system_ntp_data(system_ntp_data)) + filtered_data = filter_system_ntp_data(system_ntp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ntp", data=filtered_data, vdom=vdom) + return fos.set("system", "ntp", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -419,6 +429,15 @@ versioned_schema = { }, "key": {"v_range": [["v6.0.0", ""]], "type": "string"}, "key_id": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "ip_type": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "IPv6"}, + {"value": "IPv4"}, + {"value": "Both"}, + ], + }, "interface_select_method": { "v_range": [ ["v6.2.0", "v6.2.0"], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_object_tagging.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_object_tagging.py index 0a041c077..e3e3f424a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_object_tagging.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_object_tagging.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -287,9 +287,8 @@ def system_object_tagging(data, fos, check_mode=False): state = data["state"] system_object_tagging_data = data["system_object_tagging"] - filtered_data = underscore_to_hyphen( - filter_system_object_tagging_data(system_object_tagging_data) - ) + filtered_data = filter_system_object_tagging_data(system_object_tagging_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -353,7 +352,7 @@ def system_object_tagging(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "object-tagging", data=filtered_data, vdom=vdom) + return fos.set("system", "object-tagging", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy.py index 06156b261..3e9d7598f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -318,11 +318,10 @@ def system_password_policy(data, fos): system_password_policy_data = flatten_multilists_attributes( system_password_policy_data ) - filtered_data = underscore_to_hyphen( - filter_system_password_policy_data(system_password_policy_data) - ) + filtered_data = filter_system_password_policy_data(system_password_policy_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "password-policy", data=filtered_data, vdom=vdom) + return fos.set("system", "password-policy", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy_guest_admin.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy_guest_admin.py index 0c4b9954d..219d563bb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy_guest_admin.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_password_policy_guest_admin.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -317,14 +317,13 @@ def system_password_policy_guest_admin(data, fos): system_password_policy_guest_admin_data = flatten_multilists_attributes( system_password_policy_guest_admin_data ) - filtered_data = underscore_to_hyphen( - filter_system_password_policy_guest_admin_data( - system_password_policy_guest_admin_data - ) + filtered_data = filter_system_password_policy_guest_admin_data( + system_password_policy_guest_admin_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "system", "password-policy-guest-admin", data=filtered_data, vdom=vdom + "system", "password-policy-guest-admin", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pcp_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pcp_server.py index 2f422f193..e2704af97 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pcp_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pcp_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -380,11 +380,10 @@ def system_pcp_server(data, fos): vdom = data["vdom"] system_pcp_server_data = data["system_pcp_server"] system_pcp_server_data = flatten_multilists_attributes(system_pcp_server_data) - filtered_data = underscore_to_hyphen( - filter_system_pcp_server_data(system_pcp_server_data) - ) + filtered_data = filter_system_pcp_server_data(system_pcp_server_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "pcp-server", data=filtered_data, vdom=vdom) + return fos.set("system", "pcp-server", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_performance_top.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_performance_top.py index 5088314dd..4ea9f8622 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_performance_top.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_performance_top.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<delay>": "delay"} + speciallist = {"<delay>": "delay"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def system_performance_top(data, fos): vdom = data["vdom"] system_performance_top_data = data["system_performance_top"] - filtered_data = underscore_to_hyphen( - filter_system_performance_top_data(system_performance_top_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_system_performance_top_data(system_performance_top_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("system.performance", "top", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_physical_switch.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_physical_switch.py index c4f6ae74d..c7edc61ef 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_physical_switch.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_physical_switch.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,9 +278,8 @@ def system_physical_switch(data, fos, check_mode=False): state = data["state"] system_physical_switch_data = data["system_physical_switch"] - filtered_data = underscore_to_hyphen( - filter_system_physical_switch_data(system_physical_switch_data) - ) + filtered_data = filter_system_physical_switch_data(system_physical_switch_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -344,7 +343,7 @@ def system_physical_switch(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "physical-switch", data=filtered_data, vdom=vdom) + return fos.set("system", "physical-switch", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -392,6 +391,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", "required": True, @@ -401,6 +401,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], @@ -410,6 +411,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "integer", }, @@ -449,7 +451,12 @@ versioned_schema = { "v_range": [["v6.0.0", "v6.0.11"], ["v6.2.3", "v6.2.3"]], }, }, - "v_range": [["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v6.2.7"], + ["v6.4.1", "v7.0.12"], + ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], + ], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pppoe_interface.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pppoe_interface.py index 51237bd3f..546a90913 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pppoe_interface.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_pppoe_interface.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -332,9 +332,8 @@ def system_pppoe_interface(data, fos, check_mode=False): state = data["state"] system_pppoe_interface_data = data["system_pppoe_interface"] - filtered_data = underscore_to_hyphen( - filter_system_pppoe_interface_data(system_pppoe_interface_data) - ) + filtered_data = filter_system_pppoe_interface_data(system_pppoe_interface_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -398,7 +397,7 @@ def system_pppoe_interface(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "pppoe-interface", data=filtered_data, vdom=vdom) + return fos.set("system", "pppoe-interface", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_probe_response.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_probe_response.py index 73b553fd3..b5a986ce7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_probe_response.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_probe_response.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -251,11 +251,10 @@ def underscore_to_hyphen(data): def system_probe_response(data, fos): vdom = data["vdom"] system_probe_response_data = data["system_probe_response"] - filtered_data = underscore_to_hyphen( - filter_system_probe_response_data(system_probe_response_data) - ) + filtered_data = filter_system_probe_response_data(system_probe_response_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "probe-response", data=filtered_data, vdom=vdom) + return fos.set("system", "probe-response", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_proxy_arp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_proxy_arp.py index 2cb1ac668..6f1e106b6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_proxy_arp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_proxy_arp.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,9 +242,8 @@ def system_proxy_arp(data, fos, check_mode=False): state = data["state"] system_proxy_arp_data = data["system_proxy_arp"] - filtered_data = underscore_to_hyphen( - filter_system_proxy_arp_data(system_proxy_arp_data) - ) + filtered_data = filter_system_proxy_arp_data(system_proxy_arp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -308,7 +307,7 @@ def system_proxy_arp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "proxy-arp", data=filtered_data, vdom=vdom) + return fos.set("system", "proxy-arp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "proxy-arp", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ptp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ptp.py index 0f764d262..25a0c00fc 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ptp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_ptp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -274,9 +274,10 @@ def underscore_to_hyphen(data): def system_ptp(data, fos): vdom = data["vdom"] system_ptp_data = data["system_ptp"] - filtered_data = underscore_to_hyphen(filter_system_ptp_data(system_ptp_data)) + filtered_data = filter_system_ptp_data(system_ptp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "ptp", data=filtered_data, vdom=vdom) + return fos.set("system", "ptp", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_admin.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_admin.py index 7ebe725d9..b5a6f1979 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_admin.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_admin.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_admin(data, fos, check_mode=False): state = data["state"] system_replacemsg_admin_data = data["system_replacemsg_admin"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_admin_data(system_replacemsg_admin_data) - ) + filtered_data = filter_system_replacemsg_admin_data(system_replacemsg_admin_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_admin(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "admin", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "admin", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_alertmail.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_alertmail.py index cf7379d15..8ea9d9fee 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_alertmail.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_alertmail.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,10 @@ def system_replacemsg_alertmail(data, fos, check_mode=False): state = data["state"] system_replacemsg_alertmail_data = data["system_replacemsg_alertmail"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_alertmail_data(system_replacemsg_alertmail_data) + filtered_data = filter_system_replacemsg_alertmail_data( + system_replacemsg_alertmail_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +316,7 @@ def system_replacemsg_alertmail(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "alertmail", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "alertmail", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_auth.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_auth.py index b716d009a..8243b9d02 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_auth.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_auth.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_auth(data, fos, check_mode=False): state = data["state"] system_replacemsg_auth_data = data["system_replacemsg_auth"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_auth_data(system_replacemsg_auth_data) - ) + filtered_data = filter_system_replacemsg_auth_data(system_replacemsg_auth_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_auth(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "auth", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "auth", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_automation.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_automation.py index 233402668..ba4be2228 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_automation.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_automation.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -239,12 +239,15 @@ def system_replacemsg_automation(data, fos): state = data["state"] system_replacemsg_automation_data = data["system_replacemsg_automation"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_automation_data(system_replacemsg_automation_data) + filtered_data = filter_system_replacemsg_automation_data( + system_replacemsg_automation_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system.replacemsg", "automation", data=filtered_data, vdom=vdom) + return fos.set( + "system.replacemsg", "automation", data=converted_data, vdom=vdom + ) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_device_detection_portal.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_device_detection_portal.py index fe30989c4..71088517a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_device_detection_portal.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_device_detection_portal.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -251,11 +251,10 @@ def system_replacemsg_device_detection_portal(data, fos, check_mode=False): system_replacemsg_device_detection_portal_data = data[ "system_replacemsg_device_detection_portal" ] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_device_detection_portal_data( - system_replacemsg_device_detection_portal_data - ) + filtered_data = filter_system_replacemsg_device_detection_portal_data( + system_replacemsg_device_detection_portal_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -326,7 +325,7 @@ def system_replacemsg_device_detection_portal(data, fos, check_mode=False): return fos.set( "system.replacemsg", "device-detection-portal", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ec.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ec.py index 2e3eda80a..5e2bcbf5e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ec.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ec.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_ec(data, fos, check_mode=False): state = data["state"] system_replacemsg_ec_data = data["system_replacemsg_ec"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_ec_data(system_replacemsg_ec_data) - ) + filtered_data = filter_system_replacemsg_ec_data(system_replacemsg_ec_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_ec(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "ec", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "ec", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_fortiguard_wf.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_fortiguard_wf.py index 2b1a419fb..b4d4fddc4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_fortiguard_wf.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_fortiguard_wf.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,11 +249,10 @@ def system_replacemsg_fortiguard_wf(data, fos, check_mode=False): state = data["state"] system_replacemsg_fortiguard_wf_data = data["system_replacemsg_fortiguard_wf"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_fortiguard_wf_data( - system_replacemsg_fortiguard_wf_data - ) + filtered_data = filter_system_replacemsg_fortiguard_wf_data( + system_replacemsg_fortiguard_wf_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -322,7 +321,7 @@ def system_replacemsg_fortiguard_wf(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "system.replacemsg", "fortiguard-wf", data=filtered_data, vdom=vdom + "system.replacemsg", "fortiguard-wf", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ftp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ftp.py index 019e35771..fe80c53b9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ftp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_ftp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_ftp(data, fos, check_mode=False): state = data["state"] system_replacemsg_ftp_data = data["system_replacemsg_ftp"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_ftp_data(system_replacemsg_ftp_data) - ) + filtered_data = filter_system_replacemsg_ftp_data(system_replacemsg_ftp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_ftp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "ftp", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "ftp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_group.py index c2f121522..a36f96fee 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1533,9 +1533,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -1544,8 +1544,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -1561,10 +1564,8 @@ def system_replacemsg_group(data, fos, check_mode=False): state = data["state"] system_replacemsg_group_data = data["system_replacemsg_group"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_group_data(system_replacemsg_group_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_system_replacemsg_group_data(system_replacemsg_group_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_http.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_http.py index 9fff71bff..733966db5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_http.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_http.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_http(data, fos, check_mode=False): state = data["state"] system_replacemsg_http_data = data["system_replacemsg_http"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_http_data(system_replacemsg_http_data) - ) + filtered_data = filter_system_replacemsg_http_data(system_replacemsg_http_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_http(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "http", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "http", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_icap.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_icap.py index 9fb06286d..a36b2bc4a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_icap.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_icap.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_icap(data, fos, check_mode=False): state = data["state"] system_replacemsg_icap_data = data["system_replacemsg_icap"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_icap_data(system_replacemsg_icap_data) - ) + filtered_data = filter_system_replacemsg_icap_data(system_replacemsg_icap_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_icap(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "icap", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "icap", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_image.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_image.py index e52d78d50..30d9c0d3b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_image.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_image.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -240,9 +240,8 @@ def system_replacemsg_image(data, fos, check_mode=False): state = data["state"] system_replacemsg_image_data = data["system_replacemsg_image"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_image_data(system_replacemsg_image_data) - ) + filtered_data = filter_system_replacemsg_image_data(system_replacemsg_image_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -306,7 +305,7 @@ def system_replacemsg_image(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "replacemsg-image", data=filtered_data, vdom=vdom) + return fos.set("system", "replacemsg-image", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mail.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mail.py index 0ebb05358..b7ef1f049 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mail.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mail.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_mail(data, fos, check_mode=False): state = data["state"] system_replacemsg_mail_data = data["system_replacemsg_mail"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_mail_data(system_replacemsg_mail_data) - ) + filtered_data = filter_system_replacemsg_mail_data(system_replacemsg_mail_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_mail(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "mail", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "mail", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm1.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm1.py index 40c02eaea..5771727f6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm1.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm1.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -355,9 +355,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -366,8 +366,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -383,10 +386,8 @@ def system_replacemsg_mm1(data, fos, check_mode=False): state = data["state"] system_replacemsg_mm1_data = data["system_replacemsg_mm1"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_mm1_data(system_replacemsg_mm1_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_system_replacemsg_mm1_data(system_replacemsg_mm1_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm3.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm3.py index 2916f154b..09ac497b9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm3.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm3.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -311,9 +311,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -322,8 +322,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -339,10 +342,8 @@ def system_replacemsg_mm3(data, fos, check_mode=False): state = data["state"] system_replacemsg_mm3_data = data["system_replacemsg_mm3"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_mm3_data(system_replacemsg_mm3_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_system_replacemsg_mm3_data(system_replacemsg_mm3_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm4.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm4.py index 3136cca64..5591be073 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm4.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm4.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -344,9 +344,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -355,8 +355,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -372,10 +375,8 @@ def system_replacemsg_mm4(data, fos, check_mode=False): state = data["state"] system_replacemsg_mm4_data = data["system_replacemsg_mm4"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_mm4_data(system_replacemsg_mm4_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_system_replacemsg_mm4_data(system_replacemsg_mm4_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm7.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm7.py index c92d2e810..541c84e75 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm7.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mm7.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -375,9 +375,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"message": "fos_message"} + speciallist = {"message": "fos_message"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -386,8 +386,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -403,10 +406,8 @@ def system_replacemsg_mm7(data, fos, check_mode=False): state = data["state"] system_replacemsg_mm7_data = data["system_replacemsg_mm7"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_mm7_data(system_replacemsg_mm7_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_system_replacemsg_mm7_data(system_replacemsg_mm7_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mms.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mms.py index 2236241af..214d78a1b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mms.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_mms.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -262,9 +262,8 @@ def system_replacemsg_mms(data, fos, check_mode=False): state = data["state"] system_replacemsg_mms_data = data["system_replacemsg_mms"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_mms_data(system_replacemsg_mms_data) - ) + filtered_data = filter_system_replacemsg_mms_data(system_replacemsg_mms_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -328,7 +327,7 @@ def system_replacemsg_mms(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "mms", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "mms", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nac_quar.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nac_quar.py index 132e0dd09..19715be29 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nac_quar.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nac_quar.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,10 @@ def system_replacemsg_nac_quar(data, fos, check_mode=False): state = data["state"] system_replacemsg_nac_quar_data = data["system_replacemsg_nac_quar"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_nac_quar_data(system_replacemsg_nac_quar_data) + filtered_data = filter_system_replacemsg_nac_quar_data( + system_replacemsg_nac_quar_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +316,7 @@ def system_replacemsg_nac_quar(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "nac-quar", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "nac-quar", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nntp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nntp.py index 3055f0077..2cd8cac7f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nntp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_nntp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_nntp(data, fos, check_mode=False): state = data["state"] system_replacemsg_nntp_data = data["system_replacemsg_nntp"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_nntp_data(system_replacemsg_nntp_data) - ) + filtered_data = filter_system_replacemsg_nntp_data(system_replacemsg_nntp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_nntp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "nntp", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "nntp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_spam.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_spam.py index 5d7098915..b2f3c062f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_spam.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_spam.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_spam(data, fos, check_mode=False): state = data["state"] system_replacemsg_spam_data = data["system_replacemsg_spam"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_spam_data(system_replacemsg_spam_data) - ) + filtered_data = filter_system_replacemsg_spam_data(system_replacemsg_spam_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_spam(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "spam", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "spam", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_sslvpn.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_sslvpn.py index 1756335d8..8f6afda5f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_sslvpn.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_sslvpn.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_sslvpn(data, fos, check_mode=False): state = data["state"] system_replacemsg_sslvpn_data = data["system_replacemsg_sslvpn"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_sslvpn_data(system_replacemsg_sslvpn_data) - ) + filtered_data = filter_system_replacemsg_sslvpn_data(system_replacemsg_sslvpn_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_sslvpn(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "sslvpn", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "sslvpn", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_traffic_quota.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_traffic_quota.py index d95ed70ab..62dbdb987 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_traffic_quota.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_traffic_quota.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,11 +249,10 @@ def system_replacemsg_traffic_quota(data, fos, check_mode=False): state = data["state"] system_replacemsg_traffic_quota_data = data["system_replacemsg_traffic_quota"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_traffic_quota_data( - system_replacemsg_traffic_quota_data - ) + filtered_data = filter_system_replacemsg_traffic_quota_data( + system_replacemsg_traffic_quota_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -322,7 +321,7 @@ def system_replacemsg_traffic_quota(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "system.replacemsg", "traffic-quota", data=filtered_data, vdom=vdom + "system.replacemsg", "traffic-quota", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_utm.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_utm.py index 91e57efb3..a2786d20a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_utm.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_utm.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,8 @@ def system_replacemsg_utm(data, fos, check_mode=False): state = data["state"] system_replacemsg_utm_data = data["system_replacemsg_utm"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_utm_data(system_replacemsg_utm_data) - ) + filtered_data = filter_system_replacemsg_utm_data(system_replacemsg_utm_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +314,7 @@ def system_replacemsg_utm(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "utm", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "utm", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_webproxy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_webproxy.py index 8dadb56b8..08e2070f6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_webproxy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_replacemsg_webproxy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -249,9 +249,10 @@ def system_replacemsg_webproxy(data, fos, check_mode=False): state = data["state"] system_replacemsg_webproxy_data = data["system_replacemsg_webproxy"] - filtered_data = underscore_to_hyphen( - filter_system_replacemsg_webproxy_data(system_replacemsg_webproxy_data) + filtered_data = filter_system_replacemsg_webproxy_data( + system_replacemsg_webproxy_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +316,7 @@ def system_replacemsg_webproxy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.replacemsg", "webproxy", data=filtered_data, vdom=vdom) + return fos.set("system.replacemsg", "webproxy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_resource_limits.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_resource_limits.py index 060903c80..5e588c45b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_resource_limits.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_resource_limits.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -306,11 +306,10 @@ def underscore_to_hyphen(data): def system_resource_limits(data, fos): vdom = data["vdom"] system_resource_limits_data = data["system_resource_limits"] - filtered_data = underscore_to_hyphen( - filter_system_resource_limits_data(system_resource_limits_data) - ) + filtered_data = filter_system_resource_limits_data(system_resource_limits_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "resource-limits", data=filtered_data, vdom=vdom) + return fos.set("system", "resource-limits", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_saml.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_saml.py index f0c5ff251..ef3f8b1d9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_saml.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_saml.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -425,9 +425,10 @@ def underscore_to_hyphen(data): def system_saml(data, fos): vdom = data["vdom"] system_saml_data = data["system_saml"] - filtered_data = underscore_to_hyphen(filter_system_saml_data(system_saml_data)) + filtered_data = filter_system_saml_data(system_saml_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "saml", data=filtered_data, vdom=vdom) + return fos.set("system", "saml", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_connector.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_connector.py index 3e2ac5581..e4bb7c036 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_connector.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_connector.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -824,9 +824,8 @@ def system_sdn_connector(data, fos, check_mode=False): state = data["state"] system_sdn_connector_data = data["system_sdn_connector"] - filtered_data = underscore_to_hyphen( - filter_system_sdn_connector_data(system_sdn_connector_data) - ) + filtered_data = filter_system_sdn_connector_data(system_sdn_connector_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -890,7 +889,7 @@ def system_sdn_connector(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "sdn-connector", data=filtered_data, vdom=vdom) + return fos.set("system", "sdn-connector", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_proxy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_proxy.py index 3734410c7..87beb3877 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_proxy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdn_proxy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -244,12 +244,11 @@ def system_sdn_proxy(data, fos): state = data["state"] system_sdn_proxy_data = data["system_sdn_proxy"] - filtered_data = underscore_to_hyphen( - filter_system_sdn_proxy_data(system_sdn_proxy_data) - ) + filtered_data = filter_system_sdn_proxy_data(system_sdn_proxy_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system", "sdn-proxy", data=filtered_data, vdom=vdom) + return fos.set("system", "sdn-proxy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "sdn-proxy", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdwan.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdwan.py index 1ae661d37..d21332733 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdwan.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sdwan.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -595,6 +595,10 @@ options: choices: - 'disable' - 'enable' + transport_group: + description: + - Measured transport group (0 - 255). + type: int volume_ratio: description: - Measured volume ratio (this value / sum of all values = percentage of link volume, 1 - 255). @@ -1036,6 +1040,14 @@ options: choices: - 'enable' - 'disable' + shortcut_priority: + description: + - High priority of ADVPN shortcut for this service. + type: str + choices: + - 'enable' + - 'disable' + - 'auto' shortcut_stickiness: description: - Enable/disable shortcut-stickiness of ADVPN. @@ -1185,6 +1197,17 @@ options: type: list elements: dict suboptions: + advpn_health_check: + description: + - Health check for ADVPN local overlay link quality. Source system.sdwan.health-check.name. + type: str + advpn_select: + description: + - Enable/disable selection of ADVPN based on SDWAN information. + type: str + choices: + - 'enable' + - 'disable' minimum_sla_meet_members: description: - Minimum number of members which meet SLA when the neighbor is preferred. @@ -1321,6 +1344,7 @@ EXAMPLES = """ source6: "<your_own_value>" spillover_threshold: "0" status: "disable" + transport_group: "0" volume_ratio: "1" weight: "1" zone: "<your_own_value> (source system.sdwan.zone.name)" @@ -1351,52 +1375,52 @@ EXAMPLES = """ dscp_reverse_tag: "<your_own_value>" dst: - - name: "default_name_127 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_128 (source firewall.address.name firewall.addrgrp.name)" dst_negate: "enable" dst6: - - name: "default_name_130 (source firewall.address6.name firewall.addrgrp6.name)" + name: "default_name_131 (source firewall.address6.name firewall.addrgrp6.name)" end_port: "65535" end_src_port: "65535" gateway: "enable" groups: - - name: "default_name_135 (source user.group.name)" + name: "default_name_136 (source user.group.name)" hash_mode: "round-robin" health_check: - - name: "default_name_138 (source system.sdwan.health-check.name)" + name: "default_name_139 (source system.sdwan.health-check.name)" hold_down_time: "0" - id: "140" + id: "141" input_device: - - name: "default_name_142 (source system.interface.name)" + name: "default_name_143 (source system.interface.name)" input_device_negate: "enable" input_zone: - - name: "default_name_145 (source system.sdwan.zone.name)" + name: "default_name_146 (source system.sdwan.zone.name)" internet_service: "enable" internet_service_app_ctrl: - - id: "148" + id: "149" internet_service_app_ctrl_category: - - id: "150" + id: "151" internet_service_app_ctrl_group: - - name: "default_name_152 (source application.group.name)" + name: "default_name_153 (source application.group.name)" internet_service_custom: - - name: "default_name_154 (source firewall.internet-service-custom.name)" + name: "default_name_155 (source firewall.internet-service-custom.name)" internet_service_custom_group: - - name: "default_name_156 (source firewall.internet-service-custom-group.name)" + name: "default_name_157 (source firewall.internet-service-custom-group.name)" internet_service_group: - - name: "default_name_158 (source firewall.internet-service-group.name)" + name: "default_name_159 (source firewall.internet-service-group.name)" internet_service_name: - - name: "default_name_160 (source firewall.internet-service-name.name)" + name: "default_name_161 (source firewall.internet-service-name.name)" jitter_weight: "0" latency_weight: "0" link_cost_factor: "latency" @@ -1404,7 +1428,7 @@ EXAMPLES = """ load_balance: "enable" minimum_sla_meet_members: "0" mode: "auto" - name: "default_name_168" + name: "default_name_169" packet_loss_weight: "0" passive_measurement: "enable" priority_members: @@ -1412,26 +1436,27 @@ EXAMPLES = """ seq_num: "<you_own_value>" priority_zone: - - name: "default_name_174 (source system.sdwan.zone.name)" + name: "default_name_175 (source system.sdwan.zone.name)" protocol: "0" quality_link: "0" role: "standalone" route_tag: "0" shortcut: "enable" + shortcut_priority: "enable" shortcut_stickiness: "enable" sla: - health_check: "<your_own_value> (source system.sdwan.health-check.name)" - id: "183" + id: "185" sla_compare_method: "order" sla_stickiness: "enable" src: - - name: "default_name_187 (source firewall.address.name firewall.addrgrp.name)" + name: "default_name_189 (source firewall.address.name firewall.addrgrp.name)" src_negate: "enable" src6: - - name: "default_name_190 (source firewall.address6.name firewall.addrgrp6.name)" + name: "default_name_192 (source firewall.address6.name firewall.addrgrp6.name)" standalone_action: "enable" start_port: "1" start_src_port: "1" @@ -1442,14 +1467,16 @@ EXAMPLES = """ use_shortcut_sla: "enable" users: - - name: "default_name_200 (source user.local.name)" + name: "default_name_202 (source user.local.name)" zone_mode: "enable" speedtest_bypass_routing: "disable" status: "disable" zone: - + advpn_health_check: "<your_own_value> (source system.sdwan.health-check.name)" + advpn_select: "enable" minimum_sla_meet_members: "1" - name: "default_name_206" + name: "default_name_210" service_sla_tie_break: "cfg-order" """ @@ -1609,9 +1636,10 @@ def system_sdwan(data, fos): vdom = data["vdom"] system_sdwan_data = data["system_sdwan"] system_sdwan_data = flatten_multilists_attributes(system_sdwan_data) - filtered_data = underscore_to_hyphen(filter_system_sdwan_data(system_sdwan_data)) + filtered_data = filter_system_sdwan_data(system_sdwan_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "sdwan", data=filtered_data, vdom=vdom) + return fos.set("system", "sdwan", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -1705,6 +1733,12 @@ versioned_schema = { "type": "string", "required": True, }, + "advpn_select": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "advpn_health_check": {"v_range": [["v7.4.2", ""]], "type": "string"}, "service_sla_tie_break": { "v_range": [["v6.4.4", ""]], "type": "string", @@ -1752,6 +1786,7 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, + "transport_group": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "comment": {"v_range": [["v6.4.0", ""]], "type": "string"}, }, "v_range": [["v6.4.0", ""]], @@ -2059,6 +2094,15 @@ versioned_schema = { {"value": "bibandwidth"}, ], }, + "shortcut_priority": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "enable"}, + {"value": "disable"}, + {"value": "auto"}, + ], + }, "role": { "v_range": [["v6.4.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_helper.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_helper.py index 3d935af75..c4f1ad9da 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_helper.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_helper.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -262,9 +262,8 @@ def system_session_helper(data, fos, check_mode=False): state = data["state"] system_session_helper_data = data["system_session_helper"] - filtered_data = underscore_to_hyphen( - filter_system_session_helper_data(system_session_helper_data) - ) + filtered_data = filter_system_session_helper_data(system_session_helper_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -328,7 +327,7 @@ def system_session_helper(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "session-helper", data=filtered_data, vdom=vdom) + return fos.set("system", "session-helper", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -393,19 +392,35 @@ versioned_schema = { {"value": "mgcp"}, { "value": "gtp-c", - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "gtp-u", - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "gtp-b", - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, { "value": "pfcp", - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v7.0.1", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], }, ], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_ttl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_ttl.py index dbd110448..5ba1bb780 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_ttl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_session_ttl.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -105,7 +105,7 @@ options: type: int refresh_direction: description: - - 'Refresh direction: Both, outgoing, incoming' + - Configure refresh direction. type: str choices: - 'both' @@ -245,11 +245,10 @@ def underscore_to_hyphen(data): def system_session_ttl(data, fos): vdom = data["vdom"] system_session_ttl_data = data["system_session_ttl"] - filtered_data = underscore_to_hyphen( - filter_system_session_ttl_data(system_session_ttl_data) - ) + filtered_data = filter_system_session_ttl_data(system_session_ttl_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "session-ttl", data=filtered_data, vdom=vdom) + return fos.set("system", "session-ttl", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_settings.py index a84108d63..f8c0e0214 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -831,6 +831,10 @@ options: choices: - 'enable' - 'disable' + ike_tcp_port: + description: + - TCP port for IKE/IPsec traffic . + type: int implicit_allow_dns: description: - Enable/disable implicitly allowing DNS traffic. @@ -966,6 +970,13 @@ options: choices: - 'enable' - 'disable' + policy_offload_level: + description: + - Configure firewall policy offload level. + type: str + choices: + - 'disable' + - 'dos-offload' prp_trailer_action: description: - Enable/disable action to take on PRP trailer. @@ -1225,6 +1236,7 @@ EXAMPLES = """ ike_port: "500" ike_quick_crash_detect: "enable" ike_session_resume: "enable" + ike_tcp_port: "4500" implicit_allow_dns: "enable" inspection_mode: "proxy" internet_service_database_cache: "disable" @@ -1247,6 +1259,7 @@ EXAMPLES = """ ngfw_mode: "profile-based" opmode: "nat" pfcp_monitor_mode: "enable" + policy_offload_level: "disable" prp_trailer_action: "enable" sccp_port: "2000" sctp_session_without_init: "enable" @@ -1463,6 +1476,7 @@ def filter_system_settings_data(json): "ike_port", "ike_quick_crash_detect", "ike_session_resume", + "ike_tcp_port", "implicit_allow_dns", "inspection_mode", "internet_service_database_cache", @@ -1485,6 +1499,7 @@ def filter_system_settings_data(json): "ngfw_mode", "opmode", "pfcp_monitor_mode", + "policy_offload_level", "prp_trailer_action", "sccp_port", "sctp_session_without_init", @@ -1568,11 +1583,10 @@ def system_settings(data, fos): vdom = data["vdom"] system_settings_data = data["system_settings"] system_settings_data = flatten_multilists_attributes(system_settings_data) - filtered_data = underscore_to_hyphen( - filter_system_settings_data(system_settings_data) - ) + filtered_data = filter_system_settings_data(system_settings_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "settings", data=filtered_data, vdom=vdom) + return fos.set("system", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -1979,9 +1993,12 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "gui_wanopt_cache": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable", "v_range": [["v6.0.0", ""]]}, + {"value": "disable", "v_range": [["v6.0.0", ""]]}, + ], }, "gui_explicit_proxy": { "v_range": [["v6.0.0", ""]], @@ -2185,6 +2202,7 @@ versioned_schema = { "options": [{"value": "with-space"}, {"value": "no-space"}], }, "ike_port": {"v_range": [["v7.0.0", ""]], "type": "integer"}, + "ike_tcp_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "ike_policy_route": { "v_range": [["v7.0.2", ""]], "type": "string", @@ -2235,28 +2253,33 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, - "gui_endpoint_control": { - "v_range": [["v6.0.0", "v7.2.4"]], + "gtp_asym_fgsp": { + "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "gtp_monitor_mode": { + "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "gui_endpoint_control_advanced": { - "v_range": [["v6.0.0", "v7.2.4"]], + "pfcp_monitor_mode": { + "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "gtp_asym_fgsp": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "policy_offload_level": { + "v_range": [["v7.4.2", "v7.4.2"]], "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], + "options": [{"value": "disable"}, {"value": "dos-offload"}], }, - "gtp_monitor_mode": { - "v_range": [["v6.2.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "gui_endpoint_control": { + "v_range": [["v6.0.0", "v7.2.4"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "pfcp_monitor_mode": { - "v_range": [["v7.0.1", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "gui_endpoint_control_advanced": { + "v_range": [["v6.0.0", "v7.2.4"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sflow.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sflow.py index d44010cf0..5a13d0c5f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sflow.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sflow.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -89,6 +89,42 @@ options: - UDP port number used for sending sFlow datagrams (configure only if required by your sFlow collector or your network configuration) (0 - 65535). type: int + collectors: + description: + - sFlow collectors. + type: list + elements: dict + suboptions: + collector_ip: + description: + - IP addresses of the sFlow collectors that sFlow agents added to interfaces in this VDOM send sFlow datagrams to. + type: str + collector_port: + description: + - UDP port number used for sending sFlow datagrams (configure only if required by your sFlow collector or your network + configuration) (0 - 65535). + type: int + id: + description: + - ID. see <a href='#notes'>Notes</a>. + required: true + type: int + interface: + description: + - Specify outgoing interface to reach server. Source system.interface.name. + type: str + interface_select_method: + description: + - Specify how to select outgoing interface to reach server. + type: str + choices: + - 'auto' + - 'sdwan' + - 'specify' + source_ip: + description: + - Source IP address for sFlow agent. + type: str interface: description: - Specify outgoing interface to reach server. Source system.interface.name. @@ -114,6 +150,14 @@ EXAMPLES = """ system_sflow: collector_ip: "<your_own_value>" collector_port: "6343" + collectors: + - + collector_ip: "<your_own_value>" + collector_port: "6343" + id: "8" + interface: "<your_own_value> (source system.interface.name)" + interface_select_method: "auto" + source_ip: "84.230.14.43" interface: "<your_own_value> (source system.interface.name)" interface_select_method: "auto" source_ip: "84.230.14.43" @@ -202,6 +246,7 @@ def filter_system_sflow_data(json): option_list = [ "collector_ip", "collector_port", + "collectors", "interface", "interface_select_method", "source_ip", @@ -233,9 +278,10 @@ def underscore_to_hyphen(data): def system_sflow(data, fos): vdom = data["vdom"] system_sflow_data = data["system_sflow"] - filtered_data = underscore_to_hyphen(filter_system_sflow_data(system_sflow_data)) + filtered_data = filter_system_sflow_data(system_sflow_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "sflow", data=filtered_data, vdom=vdom) + return fos.set("system", "sflow", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -270,15 +316,40 @@ versioned_schema = { "v_range": [["v6.0.0", ""]], "type": "dict", "children": { - "collector_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "collector_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "source_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "collectors": { + "type": "list", + "elements": "dict", + "children": { + "id": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + "required": True, + }, + "collector_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "collector_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "source_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "interface_select_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "auto"}, + {"value": "sdwan"}, + {"value": "specify"}, + ], + }, + "interface": {"v_range": [["v7.4.2", ""]], "type": "string"}, + }, + "v_range": [["v7.4.2", ""]], + }, + "collector_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, + "collector_port": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "integer"}, + "source_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, "interface_select_method": { - "v_range": [["v7.0.1", ""]], + "v_range": [["v7.0.1", "v7.4.1"]], "type": "string", "options": [{"value": "auto"}, {"value": "sdwan"}, {"value": "specify"}], }, - "interface": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "interface": {"v_range": [["v7.0.1", "v7.4.1"]], "type": "string"}, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sit_tunnel.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sit_tunnel.py index ce3bc8c7e..ed12b4bb3 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sit_tunnel.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sit_tunnel.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -269,9 +269,8 @@ def system_sit_tunnel(data, fos, check_mode=False): state = data["state"] system_sit_tunnel_data = data["system_sit_tunnel"] - filtered_data = underscore_to_hyphen( - filter_system_sit_tunnel_data(system_sit_tunnel_data) - ) + filtered_data = filter_system_sit_tunnel_data(system_sit_tunnel_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -335,7 +334,7 @@ def system_sit_tunnel(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "sit-tunnel", data=filtered_data, vdom=vdom) + return fos.set("system", "sit-tunnel", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "sit-tunnel", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_smc_ntp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_smc_ntp.py index c75ed598b..040149504 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_smc_ntp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_smc_ntp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -117,13 +117,13 @@ EXAMPLES = """ fortinet.fortios.fortios_system_smc_ntp: vdom: "{{ vdom }}" system_smc_ntp: - channel: "32767" + channel: "5" ntpserver: - id: "5" server: "192.168.100.40" ntpsync: "enable" - syncinterval: "32767" + syncinterval: "60" """ RETURN = """ @@ -234,11 +234,10 @@ def underscore_to_hyphen(data): def system_smc_ntp(data, fos): vdom = data["vdom"] system_smc_ntp_data = data["system_smc_ntp"] - filtered_data = underscore_to_hyphen( - filter_system_smc_ntp_data(system_smc_ntp_data) - ) + filtered_data = filter_system_smc_ntp_data(system_smc_ntp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "smc-ntp", data=filtered_data, vdom=vdom) + return fos.set("system", "smc-ntp", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -270,28 +269,37 @@ def fortios_system(data, fos): versioned_schema = { - "v_range": [["v6.2.3", "v6.2.3"]], + "v_range": [["v6.2.3", "v6.2.3"], ["v7.4.2", "v7.4.2"]], "type": "dict", "children": { "ntpsync": { - "v_range": [["v6.2.3", "v6.2.3"]], + "v_range": [["v6.2.3", "v6.2.3"], ["v7.4.2", "v7.4.2"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "syncinterval": {"v_range": [["v6.2.3", "v6.2.3"]], "type": "integer"}, - "channel": {"v_range": [["v6.2.3", "v6.2.3"]], "type": "integer"}, + "syncinterval": { + "v_range": [["v6.2.3", "v6.2.3"], ["v7.4.2", "v7.4.2"]], + "type": "integer", + }, + "channel": { + "v_range": [["v6.2.3", "v6.2.3"], ["v7.4.2", "v7.4.2"]], + "type": "integer", + }, "ntpserver": { "type": "list", "elements": "dict", "children": { "id": { - "v_range": [["v6.2.3", "v6.2.3"]], + "v_range": [["v6.2.3", "v6.2.3"], ["v7.4.2", "v7.4.2"]], "type": "integer", "required": True, }, - "server": {"v_range": [["v6.2.3", "v6.2.3"]], "type": "string"}, + "server": { + "v_range": [["v6.2.3", "v6.2.3"], ["v7.4.2", "v7.4.2"]], + "type": "string", + }, }, - "v_range": [["v6.2.3", "v6.2.3"]], + "v_range": [["v6.2.3", "v6.2.3"], ["v7.4.2", "v7.4.2"]], }, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sms_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sms_server.py index 536c27fc1..aa46716b4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sms_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sms_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -230,9 +230,8 @@ def system_sms_server(data, fos, check_mode=False): state = data["state"] system_sms_server_data = data["system_sms_server"] - filtered_data = underscore_to_hyphen( - filter_system_sms_server_data(system_sms_server_data) - ) + filtered_data = filter_system_sms_server_data(system_sms_server_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -296,7 +295,7 @@ def system_sms_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "sms-server", data=filtered_data, vdom=vdom) + return fos.set("system", "sms-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "sms-server", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_community.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_community.py index 8bfafbf15..f9065e08f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_community.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_community.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -138,8 +138,9 @@ options: - 'ospf-virtnbr-state-change' - 'temperature-high' - 'voltage-alert' - - 'power-supply-failure' + - 'power-supply' - 'fan-failure' + - 'power-supply-failure' hosts: description: - Configure IPv4 SNMP managers (hosts). @@ -505,9 +506,8 @@ def system_snmp_community(data, fos, check_mode=False): system_snmp_community_data = flatten_multilists_attributes( system_snmp_community_data ) - filtered_data = underscore_to_hyphen( - filter_system_snmp_community_data(system_snmp_community_data) - ) + filtered_data = filter_system_snmp_community_data(system_snmp_community_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -571,7 +571,7 @@ def system_snmp_community(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.snmp", "community", data=filtered_data, vdom=vdom) + return fos.set("system.snmp", "community", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -752,8 +752,9 @@ versioned_schema = { {"value": "ospf-virtnbr-state-change", "v_range": [["v7.0.0", ""]]}, {"value": "temperature-high"}, {"value": "voltage-alert"}, - {"value": "power-supply-failure"}, + {"value": "power-supply", "v_range": [["v7.4.2", ""]]}, {"value": "fan-failure"}, + {"value": "power-supply-failure", "v_range": [["v6.0.0", "v7.4.1"]]}, ], "multiple_values": True, "elements": "str", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_mib_view.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_mib_view.py index 91e65b63a..90f8c0838 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_mib_view.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_mib_view.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -259,12 +259,11 @@ def system_snmp_mib_view(data, fos): system_snmp_mib_view_data = data["system_snmp_mib_view"] system_snmp_mib_view_data = flatten_multilists_attributes(system_snmp_mib_view_data) - filtered_data = underscore_to_hyphen( - filter_system_snmp_mib_view_data(system_snmp_mib_view_data) - ) + filtered_data = filter_system_snmp_mib_view_data(system_snmp_mib_view_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system.snmp", "mib-view", data=filtered_data, vdom=vdom) + return fos.set("system.snmp", "mib-view", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_sysinfo.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_sysinfo.py index 62ad47407..e3c9c7518 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_sysinfo.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_sysinfo.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -111,6 +111,14 @@ options: choices: - 'enable' - 'disable' + trap_free_memory_threshold: + description: + - Free memory usage when trap is sent. + type: int + trap_freeable_memory_threshold: + description: + - Freeable memory usage when trap is sent. + type: int trap_high_cpu_threshold: description: - CPU usage when trap is sent. @@ -136,6 +144,8 @@ EXAMPLES = """ engine_id_type: "text" location: "<your_own_value>" status: "enable" + trap_free_memory_threshold: "5" + trap_freeable_memory_threshold: "60" trap_high_cpu_threshold: "80" trap_log_full_threshold: "90" trap_low_memory_threshold: "80" @@ -228,6 +238,8 @@ def filter_system_snmp_sysinfo_data(json): "engine_id_type", "location", "status", + "trap_free_memory_threshold", + "trap_freeable_memory_threshold", "trap_high_cpu_threshold", "trap_log_full_threshold", "trap_low_memory_threshold", @@ -259,11 +271,10 @@ def underscore_to_hyphen(data): def system_snmp_sysinfo(data, fos): vdom = data["vdom"] system_snmp_sysinfo_data = data["system_snmp_sysinfo"] - filtered_data = underscore_to_hyphen( - filter_system_snmp_sysinfo_data(system_snmp_sysinfo_data) - ) + filtered_data = filter_system_snmp_sysinfo_data(system_snmp_sysinfo_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system.snmp", "sysinfo", data=filtered_data, vdom=vdom) + return fos.set("system.snmp", "sysinfo", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -315,6 +326,11 @@ versioned_schema = { "trap_high_cpu_threshold": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "trap_low_memory_threshold": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "trap_log_full_threshold": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "trap_free_memory_threshold": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "trap_freeable_memory_threshold": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + }, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_user.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_user.py index cdc82996f..2d81f9d0f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_user.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_snmp_user.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -151,8 +151,9 @@ options: - 'ospf-virtnbr-state-change' - 'temperature-high' - 'voltage-alert' - - 'power-supply-failure' + - 'power-supply' - 'fan-failure' + - 'power-supply-failure' ha_direct: description: - Enable/disable direct management of HA cluster members. @@ -458,9 +459,8 @@ def system_snmp_user(data, fos, check_mode=False): system_snmp_user_data = data["system_snmp_user"] system_snmp_user_data = flatten_multilists_attributes(system_snmp_user_data) - filtered_data = underscore_to_hyphen( - filter_system_snmp_user_data(system_snmp_user_data) - ) + filtered_data = filter_system_snmp_user_data(system_snmp_user_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -524,7 +524,7 @@ def system_snmp_user(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system.snmp", "user", data=filtered_data, vdom=vdom) + return fos.set("system.snmp", "user", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system.snmp", "user", mkey=filtered_data["name"], vdom=vdom) @@ -652,8 +652,9 @@ versioned_schema = { {"value": "ospf-virtnbr-state-change", "v_range": [["v7.0.0", ""]]}, {"value": "temperature-high"}, {"value": "voltage-alert"}, - {"value": "power-supply-failure"}, + {"value": "power-supply", "v_range": [["v7.4.2", ""]]}, {"value": "fan-failure"}, + {"value": "power-supply-failure", "v_range": [["v6.0.0", "v7.4.1"]]}, ], "multiple_values": True, "elements": "str", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_schedule.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_schedule.py index abb2c73ed..b59f55e7c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_schedule.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_schedule.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -88,6 +88,10 @@ options: default: null type: dict suboptions: + ctrl_port: + description: + - Port of the controller to get access token. + type: int diffserv: description: - DSCP used for speed test. @@ -127,6 +131,10 @@ options: description: - Speed test server name. type: str + server_port: + description: + - Port of the server to run speed test. + type: int status: description: - Enable/disable scheduled speed test. @@ -164,6 +172,15 @@ options: description: - Minimum uploading bandwidth (kbps) to be considered effective. type: int + update_shaper: + description: + - Set egress shaper based on the test result. + type: str + choices: + - 'disable' + - 'local' + - 'remote' + - 'both' """ EXAMPLES = """ @@ -173,14 +190,16 @@ EXAMPLES = """ state: "present" access_token: "<your_own_value>" system_speed_test_schedule: + ctrl_port: "5200" diffserv: "<your_own_value>" dynamic_server: "disable" interface: "<your_own_value> (source system.interface.name)" mode: "UDP" schedules: - - name: "default_name_8 (source firewall.schedule.recurring.name)" + name: "default_name_9 (source firewall.schedule.recurring.name)" server_name: "<your_own_value>" + server_port: "5201" status: "disable" update_inbandwidth: "disable" update_inbandwidth_maximum: "0" @@ -188,6 +207,7 @@ EXAMPLES = """ update_outbandwidth: "disable" update_outbandwidth_maximum: "0" update_outbandwidth_minimum: "0" + update_shaper: "disable" """ RETURN = """ @@ -271,12 +291,14 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post def filter_system_speed_test_schedule_data(json): option_list = [ + "ctrl_port", "diffserv", "dynamic_server", "interface", "mode", "schedules", "server_name", + "server_port", "status", "update_inbandwidth", "update_inbandwidth_maximum", @@ -284,6 +306,7 @@ def filter_system_speed_test_schedule_data(json): "update_outbandwidth", "update_outbandwidth_maximum", "update_outbandwidth_minimum", + "update_shaper", ] json = remove_invalid_fields(json) @@ -315,12 +338,13 @@ def system_speed_test_schedule(data, fos): state = data["state"] system_speed_test_schedule_data = data["system_speed_test_schedule"] - filtered_data = underscore_to_hyphen( - filter_system_speed_test_schedule_data(system_speed_test_schedule_data) + filtered_data = filter_system_speed_test_schedule_data( + system_speed_test_schedule_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system", "speed-test-schedule", data=filtered_data, vdom=vdom) + return fos.set("system", "speed-test-schedule", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -394,6 +418,18 @@ versioned_schema = { "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, + "ctrl_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "server_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "update_shaper": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "disable"}, + {"value": "local"}, + {"value": "remote"}, + {"value": "both"}, + ], + }, "update_inbandwidth": { "v_range": [["v7.0.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_server.py index 64cfa6c54..f14ca9a4d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -279,9 +279,8 @@ def system_speed_test_server(data, fos, check_mode=False): state = data["state"] system_speed_test_server_data = data["system_speed_test_server"] - filtered_data = underscore_to_hyphen( - filter_system_speed_test_server_data(system_speed_test_server_data) - ) + filtered_data = filter_system_speed_test_server_data(system_speed_test_server_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -345,7 +344,7 @@ def system_speed_test_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "speed-test-server", data=filtered_data, vdom=vdom) + return fos.set("system", "speed-test-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_setting.py index a5536c3a6..c8f999b63 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_speed_test_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -208,11 +208,12 @@ def underscore_to_hyphen(data): def system_speed_test_setting(data, fos): vdom = data["vdom"] system_speed_test_setting_data = data["system_speed_test_setting"] - filtered_data = underscore_to_hyphen( - filter_system_speed_test_setting_data(system_speed_test_setting_data) + filtered_data = filter_system_speed_test_setting_data( + system_speed_test_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "speed-test-setting", data=filtered_data, vdom=vdom) + return fos.set("system", "speed-test-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_admin.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_admin.py index 392ea09b6..5f9292784 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_admin.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_admin.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -497,9 +497,8 @@ def system_sso_admin(data, fos, check_mode=False): state = data["state"] system_sso_admin_data = data["system_sso_admin"] - filtered_data = underscore_to_hyphen( - filter_system_sso_admin_data(system_sso_admin_data) - ) + filtered_data = filter_system_sso_admin_data(system_sso_admin_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -563,7 +562,7 @@ def system_sso_admin(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "sso-admin", data=filtered_data, vdom=vdom) + return fos.set("system", "sso-admin", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "sso-admin", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_forticloud_admin.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_forticloud_admin.py index 4f23eb793..2650b8265 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_forticloud_admin.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_forticloud_admin.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,12 +235,13 @@ def system_sso_forticloud_admin(data, fos): state = data["state"] system_sso_forticloud_admin_data = data["system_sso_forticloud_admin"] - filtered_data = underscore_to_hyphen( - filter_system_sso_forticloud_admin_data(system_sso_forticloud_admin_data) + filtered_data = filter_system_sso_forticloud_admin_data( + system_sso_forticloud_admin_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("system", "sso-forticloud-admin", data=filtered_data, vdom=vdom) + return fos.set("system", "sso-forticloud-admin", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_fortigate_cloud_admin.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_fortigate_cloud_admin.py index 5dfcaa18e..8d9f3fd5d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_fortigate_cloud_admin.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_sso_fortigate_cloud_admin.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,15 +235,14 @@ def system_sso_fortigate_cloud_admin(data, fos): state = data["state"] system_sso_fortigate_cloud_admin_data = data["system_sso_fortigate_cloud_admin"] - filtered_data = underscore_to_hyphen( - filter_system_sso_fortigate_cloud_admin_data( - system_sso_fortigate_cloud_admin_data - ) + filtered_data = filter_system_sso_fortigate_cloud_admin_data( + system_sso_fortigate_cloud_admin_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "system", "sso-fortigate-cloud-admin", data=filtered_data, vdom=vdom + "system", "sso-fortigate-cloud-admin", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_standalone_cluster.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_standalone_cluster.py index 7245b6e94..b7eae9e61 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_standalone_cluster.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_standalone_cluster.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -80,6 +80,13 @@ options: default: null type: dict suboptions: + asymmetric_traffic_control: + description: + - Asymmetric traffic control mode. + type: str + choices: + - 'cps-preferred' + - 'strict-anti-replay' cluster_peer: description: - Configure FortiGate Session Life Support Protocol (FGSP) session synchronization. @@ -232,11 +239,12 @@ EXAMPLES = """ fortinet.fortios.fortios_system_standalone_cluster: vdom: "{{ vdom }}" system_standalone_cluster: + asymmetric_traffic_control: "cps-preferred" cluster_peer: - down_intfs_before_sess_sync: - - name: "default_name_5 (source system.interface.name)" + name: "default_name_6 (source system.interface.name)" hb_interval: "2" hb_lost_threshold: "10" ipsec_tunnel_sync: "enable" @@ -247,7 +255,7 @@ EXAMPLES = """ custom_service: - dst_port_range: "<your_own_value>" - id: "15" + id: "16" src_port_range: "<your_own_value>" dstaddr: "<your_own_value>" dstaddr6: "<your_own_value>" @@ -258,7 +266,7 @@ EXAMPLES = """ sync_id: "<you_own_value>" syncvd: - - name: "default_name_25 (source system.vdom.name)" + name: "default_name_26 (source system.vdom.name)" encryption: "enable" group_member_id: "0" layer2_connection: "available" @@ -348,6 +356,7 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post def filter_system_standalone_cluster_data(json): option_list = [ + "asymmetric_traffic_control", "cluster_peer", "encryption", "group_member_id", @@ -415,11 +424,12 @@ def system_standalone_cluster(data, fos): system_standalone_cluster_data = flatten_multilists_attributes( system_standalone_cluster_data ) - filtered_data = underscore_to_hyphen( - filter_system_standalone_cluster_data(system_standalone_cluster_data) + filtered_data = filter_system_standalone_cluster_data( + system_standalone_cluster_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "standalone-cluster", data=filtered_data, vdom=vdom) + return fos.set("system", "standalone-cluster", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -475,6 +485,11 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "psksecret": {"v_range": [["v6.4.0", ""]], "type": "string"}, + "asymmetric_traffic_control": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "cps-preferred"}, {"value": "strict-anti-replay"}], + }, "cluster_peer": { "type": "list", "elements": "dict", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_storage.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_storage.py index ae79460dc..2bb2aec92 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_storage.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_storage.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -289,9 +289,8 @@ def system_storage(data, fos, check_mode=False): state = data["state"] system_storage_data = data["system_storage"] - filtered_data = underscore_to_hyphen( - filter_system_storage_data(system_storage_data) - ) + filtered_data = filter_system_storage_data(system_storage_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -355,7 +354,7 @@ def system_storage(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "storage", data=filtered_data, vdom=vdom) + return fos.set("system", "storage", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "storage", mkey=filtered_data["name"], vdom=vdom) @@ -414,12 +413,19 @@ versioned_schema = { "usage": { "v_range": [["v6.0.0", ""]], "type": "string", - "options": [{"value": "log"}, {"value": "wanopt"}], + "options": [ + {"value": "log"}, + {"value": "wanopt", "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]]}, + ], }, "wanopt_mode": { - "v_range": [["v6.0.0", ""]], + "v_range": [["v6.0.0", "v7.4.1"], ["v7.4.3", ""]], "type": "string", - "options": [{"value": "mix"}, {"value": "wanopt"}, {"value": "webcache"}], + "options": [ + {"value": "mix", "v_range": [["v6.0.0", ""]]}, + {"value": "wanopt", "v_range": [["v6.0.0", ""]]}, + {"value": "webcache", "v_range": [["v6.0.0", ""]]}, + ], }, }, "v_range": [["v6.0.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_stp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_stp.py index 46de753d0..105fa95bd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_stp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_stp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -263,9 +263,10 @@ def underscore_to_hyphen(data): def system_stp(data, fos): vdom = data["vdom"] system_stp_data = data["system_stp"] - filtered_data = underscore_to_hyphen(filter_system_stp_data(system_stp_data)) + filtered_data = filter_system_stp_data(system_stp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "stp", data=filtered_data, vdom=vdom) + return fos.set("system", "stp", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -297,7 +298,12 @@ def fortios_system(data, fos): versioned_schema = { - "v_range": [["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v6.2.7"], + ["v6.4.1", "v7.0.12"], + ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], + ], "type": "dict", "children": { "switch_priority": { @@ -305,6 +311,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", "options": [ @@ -330,6 +337,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "integer", }, @@ -338,6 +346,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "integer", }, @@ -346,6 +355,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "integer", }, @@ -354,6 +364,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "integer", }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_switch_interface.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_switch_interface.py index 0ff1278c3..f235c3843 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_switch_interface.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_switch_interface.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -312,9 +312,8 @@ def system_switch_interface(data, fos, check_mode=False): state = data["state"] system_switch_interface_data = data["system_switch_interface"] - filtered_data = underscore_to_hyphen( - filter_system_switch_interface_data(system_switch_interface_data) - ) + filtered_data = filter_system_switch_interface_data(system_switch_interface_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -378,7 +377,7 @@ def system_switch_interface(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "switch-interface", data=filtered_data, vdom=vdom) + return fos.set("system", "switch-interface", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_tos_based_priority.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_tos_based_priority.py index 33368a318..ccef8852a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_tos_based_priority.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_tos_based_priority.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,9 +242,10 @@ def system_tos_based_priority(data, fos, check_mode=False): state = data["state"] system_tos_based_priority_data = data["system_tos_based_priority"] - filtered_data = underscore_to_hyphen( - filter_system_tos_based_priority_data(system_tos_based_priority_data) + filtered_data = filter_system_tos_based_priority_data( + system_tos_based_priority_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -308,7 +309,7 @@ def system_tos_based_priority(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "tos-based-priority", data=filtered_data, vdom=vdom) + return fos.set("system", "tos-based-priority", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom.py index b7a9df6f2..b16f4428c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -245,7 +245,8 @@ def system_vdom(data, fos, check_mode=False): state = data["state"] system_vdom_data = data["system_vdom"] - filtered_data = underscore_to_hyphen(filter_system_vdom_data(system_vdom_data)) + filtered_data = filter_system_vdom_data(system_vdom_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -309,7 +310,7 @@ def system_vdom(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "vdom", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "vdom", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_dns.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_dns.py index 0013e2c28..d23815d0a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_dns.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_dns.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -346,11 +346,10 @@ def system_vdom_dns(data, fos): vdom = data["vdom"] system_vdom_dns_data = data["system_vdom_dns"] system_vdom_dns_data = flatten_multilists_attributes(system_vdom_dns_data) - filtered_data = underscore_to_hyphen( - filter_system_vdom_dns_data(system_vdom_dns_data) - ) + filtered_data = filter_system_vdom_dns_data(system_vdom_dns_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "vdom-dns", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom-dns", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_exception.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_exception.py index e87f4a0d6..39659b0dd 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_exception.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_exception.py @@ -41,7 +41,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -139,6 +139,7 @@ options: - 'router.policy6' - 'log.syslogd.setting' - 'log.syslogd.override-setting' + - 'firewall.address' - 'firewall.vip46' - 'firewall.vip64' oid: @@ -302,9 +303,8 @@ def system_vdom_exception(data, fos, check_mode=False): state = data["state"] system_vdom_exception_data = data["system_vdom_exception"] - filtered_data = underscore_to_hyphen( - filter_system_vdom_exception_data(system_vdom_exception_data) - ) + filtered_data = filter_system_vdom_exception_data(system_vdom_exception_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -368,7 +368,7 @@ def system_vdom_exception(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "vdom-exception", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom-exception", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -479,8 +479,9 @@ versioned_schema = { {"value": "system.saml", "v_range": []}, {"value": "router.policy", "v_range": []}, {"value": "router.policy6", "v_range": []}, - {"value": "log.syslogd.setting", "v_range": [["v7.4.1", ""]]}, - {"value": "log.syslogd.override-setting", "v_range": [["v7.4.1", ""]]}, + {"value": "log.syslogd.setting", "v_range": [["v7.4.3", ""]]}, + {"value": "log.syslogd.override-setting", "v_range": [["v7.4.3", ""]]}, + {"value": "firewall.address", "v_range": [["v7.4.2", ""]]}, {"value": "firewall.vip46", "v_range": []}, {"value": "firewall.vip64", "v_range": []}, ], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_link.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_link.py index ac2be3ffc..0df38d5f7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_link.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_link.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,9 +242,8 @@ def system_vdom_link(data, fos, check_mode=False): state = data["state"] system_vdom_link_data = data["system_vdom_link"] - filtered_data = underscore_to_hyphen( - filter_system_vdom_link_data(system_vdom_link_data) - ) + filtered_data = filter_system_vdom_link_data(system_vdom_link_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -308,7 +307,7 @@ def system_vdom_link(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "vdom-link", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom-link", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "vdom-link", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_netflow.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_netflow.py index c684f4179..c09c51e30 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_netflow.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_netflow.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -88,6 +88,41 @@ options: description: - NetFlow collector port number. type: int + collectors: + description: + - Netflow collectors. + type: list + elements: dict + suboptions: + collector_ip: + description: + - Collector IP. + type: str + collector_port: + description: + - NetFlow collector port number. + type: int + id: + description: + - ID. see <a href='#notes'>Notes</a>. + required: true + type: int + interface: + description: + - Specify outgoing interface to reach server. Source system.interface.name. + type: str + interface_select_method: + description: + - Specify how to select outgoing interface to reach server. + type: str + choices: + - 'auto' + - 'sdwan' + - 'specify' + source_ip: + description: + - Source IP address for communication with the NetFlow agent. + type: str interface: description: - Specify outgoing interface to reach server. Source system.interface.name. @@ -120,6 +155,14 @@ EXAMPLES = """ system_vdom_netflow: collector_ip: "<your_own_value>" collector_port: "2055" + collectors: + - + collector_ip: "<your_own_value>" + collector_port: "2055" + id: "8" + interface: "<your_own_value> (source system.interface.name)" + interface_select_method: "auto" + source_ip: "84.230.14.43" interface: "<your_own_value> (source system.interface.name)" interface_select_method: "auto" source_ip: "84.230.14.43" @@ -209,6 +252,7 @@ def filter_system_vdom_netflow_data(json): option_list = [ "collector_ip", "collector_port", + "collectors", "interface", "interface_select_method", "source_ip", @@ -241,11 +285,10 @@ def underscore_to_hyphen(data): def system_vdom_netflow(data, fos): vdom = data["vdom"] system_vdom_netflow_data = data["system_vdom_netflow"] - filtered_data = underscore_to_hyphen( - filter_system_vdom_netflow_data(system_vdom_netflow_data) - ) + filtered_data = filter_system_vdom_netflow_data(system_vdom_netflow_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "vdom-netflow", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom-netflow", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -285,15 +328,40 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "collector_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "collector_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "source_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "collectors": { + "type": "list", + "elements": "dict", + "children": { + "id": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + "required": True, + }, + "collector_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "collector_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "source_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "interface_select_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "auto"}, + {"value": "sdwan"}, + {"value": "specify"}, + ], + }, + "interface": {"v_range": [["v7.4.2", ""]], "type": "string"}, + }, + "v_range": [["v7.4.2", ""]], + }, + "collector_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, + "collector_port": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "integer"}, + "source_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, "interface_select_method": { - "v_range": [["v7.0.1", ""]], + "v_range": [["v7.0.1", "v7.4.1"]], "type": "string", "options": [{"value": "auto"}, {"value": "sdwan"}, {"value": "specify"}], }, - "interface": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "interface": {"v_range": [["v7.0.1", "v7.4.1"]], "type": "string"}, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_property.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_property.py index 39fe22b9e..0c68e0c27 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_property.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_property.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -412,9 +412,8 @@ def system_vdom_property(data, fos, check_mode=False): system_vdom_property_data = data["system_vdom_property"] system_vdom_property_data = flatten_multilists_attributes(system_vdom_property_data) - filtered_data = underscore_to_hyphen( - filter_system_vdom_property_data(system_vdom_property_data) - ) + filtered_data = filter_system_vdom_property_data(system_vdom_property_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -478,7 +477,7 @@ def system_vdom_property(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "vdom-property", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom-property", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_radius_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_radius_server.py index 9ac2b7ebc..47e83b712 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_radius_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_radius_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -238,9 +238,10 @@ def system_vdom_radius_server(data, fos, check_mode=False): state = data["state"] system_vdom_radius_server_data = data["system_vdom_radius_server"] - filtered_data = underscore_to_hyphen( - filter_system_vdom_radius_server_data(system_vdom_radius_server_data) + filtered_data = filter_system_vdom_radius_server_data( + system_vdom_radius_server_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -304,7 +305,7 @@ def system_vdom_radius_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "vdom-radius-server", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom-radius-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_sflow.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_sflow.py index dc7fcca9f..f9b29a43e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_sflow.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vdom_sflow.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -91,6 +91,42 @@ options: - UDP port number used for sending sFlow datagrams (configure only if required by your sFlow collector or your network configuration) (0 - 65535). type: int + collectors: + description: + - sFlow collectors. + type: list + elements: dict + suboptions: + collector_ip: + description: + - IP addresses of the sFlow collectors that sFlow agents added to interfaces in this VDOM send sFlow datagrams to. + type: str + collector_port: + description: + - UDP port number used for sending sFlow datagrams (configure only if required by your sFlow collector or your network + configuration) (0 - 65535). + type: int + id: + description: + - ID. see <a href='#notes'>Notes</a>. + required: true + type: int + interface: + description: + - Specify outgoing interface to reach server. Source system.interface.name. + type: str + interface_select_method: + description: + - Specify how to select outgoing interface to reach server. + type: str + choices: + - 'auto' + - 'sdwan' + - 'specify' + source_ip: + description: + - Source IP address for sFlow agent. + type: str interface: description: - Specify outgoing interface to reach server. Source system.interface.name. @@ -124,6 +160,14 @@ EXAMPLES = """ system_vdom_sflow: collector_ip: "<your_own_value>" collector_port: "6343" + collectors: + - + collector_ip: "<your_own_value>" + collector_port: "6343" + id: "8" + interface: "<your_own_value> (source system.interface.name)" + interface_select_method: "auto" + source_ip: "84.230.14.43" interface: "<your_own_value> (source system.interface.name)" interface_select_method: "auto" source_ip: "84.230.14.43" @@ -213,6 +257,7 @@ def filter_system_vdom_sflow_data(json): option_list = [ "collector_ip", "collector_port", + "collectors", "interface", "interface_select_method", "source_ip", @@ -245,11 +290,10 @@ def underscore_to_hyphen(data): def system_vdom_sflow(data, fos): vdom = data["vdom"] system_vdom_sflow_data = data["system_vdom_sflow"] - filtered_data = underscore_to_hyphen( - filter_system_vdom_sflow_data(system_vdom_sflow_data) - ) + filtered_data = filter_system_vdom_sflow_data(system_vdom_sflow_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "vdom-sflow", data=filtered_data, vdom=vdom) + return fos.set("system", "vdom-sflow", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -289,15 +333,40 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "collector_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "collector_port": {"v_range": [["v6.0.0", ""]], "type": "integer"}, - "source_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "collectors": { + "type": "list", + "elements": "dict", + "children": { + "id": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + "required": True, + }, + "collector_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "collector_port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "source_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "interface_select_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "auto"}, + {"value": "sdwan"}, + {"value": "specify"}, + ], + }, + "interface": {"v_range": [["v7.4.2", ""]], "type": "string"}, + }, + "v_range": [["v7.4.2", ""]], + }, + "collector_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, + "collector_port": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "integer"}, + "source_ip": {"v_range": [["v6.0.0", "v7.4.1"]], "type": "string"}, "interface_select_method": { - "v_range": [["v7.0.1", ""]], + "v_range": [["v7.0.1", "v7.4.1"]], "type": "string", "options": [{"value": "auto"}, {"value": "sdwan"}, {"value": "specify"}], }, - "interface": {"v_range": [["v7.0.1", ""]], "type": "string"}, + "interface": {"v_range": [["v7.0.1", "v7.4.1"]], "type": "string"}, }, } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_switch.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_switch.py index 4a10e969e..acb26336d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_switch.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_switch.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -166,6 +166,10 @@ options: description: - SPAN source port. type: str + vlan: + description: + - VLAN. + type: int """ EXAMPLES = """ @@ -188,6 +192,7 @@ EXAMPLES = """ span_dest_port: "<your_own_value>" span_direction: "rx" span_source_port: "<your_own_value>" + vlan: "0" """ RETURN = """ @@ -287,6 +292,7 @@ def filter_system_virtual_switch_data(json): "span_dest_port", "span_direction", "span_source_port", + "vlan", ] json = remove_invalid_fields(json) @@ -318,9 +324,8 @@ def system_virtual_switch(data, fos, check_mode=False): state = data["state"] system_virtual_switch_data = data["system_virtual_switch"] - filtered_data = underscore_to_hyphen( - filter_system_virtual_switch_data(system_virtual_switch_data) - ) + filtered_data = filter_system_virtual_switch_data(system_virtual_switch_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -384,7 +389,7 @@ def system_virtual_switch(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "virtual-switch", data=filtered_data, vdom=vdom) + return fos.set("system", "virtual-switch", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -432,6 +437,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", "required": True, @@ -441,9 +447,11 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", }, + "vlan": {"v_range": [["v7.4.2", "v7.4.2"]], "type": "integer"}, "port": { "type": "list", "elements": "dict", @@ -453,6 +461,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", "required": True, @@ -462,6 +471,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], "type": "string", }, @@ -498,6 +508,7 @@ versioned_schema = { ["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], ], }, "span": { @@ -535,7 +546,12 @@ versioned_schema = { "options": [{"value": "rx"}, {"value": "tx"}, {"value": "both"}], }, }, - "v_range": [["v6.0.0", "v6.2.7"], ["v6.4.1", "v7.0.12"], ["v7.2.1", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v6.2.7"], + ["v6.4.1", "v7.0.12"], + ["v7.2.1", "v7.2.4"], + ["v7.4.2", "v7.4.2"], + ], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wan_link.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wan_link.py index a9a19d396..cfa1b9512 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wan_link.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wan_link.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1139,11 +1139,10 @@ def system_virtual_wan_link(data, fos): system_virtual_wan_link_data = flatten_multilists_attributes( system_virtual_wan_link_data ) - filtered_data = underscore_to_hyphen( - filter_system_virtual_wan_link_data(system_virtual_wan_link_data) - ) + filtered_data = filter_system_virtual_wan_link_data(system_virtual_wan_link_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "virtual-wan-link", data=filtered_data, vdom=vdom) + return fos.set("system", "virtual-wan-link", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wire_pair.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wire_pair.py index 5a9ca9e87..a3a791270 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wire_pair.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_virtual_wire_pair.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -104,6 +104,17 @@ options: - Virtual-wire-pair name. Must be a unique interface name. required: true type: str + outer_vlan_id: + description: + - Outer VLAN ID. + type: list + elements: dict + suboptions: + vlanid: + description: + - VLAN ID (1 - 4094). see <a href='#notes'>Notes</a>. + required: true + type: int vlan_filter: description: - VLAN ranges to allow @@ -128,6 +139,9 @@ EXAMPLES = """ - interface_name: "<your_own_value> (source system.interface.name)" name: "default_name_5" + outer_vlan_id: + - + vlanid: "<you_own_value>" vlan_filter: "<your_own_value>" wildcard_vlan: "enable" """ @@ -221,7 +235,7 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.compariso def filter_system_virtual_wire_pair_data(json): - option_list = ["member", "name", "vlan_filter", "wildcard_vlan"] + option_list = ["member", "name", "outer_vlan_id", "vlan_filter", "wildcard_vlan"] json = remove_invalid_fields(json) dictionary = {} @@ -252,9 +266,8 @@ def system_virtual_wire_pair(data, fos, check_mode=False): state = data["state"] system_virtual_wire_pair_data = data["system_virtual_wire_pair"] - filtered_data = underscore_to_hyphen( - filter_system_virtual_wire_pair_data(system_virtual_wire_pair_data) - ) + filtered_data = filter_system_virtual_wire_pair_data(system_virtual_wire_pair_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -318,7 +331,7 @@ def system_virtual_wire_pair(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "virtual-wire-pair", data=filtered_data, vdom=vdom) + return fos.set("system", "virtual-wire-pair", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -382,6 +395,18 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "vlan_filter": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "outer_vlan_id": { + "type": "list", + "elements": "dict", + "children": { + "vlanid": { + "v_range": [["v7.4.2", "v7.4.2"]], + "type": "integer", + "required": True, + } + }, + "v_range": [["v7.4.2", "v7.4.2"]], + }, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vne_tunnel.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vne_tunnel.py index 700a54d68..cb9330daf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vne_tunnel.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vne_tunnel.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -274,11 +274,10 @@ def underscore_to_hyphen(data): def system_vne_tunnel(data, fos): vdom = data["vdom"] system_vne_tunnel_data = data["system_vne_tunnel"] - filtered_data = underscore_to_hyphen( - filter_system_vne_tunnel_data(system_vne_tunnel_data) - ) + filtered_data = filter_system_vne_tunnel_data(system_vne_tunnel_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("system", "vne-tunnel", data=filtered_data, vdom=vdom) + return fos.set("system", "vne-tunnel", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vxlan.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vxlan.py index 059a20d85..2c4dad558 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vxlan.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_vxlan.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -307,7 +307,8 @@ def system_vxlan(data, fos, check_mode=False): state = data["state"] system_vxlan_data = data["system_vxlan"] - filtered_data = underscore_to_hyphen(filter_system_vxlan_data(system_vxlan_data)) + filtered_data = filter_system_vxlan_data(system_vxlan_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -371,7 +372,7 @@ def system_vxlan(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "vxlan", data=filtered_data, vdom=vdom) + return fos.set("system", "vxlan", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "vxlan", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_wccp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_wccp.py index f1ca85b99..2891303f7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_wccp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_wccp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -432,7 +432,8 @@ def system_wccp(data, fos, check_mode=False): system_wccp_data = data["system_wccp"] system_wccp_data = flatten_multilists_attributes(system_wccp_data) - filtered_data = underscore_to_hyphen(filter_system_wccp_data(system_wccp_data)) + filtered_data = filter_system_wccp_data(system_wccp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -496,7 +497,7 @@ def system_wccp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "wccp", data=filtered_data, vdom=vdom) + return fos.set("system", "wccp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "wccp", mkey=filtered_data["service-id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_zone.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_zone.py index f8bd26ce1..9a2669a2f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_zone.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_system_zone.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -288,7 +288,8 @@ def system_zone(data, fos, check_mode=False): state = data["state"] system_zone_data = data["system_zone"] - filtered_data = underscore_to_hyphen(filter_system_zone_data(system_zone_data)) + filtered_data = filter_system_zone_data(system_zone_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -352,7 +353,7 @@ def system_zone(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("system", "zone", data=filtered_data, vdom=vdom) + return fos.set("system", "zone", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("system", "zone", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_adgrp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_adgrp.py index d2a2ad61b..a2afdb626 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_adgrp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_adgrp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -240,7 +240,8 @@ def user_adgrp(data, fos, check_mode=False): state = data["state"] user_adgrp_data = data["user_adgrp"] - filtered_data = underscore_to_hyphen(filter_user_adgrp_data(user_adgrp_data)) + filtered_data = filter_user_adgrp_data(user_adgrp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -304,7 +305,7 @@ def user_adgrp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "adgrp", data=filtered_data, vdom=vdom) + return fos.set("user", "adgrp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "adgrp", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_certificate.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_certificate.py index 3b0b72944..2c5625bfb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_certificate.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_certificate.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -247,12 +247,11 @@ def user_certificate(data, fos): state = data["state"] user_certificate_data = data["user_certificate"] - filtered_data = underscore_to_hyphen( - filter_user_certificate_data(user_certificate_data) - ) + filtered_data = filter_user_certificate_data(user_certificate_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("user", "certificate", data=filtered_data, vdom=vdom) + return fos.set("user", "certificate", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "certificate", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device.py index 934b9d290..d94391298 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -333,7 +333,8 @@ def user_device(data, fos, check_mode=False): state = data["state"] user_device_data = data["user_device"] - filtered_data = underscore_to_hyphen(filter_user_device_data(user_device_data)) + filtered_data = filter_user_device_data(user_device_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -397,7 +398,7 @@ def user_device(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "device", data=filtered_data, vdom=vdom) + return fos.set("user", "device", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "device", mkey=filtered_data["alias"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_access_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_access_list.py index efcd7b71d..a7ba0684c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_access_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_access_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -260,9 +260,8 @@ def user_device_access_list(data, fos, check_mode=False): state = data["state"] user_device_access_list_data = data["user_device_access_list"] - filtered_data = underscore_to_hyphen( - filter_user_device_access_list_data(user_device_access_list_data) - ) + filtered_data = filter_user_device_access_list_data(user_device_access_list_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -326,7 +325,7 @@ def user_device_access_list(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "device-access-list", data=filtered_data, vdom=vdom) + return fos.set("user", "device-access-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_category.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_category.py index 2feb3a050..08567b209 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_category.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_category.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -235,9 +235,8 @@ def user_device_category(data, fos, check_mode=False): state = data["state"] user_device_category_data = data["user_device_category"] - filtered_data = underscore_to_hyphen( - filter_user_device_category_data(user_device_category_data) - ) + filtered_data = filter_user_device_category_data(user_device_category_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -301,7 +300,7 @@ def user_device_category(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "device-category", data=filtered_data, vdom=vdom) + return fos.set("user", "device-category", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_group.py index 30500817d..e0dcdc8bf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_device_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -277,9 +277,8 @@ def user_device_group(data, fos, check_mode=False): state = data["state"] user_device_group_data = data["user_device_group"] - filtered_data = underscore_to_hyphen( - filter_user_device_group_data(user_device_group_data) - ) + filtered_data = filter_user_device_group_data(user_device_group_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -343,7 +342,7 @@ def user_device_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "device-group", data=filtered_data, vdom=vdom) + return fos.set("user", "device-group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "device-group", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_domain_controller.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_domain_controller.py index c5be70514..b7ba0ed0a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_domain_controller.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_domain_controller.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -417,9 +417,8 @@ def user_domain_controller(data, fos, check_mode=False): state = data["state"] user_domain_controller_data = data["user_domain_controller"] - filtered_data = underscore_to_hyphen( - filter_user_domain_controller_data(user_domain_controller_data) - ) + filtered_data = filter_user_domain_controller_data(user_domain_controller_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -483,7 +482,7 @@ def user_domain_controller(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "domain-controller", data=filtered_data, vdom=vdom) + return fos.set("user", "domain-controller", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_exchange.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_exchange.py index 444f643fb..863370d6b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_exchange.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_exchange.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -335,7 +335,8 @@ def user_exchange(data, fos, check_mode=False): state = data["state"] user_exchange_data = data["user_exchange"] - filtered_data = underscore_to_hyphen(filter_user_exchange_data(user_exchange_data)) + filtered_data = filter_user_exchange_data(user_exchange_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -399,7 +400,7 @@ def user_exchange(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "exchange", data=filtered_data, vdom=vdom) + return fos.set("user", "exchange", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "exchange", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_external_identity_provider.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_external_identity_provider.py new file mode 100644 index 000000000..05a0f2482 --- /dev/null +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_external_identity_provider.py @@ -0,0 +1,462 @@ +#!/usr/bin/python +from __future__ import absolute_import, division, print_function + +# Copyright: (c) 2022 Fortinet +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +__metaclass__ = type + +ANSIBLE_METADATA = { + "status": ["preview"], + "supported_by": "community", + "metadata_version": "1.1", +} + +DOCUMENTATION = """ +--- +module: fortios_user_external_identity_provider +short_description: Configure external identity provider in Fortinet's FortiOS and FortiGate. +description: + - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the + user to set and modify user feature and external_identity_provider category. + Examples include all parameters and values need to be adjusted to datasources before usage. + Tested with FOS v6.0.0 +version_added: "2.0.0" +author: + - Link Zheng (@chillancezen) + - Jie Xue (@JieX19) + - Hongbin Lu (@fgtdev-hblu) + - Frank Shen (@frankshen01) + - Miguel Angel Munoz (@mamunozgonzalez) + - Nicolas Thomas (@thomnico) +notes: + - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks + +requirements: + - ansible>=2.15 +options: + access_token: + description: + - Token-based authentication. + Generated from GUI of Fortigate. + type: str + required: false + enable_log: + description: + - Enable/Disable logging for task. + type: bool + required: false + default: false + vdom: + description: + - Virtual domain, among those defined previously. A vdom is a + virtual instance of the FortiGate that can be configured and + used as a different unit. + type: str + default: root + member_path: + type: str + description: + - Member attribute path to operate on. + - Delimited by a slash character if there are more than one attribute. + - Parameter marked with member_path is legitimate for doing member operation. + member_state: + type: str + description: + - Add or delete a member under specified attribute path. + - When member_state is specified, the state option is ignored. + choices: + - 'present' + - 'absent' + + state: + description: + - Indicates whether to create or remove the object. + type: str + required: true + choices: + - 'present' + - 'absent' + user_external_identity_provider: + description: + - Configure external identity provider. + default: null + type: dict + suboptions: + group_attr_name: + description: + - Group attribute name in authentication query. + type: str + interface: + description: + - Specify outgoing interface to reach server. Source system.interface.name. + type: str + interface_select_method: + description: + - Specify how to select outgoing interface to reach server. + type: str + choices: + - 'auto' + - 'sdwan' + - 'specify' + name: + description: + - External identity provider name. + required: true + type: str + port: + description: + - External identity provider service port number (0 to use default). + type: int + server_identity_check: + description: + - Enable/disable server"s identity check against its certificate and subject alternative name(s). + type: str + choices: + - 'disable' + - 'enable' + source_ip: + description: + - Use this IPv4/v6 address to connect to the external identity provider. + type: str + timeout: + description: + - Connection timeout value in seconds . + type: int + type: + description: + - External identity provider type. + type: str + choices: + - 'ms-graph' + user_attr_name: + description: + - User attribute name in authentication query. + type: str + version: + description: + - External identity API version. + type: str + choices: + - 'v1.0' + - 'beta' +""" + +EXAMPLES = """ +- name: Configure external identity provider. + fortinet.fortios.fortios_user_external_identity_provider: + vdom: "{{ vdom }}" + state: "present" + access_token: "<your_own_value>" + user_external_identity_provider: + group_attr_name: "<your_own_value>" + interface: "<your_own_value> (source system.interface.name)" + interface_select_method: "auto" + name: "default_name_6" + port: "0" + server_identity_check: "disable" + source_ip: "84.230.14.43" + timeout: "5" + type: "ms-graph" + user_attr_name: "<your_own_value>" + version: "v1.0" +""" + +RETURN = """ +build: + description: Build number of the fortigate image + returned: always + type: str + sample: '1547' +http_method: + description: Last method used to provision the content into FortiGate + returned: always + type: str + sample: 'PUT' +http_status: + description: Last result given by FortiGate on last operation applied + returned: always + type: str + sample: "200" +mkey: + description: Master key (id) used in the last call to FortiGate + returned: success + type: str + sample: "id" +name: + description: Name of the table used to fulfill the request + returned: always + type: str + sample: "urlfilter" +path: + description: Path of the table used to fulfill the request + returned: always + type: str + sample: "webfilter" +revision: + description: Internal revision number + returned: always + type: str + sample: "17.0.2.10658" +serial: + description: Serial number of the unit + returned: always + type: str + sample: "FGVMEVYYQT3AB5352" +status: + description: Indication of the operation's result + returned: always + type: str + sample: "success" +vdom: + description: Virtual domain used + returned: always + type: str + sample: "root" +version: + description: Version of the FortiGate + returned: always + type: str + sample: "v5.6.3" +""" +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.connection import Connection +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + FortiOSHandler, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_legacy_fortiosapi, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + schema_to_module_spec, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_schema_versioning, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import ( + FAIL_SOCKET_MSG, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post_processor import ( + remove_invalid_fields, +) + + +def filter_user_external_identity_provider_data(json): + option_list = [ + "group_attr_name", + "interface", + "interface_select_method", + "name", + "port", + "server_identity_check", + "source_ip", + "timeout", + "type", + "user_attr_name", + "version", + ] + + json = remove_invalid_fields(json) + dictionary = {} + + for attribute in option_list: + if attribute in json and json[attribute] is not None: + dictionary[attribute] = json[attribute] + + return dictionary + + +def underscore_to_hyphen(data): + if isinstance(data, list): + for i, elem in enumerate(data): + data[i] = underscore_to_hyphen(elem) + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[k.replace("_", "-")] = underscore_to_hyphen(v) + data = new_data + + return data + + +def user_external_identity_provider(data, fos): + vdom = data["vdom"] + + state = data["state"] + + user_external_identity_provider_data = data["user_external_identity_provider"] + filtered_data = filter_user_external_identity_provider_data( + user_external_identity_provider_data + ) + converted_data = underscore_to_hyphen(filtered_data) + + if state == "present" or state is True: + return fos.set( + "user", "external-identity-provider", data=converted_data, vdom=vdom + ) + + elif state == "absent": + return fos.delete( + "user", "external-identity-provider", mkey=filtered_data["name"], vdom=vdom + ) + else: + fos._module.fail_json(msg="state must be present or absent!") + + +def is_successful_status(resp): + return ( + "status" in resp + and resp["status"] == "success" + or "http_status" in resp + and resp["http_status"] == 200 + or "http_method" in resp + and resp["http_method"] == "DELETE" + and resp["http_status"] == 404 + ) + + +def fortios_user(data, fos): + fos.do_member_operation("user", "external-identity-provider") + if data["user_external_identity_provider"]: + resp = user_external_identity_provider(data, fos) + else: + fos._module.fail_json( + msg="missing task body: %s" % ("user_external_identity_provider") + ) + + return ( + not is_successful_status(resp), + is_successful_status(resp) + and (resp["revision_changed"] if "revision_changed" in resp else True), + resp, + {}, + ) + + +versioned_schema = { + "type": "list", + "elements": "dict", + "children": { + "name": {"v_range": [["v7.4.2", ""]], "type": "string", "required": True}, + "type": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "ms-graph"}], + }, + "version": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "v1.0"}, {"value": "beta"}], + }, + "user_attr_name": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "group_attr_name": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "source_ip": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "interface_select_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "auto"}, {"value": "sdwan"}, {"value": "specify"}], + }, + "interface": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "server_identity_check": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "timeout": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + }, + "v_range": [["v7.4.2", ""]], +} + + +def main(): + module_spec = schema_to_module_spec(versioned_schema) + mkeyname = "name" + fields = { + "access_token": {"required": False, "type": "str", "no_log": True}, + "enable_log": {"required": False, "type": "bool", "default": False}, + "vdom": {"required": False, "type": "str", "default": "root"}, + "member_path": {"required": False, "type": "str"}, + "member_state": { + "type": "str", + "required": False, + "choices": ["present", "absent"], + }, + "state": {"required": True, "type": "str", "choices": ["present", "absent"]}, + "user_external_identity_provider": { + "required": False, + "type": "dict", + "default": None, + "options": {}, + }, + } + for attribute_name in module_spec["options"]: + fields["user_external_identity_provider"]["options"][ + attribute_name + ] = module_spec["options"][attribute_name] + if mkeyname and mkeyname == attribute_name: + fields["user_external_identity_provider"]["options"][attribute_name][ + "required" + ] = True + + module = AnsibleModule(argument_spec=fields, supports_check_mode=False) + check_legacy_fortiosapi(module) + + is_error = False + has_changed = False + result = None + diff = None + + versions_check_result = None + if module._socket_path: + connection = Connection(module._socket_path) + if "access_token" in module.params: + connection.set_option("access_token", module.params["access_token"]) + + if "enable_log" in module.params: + connection.set_option("enable_log", module.params["enable_log"]) + else: + connection.set_option("enable_log", False) + fos = FortiOSHandler(connection, module, mkeyname) + versions_check_result = check_schema_versioning( + fos, versioned_schema, "user_external_identity_provider" + ) + + is_error, has_changed, result, diff = fortios_user(module.params, fos) + + else: + module.fail_json(**FAIL_SOCKET_MSG) + + if versions_check_result and versions_check_result["matched"] is False: + module.warn( + "Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv" + ) + + if not is_error: + if versions_check_result and versions_check_result["matched"] is False: + module.exit_json( + changed=has_changed, + version_check_warning=versions_check_result, + meta=result, + diff=diff, + ) + else: + module.exit_json(changed=has_changed, meta=result, diff=diff) + else: + if versions_check_result and versions_check_result["matched"] is False: + module.fail_json( + msg="Error in repo", + version_check_warning=versions_check_result, + meta=result, + ) + else: + module.fail_json(msg="Error in repo", meta=result) + + +if __name__ == "__main__": + main() diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fortitoken.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fortitoken.py index 663db1fc2..cf38ef38a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fortitoken.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fortitoken.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,9 +278,8 @@ def user_fortitoken(data, fos, check_mode=False): state = data["state"] user_fortitoken_data = data["user_fortitoken"] - filtered_data = underscore_to_hyphen( - filter_user_fortitoken_data(user_fortitoken_data) - ) + filtered_data = filter_user_fortitoken_data(user_fortitoken_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -344,7 +343,7 @@ def user_fortitoken(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "fortitoken", data=filtered_data, vdom=vdom) + return fos.set("user", "fortitoken", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso.py index 34dfe8ba8..0306eede8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -431,7 +431,8 @@ def user_fsso(data, fos, check_mode=False): state = data["state"] user_fsso_data = data["user_fsso"] - filtered_data = underscore_to_hyphen(filter_user_fsso_data(user_fsso_data)) + filtered_data = filter_user_fsso_data(user_fsso_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -495,7 +496,7 @@ def user_fsso(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "fsso", data=filtered_data, vdom=vdom) + return fos.set("user", "fsso", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "fsso", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso_polling.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso_polling.py index ea0e1d3b3..78b8137d5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso_polling.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_fsso_polling.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -319,9 +319,8 @@ def user_fsso_polling(data, fos, check_mode=False): state = data["state"] user_fsso_polling_data = data["user_fsso_polling"] - filtered_data = underscore_to_hyphen( - filter_user_fsso_polling_data(user_fsso_polling_data) - ) + filtered_data = filter_user_fsso_polling_data(user_fsso_polling_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -385,7 +384,7 @@ def user_fsso_polling(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "fsso-polling", data=filtered_data, vdom=vdom) + return fos.set("user", "fsso-polling", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "fsso-polling", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_group.py index 6d57d22e6..fac234854 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -210,7 +210,8 @@ options: type: int server_name: description: - - Name of remote auth server. Source user.radius.name user.ldap.name user.tacacs+.name user.saml.name. + - Name of remote auth server. Source user.radius.name user.ldap.name user.tacacs+.name user.saml.name user + .external-identity-provider.name. type: str max_accounts: description: @@ -218,14 +219,14 @@ options: type: int member: description: - - Names of users, peers, LDAP severs, or RADIUS servers to add to the user group. + - Names of users, peers, LDAP severs, RADIUS servers or external idp servers to add to the user group. type: list elements: dict suboptions: name: description: - Group member name. Source user.peer.name user.local.name user.radius.name user.tacacs+.name user.ldap.name user.saml.name user - .adgrp.name user.pop3.name user.certificate.name. + .external-identity-provider.name user.adgrp.name user.pop3.name user.certificate.name. required: true type: str mobile_phone: @@ -328,12 +329,13 @@ EXAMPLES = """ - group_name: "<your_own_value>" id: "26" - server_name: "<your_own_value> (source user.radius.name user.ldap.name user.tacacs+.name user.saml.name)" + server_name: "<your_own_value> (source user.radius.name user.ldap.name user.tacacs+.name user.saml.name user.external-identity-provider + .name)" max_accounts: "0" member: - - name: "default_name_30 (source user.peer.name user.local.name user.radius.name user.tacacs+.name user.ldap.name user.saml.name user.adgrp - .name user.pop3.name user.certificate.name)" + name: "default_name_30 (source user.peer.name user.local.name user.radius.name user.tacacs+.name user.ldap.name user.saml.name user + .external-identity-provider.name user.adgrp.name user.pop3.name user.certificate.name)" mobile_phone: "disable" multiple_guest_add: "disable" name: "default_name_33" @@ -491,7 +493,8 @@ def user_group(data, fos, check_mode=False): state = data["state"] user_group_data = data["user_group"] - filtered_data = underscore_to_hyphen(filter_user_group_data(user_group_data)) + filtered_data = filter_user_group_data(user_group_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -555,7 +558,7 @@ def user_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "group", data=filtered_data, vdom=vdom) + return fos.set("user", "group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "group", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_krb_keytab.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_krb_keytab.py index 0f9a66445..5748a9e19 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_krb_keytab.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_krb_keytab.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -262,9 +262,8 @@ def user_krb_keytab(data, fos, check_mode=False): state = data["state"] user_krb_keytab_data = data["user_krb_keytab"] - filtered_data = underscore_to_hyphen( - filter_user_krb_keytab_data(user_krb_keytab_data) - ) + filtered_data = filter_user_krb_keytab_data(user_krb_keytab_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -328,7 +327,7 @@ def user_krb_keytab(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "krb-keytab", data=filtered_data, vdom=vdom) + return fos.set("user", "krb-keytab", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "krb-keytab", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_ldap.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_ldap.py index bfbf68094..74cf73533 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_ldap.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_ldap.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -556,7 +556,8 @@ def user_ldap(data, fos, check_mode=False): user_ldap_data = data["user_ldap"] user_ldap_data = flatten_multilists_attributes(user_ldap_data) - filtered_data = underscore_to_hyphen(filter_user_ldap_data(user_ldap_data)) + filtered_data = filter_user_ldap_data(user_ldap_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -620,7 +621,7 @@ def user_ldap(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "ldap", data=filtered_data, vdom=vdom) + return fos.set("user", "ldap", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "ldap", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_local.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_local.py index 31bea9b2a..1bb6b3512 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_local.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_local.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -144,6 +144,10 @@ options: description: - IKEv2 Postquantum Preshared Key (ASCII string or hexadecimal encoded with a leading 0x). type: str + qkd_profile: + description: + - Quantum Key Distribution (QKD) profile. Source vpn.qkd.name. + type: str radius_server: description: - Name of RADIUS server with which the user must authenticate. Source user.radius.name. @@ -249,6 +253,7 @@ EXAMPLES = """ passwd_time: "<your_own_value>" ppk_identity: "<your_own_value>" ppk_secret: "<your_own_value>" + qkd_profile: "<your_own_value> (source vpn.qkd.name)" radius_server: "<your_own_value> (source user.radius.name)" sms_custom_server: "<your_own_value> (source system.sms-server.name)" sms_phone: "<your_own_value>" @@ -367,6 +372,7 @@ def filter_user_local_data(json): "passwd_time", "ppk_identity", "ppk_secret", + "qkd_profile", "radius_server", "sms_custom_server", "sms_phone", @@ -406,9 +412,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"tacacs+_server": "tacacs_plus_server"} + speciallist = {"tacacs+_server": "tacacs_plus_server"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -417,8 +423,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -434,8 +443,8 @@ def user_local(data, fos, check_mode=False): state = data["state"] user_local_data = data["user_local"] - filtered_data = underscore_to_hyphen(filter_user_local_data(user_local_data)) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_user_local_data(user_local_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: @@ -601,6 +610,7 @@ versioned_schema = { "auth_concurrent_value": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "ppk_secret": {"v_range": [["v6.0.0", ""]], "type": "string"}, "ppk_identity": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "qkd_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, "username_sensitivity": { "v_range": [["v7.0.1", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_nac_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_nac_policy.py index 71476ba49..1aa6178e5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_nac_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_nac_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -410,9 +410,8 @@ def user_nac_policy(data, fos, check_mode=False): state = data["state"] user_nac_policy_data = data["user_nac_policy"] - filtered_data = underscore_to_hyphen( - filter_user_nac_policy_data(user_nac_policy_data) - ) + filtered_data = filter_user_nac_policy_data(user_nac_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -476,7 +475,7 @@ def user_nac_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "nac-policy", data=filtered_data, vdom=vdom) + return fos.set("user", "nac-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "nac-policy", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_password_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_password_policy.py index f82a0cea2..aa8b21bf8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_password_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_password_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -302,9 +302,8 @@ def user_password_policy(data, fos, check_mode=False): state = data["state"] user_password_policy_data = data["user_password_policy"] - filtered_data = underscore_to_hyphen( - filter_user_password_policy_data(user_password_policy_data) - ) + filtered_data = filter_user_password_policy_data(user_password_policy_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -368,7 +367,7 @@ def user_password_policy(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "password-policy", data=filtered_data, vdom=vdom) + return fos.set("user", "password-policy", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peer.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peer.py index 4ad2e1c6f..f7e7d18ea 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peer.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peer.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -148,7 +148,7 @@ options: type: str mfa_server: description: - - Name of a remote authenticator. Performs client access right check. Source user.ldap.name user.radius.name. + - Name of a remote authenticator. Performs client access right check. Source user.radius.name user.ldap.name. type: str mfa_username: description: @@ -197,7 +197,7 @@ EXAMPLES = """ mandatory_ca_verify: "enable" mfa_mode: "none" mfa_password: "<your_own_value>" - mfa_server: "<your_own_value> (source user.ldap.name user.radius.name)" + mfa_server: "<your_own_value> (source user.radius.name user.ldap.name)" mfa_username: "<your_own_value>" name: "default_name_15" ocsp_override_server: "<your_own_value> (source vpn.certificate.ocsp-server.name)" @@ -344,7 +344,8 @@ def user_peer(data, fos, check_mode=False): state = data["state"] user_peer_data = data["user_peer"] - filtered_data = underscore_to_hyphen(filter_user_peer_data(user_peer_data)) + filtered_data = filter_user_peer_data(user_peer_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -408,7 +409,7 @@ def user_peer(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "peer", data=filtered_data, vdom=vdom) + return fos.set("user", "peer", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "peer", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peergrp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peergrp.py index 86cdb6669..8d32879d0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peergrp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_peergrp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -239,7 +239,8 @@ def user_peergrp(data, fos, check_mode=False): state = data["state"] user_peergrp_data = data["user_peergrp"] - filtered_data = underscore_to_hyphen(filter_user_peergrp_data(user_peergrp_data)) + filtered_data = filter_user_peergrp_data(user_peergrp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -303,7 +304,7 @@ def user_peergrp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "peergrp", data=filtered_data, vdom=vdom) + return fos.set("user", "peergrp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "peergrp", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_pop3.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_pop3.py index 13c13cc9e..d6754ae83 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_pop3.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_pop3.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -256,7 +256,8 @@ def user_pop3(data, fos, check_mode=False): state = data["state"] user_pop3_data = data["user_pop3"] - filtered_data = underscore_to_hyphen(filter_user_pop3_data(user_pop3_data)) + filtered_data = filter_user_pop3_data(user_pop3_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -320,7 +321,7 @@ def user_pop3(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "pop3", data=filtered_data, vdom=vdom) + return fos.set("user", "pop3", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "pop3", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_quarantine.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_quarantine.py index 9c5fdf114..82b8edb38 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_quarantine.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_quarantine.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -271,11 +271,10 @@ def underscore_to_hyphen(data): def user_quarantine(data, fos): vdom = data["vdom"] user_quarantine_data = data["user_quarantine"] - filtered_data = underscore_to_hyphen( - filter_user_quarantine_data(user_quarantine_data) - ) + filtered_data = filter_user_quarantine_data(user_quarantine_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("user", "quarantine", data=filtered_data, vdom=vdom) + return fos.set("user", "quarantine", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_radius.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_radius.py index 3a71e1236..27a243025 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_radius.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_radius.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -501,6 +501,13 @@ options: description: - Switch controller accounting message Framed-IP detection from DHCP snooping (seconds). type: int + switch_controller_nas_ip_dynamic: + description: + - Enable/Disable switch-controller nas-ip dynamic to dynamically set nas-ip. + type: str + choices: + - 'enable' + - 'disable' switch_controller_service_type: description: - RADIUS service type. @@ -633,6 +640,7 @@ EXAMPLES = """ sso_attribute_value_override: "enable" status_ttl: "300" switch_controller_acct_fast_framedip_detect: "2" + switch_controller_nas_ip_dynamic: "enable" switch_controller_service_type: "login" tertiary_secret: "<your_own_value>" tertiary_server: "<your_own_value>" @@ -783,6 +791,7 @@ def filter_user_radius_data(json): "sso_attribute_value_override", "status_ttl", "switch_controller_acct_fast_framedip_detect", + "switch_controller_nas_ip_dynamic", "switch_controller_service_type", "tertiary_secret", "tertiary_server", @@ -853,7 +862,8 @@ def user_radius(data, fos, check_mode=False): user_radius_data = data["user_radius"] user_radius_data = flatten_multilists_attributes(user_radius_data) - filtered_data = underscore_to_hyphen(filter_user_radius_data(user_radius_data)) + filtered_data = filter_user_radius_data(user_radius_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -917,7 +927,7 @@ def user_radius(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "radius", data=filtered_data, vdom=vdom) + return fos.set("user", "radius", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "radius", mkey=filtered_data["name"], vdom=vdom) @@ -977,6 +987,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "switch_controller_nas_ip_dynamic": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "nas_ip": {"v_range": [["v6.0.0", ""]], "type": "string"}, "nas_id_type": { "v_range": [["v7.2.4", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_saml.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_saml.py index 4faaafc58..8885225b2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_saml.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_saml.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -389,7 +389,8 @@ def user_saml(data, fos, check_mode=False): state = data["state"] user_saml_data = data["user_saml"] - filtered_data = underscore_to_hyphen(filter_user_saml_data(user_saml_data)) + filtered_data = filter_user_saml_data(user_saml_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -453,7 +454,7 @@ def user_saml(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "saml", data=filtered_data, vdom=vdom) + return fos.set("user", "saml", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "saml", mkey=filtered_data["name"], vdom=vdom) @@ -516,7 +517,6 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "clock_tolerance": {"v_range": [["v7.0.4", ""]], "type": "integer"}, - "auth_url": {"v_range": [["v7.2.1", ""]], "type": "string"}, "adfs_claim": { "v_range": [["v7.0.0", ""]], "type": "string", @@ -579,6 +579,7 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "auth_url": {"v_range": [["v7.2.1", "v7.4.1"]], "type": "string"}, }, "v_range": [["v6.2.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_security_exempt_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_security_exempt_list.py index eda67784f..927fa3ff5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_security_exempt_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_security_exempt_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -300,9 +300,10 @@ def user_security_exempt_list(data, fos, check_mode=False): state = data["state"] user_security_exempt_list_data = data["user_security_exempt_list"] - filtered_data = underscore_to_hyphen( - filter_user_security_exempt_list_data(user_security_exempt_list_data) + filtered_data = filter_user_security_exempt_list_data( + user_security_exempt_list_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -366,7 +367,7 @@ def user_security_exempt_list(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "security-exempt-list", data=filtered_data, vdom=vdom) + return fos.set("user", "security-exempt-list", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_setting.py index ea4ade813..a74ef161f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -432,9 +432,10 @@ def user_setting(data, fos): vdom = data["vdom"] user_setting_data = data["user_setting"] user_setting_data = flatten_multilists_attributes(user_setting_data) - filtered_data = underscore_to_hyphen(filter_user_setting_data(user_setting_data)) + filtered_data = filter_user_setting_data(user_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("user", "setting", data=filtered_data, vdom=vdom) + return fos.set("user", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_tacacsplus.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_tacacsplus.py index 6de7dc8e5..591966b9b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_tacacsplus.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_user_tacacsplus.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -312,9 +312,8 @@ def user_tacacsplus(data, fos, check_mode=False): state = data["state"] user_tacacsplus_data = data["user_tacacsplus"] - filtered_data = underscore_to_hyphen( - filter_user_tacacsplus_data(user_tacacsplus_data) - ) + filtered_data = filter_user_tacacsplus_data(user_tacacsplus_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -378,7 +377,7 @@ def user_tacacsplus(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("user", "tacacs+", data=filtered_data, vdom=vdom) + return fos.set("user", "tacacs+", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("user", "tacacs+", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_keyword.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_keyword.py new file mode 100644 index 000000000..baf259b04 --- /dev/null +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_keyword.py @@ -0,0 +1,438 @@ +#!/usr/bin/python +from __future__ import absolute_import, division, print_function + +# Copyright: (c) 2022 Fortinet +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +__metaclass__ = type + +ANSIBLE_METADATA = { + "status": ["preview"], + "supported_by": "community", + "metadata_version": "1.1", +} + +DOCUMENTATION = """ +--- +module: fortios_videofilter_keyword +short_description: Configure video filter keywords in Fortinet's FortiOS and FortiGate. +description: + - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the + user to set and modify videofilter feature and keyword category. + Examples include all parameters and values need to be adjusted to datasources before usage. + Tested with FOS v6.0.0 +version_added: "2.0.0" +author: + - Link Zheng (@chillancezen) + - Jie Xue (@JieX19) + - Hongbin Lu (@fgtdev-hblu) + - Frank Shen (@frankshen01) + - Miguel Angel Munoz (@mamunozgonzalez) + - Nicolas Thomas (@thomnico) +notes: + - We highly recommend using your own value as the id instead of 0, while '0' is a special placeholder that allows the backend to assign the latest + available number for the object, it does have limitations. Please find more details in Q&A. + - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks + +requirements: + - ansible>=2.15 +options: + access_token: + description: + - Token-based authentication. + Generated from GUI of Fortigate. + type: str + required: false + enable_log: + description: + - Enable/Disable logging for task. + type: bool + required: false + default: false + vdom: + description: + - Virtual domain, among those defined previously. A vdom is a + virtual instance of the FortiGate that can be configured and + used as a different unit. + type: str + default: root + member_path: + type: str + description: + - Member attribute path to operate on. + - Delimited by a slash character if there are more than one attribute. + - Parameter marked with member_path is legitimate for doing member operation. + member_state: + type: str + description: + - Add or delete a member under specified attribute path. + - When member_state is specified, the state option is ignored. + choices: + - 'present' + - 'absent' + + state: + description: + - Indicates whether to create or remove the object. + type: str + required: true + choices: + - 'present' + - 'absent' + videofilter_keyword: + description: + - Configure video filter keywords. + default: null + type: dict + suboptions: + comment: + description: + - Comment. + type: str + id: + description: + - ID. see <a href='#notes'>Notes</a>. + required: true + type: int + match: + description: + - Keyword matching logic. + type: str + choices: + - 'or' + - 'and' + name: + description: + - Name. + type: str + word: + description: + - List of keywords. + type: list + elements: dict + suboptions: + comment: + description: + - Comment. + type: str + name: + description: + - Name. + required: true + type: str + pattern_type: + description: + - Pattern type. + type: str + choices: + - 'wildcard' + - 'regex' + status: + description: + - Enable(consider)/disable(ignore) this keyword. + type: str + choices: + - 'enable' + - 'disable' +""" + +EXAMPLES = """ +- name: Configure video filter keywords. + fortinet.fortios.fortios_videofilter_keyword: + vdom: "{{ vdom }}" + state: "present" + access_token: "<your_own_value>" + videofilter_keyword: + comment: "Comment." + id: "4" + match: "or" + name: "default_name_6" + word: + - + comment: "Comment." + name: "default_name_9" + pattern_type: "wildcard" + status: "enable" +""" + +RETURN = """ +build: + description: Build number of the fortigate image + returned: always + type: str + sample: '1547' +http_method: + description: Last method used to provision the content into FortiGate + returned: always + type: str + sample: 'PUT' +http_status: + description: Last result given by FortiGate on last operation applied + returned: always + type: str + sample: "200" +mkey: + description: Master key (id) used in the last call to FortiGate + returned: success + type: str + sample: "id" +name: + description: Name of the table used to fulfill the request + returned: always + type: str + sample: "urlfilter" +path: + description: Path of the table used to fulfill the request + returned: always + type: str + sample: "webfilter" +revision: + description: Internal revision number + returned: always + type: str + sample: "17.0.2.10658" +serial: + description: Serial number of the unit + returned: always + type: str + sample: "FGVMEVYYQT3AB5352" +status: + description: Indication of the operation's result + returned: always + type: str + sample: "success" +vdom: + description: Virtual domain used + returned: always + type: str + sample: "root" +version: + description: Version of the FortiGate + returned: always + type: str + sample: "v5.6.3" +""" +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.connection import Connection +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + FortiOSHandler, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_legacy_fortiosapi, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + schema_to_module_spec, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_schema_versioning, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import ( + FAIL_SOCKET_MSG, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post_processor import ( + remove_invalid_fields, +) + + +def filter_videofilter_keyword_data(json): + option_list = ["comment", "id", "match", "name", "word"] + + json = remove_invalid_fields(json) + dictionary = {} + + for attribute in option_list: + if attribute in json and json[attribute] is not None: + dictionary[attribute] = json[attribute] + + return dictionary + + +def underscore_to_hyphen(data): + if isinstance(data, list): + for i, elem in enumerate(data): + data[i] = underscore_to_hyphen(elem) + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[k.replace("_", "-")] = underscore_to_hyphen(v) + data = new_data + + return data + + +def videofilter_keyword(data, fos): + vdom = data["vdom"] + + state = data["state"] + + videofilter_keyword_data = data["videofilter_keyword"] + filtered_data = filter_videofilter_keyword_data(videofilter_keyword_data) + converted_data = underscore_to_hyphen(filtered_data) + + if state == "present" or state is True: + return fos.set("videofilter", "keyword", data=converted_data, vdom=vdom) + + elif state == "absent": + return fos.delete("videofilter", "keyword", mkey=filtered_data["id"], vdom=vdom) + else: + fos._module.fail_json(msg="state must be present or absent!") + + +def is_successful_status(resp): + return ( + "status" in resp + and resp["status"] == "success" + or "http_status" in resp + and resp["http_status"] == 200 + or "http_method" in resp + and resp["http_method"] == "DELETE" + and resp["http_status"] == 404 + ) + + +def fortios_videofilter(data, fos): + fos.do_member_operation("videofilter", "keyword") + if data["videofilter_keyword"]: + resp = videofilter_keyword(data, fos) + else: + fos._module.fail_json(msg="missing task body: %s" % ("videofilter_keyword")) + + return ( + not is_successful_status(resp), + is_successful_status(resp) + and (resp["revision_changed"] if "revision_changed" in resp else True), + resp, + {}, + ) + + +versioned_schema = { + "type": "list", + "elements": "dict", + "children": { + "id": {"v_range": [["v7.4.2", ""]], "type": "integer", "required": True}, + "name": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "comment": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "match": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "or"}, {"value": "and"}], + }, + "word": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + }, + "comment": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "pattern_type": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "wildcard"}, {"value": "regex"}], + }, + "status": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + }, + "v_range": [["v7.4.2", ""]], + }, + }, + "v_range": [["v7.4.2", ""]], +} + + +def main(): + module_spec = schema_to_module_spec(versioned_schema) + mkeyname = "id" + fields = { + "access_token": {"required": False, "type": "str", "no_log": True}, + "enable_log": {"required": False, "type": "bool", "default": False}, + "vdom": {"required": False, "type": "str", "default": "root"}, + "member_path": {"required": False, "type": "str"}, + "member_state": { + "type": "str", + "required": False, + "choices": ["present", "absent"], + }, + "state": {"required": True, "type": "str", "choices": ["present", "absent"]}, + "videofilter_keyword": { + "required": False, + "type": "dict", + "default": None, + "no_log": True, + "options": {}, + }, + } + for attribute_name in module_spec["options"]: + fields["videofilter_keyword"]["options"][attribute_name] = module_spec[ + "options" + ][attribute_name] + if mkeyname and mkeyname == attribute_name: + fields["videofilter_keyword"]["options"][attribute_name]["required"] = True + + module = AnsibleModule(argument_spec=fields, supports_check_mode=False) + check_legacy_fortiosapi(module) + + is_error = False + has_changed = False + result = None + diff = None + + versions_check_result = None + if module._socket_path: + connection = Connection(module._socket_path) + if "access_token" in module.params: + connection.set_option("access_token", module.params["access_token"]) + + if "enable_log" in module.params: + connection.set_option("enable_log", module.params["enable_log"]) + else: + connection.set_option("enable_log", False) + fos = FortiOSHandler(connection, module, mkeyname) + versions_check_result = check_schema_versioning( + fos, versioned_schema, "videofilter_keyword" + ) + + is_error, has_changed, result, diff = fortios_videofilter(module.params, fos) + + else: + module.fail_json(**FAIL_SOCKET_MSG) + + if versions_check_result and versions_check_result["matched"] is False: + module.warn( + "Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv" + ) + + if not is_error: + if versions_check_result and versions_check_result["matched"] is False: + module.exit_json( + changed=has_changed, + version_check_warning=versions_check_result, + meta=result, + diff=diff, + ) + else: + module.exit_json(changed=has_changed, meta=result, diff=diff) + else: + if versions_check_result and versions_check_result["matched"] is False: + module.fail_json( + msg="Error in repo", + version_check_warning=versions_check_result, + meta=result, + ) + else: + module.fail_json(msg="Error in repo", meta=result) + + +if __name__ == "__main__": + main() diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_profile.py index 9a2045843..060192a9f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -107,6 +107,57 @@ options: - 'allow' - 'monitor' - 'block' + filters: + description: + - YouTube filter entries. + type: list + elements: dict + suboptions: + action: + description: + - Video filter action. + type: str + choices: + - 'allow' + - 'monitor' + - 'block' + category: + description: + - FortiGuard category ID. + type: str + channel: + description: + - Channel ID. + type: str + comment: + description: + - Comment. + type: str + id: + description: + - ID. see <a href='#notes'>Notes</a>. + required: true + type: int + keyword: + description: + - Video filter keyword ID. Source videofilter.keyword.id. + type: int + log: + description: + - Enable/disable logging. + type: str + choices: + - 'enable' + - 'disable' + type: + description: + - Filter type. + type: str + choices: + - 'category' + - 'channel' + - 'title' + - 'description' fortiguard_category: description: - Configure FortiGuard categories. @@ -201,15 +252,25 @@ EXAMPLES = """ comment: "Comment." dailymotion: "enable" default_action: "allow" + filters: + - + action: "allow" + category: "<your_own_value>" + channel: "<your_own_value>" + comment: "Comment." + id: "11" + keyword: "0" + log: "enable" + type: "category" fortiguard_category: filters: - action: "allow" category_id: "0" - id: "10" + id: "19" log: "enable" log: "enable" - name: "default_name_13" + name: "default_name_22" replacemsg_group: "<your_own_value> (source system.replacemsg-group.name)" vimeo: "enable" vimeo_restrict: "<your_own_value>" @@ -302,6 +363,7 @@ def filter_videofilter_profile_data(json): "comment", "dailymotion", "default_action", + "filters", "fortiguard_category", "log", "name", @@ -342,12 +404,11 @@ def videofilter_profile(data, fos): state = data["state"] videofilter_profile_data = data["videofilter_profile"] - filtered_data = underscore_to_hyphen( - filter_videofilter_profile_data(videofilter_profile_data) - ) + filtered_data = filter_videofilter_profile_data(videofilter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("videofilter", "profile", data=filtered_data, vdom=vdom) + return fos.set("videofilter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -391,19 +452,78 @@ versioned_schema = { "children": { "name": {"v_range": [["v7.0.0", ""]], "type": "string", "required": True}, "comment": {"v_range": [["v7.0.0", ""]], "type": "string"}, + "filters": { + "type": "list", + "elements": "dict", + "children": { + "id": { + "v_range": [["v7.4.2", ""]], + "type": "integer", + "required": True, + }, + "comment": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "type": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "category"}, + {"value": "channel"}, + {"value": "title"}, + {"value": "description"}, + ], + }, + "keyword": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "category": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "channel": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "action": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "allow"}, + {"value": "monitor"}, + {"value": "block"}, + ], + }, + "log": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + }, + "v_range": [["v7.4.2", ""]], + }, + "youtube": { + "v_range": [["v7.0.0", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "vimeo": { + "v_range": [["v7.0.0", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "dailymotion": { + "v_range": [["v7.0.0", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "replacemsg_group": {"v_range": [["v7.0.1", ""]], "type": "string"}, "default_action": { - "v_range": [["v7.4.0", ""]], + "v_range": [["v7.4.0", "v7.4.1"]], "type": "string", "options": [{"value": "allow"}, {"value": "monitor"}, {"value": "block"}], }, "log": { - "v_range": [["v7.4.0", ""]], + "v_range": [["v7.4.0", "v7.4.1"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, - "youtube_channel_filter": {"v_range": [["v7.0.0", ""]], "type": "integer"}, + "youtube_channel_filter": { + "v_range": [["v7.0.0", "v7.4.1"]], + "type": "integer", + }, "fortiguard_category": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], "type": "dict", "children": { "filters": { @@ -411,47 +531,34 @@ versioned_schema = { "elements": "dict", "children": { "id": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], "type": "integer", "required": True, }, "action": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], "type": "string", "options": [ - {"value": "allow", "v_range": [["v7.0.1", ""]]}, + {"value": "allow", "v_range": [["v7.0.1", "v7.4.1"]]}, {"value": "monitor"}, {"value": "block"}, {"value": "bypass", "v_range": [["v7.0.0", "v7.0.0"]]}, ], }, - "category_id": {"v_range": [["v7.0.0", ""]], "type": "integer"}, + "category_id": { + "v_range": [["v7.0.0", "v7.4.1"]], + "type": "integer", + }, "log": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, }, - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], } }, }, - "youtube": { - "v_range": [["v7.0.0", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, - "vimeo": { - "v_range": [["v7.0.0", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, - "dailymotion": { - "v_range": [["v7.0.0", ""]], - "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], - }, - "replacemsg_group": {"v_range": [["v7.0.1", ""]], "type": "string"}, "youtube_restrict": { "v_range": [["v7.0.0", "v7.0.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_channel_filter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_channel_filter.py index 001f30569..a5b431283 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_channel_filter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_channel_filter.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -295,15 +295,14 @@ def videofilter_youtube_channel_filter(data, fos): state = data["state"] videofilter_youtube_channel_filter_data = data["videofilter_youtube_channel_filter"] - filtered_data = underscore_to_hyphen( - filter_videofilter_youtube_channel_filter_data( - videofilter_youtube_channel_filter_data - ) + filtered_data = filter_videofilter_youtube_channel_filter_data( + videofilter_youtube_channel_filter_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "videofilter", "youtube-channel-filter", data=filtered_data, vdom=vdom + "videofilter", "youtube-channel-filter", data=converted_data, vdom=vdom ) elif state == "absent": @@ -348,35 +347,35 @@ versioned_schema = { "type": "list", "elements": "dict", "children": { - "id": {"v_range": [["v7.0.0", ""]], "type": "integer", "required": True}, - "name": {"v_range": [["v7.0.0", ""]], "type": "string"}, - "comment": {"v_range": [["v7.0.0", ""]], "type": "string"}, + "id": {"v_range": [["v7.0.0", "v7.4.1"]], "type": "integer", "required": True}, + "name": {"v_range": [["v7.0.0", "v7.4.1"]], "type": "string"}, + "comment": {"v_range": [["v7.0.0", "v7.4.1"]], "type": "string"}, "entries": { "type": "list", "elements": "dict", "children": { "id": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], "type": "integer", "required": True, }, - "comment": {"v_range": [["v7.0.0", ""]], "type": "string"}, + "comment": {"v_range": [["v7.0.0", "v7.4.1"]], "type": "string"}, "action": { - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], "type": "string", "options": [ - {"value": "allow", "v_range": [["v7.0.1", ""]]}, + {"value": "allow", "v_range": [["v7.0.1", "v7.4.1"]]}, {"value": "monitor"}, {"value": "block"}, {"value": "bypass", "v_range": [["v7.0.0", "v7.0.0"]]}, ], }, - "channel_id": {"v_range": [["v7.0.0", ""]], "type": "string"}, + "channel_id": {"v_range": [["v7.0.0", "v7.4.1"]], "type": "string"}, }, - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], }, "log": { - "v_range": [["v7.0.1", ""]], + "v_range": [["v7.0.1", "v7.4.1"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, @@ -391,7 +390,7 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, }, - "v_range": [["v7.0.0", ""]], + "v_range": [["v7.0.0", "v7.4.1"]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_key.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_key.py index 7bcb5fb9b..ecca684e2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_key.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_videofilter_youtube_key.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -231,12 +231,11 @@ def videofilter_youtube_key(data, fos): state = data["state"] videofilter_youtube_key_data = data["videofilter_youtube_key"] - filtered_data = underscore_to_hyphen( - filter_videofilter_youtube_key_data(videofilter_youtube_key_data) - ) + filtered_data = filter_videofilter_youtube_key_data(videofilter_youtube_key_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("videofilter", "youtube-key", data=filtered_data, vdom=vdom) + return fos.set("videofilter", "youtube-key", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_virtual_patch_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_virtual_patch_profile.py index e9ab742ff..906113b27 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_virtual_patch_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_virtual_patch_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -330,12 +330,11 @@ def virtual_patch_profile(data, fos): virtual_patch_profile_data = flatten_multilists_attributes( virtual_patch_profile_data ) - filtered_data = underscore_to_hyphen( - filter_virtual_patch_profile_data(virtual_patch_profile_data) - ) + filtered_data = filter_virtual_patch_profile_data(virtual_patch_profile_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("virtual-patch", "profile", data=filtered_data, vdom=vdom) + return fos.set("virtual-patch", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_voip_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_voip_profile.py index 6f7518b89..033ec52d6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_voip_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_voip_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1228,7 +1228,8 @@ def voip_profile(data, fos, check_mode=False): state = data["state"] voip_profile_data = data["voip_profile"] - filtered_data = underscore_to_hyphen(filter_voip_profile_data(voip_profile_data)) + filtered_data = filter_voip_profile_data(voip_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1292,7 +1293,7 @@ def voip_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("voip", "profile", data=filtered_data, vdom=vdom) + return fos.set("voip", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("voip", "profile", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ca.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ca.py index fd238b959..62873f839 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ca.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ca.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -321,9 +321,8 @@ def vpn_certificate_ca(data, fos, check_mode=False): state = data["state"] vpn_certificate_ca_data = data["vpn_certificate_ca"] - filtered_data = underscore_to_hyphen( - filter_vpn_certificate_ca_data(vpn_certificate_ca_data) - ) + filtered_data = filter_vpn_certificate_ca_data(vpn_certificate_ca_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -387,7 +386,7 @@ def vpn_certificate_ca(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.certificate", "ca", data=filtered_data, vdom=vdom) + return fos.set("vpn.certificate", "ca", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_crl.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_crl.py index b93af58a3..4d37bf73c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_crl.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_crl.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -312,9 +312,8 @@ def vpn_certificate_crl(data, fos, check_mode=False): state = data["state"] vpn_certificate_crl_data = data["vpn_certificate_crl"] - filtered_data = underscore_to_hyphen( - filter_vpn_certificate_crl_data(vpn_certificate_crl_data) - ) + filtered_data = filter_vpn_certificate_crl_data(vpn_certificate_crl_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -378,7 +377,7 @@ def vpn_certificate_crl(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.certificate", "crl", data=filtered_data, vdom=vdom) + return fos.set("vpn.certificate", "crl", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_local.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_local.py index 77b07c0f6..ae1078f96 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_local.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_local.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -475,9 +475,8 @@ def vpn_certificate_local(data, fos, check_mode=False): state = data["state"] vpn_certificate_local_data = data["vpn_certificate_local"] - filtered_data = underscore_to_hyphen( - filter_vpn_certificate_local_data(vpn_certificate_local_data) - ) + filtered_data = filter_vpn_certificate_local_data(vpn_certificate_local_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -541,7 +540,7 @@ def vpn_certificate_local(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.certificate", "local", data=filtered_data, vdom=vdom) + return fos.set("vpn.certificate", "local", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ocsp_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ocsp_server.py index 3a4e4aa4e..cea0f184a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ocsp_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_ocsp_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -266,9 +266,10 @@ def vpn_certificate_ocsp_server(data, fos, check_mode=False): state = data["state"] vpn_certificate_ocsp_server_data = data["vpn_certificate_ocsp_server"] - filtered_data = underscore_to_hyphen( - filter_vpn_certificate_ocsp_server_data(vpn_certificate_ocsp_server_data) + filtered_data = filter_vpn_certificate_ocsp_server_data( + vpn_certificate_ocsp_server_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -332,7 +333,7 @@ def vpn_certificate_ocsp_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.certificate", "ocsp-server", data=filtered_data, vdom=vdom) + return fos.set("vpn.certificate", "ocsp-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_remote.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_remote.py index 7eca5151f..da8adbbda 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_remote.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_remote.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -247,9 +247,8 @@ def vpn_certificate_remote(data, fos, check_mode=False): state = data["state"] vpn_certificate_remote_data = data["vpn_certificate_remote"] - filtered_data = underscore_to_hyphen( - filter_vpn_certificate_remote_data(vpn_certificate_remote_data) - ) + filtered_data = filter_vpn_certificate_remote_data(vpn_certificate_remote_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -313,7 +312,7 @@ def vpn_certificate_remote(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.certificate", "remote", data=filtered_data, vdom=vdom) + return fos.set("vpn.certificate", "remote", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_setting.py index 442ab0579..13b5828b2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_certificate_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -222,6 +222,7 @@ options: type: str choices: - 'enable' + - 'mandatory' - 'disable' proxy: description: @@ -493,11 +494,10 @@ def underscore_to_hyphen(data): def vpn_certificate_setting(data, fos): vdom = data["vdom"] vpn_certificate_setting_data = data["vpn_certificate_setting"] - filtered_data = underscore_to_hyphen( - filter_vpn_certificate_setting_data(vpn_certificate_setting_data) - ) + filtered_data = filter_vpn_certificate_setting_data(vpn_certificate_setting_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("vpn.certificate", "setting", data=filtered_data, vdom=vdom) + return fos.set("vpn.certificate", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -535,7 +535,11 @@ versioned_schema = { "ocsp_status": { "v_range": [["v6.0.0", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [ + {"value": "enable"}, + {"value": "mandatory", "v_range": [["v7.4.2", ""]]}, + {"value": "disable"}, + ], }, "ocsp_option": { "v_range": [["v6.2.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ike_gateway.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ike_gateway.py index 46fef021d..463129618 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ike_gateway.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ike_gateway.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<name>": "name"} + speciallist = {"<name>": "name"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def vpn_ike_gateway(data, fos): vdom = data["vdom"] vpn_ike_gateway_data = data["vpn_ike_gateway"] - filtered_data = underscore_to_hyphen( - filter_vpn_ike_gateway_data(vpn_ike_gateway_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_vpn_ike_gateway_data(vpn_ike_gateway_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("vpn.ike", "gateway", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_concentrator.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_concentrator.py index 7dc1806e5..a28bf6264 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_concentrator.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_concentrator.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -254,9 +254,8 @@ def vpn_ipsec_concentrator(data, fos, check_mode=False): state = data["state"] vpn_ipsec_concentrator_data = data["vpn_ipsec_concentrator"] - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_concentrator_data(vpn_ipsec_concentrator_data) - ) + filtered_data = filter_vpn_ipsec_concentrator_data(vpn_ipsec_concentrator_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -320,7 +319,7 @@ def vpn_ipsec_concentrator(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ipsec", "concentrator", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "concentrator", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_fec.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_fec.py index 9f5bbf963..8125559f7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_fec.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_fec.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -265,10 +265,11 @@ def vpn_ipsec_fec(data, fos): state = data["state"] vpn_ipsec_fec_data = data["vpn_ipsec_fec"] - filtered_data = underscore_to_hyphen(filter_vpn_ipsec_fec_data(vpn_ipsec_fec_data)) + filtered_data = filter_vpn_ipsec_fec_data(vpn_ipsec_fec_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("vpn.ipsec", "fec", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "fec", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("vpn.ipsec", "fec", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_forticlient.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_forticlient.py index c2f48ca56..4efe25dcf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_forticlient.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_forticlient.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -244,9 +244,8 @@ def vpn_ipsec_forticlient(data, fos, check_mode=False): state = data["state"] vpn_ipsec_forticlient_data = data["vpn_ipsec_forticlient"] - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_forticlient_data(vpn_ipsec_forticlient_data) - ) + filtered_data = filter_vpn_ipsec_forticlient_data(vpn_ipsec_forticlient_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -310,7 +309,7 @@ def vpn_ipsec_forticlient(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ipsec", "forticlient", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "forticlient", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey.py index 07fdbaa7c..e9ab5d1f7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -308,9 +308,8 @@ def vpn_ipsec_manualkey(data, fos, check_mode=False): state = data["state"] vpn_ipsec_manualkey_data = data["vpn_ipsec_manualkey"] - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_manualkey_data(vpn_ipsec_manualkey_data) - ) + filtered_data = filter_vpn_ipsec_manualkey_data(vpn_ipsec_manualkey_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -374,7 +373,7 @@ def vpn_ipsec_manualkey(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ipsec", "manualkey", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "manualkey", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey_interface.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey_interface.py index 84a219127..f69b93c6a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey_interface.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_manualkey_interface.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -338,9 +338,10 @@ def vpn_ipsec_manualkey_interface(data, fos, check_mode=False): state = data["state"] vpn_ipsec_manualkey_interface_data = data["vpn_ipsec_manualkey_interface"] - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_manualkey_interface_data(vpn_ipsec_manualkey_interface_data) + filtered_data = filter_vpn_ipsec_manualkey_interface_data( + vpn_ipsec_manualkey_interface_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -407,7 +408,7 @@ def vpn_ipsec_manualkey_interface(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "vpn.ipsec", "manualkey-interface", data=filtered_data, vdom=vdom + "vpn.ipsec", "manualkey-interface", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1.py index 712fbf000..248854fbb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -158,6 +158,13 @@ options: choices: - 'enable' - 'disable' + azure_ad_autoconnect: + description: + - Enable/disable Azure AD Auto-Connect for FortiClient. + type: str + choices: + - 'enable' + - 'disable' backup_gateway: description: - Instruct unity clients about the backup gateway address(es). @@ -180,6 +187,13 @@ options: choices: - 'enable' - 'disable' + cert_trust_store: + description: + - CA certificate trust store. + type: str + choices: + - 'local' + - 'ems' certificate: description: - Names of up to 4 signed personal certificates. @@ -216,6 +230,17 @@ options: description: - Comment. type: str + dev_id: + description: + - Device ID carried by the device ID notification. + type: str + dev_id_notification: + description: + - Enable/disable device ID notification. + type: str + choices: + - 'disable' + - 'enable' dhcp_ra_giaddr: description: - Relay agent gateway IP address to use in the giaddr field of DHCP requests. @@ -292,6 +317,13 @@ options: choices: - 'enable' - 'disable' + eap_cert_auth: + description: + - Enable/disable peer certificate authentication in addition to EAP if peer is a FortiClient endpoint. + type: str + choices: + - 'enable' + - 'disable' eap_exclude_peergrp: description: - Peer group excluded from EAP authentication. Source user.peergrp.name. @@ -303,6 +335,13 @@ options: choices: - 'use-id-payload' - 'send-request' + ems_sn_check: + description: + - Enable/disable verification of EMS serial number. + type: str + choices: + - 'enable' + - 'disable' enforce_unique_id: description: - Enable/disable peer ID uniqueness check. @@ -319,6 +358,17 @@ options: - 'require' - 'allow' - 'disable' + exchange_fgt_device_id: + description: + - Enable/disable device identifier exchange with peer FortiGate units for use of VPN monitor data by FortiManager. + type: str + choices: + - 'enable' + - 'disable' + fallback_tcp_threshold: + description: + - Timeout in seconds before falling back IKE/IPsec traffic to tcp. + type: int fec_base: description: - Number of base Forward Error Correction packets (1 - 20). @@ -350,7 +400,7 @@ options: - 'disable' fec_mapping_profile: description: - - Forward Error Correction (FEC) mapping profile. + - Forward Error Correction (FEC) mapping profile. Source vpn.ipsec.fec.name. type: str fec_receive_timeout: description: @@ -378,6 +428,13 @@ options: choices: - 'enable' - 'disable' + fortinet_esp: + description: + - Enable/disable Fortinet ESP encapsulaton. + type: str + choices: + - 'enable' + - 'disable' fragmentation: description: - Enable/disable fragment IKE message on re-transmission. @@ -584,6 +641,14 @@ options: description: - Time to wait in seconds before phase 1 encryption key expires. type: int + kms: + description: + - Key Management Services server. Source vpn.kmip-server.name. + type: str + link_cost: + description: + - VPN tunnel underlay link cost. + type: int local_gw: description: - Local VPN gateway. @@ -787,6 +852,18 @@ options: description: - Pre-shared secret for remote side PSK authentication (ASCII string or hexadecimal encoded with a leading 0x). type: str + qkd: + description: + - Enable/disable use of Quantum Key Distribution (QKD) server. + type: str + choices: + - 'disable' + - 'allow' + - 'require' + qkd_profile: + description: + - Quantum Key Distribution (QKD) server profile. Source vpn.qkd.name. + type: str reauth: description: - Enable/disable re-authentication upon IKE SA lifetime expiration. @@ -859,6 +936,14 @@ options: - 'disable' - 'suite-b-gcm-128' - 'suite-b-gcm-256' + transport: + description: + - Set IKE transport protocol. + type: str + choices: + - 'udp' + - 'udp-fallback-tcp' + - 'tcp' type: description: - Remote gateway type. @@ -926,18 +1011,22 @@ EXAMPLES = """ authusr: "<your_own_value>" authusrgrp: "<your_own_value> (source user.group.name)" auto_negotiate: "enable" + azure_ad_autoconnect: "enable" backup_gateway: - address: "<your_own_value>" banner: "<your_own_value>" cert_id_validation: "enable" + cert_trust_store: "local" certificate: - - name: "default_name_19 (source vpn.certificate.local.name)" + name: "default_name_21 (source vpn.certificate.local.name)" childless_ike: "enable" client_auto_negotiate: "disable" client_keep_alive: "disable" comments: "<your_own_value>" + dev_id: "<your_own_value>" + dev_id_notification: "disable" dhcp_ra_giaddr: "<your_own_value>" dhcp6_ra_linkaddr: "<your_own_value>" dhgrp: "1" @@ -949,21 +1038,26 @@ EXAMPLES = """ dpd_retrycount: "3" dpd_retryinterval: "<your_own_value>" eap: "enable" + eap_cert_auth: "enable" eap_exclude_peergrp: "<your_own_value> (source user.peergrp.name)" eap_identity: "use-id-payload" + ems_sn_check: "enable" enforce_unique_id: "disable" esn: "require" + exchange_fgt_device_id: "enable" + fallback_tcp_threshold: "15" fec_base: "10" fec_codec: "rs" fec_egress: "enable" fec_health_check: "<your_own_value> (source system.sdwan.health-check.name)" fec_ingress: "enable" - fec_mapping_profile: "<your_own_value>" + fec_mapping_profile: "<your_own_value> (source vpn.ipsec.fec.name)" fec_receive_timeout: "50" fec_redundant: "1" fec_send_timeout: "5" fgsp_sync: "enable" forticlient_enforcement: "enable" + fortinet_esp: "enable" fragmentation: "enable" fragmentation_mtu: "1200" group_authentication: "enable" @@ -986,7 +1080,7 @@ EXAMPLES = """ ipv4_exclude_range: - end_ip: "<your_own_value>" - id: "70" + id: "79" start_ip: "<your_own_value>" ipv4_name: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" ipv4_netmask: "<your_own_value>" @@ -1002,7 +1096,7 @@ EXAMPLES = """ ipv6_exclude_range: - end_ip: "<your_own_value>" - id: "85" + id: "94" start_ip: "<your_own_value>" ipv6_name: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" ipv6_prefix: "128" @@ -1011,6 +1105,8 @@ EXAMPLES = """ ipv6_start_ip: "<your_own_value>" keepalive: "10" keylife: "86400" + kms: "<your_own_value> (source vpn.kmip-server.name)" + link_cost: "0" local_gw: "<your_own_value>" localid: "<your_own_value>" localid_type: "auto" @@ -1019,7 +1115,7 @@ EXAMPLES = """ mode: "aggressive" mode_cfg: "disable" mode_cfg_allow_client_selector: "disable" - name: "default_name_102" + name: "default_name_113" nattraversal: "enable" negotiate_timeout: "30" network_id: "0" @@ -1036,6 +1132,8 @@ EXAMPLES = """ proposal: "des-md5" psksecret: "<your_own_value>" psksecret_remote: "<your_own_value>" + qkd: "disable" + qkd_profile: "<your_own_value> (source vpn.qkd.name)" reauth: "disable" rekey: "enable" remote_gw: "<your_own_value>" @@ -1047,6 +1145,7 @@ EXAMPLES = """ signature_hash_alg: "sha1" split_include_service: "<your_own_value> (source firewall.service.group.name firewall.service.custom.name)" suite_b: "disable" + transport: "udp" type: "static" unity_support: "disable" usrgrp: "<your_own_value> (source user.group.name)" @@ -1155,14 +1254,18 @@ def filter_vpn_ipsec_phase1_data(json): "authusr", "authusrgrp", "auto_negotiate", + "azure_ad_autoconnect", "backup_gateway", "banner", "cert_id_validation", + "cert_trust_store", "certificate", "childless_ike", "client_auto_negotiate", "client_keep_alive", "comments", + "dev_id", + "dev_id_notification", "dhcp_ra_giaddr", "dhcp6_ra_linkaddr", "dhgrp", @@ -1174,10 +1277,14 @@ def filter_vpn_ipsec_phase1_data(json): "dpd_retrycount", "dpd_retryinterval", "eap", + "eap_cert_auth", "eap_exclude_peergrp", "eap_identity", + "ems_sn_check", "enforce_unique_id", "esn", + "exchange_fgt_device_id", + "fallback_tcp_threshold", "fec_base", "fec_codec", "fec_egress", @@ -1189,6 +1296,7 @@ def filter_vpn_ipsec_phase1_data(json): "fec_send_timeout", "fgsp_sync", "forticlient_enforcement", + "fortinet_esp", "fragmentation", "fragmentation_mtu", "group_authentication", @@ -1226,6 +1334,8 @@ def filter_vpn_ipsec_phase1_data(json): "ipv6_start_ip", "keepalive", "keylife", + "kms", + "link_cost", "local_gw", "localid", "localid_type", @@ -1251,6 +1361,8 @@ def filter_vpn_ipsec_phase1_data(json): "proposal", "psksecret", "psksecret_remote", + "qkd", + "qkd_profile", "reauth", "rekey", "remote_gw", @@ -1262,6 +1374,7 @@ def filter_vpn_ipsec_phase1_data(json): "signature_hash_alg", "split_include_service", "suite_b", + "transport", "type", "unity_support", "usrgrp", @@ -1330,9 +1443,8 @@ def vpn_ipsec_phase1(data, fos, check_mode=False): vpn_ipsec_phase1_data = data["vpn_ipsec_phase1"] vpn_ipsec_phase1_data = flatten_multilists_attributes(vpn_ipsec_phase1_data) - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_phase1_data(vpn_ipsec_phase1_data) - ) + filtered_data = filter_vpn_ipsec_phase1_data(vpn_ipsec_phase1_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1396,7 +1508,7 @@ def vpn_ipsec_phase1(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ipsec", "phase1", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "phase1", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("vpn.ipsec", "phase1", mkey=filtered_data["name"], vdom=vdom) @@ -1805,6 +1917,11 @@ versioned_schema = { "options": [{"value": "use-id-payload"}, {"value": "send-request"}], }, "eap_exclude_peergrp": {"v_range": [["v6.2.0", ""]], "type": "string"}, + "eap_cert_auth": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "acct_verify": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -1906,6 +2023,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "azure_ad_autoconnect": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "rekey": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -1976,19 +2098,66 @@ versioned_schema = { "fec_receive_timeout": {"v_range": [["v6.2.0", ""]], "type": "integer"}, "fec_health_check": {"v_range": [["v7.0.2", ""]], "type": "string"}, "fec_mapping_profile": {"v_range": [["v7.0.2", ""]], "type": "string"}, - "forticlient_enforcement": { - "v_range": [["v6.0.0", "v7.4.0"]], + "network_overlay": { + "v_range": [["v6.2.0", "v7.0.1"], ["v7.4.2", ""]], "type": "string", - "options": [{"value": "enable"}, {"value": "disable"}], + "options": [{"value": "disable"}, {"value": "enable"}], }, - "network_overlay": { - "v_range": [["v6.2.0", "v7.0.1"]], + "network_id": { + "v_range": [["v6.2.0", "v7.0.1"], ["v7.4.2", ""]], + "type": "integer", + }, + "dev_id_notification": { + "v_range": [["v7.4.2", ""]], "type": "string", "options": [{"value": "disable"}, {"value": "enable"}], }, - "network_id": {"v_range": [["v6.2.0", "v7.0.1"]], "type": "integer"}, + "dev_id": {"v_range": [["v7.4.2", ""]], "type": "string"}, "loopback_asymroute": { - "v_range": [["v7.0.0", "v7.0.1"]], + "v_range": [["v7.0.0", "v7.0.1"], ["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "link_cost": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "kms": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "exchange_fgt_device_id": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "ems_sn_check": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "cert_trust_store": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "local"}, {"value": "ems"}], + }, + "qkd": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "allow"}, {"value": "require"}], + }, + "qkd_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "transport": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "udp"}, + {"value": "udp-fallback-tcp"}, + {"value": "tcp"}, + ], + }, + "fortinet_esp": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "fallback_tcp_threshold": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "forticlient_enforcement": { + "v_range": [["v6.0.0", "v7.4.0"]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1_interface.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1_interface.py index 044529d74..3959f52d6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1_interface.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase1_interface.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -215,6 +215,13 @@ options: choices: - 'enable' - 'disable' + azure_ad_autoconnect: + description: + - Enable/disable Azure AD Auto-Connect for FortiClient. + type: str + choices: + - 'enable' + - 'disable' backup_gateway: description: - Instruct unity clients about the backup gateway address(es). @@ -237,6 +244,13 @@ options: choices: - 'enable' - 'disable' + cert_trust_store: + description: + - CA certificate trust store. + type: str + choices: + - 'local' + - 'ems' certificate: description: - The names of up to 4 signed personal certificates. @@ -368,6 +382,13 @@ options: choices: - 'enable' - 'disable' + eap_cert_auth: + description: + - Enable/disable peer certificate authentication in addition to EAP if peer is a FortiClient endpoint. + type: str + choices: + - 'enable' + - 'disable' eap_exclude_peergrp: description: - Peer group excluded from EAP authentication. Source user.peergrp.name. @@ -457,6 +478,10 @@ options: description: - IPv6 address to exchange with peers. type: str + fallback_tcp_threshold: + description: + - Timeout in seconds before falling back IKE/IPsec traffic to tcp. + type: int fec_base: description: - Number of base Forward Error Correction packets (1 - 20). @@ -516,6 +541,13 @@ options: choices: - 'enable' - 'disable' + fortinet_esp: + description: + - Enable/disable Fortinet ESP encapsulaton. + type: str + choices: + - 'enable' + - 'disable' fragmentation: description: - Enable/disable fragment IKE message on re-transmission. @@ -806,6 +838,10 @@ options: monitor: description: - IPsec interface as backup for primary interface. Source vpn.ipsec.phase1-interface.name. + type: str + monitor_dict: + description: + - IPsec interface as backup for primary interface.(Use the parameter monitor instead if the fortios firmwear version <= 7.4.0.) type: list elements: dict suboptions: @@ -1017,6 +1053,18 @@ options: description: - Pre-shared secret for remote side PSK authentication (ASCII string or hexadecimal encoded with a leading 0x). type: str + qkd: + description: + - Enable/disable use of Quantum Key Distribution (QKD) server. + type: str + choices: + - 'disable' + - 'allow' + - 'require' + qkd_profile: + description: + - Quantum Key Distribution (QKD) server profile. Source vpn.qkd.name. + type: str reauth: description: - Enable/disable re-authentication upon IKE SA lifetime expiration. @@ -1093,6 +1141,14 @@ options: - 'disable' - 'suite-b-gcm-128' - 'suite-b-gcm-256' + transport: + description: + - Set IKE transport protocol. + type: str + choices: + - 'udp' + - 'udp-fallback-tcp' + - 'tcp' tunnel_search: description: - Tunnel search method for when the interface is shared. @@ -1180,14 +1236,16 @@ EXAMPLES = """ auto_discovery_sender: "enable" auto_discovery_shortcuts: "independent" auto_negotiate: "enable" + azure_ad_autoconnect: "enable" backup_gateway: - address: "<your_own_value>" banner: "<your_own_value>" cert_id_validation: "enable" + cert_trust_store: "local" certificate: - - name: "default_name_28 (source vpn.certificate.local.name)" + name: "default_name_30 (source vpn.certificate.local.name)" childless_ike: "enable" client_auto_negotiate: "disable" client_keep_alive: "disable" @@ -1207,6 +1265,7 @@ EXAMPLES = """ dpd_retrycount: "3" dpd_retryinterval: "<your_own_value>" eap: "enable" + eap_cert_auth: "enable" eap_exclude_peergrp: "<your_own_value> (source user.peergrp.name)" eap_identity: "use-id-payload" ems_sn_check: "enable" @@ -1222,6 +1281,7 @@ EXAMPLES = """ exchange_interface_ip: "enable" exchange_ip_addr4: "<your_own_value>" exchange_ip_addr6: "<your_own_value>" + fallback_tcp_threshold: "15" fec_base: "10" fec_codec: "rs" fec_egress: "enable" @@ -1233,6 +1293,7 @@ EXAMPLES = """ fec_send_timeout: "5" fgsp_sync: "enable" forticlient_enforcement: "enable" + fortinet_esp: "enable" fragmentation: "enable" fragmentation_mtu: "1200" group_authentication: "enable" @@ -1257,7 +1318,7 @@ EXAMPLES = """ ipv4_exclude_range: - end_ip: "<your_own_value>" - id: "96" + id: "101" start_ip: "<your_own_value>" ipv4_name: "<your_own_value> (source firewall.address.name firewall.addrgrp.name)" ipv4_netmask: "<your_own_value>" @@ -1273,7 +1334,7 @@ EXAMPLES = """ ipv6_exclude_range: - end_ip: "<your_own_value>" - id: "111" + id: "116" start_ip: "<your_own_value>" ipv6_name: "<your_own_value> (source firewall.address6.name firewall.addrgrp6.name)" ipv6_prefix: "128" @@ -1293,15 +1354,16 @@ EXAMPLES = """ mode: "aggressive" mode_cfg: "disable" mode_cfg_allow_client_selector: "disable" - monitor: + monitor: "<your_own_value> (source vpn.ipsec.phase1-interface.name)" + monitor_dict: - - name: "default_name_132 (source vpn.ipsec.phase1-interface.name)" + name: "default_name_138 (source vpn.ipsec.phase1-interface.name)" monitor_hold_down_delay: "0" monitor_hold_down_time: "<your_own_value>" monitor_hold_down_type: "immediate" monitor_hold_down_weekday: "everyday" monitor_min: "0" - name: "default_name_138" + name: "default_name_144" nattraversal: "enable" negotiate_timeout: "30" net_device: "enable" @@ -1321,6 +1383,8 @@ EXAMPLES = """ proposal: "des-md5" psksecret: "<your_own_value>" psksecret_remote: "<your_own_value>" + qkd: "disable" + qkd_profile: "<your_own_value> (source vpn.qkd.name)" reauth: "disable" rekey: "enable" remote_gw: "<your_own_value>" @@ -1333,6 +1397,7 @@ EXAMPLES = """ signature_hash_alg: "sha1" split_include_service: "<your_own_value> (source firewall.service.group.name firewall.service.custom.name)" suite_b: "disable" + transport: "udp" tunnel_search: "selectors" type: "static" unity_support: "disable" @@ -1452,9 +1517,11 @@ def filter_vpn_ipsec_phase1_interface_data(json): "auto_discovery_sender", "auto_discovery_shortcuts", "auto_negotiate", + "azure_ad_autoconnect", "backup_gateway", "banner", "cert_id_validation", + "cert_trust_store", "certificate", "childless_ike", "client_auto_negotiate", @@ -1475,6 +1542,7 @@ def filter_vpn_ipsec_phase1_interface_data(json): "dpd_retrycount", "dpd_retryinterval", "eap", + "eap_cert_auth", "eap_exclude_peergrp", "eap_identity", "ems_sn_check", @@ -1490,6 +1558,7 @@ def filter_vpn_ipsec_phase1_interface_data(json): "exchange_interface_ip", "exchange_ip_addr4", "exchange_ip_addr6", + "fallback_tcp_threshold", "fec_base", "fec_codec", "fec_egress", @@ -1501,6 +1570,7 @@ def filter_vpn_ipsec_phase1_interface_data(json): "fec_send_timeout", "fgsp_sync", "forticlient_enforcement", + "fortinet_esp", "fragmentation", "fragmentation_mtu", "group_authentication", @@ -1552,6 +1622,7 @@ def filter_vpn_ipsec_phase1_interface_data(json): "mode_cfg", "mode_cfg_allow_client_selector", "monitor", + "monitor_dict", "monitor_hold_down_delay", "monitor_hold_down_time", "monitor_hold_down_type", @@ -1577,6 +1648,8 @@ def filter_vpn_ipsec_phase1_interface_data(json): "proposal", "psksecret", "psksecret_remote", + "qkd", + "qkd_profile", "reauth", "rekey", "remote_gw", @@ -1589,6 +1662,7 @@ def filter_vpn_ipsec_phase1_interface_data(json): "signature_hash_alg", "split_include_service", "suite_b", + "transport", "tunnel_search", "type", "unity_support", @@ -1652,6 +1726,30 @@ def underscore_to_hyphen(data): return data +def remap_attribute_name(data): + speciallist = {"monitor-dict": "monitor"} + + if data in speciallist: + return speciallist[data] + return data + + +def remap_attribute_names(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = remap_attribute_names(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[remap_attribute_name(k)] = remap_attribute_names(v) + data = new_data + + return data + + def vpn_ipsec_phase1_interface(data, fos, check_mode=False): vdom = data["vdom"] @@ -1661,9 +1759,11 @@ def vpn_ipsec_phase1_interface(data, fos, check_mode=False): vpn_ipsec_phase1_interface_data = flatten_multilists_attributes( vpn_ipsec_phase1_interface_data ) - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_phase1_interface_data(vpn_ipsec_phase1_interface_data) + filtered_data = filter_vpn_ipsec_phase1_interface_data( + vpn_ipsec_phase1_interface_data ) + converted_data = underscore_to_hyphen(filtered_data) + converted_data = remap_attribute_names(converted_data) # check_mode starts from here if check_mode: @@ -1727,7 +1827,7 @@ def vpn_ipsec_phase1_interface(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ipsec", "phase1-interface", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "phase1-interface", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -1839,7 +1939,7 @@ versioned_schema = { "usrgrp": {"v_range": [["v6.0.0", ""]], "type": "string"}, "peer": {"v_range": [["v6.0.0", ""]], "type": "string"}, "peergrp": {"v_range": [["v6.0.0", ""]], "type": "string"}, - "monitor": { + "monitor_dict": { "type": "list", "elements": "dict", "children": { @@ -1849,7 +1949,7 @@ versioned_schema = { "required": True, } }, - "v_range": [["v6.0.0", ""]], + "v_range": [["v7.4.1", ""]], }, "monitor_min": {"v_range": [["v7.4.1", ""]], "type": "integer"}, "monitor_hold_down_type": { @@ -1897,7 +1997,7 @@ versioned_schema = { }, "aggregate_weight": {"v_range": [["v6.4.0", ""]], "type": "integer"}, "packet_redistribution": { - "v_range": [], + "v_range": [["v7.4.2", "v7.4.2"]], "type": "string", "options": [ {"value": "enable", "v_range": [["v7.2.1", "v7.2.2"], ["v7.4.0", ""]]}, @@ -2222,6 +2322,11 @@ versioned_schema = { "options": [{"value": "use-id-payload"}, {"value": "send-request"}], }, "eap_exclude_peergrp": {"v_range": [["v6.2.0", ""]], "type": "string"}, + "eap_cert_auth": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "acct_verify": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -2377,6 +2482,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "azure_ad_autoconnect": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "rekey": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -2476,6 +2586,33 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "cert_trust_store": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "local"}, {"value": "ems"}], + }, + "qkd": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "allow"}, {"value": "require"}], + }, + "qkd_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "transport": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "udp"}, + {"value": "udp-fallback-tcp"}, + {"value": "tcp"}, + ], + }, + "fortinet_esp": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "fallback_tcp_threshold": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "monitor": {"v_range": [["v6.0.0", "v7.4.0"]], "type": "string"}, "forticlient_enforcement": { "v_range": [["v6.0.0", "v7.4.0"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2.py index 2d41db72a..eff4ad728 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -677,9 +677,8 @@ def vpn_ipsec_phase2(data, fos, check_mode=False): vpn_ipsec_phase2_data = data["vpn_ipsec_phase2"] vpn_ipsec_phase2_data = flatten_multilists_attributes(vpn_ipsec_phase2_data) - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_phase2_data(vpn_ipsec_phase2_data) - ) + filtered_data = filter_vpn_ipsec_phase2_data(vpn_ipsec_phase2_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -743,7 +742,7 @@ def vpn_ipsec_phase2(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ipsec", "phase2", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "phase2", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("vpn.ipsec", "phase2", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2_interface.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2_interface.py index b24541ccf..6373c187c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2_interface.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ipsec_phase2_interface.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -688,9 +688,10 @@ def vpn_ipsec_phase2_interface(data, fos, check_mode=False): vpn_ipsec_phase2_interface_data = flatten_multilists_attributes( vpn_ipsec_phase2_interface_data ) - filtered_data = underscore_to_hyphen( - filter_vpn_ipsec_phase2_interface_data(vpn_ipsec_phase2_interface_data) + filtered_data = filter_vpn_ipsec_phase2_interface_data( + vpn_ipsec_phase2_interface_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -754,7 +755,7 @@ def vpn_ipsec_phase2_interface(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ipsec", "phase2-interface", data=filtered_data, vdom=vdom) + return fos.set("vpn.ipsec", "phase2-interface", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_kmip_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_kmip_server.py index bc041e5a7..fd580be1f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_kmip_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_kmip_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -312,12 +312,11 @@ def vpn_kmip_server(data, fos): state = data["state"] vpn_kmip_server_data = data["vpn_kmip_server"] - filtered_data = underscore_to_hyphen( - filter_vpn_kmip_server_data(vpn_kmip_server_data) - ) + filtered_data = filter_vpn_kmip_server_data(vpn_kmip_server_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("vpn", "kmip-server", data=filtered_data, vdom=vdom) + return fos.set("vpn", "kmip-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("vpn", "kmip-server", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_l2tp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_l2tp.py index 3937bf900..53f46b79c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_l2tp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_l2tp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -261,9 +261,10 @@ def underscore_to_hyphen(data): def vpn_l2tp(data, fos): vdom = data["vdom"] vpn_l2tp_data = data["vpn_l2tp"] - filtered_data = underscore_to_hyphen(filter_vpn_l2tp_data(vpn_l2tp_data)) + filtered_data = filter_vpn_l2tp_data(vpn_l2tp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("vpn", "l2tp", data=filtered_data, vdom=vdom) + return fos.set("vpn", "l2tp", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ocvpn.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ocvpn.py index 58a6c4bd3..acb461c36 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ocvpn.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ocvpn.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -485,9 +485,10 @@ def underscore_to_hyphen(data): def vpn_ocvpn(data, fos): vdom = data["vdom"] vpn_ocvpn_data = data["vpn_ocvpn"] - filtered_data = underscore_to_hyphen(filter_vpn_ocvpn_data(vpn_ocvpn_data)) + filtered_data = filter_vpn_ocvpn_data(vpn_ocvpn_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("vpn", "ocvpn", data=filtered_data, vdom=vdom) + return fos.set("vpn", "ocvpn", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_pptp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_pptp.py index 906a96e45..452d516cf 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_pptp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_pptp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -233,9 +233,10 @@ def underscore_to_hyphen(data): def vpn_pptp(data, fos): vdom = data["vdom"] vpn_pptp_data = data["vpn_pptp"] - filtered_data = underscore_to_hyphen(filter_vpn_pptp_data(vpn_pptp_data)) + filtered_data = filter_vpn_pptp_data(vpn_pptp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("vpn", "pptp", data=filtered_data, vdom=vdom) + return fos.set("vpn", "pptp", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_qkd.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_qkd.py new file mode 100644 index 000000000..18f7600fe --- /dev/null +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_qkd.py @@ -0,0 +1,403 @@ +#!/usr/bin/python +from __future__ import absolute_import, division, print_function + +# Copyright: (c) 2022 Fortinet +# GNU General Public License v3.0+ (see LICENSE or https://www.gnu.org/licenses/gpl-3.0.txt) +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +__metaclass__ = type + +ANSIBLE_METADATA = { + "status": ["preview"], + "supported_by": "community", + "metadata_version": "1.1", +} + +DOCUMENTATION = """ +--- +module: fortios_vpn_qkd +short_description: Configure Quantum Key Distribution server in Fortinet's FortiOS and FortiGate. +description: + - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the + user to set and modify vpn feature and qkd category. + Examples include all parameters and values need to be adjusted to datasources before usage. + Tested with FOS v6.0.0 +version_added: "2.0.0" +author: + - Link Zheng (@chillancezen) + - Jie Xue (@JieX19) + - Hongbin Lu (@fgtdev-hblu) + - Frank Shen (@frankshen01) + - Miguel Angel Munoz (@mamunozgonzalez) + - Nicolas Thomas (@thomnico) +notes: + - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks + +requirements: + - ansible>=2.15 +options: + access_token: + description: + - Token-based authentication. + Generated from GUI of Fortigate. + type: str + required: false + enable_log: + description: + - Enable/Disable logging for task. + type: bool + required: false + default: false + vdom: + description: + - Virtual domain, among those defined previously. A vdom is a + virtual instance of the FortiGate that can be configured and + used as a different unit. + type: str + default: root + member_path: + type: str + description: + - Member attribute path to operate on. + - Delimited by a slash character if there are more than one attribute. + - Parameter marked with member_path is legitimate for doing member operation. + member_state: + type: str + description: + - Add or delete a member under specified attribute path. + - When member_state is specified, the state option is ignored. + choices: + - 'present' + - 'absent' + + state: + description: + - Indicates whether to create or remove the object. + type: str + required: true + choices: + - 'present' + - 'absent' + vpn_qkd: + description: + - Configure Quantum Key Distribution servers + default: null + type: dict + suboptions: + certificate: + description: + - Names of up to 4 certificates to offer to the KME. + type: list + elements: dict + suboptions: + name: + description: + - Certificate name. Source vpn.certificate.local.name. + required: true + type: str + comment: + description: + - Comment. + type: str + id: + description: + - Quantum Key Distribution ID assigned by the KME. + type: str + name: + description: + - Quantum Key Distribution configuration name. + required: true + type: str + peer: + description: + - Authenticate Quantum Key Device"s certificate with the peer/peergrp. Source user.peer.name user.peergrp.name. + type: str + port: + description: + - Port to connect to on the KME. + type: int + server: + description: + - IPv4, IPv6 or DNS address of the KME. + type: str +""" + +EXAMPLES = """ +- name: Configure Quantum Key Distribution servers + fortinet.fortios.fortios_vpn_qkd: + vdom: "{{ vdom }}" + state: "present" + access_token: "<your_own_value>" + vpn_qkd: + certificate: + - + name: "default_name_4 (source vpn.certificate.local.name)" + comment: "Comment." + id: "6" + name: "default_name_7" + peer: "<your_own_value> (source user.peer.name user.peergrp.name)" + port: "0" + server: "192.168.100.40" +""" + +RETURN = """ +build: + description: Build number of the fortigate image + returned: always + type: str + sample: '1547' +http_method: + description: Last method used to provision the content into FortiGate + returned: always + type: str + sample: 'PUT' +http_status: + description: Last result given by FortiGate on last operation applied + returned: always + type: str + sample: "200" +mkey: + description: Master key (id) used in the last call to FortiGate + returned: success + type: str + sample: "id" +name: + description: Name of the table used to fulfill the request + returned: always + type: str + sample: "urlfilter" +path: + description: Path of the table used to fulfill the request + returned: always + type: str + sample: "webfilter" +revision: + description: Internal revision number + returned: always + type: str + sample: "17.0.2.10658" +serial: + description: Serial number of the unit + returned: always + type: str + sample: "FGVMEVYYQT3AB5352" +status: + description: Indication of the operation's result + returned: always + type: str + sample: "success" +vdom: + description: Virtual domain used + returned: always + type: str + sample: "root" +version: + description: Version of the FortiGate + returned: always + type: str + sample: "v5.6.3" +""" +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.connection import Connection +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + FortiOSHandler, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_legacy_fortiosapi, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + schema_to_module_spec, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import ( + check_schema_versioning, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import ( + FAIL_SOCKET_MSG, +) +from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post_processor import ( + remove_invalid_fields, +) + + +def filter_vpn_qkd_data(json): + option_list = ["certificate", "comment", "id", "name", "peer", "port", "server"] + + json = remove_invalid_fields(json) + dictionary = {} + + for attribute in option_list: + if attribute in json and json[attribute] is not None: + dictionary[attribute] = json[attribute] + + return dictionary + + +def underscore_to_hyphen(data): + if isinstance(data, list): + for i, elem in enumerate(data): + data[i] = underscore_to_hyphen(elem) + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[k.replace("_", "-")] = underscore_to_hyphen(v) + data = new_data + + return data + + +def vpn_qkd(data, fos): + vdom = data["vdom"] + + state = data["state"] + + vpn_qkd_data = data["vpn_qkd"] + filtered_data = filter_vpn_qkd_data(vpn_qkd_data) + converted_data = underscore_to_hyphen(filtered_data) + + if state == "present" or state is True: + return fos.set("vpn", "qkd", data=converted_data, vdom=vdom) + + elif state == "absent": + return fos.delete("vpn", "qkd", mkey=filtered_data["name"], vdom=vdom) + else: + fos._module.fail_json(msg="state must be present or absent!") + + +def is_successful_status(resp): + return ( + "status" in resp + and resp["status"] == "success" + or "http_status" in resp + and resp["http_status"] == 200 + or "http_method" in resp + and resp["http_method"] == "DELETE" + and resp["http_status"] == 404 + ) + + +def fortios_vpn(data, fos): + fos.do_member_operation("vpn", "qkd") + if data["vpn_qkd"]: + resp = vpn_qkd(data, fos) + else: + fos._module.fail_json(msg="missing task body: %s" % ("vpn_qkd")) + + return ( + not is_successful_status(resp), + is_successful_status(resp) + and (resp["revision_changed"] if "revision_changed" in resp else True), + resp, + {}, + ) + + +versioned_schema = { + "type": "list", + "elements": "dict", + "children": { + "name": {"v_range": [["v7.4.2", ""]], "type": "string", "required": True}, + "server": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "port": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "id": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "peer": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "certificate": { + "type": "list", + "elements": "dict", + "children": { + "name": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "required": True, + } + }, + "v_range": [["v7.4.2", ""]], + }, + "comment": {"v_range": [["v7.4.2", ""]], "type": "string"}, + }, + "v_range": [["v7.4.2", ""]], +} + + +def main(): + module_spec = schema_to_module_spec(versioned_schema) + mkeyname = "name" + fields = { + "access_token": {"required": False, "type": "str", "no_log": True}, + "enable_log": {"required": False, "type": "bool", "default": False}, + "vdom": {"required": False, "type": "str", "default": "root"}, + "member_path": {"required": False, "type": "str"}, + "member_state": { + "type": "str", + "required": False, + "choices": ["present", "absent"], + }, + "state": {"required": True, "type": "str", "choices": ["present", "absent"]}, + "vpn_qkd": {"required": False, "type": "dict", "default": None, "options": {}}, + } + for attribute_name in module_spec["options"]: + fields["vpn_qkd"]["options"][attribute_name] = module_spec["options"][ + attribute_name + ] + if mkeyname and mkeyname == attribute_name: + fields["vpn_qkd"]["options"][attribute_name]["required"] = True + + module = AnsibleModule(argument_spec=fields, supports_check_mode=False) + check_legacy_fortiosapi(module) + + is_error = False + has_changed = False + result = None + diff = None + + versions_check_result = None + if module._socket_path: + connection = Connection(module._socket_path) + if "access_token" in module.params: + connection.set_option("access_token", module.params["access_token"]) + + if "enable_log" in module.params: + connection.set_option("enable_log", module.params["enable_log"]) + else: + connection.set_option("enable_log", False) + fos = FortiOSHandler(connection, module, mkeyname) + versions_check_result = check_schema_versioning( + fos, versioned_schema, "vpn_qkd" + ) + + is_error, has_changed, result, diff = fortios_vpn(module.params, fos) + + else: + module.fail_json(**FAIL_SOCKET_MSG) + + if versions_check_result and versions_check_result["matched"] is False: + module.warn( + "Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv" + ) + + if not is_error: + if versions_check_result and versions_check_result["matched"] is False: + module.exit_json( + changed=has_changed, + version_check_warning=versions_check_result, + meta=result, + diff=diff, + ) + else: + module.exit_json(changed=has_changed, meta=result, diff=diff) + else: + if versions_check_result and versions_check_result["matched"] is False: + module.fail_json( + msg="Error in repo", + version_check_warning=versions_check_result, + meta=result, + ) + else: + module.fail_json(msg="Error in repo", meta=result) + + +if __name__ == "__main__": + main() diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_client.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_client.py index 3426f6311..51c831746 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_client.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_client.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -317,12 +317,11 @@ def vpn_ssl_client(data, fos): state = data["state"] vpn_ssl_client_data = data["vpn_ssl_client"] - filtered_data = underscore_to_hyphen( - filter_vpn_ssl_client_data(vpn_ssl_client_data) - ) + filtered_data = filter_vpn_ssl_client_data(vpn_ssl_client_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("vpn.ssl", "client", data=filtered_data, vdom=vdom) + return fos.set("vpn.ssl", "client", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("vpn.ssl", "client", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_settings.py index 8d0392d0c..e8118e2f6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1030,11 +1030,10 @@ def vpn_ssl_settings(data, fos): vdom = data["vdom"] vpn_ssl_settings_data = data["vpn_ssl_settings"] vpn_ssl_settings_data = flatten_multilists_attributes(vpn_ssl_settings_data) - filtered_data = underscore_to_hyphen( - filter_vpn_ssl_settings_data(vpn_ssl_settings_data) - ) + filtered_data = filter_vpn_ssl_settings_data(vpn_ssl_settings_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("vpn.ssl", "settings", data=filtered_data, vdom=vdom) + return fos.set("vpn.ssl", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_host_check_software.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_host_check_software.py index 0e64e27f1..ffe3481b1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_host_check_software.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_host_check_software.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -306,11 +306,10 @@ def vpn_ssl_web_host_check_software(data, fos, check_mode=False): state = data["state"] vpn_ssl_web_host_check_software_data = data["vpn_ssl_web_host_check_software"] - filtered_data = underscore_to_hyphen( - filter_vpn_ssl_web_host_check_software_data( - vpn_ssl_web_host_check_software_data - ) + filtered_data = filter_vpn_ssl_web_host_check_software_data( + vpn_ssl_web_host_check_software_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -379,7 +378,7 @@ def vpn_ssl_web_host_check_software(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "vpn.ssl.web", "host-check-software", data=filtered_data, vdom=vdom + "vpn.ssl.web", "host-check-software", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_portal.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_portal.py index c598b33de..7038461fc 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_portal.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_portal.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -222,6 +222,7 @@ options: - 'it' - 'it-142' - 'ja' + - 'ja-106' - 'ko' - 'la-am' - 'lt' @@ -1427,9 +1428,8 @@ def vpn_ssl_web_portal(data, fos, check_mode=False): vpn_ssl_web_portal_data = data["vpn_ssl_web_portal"] vpn_ssl_web_portal_data = flatten_multilists_attributes(vpn_ssl_web_portal_data) - filtered_data = underscore_to_hyphen( - filter_vpn_ssl_web_portal_data(vpn_ssl_web_portal_data) - ) + filtered_data = filter_vpn_ssl_web_portal_data(vpn_ssl_web_portal_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1493,7 +1493,7 @@ def vpn_ssl_web_portal(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ssl.web", "portal", data=filtered_data, vdom=vdom) + return fos.set("vpn.ssl.web", "portal", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -1823,6 +1823,7 @@ versioned_schema = { {"value": "it"}, {"value": "it-142"}, {"value": "ja"}, + {"value": "ja-106", "v_range": [["v7.4.2", ""]]}, {"value": "ko"}, {"value": "la-am", "v_range": [["v7.4.1", ""]]}, {"value": "lt"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_realm.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_realm.py index 7af101373..695721111 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_realm.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_realm.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,9 +278,8 @@ def vpn_ssl_web_realm(data, fos, check_mode=False): state = data["state"] vpn_ssl_web_realm_data = data["vpn_ssl_web_realm"] - filtered_data = underscore_to_hyphen( - filter_vpn_ssl_web_realm_data(vpn_ssl_web_realm_data) - ) + filtered_data = filter_vpn_ssl_web_realm_data(vpn_ssl_web_realm_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -344,7 +343,7 @@ def vpn_ssl_web_realm(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ssl.web", "realm", data=filtered_data, vdom=vdom) + return fos.set("vpn.ssl.web", "realm", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_bookmark.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_bookmark.py index ce5de7185..d7f795e3e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_bookmark.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_bookmark.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -192,6 +192,7 @@ options: - 'it' - 'it-142' - 'ja' + - 'ja-106' - 'ko' - 'la-am' - 'lt' @@ -549,9 +550,10 @@ def vpn_ssl_web_user_bookmark(data, fos, check_mode=False): state = data["state"] vpn_ssl_web_user_bookmark_data = data["vpn_ssl_web_user_bookmark"] - filtered_data = underscore_to_hyphen( - filter_vpn_ssl_web_user_bookmark_data(vpn_ssl_web_user_bookmark_data) + filtered_data = filter_vpn_ssl_web_user_bookmark_data( + vpn_ssl_web_user_bookmark_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -615,7 +617,7 @@ def vpn_ssl_web_user_bookmark(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("vpn.ssl.web", "user-bookmark", data=filtered_data, vdom=vdom) + return fos.set("vpn.ssl.web", "user-bookmark", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -731,6 +733,7 @@ versioned_schema = { {"value": "it"}, {"value": "it-142"}, {"value": "ja"}, + {"value": "ja-106", "v_range": [["v7.4.2", ""]]}, {"value": "ko"}, {"value": "la-am", "v_range": [["v7.4.1", ""]]}, {"value": "lt"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_group_bookmark.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_group_bookmark.py index 42f936293..6fdea857d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_group_bookmark.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_vpn_ssl_web_user_group_bookmark.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -192,6 +192,7 @@ options: - 'it' - 'it-142' - 'ja' + - 'ja-106' - 'ko' - 'la-am' - 'lt' @@ -544,11 +545,10 @@ def vpn_ssl_web_user_group_bookmark(data, fos, check_mode=False): state = data["state"] vpn_ssl_web_user_group_bookmark_data = data["vpn_ssl_web_user_group_bookmark"] - filtered_data = underscore_to_hyphen( - filter_vpn_ssl_web_user_group_bookmark_data( - vpn_ssl_web_user_group_bookmark_data - ) + filtered_data = filter_vpn_ssl_web_user_group_bookmark_data( + vpn_ssl_web_user_group_bookmark_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -617,7 +617,7 @@ def vpn_ssl_web_user_group_bookmark(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "vpn.ssl.web", "user-group-bookmark", data=filtered_data, vdom=vdom + "vpn.ssl.web", "user-group-bookmark", data=converted_data, vdom=vdom ) elif state == "absent": @@ -733,6 +733,7 @@ versioned_schema = { {"value": "it"}, {"value": "it-142"}, {"value": "ja"}, + {"value": "ja-106", "v_range": [["v7.4.2", ""]]}, {"value": "ko"}, {"value": "la-am", "v_range": [["v7.4.1", ""]]}, {"value": "lt"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_main_class.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_main_class.py index 1b25b5f08..38a094bab 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_main_class.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_main_class.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,9 +232,8 @@ def waf_main_class(data, fos, check_mode=False): state = data["state"] waf_main_class_data = data["waf_main_class"] - filtered_data = underscore_to_hyphen( - filter_waf_main_class_data(waf_main_class_data) - ) + filtered_data = filter_waf_main_class_data(waf_main_class_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -298,7 +297,7 @@ def waf_main_class(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("waf", "main-class", data=filtered_data, vdom=vdom) + return fos.set("waf", "main-class", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("waf", "main-class", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_profile.py index 017f7813f..e81a088b1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -1397,7 +1397,8 @@ def waf_profile(data, fos, check_mode=False): waf_profile_data = data["waf_profile"] waf_profile_data = flatten_multilists_attributes(waf_profile_data) - filtered_data = underscore_to_hyphen(filter_waf_profile_data(waf_profile_data)) + filtered_data = filter_waf_profile_data(waf_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1461,7 +1462,7 @@ def waf_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("waf", "profile", data=filtered_data, vdom=vdom) + return fos.set("waf", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("waf", "profile", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_signature.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_signature.py index dba4a35c2..0536d1eea 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_signature.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_signature.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,7 +232,8 @@ def waf_signature(data, fos, check_mode=False): state = data["state"] waf_signature_data = data["waf_signature"] - filtered_data = underscore_to_hyphen(filter_waf_signature_data(waf_signature_data)) + filtered_data = filter_waf_signature_data(waf_signature_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -296,7 +297,7 @@ def waf_signature(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("waf", "signature", data=filtered_data, vdom=vdom) + return fos.set("waf", "signature", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("waf", "signature", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_sub_class.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_sub_class.py index 9bd9914bc..2960f2b0e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_sub_class.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_waf_sub_class.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -232,7 +232,8 @@ def waf_sub_class(data, fos, check_mode=False): state = data["state"] waf_sub_class_data = data["waf_sub_class"] - filtered_data = underscore_to_hyphen(filter_waf_sub_class_data(waf_sub_class_data)) + filtered_data = filter_waf_sub_class_data(waf_sub_class_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -296,7 +297,7 @@ def waf_sub_class(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("waf", "sub-class", data=filtered_data, vdom=vdom) + return fos.set("waf", "sub-class", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("waf", "sub-class", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_auth_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_auth_group.py index 426e26877..098da9493 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_auth_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_auth_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -258,9 +258,8 @@ def wanopt_auth_group(data, fos, check_mode=False): state = data["state"] wanopt_auth_group_data = data["wanopt_auth_group"] - filtered_data = underscore_to_hyphen( - filter_wanopt_auth_group_data(wanopt_auth_group_data) - ) + filtered_data = filter_wanopt_auth_group_data(wanopt_auth_group_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -324,7 +323,7 @@ def wanopt_auth_group(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wanopt", "auth-group", data=filtered_data, vdom=vdom) + return fos.set("wanopt", "auth-group", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("wanopt", "auth-group", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_cache_service.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_cache_service.py index aa1e195b2..ab0061975 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_cache_service.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_cache_service.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -302,11 +302,10 @@ def underscore_to_hyphen(data): def wanopt_cache_service(data, fos): vdom = data["vdom"] wanopt_cache_service_data = data["wanopt_cache_service"] - filtered_data = underscore_to_hyphen( - filter_wanopt_cache_service_data(wanopt_cache_service_data) - ) + filtered_data = filter_wanopt_cache_service_data(wanopt_cache_service_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wanopt", "cache-service", data=filtered_data, vdom=vdom) + return fos.set("wanopt", "cache-service", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_content_delivery_network_rule.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_content_delivery_network_rule.py index 12b73c605..a87bfc21b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_content_delivery_network_rule.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_content_delivery_network_rule.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -487,11 +487,10 @@ def wanopt_content_delivery_network_rule(data, fos, check_mode=False): wanopt_content_delivery_network_rule_data = data[ "wanopt_content_delivery_network_rule" ] - filtered_data = underscore_to_hyphen( - filter_wanopt_content_delivery_network_rule_data( - wanopt_content_delivery_network_rule_data - ) + filtered_data = filter_wanopt_content_delivery_network_rule_data( + wanopt_content_delivery_network_rule_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -560,7 +559,7 @@ def wanopt_content_delivery_network_rule(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wanopt", "content-delivery-network-rule", data=filtered_data, vdom=vdom + "wanopt", "content-delivery-network-rule", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_peer.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_peer.py index 6a461992b..16c5eb211 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_peer.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_peer.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -230,7 +230,8 @@ def wanopt_peer(data, fos, check_mode=False): state = data["state"] wanopt_peer_data = data["wanopt_peer"] - filtered_data = underscore_to_hyphen(filter_wanopt_peer_data(wanopt_peer_data)) + filtered_data = filter_wanopt_peer_data(wanopt_peer_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -294,7 +295,7 @@ def wanopt_peer(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wanopt", "peer", data=filtered_data, vdom=vdom) + return fos.set("wanopt", "peer", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_profile.py index 171e90aba..d986f61c0 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -632,9 +632,8 @@ def wanopt_profile(data, fos, check_mode=False): state = data["state"] wanopt_profile_data = data["wanopt_profile"] - filtered_data = underscore_to_hyphen( - filter_wanopt_profile_data(wanopt_profile_data) - ) + filtered_data = filter_wanopt_profile_data(wanopt_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -698,7 +697,7 @@ def wanopt_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wanopt", "profile", data=filtered_data, vdom=vdom) + return fos.set("wanopt", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("wanopt", "profile", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_remote_storage.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_remote_storage.py index 7726b16df..511efac46 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_remote_storage.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_remote_storage.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -220,11 +220,10 @@ def underscore_to_hyphen(data): def wanopt_remote_storage(data, fos): vdom = data["vdom"] wanopt_remote_storage_data = data["wanopt_remote_storage"] - filtered_data = underscore_to_hyphen( - filter_wanopt_remote_storage_data(wanopt_remote_storage_data) - ) + filtered_data = filter_wanopt_remote_storage_data(wanopt_remote_storage_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wanopt", "remote-storage", data=filtered_data, vdom=vdom) + return fos.set("wanopt", "remote-storage", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_settings.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_settings.py index c1cbca575..d0fec442d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_settings.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_settings.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -233,11 +233,10 @@ def underscore_to_hyphen(data): def wanopt_settings(data, fos): vdom = data["vdom"] wanopt_settings_data = data["wanopt_settings"] - filtered_data = underscore_to_hyphen( - filter_wanopt_settings_data(wanopt_settings_data) - ) + filtered_data = filter_wanopt_settings_data(wanopt_settings_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wanopt", "settings", data=filtered_data, vdom=vdom) + return fos.set("wanopt", "settings", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_webcache.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_webcache.py index 3cccd7502..4de59a350 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_webcache.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wanopt_webcache.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -335,11 +335,10 @@ def underscore_to_hyphen(data): def wanopt_webcache(data, fos): vdom = data["vdom"] wanopt_webcache_data = data["wanopt_webcache"] - filtered_data = underscore_to_hyphen( - filter_wanopt_webcache_data(wanopt_webcache_data) - ) + filtered_data = filter_wanopt_webcache_data(wanopt_webcache_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wanopt", "webcache", data=filtered_data, vdom=vdom) + return fos.set("wanopt", "webcache", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_debug_url.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_debug_url.py index 8358b38d3..2ae941d1f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_debug_url.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_debug_url.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,9 +246,8 @@ def web_proxy_debug_url(data, fos, check_mode=False): state = data["state"] web_proxy_debug_url_data = data["web_proxy_debug_url"] - filtered_data = underscore_to_hyphen( - filter_web_proxy_debug_url_data(web_proxy_debug_url_data) - ) + filtered_data = filter_web_proxy_debug_url_data(web_proxy_debug_url_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -312,7 +311,7 @@ def web_proxy_debug_url(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("web-proxy", "debug-url", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "debug-url", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_explicit.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_explicit.py index 182e2a1e4..444fb0bcb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_explicit.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_explicit.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -563,11 +563,10 @@ def web_proxy_explicit(data, fos): vdom = data["vdom"] web_proxy_explicit_data = data["web_proxy_explicit"] web_proxy_explicit_data = flatten_multilists_attributes(web_proxy_explicit_data) - filtered_data = underscore_to_hyphen( - filter_web_proxy_explicit_data(web_proxy_explicit_data) - ) + filtered_data = filter_web_proxy_explicit_data(web_proxy_explicit_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("web-proxy", "explicit", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "explicit", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_fast_fallback.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_fast_fallback.py index ae403a878..1ba76ac68 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_fast_fallback.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_fast_fallback.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -253,12 +253,11 @@ def web_proxy_fast_fallback(data, fos): state = data["state"] web_proxy_fast_fallback_data = data["web_proxy_fast_fallback"] - filtered_data = underscore_to_hyphen( - filter_web_proxy_fast_fallback_data(web_proxy_fast_fallback_data) - ) + filtered_data = filter_web_proxy_fast_fallback_data(web_proxy_fast_fallback_data) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: - return fos.set("web-proxy", "fast-fallback", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "fast-fallback", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server.py index 1e159ef90..658b3b24f 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -120,6 +120,13 @@ options: description: - Forward proxy server IPv6 address. type: str + masquerade: + description: + - Enable/disable use of the of the IP address of the outgoing interface as the client IP address + type: str + choices: + - 'enable' + - 'disable' monitor: description: - 'URL for forward server health check monitoring .' @@ -164,8 +171,9 @@ EXAMPLES = """ healthcheck: "disable" ip: "<your_own_value>" ipv6: "<your_own_value>" + masquerade: "enable" monitor: "<your_own_value>" - name: "default_name_10" + name: "default_name_11" password: "<your_own_value>" port: "3128" server_down_option: "block" @@ -268,6 +276,7 @@ def filter_web_proxy_forward_server_data(json): "healthcheck", "ip", "ipv6", + "masquerade", "monitor", "name", "password", @@ -305,9 +314,8 @@ def web_proxy_forward_server(data, fos, check_mode=False): state = data["state"] web_proxy_forward_server_data = data["web_proxy_forward_server"] - filtered_data = underscore_to_hyphen( - filter_web_proxy_forward_server_data(web_proxy_forward_server_data) - ) + filtered_data = filter_web_proxy_forward_server_data(web_proxy_forward_server_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -371,7 +379,7 @@ def web_proxy_forward_server(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("web-proxy", "forward-server", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "forward-server", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -444,6 +452,11 @@ versioned_schema = { "username": {"v_range": [["v6.4.0", ""]], "type": "string"}, "password": {"v_range": [["v6.4.0", ""]], "type": "string"}, "comment": {"v_range": [["v6.0.0", ""]], "type": "string"}, + "masquerade": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server_group.py index 611e6b332..02ba93fc7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_forward_server_group.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -272,9 +272,10 @@ def web_proxy_forward_server_group(data, fos, check_mode=False): state = data["state"] web_proxy_forward_server_group_data = data["web_proxy_forward_server_group"] - filtered_data = underscore_to_hyphen( - filter_web_proxy_forward_server_group_data(web_proxy_forward_server_group_data) + filtered_data = filter_web_proxy_forward_server_group_data( + web_proxy_forward_server_group_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -343,7 +344,7 @@ def web_proxy_forward_server_group(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "web-proxy", "forward-server-group", data=filtered_data, vdom=vdom + "web-proxy", "forward-server-group", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_global.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_global.py index 568a41b98..0c003bfae 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_global.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_global.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -143,6 +143,13 @@ options: - Address name. Source firewall.address6.name firewall.addrgrp6.name. required: true type: str + log_app_id: + description: + - Enable/disable always log application type in traffic log. + type: str + choices: + - 'enable' + - 'disable' log_forward_server: description: - Enable/disable forward server name logging in forward traffic log. @@ -150,6 +157,13 @@ options: choices: - 'enable' - 'disable' + log_policy_pending: + description: + - Enable/disable logging sessions that are pending on policy matching. + type: str + choices: + - 'enable' + - 'disable' max_message_length: description: - Maximum length of HTTP message, not including body (16 - 256 Kbytes). @@ -162,6 +176,13 @@ options: description: - Maximum length of HTTP messages processed by Web Application Firewall (WAF) (10 - 1024 Kbytes). type: int + policy_category_deep_inspect: + description: + - Enable/disable deep inspection for application level category policy matching. + type: str + choices: + - 'enable' + - 'disable' proxy_fqdn: description: - Fully Qualified Domain Name (FQDN) that clients connect to to connect to the explicit web proxy. @@ -230,10 +251,13 @@ EXAMPLES = """ learn_client_ip_srcaddr6: - name: "default_name_12 (source firewall.address6.name firewall.addrgrp6.name)" + log_app_id: "enable" log_forward_server: "enable" + log_policy_pending: "enable" max_message_length: "32" max_request_length: "8" max_waf_body_cache_length: "32" + policy_category_deep_inspect: "enable" proxy_fqdn: "<your_own_value>" src_affinity_exempt_addr: "<your_own_value>" src_affinity_exempt_addr6: "<your_own_value>" @@ -334,10 +358,13 @@ def filter_web_proxy_global_data(json): "learn_client_ip_from_header", "learn_client_ip_srcaddr", "learn_client_ip_srcaddr6", + "log_app_id", "log_forward_server", + "log_policy_pending", "max_message_length", "max_request_length", "max_waf_body_cache_length", + "policy_category_deep_inspect", "proxy_fqdn", "src_affinity_exempt_addr", "src_affinity_exempt_addr6", @@ -407,11 +434,10 @@ def web_proxy_global(data, fos): vdom = data["vdom"] web_proxy_global_data = data["web_proxy_global"] web_proxy_global_data = flatten_multilists_attributes(web_proxy_global_data) - filtered_data = underscore_to_hyphen( - filter_web_proxy_global_data(web_proxy_global_data) - ) + filtered_data = filter_web_proxy_global_data(web_proxy_global_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("web-proxy", "global", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "global", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -529,11 +555,26 @@ versioned_schema = { "multiple_values": True, "elements": "str", }, + "policy_category_deep_inspect": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "log_policy_pending": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "log_forward_server": { "v_range": [["v7.4.0", ""]], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "log_app_id": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "tunnel_non_http": { "v_range": [["v6.0.0", "v6.2.7"]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_profile.py index 219ec16b4..9a2022511 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -446,9 +446,8 @@ def web_proxy_profile(data, fos, check_mode=False): web_proxy_profile_data = data["web_proxy_profile"] web_proxy_profile_data = flatten_multilists_attributes(web_proxy_profile_data) - filtered_data = underscore_to_hyphen( - filter_web_proxy_profile_data(web_proxy_profile_data) - ) + filtered_data = filter_web_proxy_profile_data(web_proxy_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -512,7 +511,7 @@ def web_proxy_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("web-proxy", "profile", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("web-proxy", "profile", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_url_match.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_url_match.py index 4a2972f77..b79916161 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_url_match.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_url_match.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -269,9 +269,8 @@ def web_proxy_url_match(data, fos, check_mode=False): state = data["state"] web_proxy_url_match_data = data["web_proxy_url_match"] - filtered_data = underscore_to_hyphen( - filter_web_proxy_url_match_data(web_proxy_url_match_data) - ) + filtered_data = filter_web_proxy_url_match_data(web_proxy_url_match_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -335,7 +334,7 @@ def web_proxy_url_match(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("web-proxy", "url-match", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "url-match", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_wisp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_wisp.py index 348d07302..102818b2b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_wisp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_web_proxy_wisp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -263,9 +263,8 @@ def web_proxy_wisp(data, fos, check_mode=False): state = data["state"] web_proxy_wisp_data = data["web_proxy_wisp"] - filtered_data = underscore_to_hyphen( - filter_web_proxy_wisp_data(web_proxy_wisp_data) - ) + filtered_data = filter_web_proxy_wisp_data(web_proxy_wisp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -329,7 +328,7 @@ def web_proxy_wisp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("web-proxy", "wisp", data=filtered_data, vdom=vdom) + return fos.set("web-proxy", "wisp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("web-proxy", "wisp", mkey=filtered_data["name"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content.py index 2e5ea2f25..0f5748d90 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -295,9 +295,8 @@ def webfilter_content(data, fos, check_mode=False): state = data["state"] webfilter_content_data = data["webfilter_content"] - filtered_data = underscore_to_hyphen( - filter_webfilter_content_data(webfilter_content_data) - ) + filtered_data = filter_webfilter_content_data(webfilter_content_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -361,7 +360,7 @@ def webfilter_content(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "content", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "content", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("webfilter", "content", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content_header.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content_header.py index e1d193a9f..429e02918 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content_header.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_content_header.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -298,9 +298,8 @@ def webfilter_content_header(data, fos, check_mode=False): webfilter_content_header_data = flatten_multilists_attributes( webfilter_content_header_data ) - filtered_data = underscore_to_hyphen( - filter_webfilter_content_header_data(webfilter_content_header_data) - ) + filtered_data = filter_webfilter_content_header_data(webfilter_content_header_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -364,7 +363,7 @@ def webfilter_content_header(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "content-header", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "content-header", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_fortiguard.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_fortiguard.py index c3ebc4393..661e8dbd6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_fortiguard.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_fortiguard.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -300,11 +300,10 @@ def underscore_to_hyphen(data): def webfilter_fortiguard(data, fos): vdom = data["vdom"] webfilter_fortiguard_data = data["webfilter_fortiguard"] - filtered_data = underscore_to_hyphen( - filter_webfilter_fortiguard_data(webfilter_fortiguard_data) - ) + filtered_data = filter_webfilter_fortiguard_data(webfilter_fortiguard_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("webfilter", "fortiguard", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "fortiguard", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_cat.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_cat.py index 051839c26..45f457e13 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_cat.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_cat.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -238,9 +238,8 @@ def webfilter_ftgd_local_cat(data, fos, check_mode=False): state = data["state"] webfilter_ftgd_local_cat_data = data["webfilter_ftgd_local_cat"] - filtered_data = underscore_to_hyphen( - filter_webfilter_ftgd_local_cat_data(webfilter_ftgd_local_cat_data) - ) + filtered_data = filter_webfilter_ftgd_local_cat_data(webfilter_ftgd_local_cat_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -304,7 +303,7 @@ def webfilter_ftgd_local_cat(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "ftgd-local-cat", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "ftgd-local-cat", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_rating.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_rating.py index bd2bcb1ec..819f22ed8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_rating.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ftgd_local_rating.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -243,9 +243,10 @@ def webfilter_ftgd_local_rating(data, fos, check_mode=False): state = data["state"] webfilter_ftgd_local_rating_data = data["webfilter_ftgd_local_rating"] - filtered_data = underscore_to_hyphen( - filter_webfilter_ftgd_local_rating_data(webfilter_ftgd_local_rating_data) + filtered_data = filter_webfilter_ftgd_local_rating_data( + webfilter_ftgd_local_rating_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -309,7 +310,7 @@ def webfilter_ftgd_local_rating(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "ftgd-local-rating", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "ftgd-local-rating", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_cache_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_cache_setting.py index f59a1fa1c..12dbb0c83 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_cache_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_cache_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -209,14 +209,13 @@ def webfilter_ips_urlfilter_cache_setting(data, fos): webfilter_ips_urlfilter_cache_setting_data = data[ "webfilter_ips_urlfilter_cache_setting" ] - filtered_data = underscore_to_hyphen( - filter_webfilter_ips_urlfilter_cache_setting_data( - webfilter_ips_urlfilter_cache_setting_data - ) + filtered_data = filter_webfilter_ips_urlfilter_cache_setting_data( + webfilter_ips_urlfilter_cache_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "webfilter", "ips-urlfilter-cache-setting", data=filtered_data, vdom=vdom + "webfilter", "ips-urlfilter-cache-setting", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting.py index f13f27324..dbf3b21d8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -217,13 +217,12 @@ def underscore_to_hyphen(data): def webfilter_ips_urlfilter_setting(data, fos): vdom = data["vdom"] webfilter_ips_urlfilter_setting_data = data["webfilter_ips_urlfilter_setting"] - filtered_data = underscore_to_hyphen( - filter_webfilter_ips_urlfilter_setting_data( - webfilter_ips_urlfilter_setting_data - ) + filtered_data = filter_webfilter_ips_urlfilter_setting_data( + webfilter_ips_urlfilter_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("webfilter", "ips-urlfilter-setting", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "ips-urlfilter-setting", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting6.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting6.py index 261046752..3ba6c6cb1 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting6.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_ips_urlfilter_setting6.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -217,13 +217,14 @@ def underscore_to_hyphen(data): def webfilter_ips_urlfilter_setting6(data, fos): vdom = data["vdom"] webfilter_ips_urlfilter_setting6_data = data["webfilter_ips_urlfilter_setting6"] - filtered_data = underscore_to_hyphen( - filter_webfilter_ips_urlfilter_setting6_data( - webfilter_ips_urlfilter_setting6_data - ) + filtered_data = filter_webfilter_ips_urlfilter_setting6_data( + webfilter_ips_urlfilter_setting6_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("webfilter", "ips-urlfilter-setting6", data=filtered_data, vdom=vdom) + return fos.set( + "webfilter", "ips-urlfilter-setting6", data=converted_data, vdom=vdom + ) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_override.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_override.py index b6ad041be..21495cf27 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_override.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_override.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -297,9 +297,8 @@ def webfilter_override(data, fos, check_mode=False): state = data["state"] webfilter_override_data = data["webfilter_override"] - filtered_data = underscore_to_hyphen( - filter_webfilter_override_data(webfilter_override_data) - ) + filtered_data = filter_webfilter_override_data(webfilter_override_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -363,7 +362,7 @@ def webfilter_override(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "override", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "override", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("webfilter", "override", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_profile.py index dca59a1d3..5221eaa4b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -838,6 +838,13 @@ options: choices: - 'enable' - 'disable' + web_flow_log_encoding: + description: + - Log encoding in flow mode. + type: str + choices: + - 'utf-8' + - 'punycode' web_ftgd_err_log: description: - Enable/disable logging rating errors. @@ -1053,6 +1060,7 @@ EXAMPLES = """ web_filter_referer_log: "enable" web_filter_unknown_log: "enable" web_filter_vbs_log: "enable" + web_flow_log_encoding: "utf-8" web_ftgd_err_log: "enable" web_ftgd_quota_usage: "enable" web_invalid_domain_log: "enable" @@ -1061,12 +1069,12 @@ EXAMPLES = """ wisp_algorithm: "primary-secondary" wisp_servers: - - name: "default_name_125 (source web-proxy.wisp.name)" + name: "default_name_126 (source web-proxy.wisp.name)" youtube_channel_filter: - channel_id: "<your_own_value>" comment: "Comment." - id: "129" + id: "130" youtube_channel_status: "disable" """ @@ -1190,6 +1198,7 @@ def filter_webfilter_profile_data(json): "web_filter_referer_log", "web_filter_unknown_log", "web_filter_vbs_log", + "web_flow_log_encoding", "web_ftgd_err_log", "web_ftgd_quota_usage", "web_invalid_domain_log", @@ -1270,9 +1279,8 @@ def webfilter_profile(data, fos, check_mode=False): webfilter_profile_data = data["webfilter_profile"] webfilter_profile_data = flatten_multilists_attributes(webfilter_profile_data) - filtered_data = underscore_to_hyphen( - filter_webfilter_profile_data(webfilter_profile_data) - ) + filtered_data = filter_webfilter_profile_data(webfilter_profile_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1336,7 +1344,7 @@ def webfilter_profile(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "profile", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "profile", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("webfilter", "profile", mkey=filtered_data["name"], vdom=vdom) @@ -1411,6 +1419,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "web_flow_log_encoding": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "utf-8"}, {"value": "punycode"}], + }, "ovrd_perm": { "v_range": [["v6.0.0", ""]], "type": "list", @@ -1960,28 +1973,48 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "url_extraction": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"], ["v7.4.3", ""]], "type": "dict", "children": { "status": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, "server_fqdn": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "redirect_header": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "redirect_url": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", }, "redirect_no_content": { - "v_range": [["v6.0.0", "v7.0.8"], ["v7.2.0", "v7.2.4"]], + "v_range": [ + ["v6.0.0", "v7.0.8"], + ["v7.2.0", "v7.2.4"], + ["v7.4.3", ""], + ], "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_search_engine.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_search_engine.py index 543997e90..384a49f38 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_search_engine.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_search_engine.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -276,9 +276,8 @@ def webfilter_search_engine(data, fos, check_mode=False): state = data["state"] webfilter_search_engine_data = data["webfilter_search_engine"] - filtered_data = underscore_to_hyphen( - filter_webfilter_search_engine_data(webfilter_search_engine_data) - ) + filtered_data = filter_webfilter_search_engine_data(webfilter_search_engine_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -342,7 +341,7 @@ def webfilter_search_engine(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "search-engine", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "search-engine", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_status.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_status.py index f344cbe96..6764d7f4b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_status.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_status.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<refresh_rate>": "refresh_rate"} + speciallist = {"<refresh_rate>": "refresh_rate"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,8 @@ def valid_attr_to_invalid_attrs(data): def webfilter_status(data, fos): vdom = data["vdom"] webfilter_status_data = data["webfilter_status"] - filtered_data = underscore_to_hyphen( - filter_webfilter_status_data(webfilter_status_data) - ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + filtered_data = filter_webfilter_status_data(webfilter_status_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("webfilter", "status", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_urlfilter.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_urlfilter.py index 97149cd12..c55c1dbbc 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_urlfilter.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_webfilter_urlfilter.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -388,9 +388,8 @@ def webfilter_urlfilter(data, fos, check_mode=False): webfilter_urlfilter_data = data["webfilter_urlfilter"] webfilter_urlfilter_data = flatten_multilists_attributes(webfilter_urlfilter_data) - filtered_data = underscore_to_hyphen( - filter_webfilter_urlfilter_data(webfilter_urlfilter_data) - ) + filtered_data = filter_webfilter_urlfilter_data(webfilter_urlfilter_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -454,7 +453,7 @@ def webfilter_urlfilter(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("webfilter", "urlfilter", data=filtered_data, vdom=vdom) + return fos.set("webfilter", "urlfilter", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete("webfilter", "urlfilter", mkey=filtered_data["id"], vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_access_control_list.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_access_control_list.py index 2975d060c..c7bb0dbe7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_access_control_list.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_access_control_list.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -336,11 +336,10 @@ def wireless_controller_access_control_list(data, fos, check_mode=False): wireless_controller_access_control_list_data = data[ "wireless_controller_access_control_list" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_access_control_list_data( - wireless_controller_access_control_list_data - ) + filtered_data = filter_wireless_controller_access_control_list_data( + wireless_controller_access_control_list_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -409,7 +408,7 @@ def wireless_controller_access_control_list(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "access-control-list", data=filtered_data, vdom=vdom + "wireless-controller", "access-control-list", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_address.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_address.py index 8a566106a..7676941c8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_address.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_address.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -238,9 +238,10 @@ def wireless_controller_address(data, fos, check_mode=False): state = data["state"] wireless_controller_address_data = data["wireless_controller_address"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_address_data(wireless_controller_address_data) + filtered_data = filter_wireless_controller_address_data( + wireless_controller_address_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -304,7 +305,7 @@ def wireless_controller_address(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wireless-controller", "address", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "address", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_addrgrp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_addrgrp.py index 306694f3e..b5f8c1509 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_addrgrp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_addrgrp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -247,9 +247,10 @@ def wireless_controller_addrgrp(data, fos, check_mode=False): state = data["state"] wireless_controller_addrgrp_data = data["wireless_controller_addrgrp"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_addrgrp_data(wireless_controller_addrgrp_data) + filtered_data = filter_wireless_controller_addrgrp_data( + wireless_controller_addrgrp_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -313,7 +314,7 @@ def wireless_controller_addrgrp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wireless-controller", "addrgrp", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "addrgrp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ap_status.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ap_status.py index 286020ef9..0d4b08e44 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ap_status.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ap_status.py @@ -40,7 +40,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -246,9 +246,10 @@ def wireless_controller_ap_status(data, fos, check_mode=False): state = data["state"] wireless_controller_ap_status_data = data["wireless_controller_ap_status"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_ap_status_data(wireless_controller_ap_status_data) + filtered_data = filter_wireless_controller_ap_status_data( + wireless_controller_ap_status_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -315,7 +316,7 @@ def wireless_controller_ap_status(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "ap-status", data=filtered_data, vdom=vdom + "wireless-controller", "ap-status", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_apcfg_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_apcfg_profile.py index 1a57bae97..7a01059e4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_apcfg_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_apcfg_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -165,7 +165,7 @@ EXAMPLES = """ access_token: "<your_own_value>" wireless_controller_apcfg_profile: ac_ip: "<your_own_value>" - ac_port: "0" + ac_port: "5246" ac_timer: "10" ac_type: "default" ap_family: "fap" @@ -309,11 +309,10 @@ def wireless_controller_apcfg_profile(data, fos, check_mode=False): state = data["state"] wireless_controller_apcfg_profile_data = data["wireless_controller_apcfg_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_apcfg_profile_data( - wireless_controller_apcfg_profile_data - ) + filtered_data = filter_wireless_controller_apcfg_profile_data( + wireless_controller_apcfg_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -382,7 +381,7 @@ def wireless_controller_apcfg_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "apcfg-profile", data=filtered_data, vdom=vdom + "wireless-controller", "apcfg-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_arrp_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_arrp_profile.py index a05842787..1ea705e85 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_arrp_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_arrp_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -376,11 +376,10 @@ def wireless_controller_arrp_profile(data, fos, check_mode=False): state = data["state"] wireless_controller_arrp_profile_data = data["wireless_controller_arrp_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_arrp_profile_data( - wireless_controller_arrp_profile_data - ) + filtered_data = filter_wireless_controller_arrp_profile_data( + wireless_controller_arrp_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -449,7 +448,7 @@ def wireless_controller_arrp_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "arrp-profile", data=filtered_data, vdom=vdom + "wireless-controller", "arrp-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ble_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ble_profile.py index aaa6f6584..4c7db65f4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ble_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ble_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -392,11 +392,10 @@ def wireless_controller_ble_profile(data, fos, check_mode=False): wireless_controller_ble_profile_data = flatten_multilists_attributes( wireless_controller_ble_profile_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_ble_profile_data( - wireless_controller_ble_profile_data - ) + filtered_data = filter_wireless_controller_ble_profile_data( + wireless_controller_ble_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -465,7 +464,7 @@ def wireless_controller_ble_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "ble-profile", data=filtered_data, vdom=vdom + "wireless-controller", "ble-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_bonjour_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_bonjour_profile.py index 4aba492eb..25efb6e10 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_bonjour_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_bonjour_profile.py @@ -39,7 +39,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -316,11 +316,10 @@ def wireless_controller_bonjour_profile(data, fos, check_mode=False): wireless_controller_bonjour_profile_data = flatten_multilists_attributes( wireless_controller_bonjour_profile_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_bonjour_profile_data( - wireless_controller_bonjour_profile_data - ) + filtered_data = filter_wireless_controller_bonjour_profile_data( + wireless_controller_bonjour_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -389,7 +388,7 @@ def wireless_controller_bonjour_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "bonjour-profile", data=filtered_data, vdom=vdom + "wireless-controller", "bonjour-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_client_info.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_client_info.py index 4d153e3c4..25c59e38e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_client_info.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_client_info.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<vfid>": "vfid"} + speciallist = {"<vfid>": "vfid"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,12 +228,10 @@ def valid_attr_to_invalid_attrs(data): def wireless_controller_client_info(data, fos, check_mode=False): vdom = data["vdom"] wireless_controller_client_info_data = data["wireless_controller_client_info"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_client_info_data( - wireless_controller_client_info_data - ) + filtered_data = filter_wireless_controller_client_info_data( + wireless_controller_client_info_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("wireless-controller", "client-info", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_global.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_global.py index 177def4d0..819844409 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_global.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_global.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -182,6 +182,17 @@ options: description: - Maximum numerical difference between an AP"s Ethernet and wireless MAC values to match for rogue detection (0 - 31). type: int + rolling_wtp_upgrade: + description: + - Enable/disable rolling WTP upgrade . + type: str + choices: + - 'enable' + - 'disable' + rolling_wtp_upgrade_threshold: + description: + - Minimum signal level/threshold in dBm required for the managed WTP to be included in rolling WTP upgrade (-95 to -20). + type: str tunnel_mode: description: - Compatible/strict tunnel mode. @@ -226,6 +237,8 @@ EXAMPLES = """ nac_interval: "120" name: "default_name_20" rogue_scan_mac_adjacency: "7" + rolling_wtp_upgrade: "enable" + rolling_wtp_upgrade_threshold: "<your_own_value>" tunnel_mode: "compatible" wpad_process_count: "0" wtp_share: "enable" @@ -331,6 +344,8 @@ def filter_wireless_controller_global_data(json): "nac_interval", "name", "rogue_scan_mac_adjacency", + "rolling_wtp_upgrade", + "rolling_wtp_upgrade_threshold", "tunnel_mode", "wpad_process_count", "wtp_share", @@ -394,11 +409,12 @@ def wireless_controller_global(data, fos): wireless_controller_global_data = flatten_multilists_attributes( wireless_controller_global_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_global_data(wireless_controller_global_data) + filtered_data = filter_wireless_controller_global_data( + wireless_controller_global_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wireless-controller", "global", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "global", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -444,6 +460,15 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "rolling_wtp_upgrade": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, + "rolling_wtp_upgrade_threshold": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "max_retransmit": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "control_message_offload": { "v_range": [["v6.0.0", ""]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_3gpp_cellular.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_3gpp_cellular.py index 3053fd88d..1d16d77d8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_3gpp_cellular.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_3gpp_cellular.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -251,11 +251,10 @@ def wireless_controller_hotspot20_anqp_3gpp_cellular(data, fos, check_mode=False wireless_controller_hotspot20_anqp_3gpp_cellular_data = data[ "wireless_controller_hotspot20_anqp_3gpp_cellular" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_anqp_3gpp_cellular_data( - wireless_controller_hotspot20_anqp_3gpp_cellular_data - ) + filtered_data = filter_wireless_controller_hotspot20_anqp_3gpp_cellular_data( + wireless_controller_hotspot20_anqp_3gpp_cellular_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -329,7 +328,7 @@ def wireless_controller_hotspot20_anqp_3gpp_cellular(data, fos, check_mode=False return fos.set( "wireless-controller.hotspot20", "anqp-3gpp-cellular", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_ip_address_type.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_ip_address_type.py index c40a41472..689715887 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_ip_address_type.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_ip_address_type.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -250,11 +250,10 @@ def wireless_controller_hotspot20_anqp_ip_address_type(data, fos, check_mode=Fal wireless_controller_hotspot20_anqp_ip_address_type_data = data[ "wireless_controller_hotspot20_anqp_ip_address_type" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_anqp_ip_address_type_data( - wireless_controller_hotspot20_anqp_ip_address_type_data - ) + filtered_data = filter_wireless_controller_hotspot20_anqp_ip_address_type_data( + wireless_controller_hotspot20_anqp_ip_address_type_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -331,7 +330,7 @@ def wireless_controller_hotspot20_anqp_ip_address_type(data, fos, check_mode=Fal return fos.set( "wireless-controller.hotspot20", "anqp-ip-address-type", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_nai_realm.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_nai_realm.py index f2e2bc0e3..a8b99a918 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_nai_realm.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_nai_realm.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -342,11 +342,10 @@ def wireless_controller_hotspot20_anqp_nai_realm(data, fos, check_mode=False): wireless_controller_hotspot20_anqp_nai_realm_data = data[ "wireless_controller_hotspot20_anqp_nai_realm" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_anqp_nai_realm_data( - wireless_controller_hotspot20_anqp_nai_realm_data - ) + filtered_data = filter_wireless_controller_hotspot20_anqp_nai_realm_data( + wireless_controller_hotspot20_anqp_nai_realm_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -417,7 +416,7 @@ def wireless_controller_hotspot20_anqp_nai_realm(data, fos, check_mode=False): return fos.set( "wireless-controller.hotspot20", "anqp-nai-realm", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_network_auth_type.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_network_auth_type.py index e599707cd..a0b949877 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_network_auth_type.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_network_auth_type.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,11 +242,10 @@ def wireless_controller_hotspot20_anqp_network_auth_type(data, fos, check_mode=F wireless_controller_hotspot20_anqp_network_auth_type_data = data[ "wireless_controller_hotspot20_anqp_network_auth_type" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_anqp_network_auth_type_data( - wireless_controller_hotspot20_anqp_network_auth_type_data - ) + filtered_data = filter_wireless_controller_hotspot20_anqp_network_auth_type_data( + wireless_controller_hotspot20_anqp_network_auth_type_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -323,7 +322,7 @@ def wireless_controller_hotspot20_anqp_network_auth_type(data, fos, check_mode=F return fos.set( "wireless-controller.hotspot20", "anqp-network-auth-type", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_roaming_consortium.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_roaming_consortium.py index c6da46b98..0eadb6bf4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_roaming_consortium.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_roaming_consortium.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -251,11 +251,10 @@ def wireless_controller_hotspot20_anqp_roaming_consortium(data, fos, check_mode= wireless_controller_hotspot20_anqp_roaming_consortium_data = data[ "wireless_controller_hotspot20_anqp_roaming_consortium" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_anqp_roaming_consortium_data( - wireless_controller_hotspot20_anqp_roaming_consortium_data - ) + filtered_data = filter_wireless_controller_hotspot20_anqp_roaming_consortium_data( + wireless_controller_hotspot20_anqp_roaming_consortium_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -332,7 +331,7 @@ def wireless_controller_hotspot20_anqp_roaming_consortium(data, fos, check_mode= return fos.set( "wireless-controller.hotspot20", "anqp-roaming-consortium", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_name.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_name.py index 2d70bf96a..da8894141 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_name.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_name.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -251,11 +251,10 @@ def wireless_controller_hotspot20_anqp_venue_name(data, fos, check_mode=False): wireless_controller_hotspot20_anqp_venue_name_data = data[ "wireless_controller_hotspot20_anqp_venue_name" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_anqp_venue_name_data( - wireless_controller_hotspot20_anqp_venue_name_data - ) + filtered_data = filter_wireless_controller_hotspot20_anqp_venue_name_data( + wireless_controller_hotspot20_anqp_venue_name_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -326,7 +325,7 @@ def wireless_controller_hotspot20_anqp_venue_name(data, fos, check_mode=False): return fos.set( "wireless-controller.hotspot20", "anqp-venue-name", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_url.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_url.py index 03d72ed4b..1a00301b8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_url.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_anqp_venue_url.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -242,17 +242,16 @@ def wireless_controller_hotspot20_anqp_venue_url(data, fos): wireless_controller_hotspot20_anqp_venue_url_data = data[ "wireless_controller_hotspot20_anqp_venue_url" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_anqp_venue_url_data( - wireless_controller_hotspot20_anqp_venue_url_data - ) + filtered_data = filter_wireless_controller_hotspot20_anqp_venue_url_data( + wireless_controller_hotspot20_anqp_venue_url_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( "wireless-controller.hotspot20", "anqp-venue-url", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_advice_of_charge.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_advice_of_charge.py index 4d66717a5..5f302c997 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_advice_of_charge.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_advice_of_charge.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -281,17 +281,16 @@ def wireless_controller_hotspot20_h2qp_advice_of_charge(data, fos): wireless_controller_hotspot20_h2qp_advice_of_charge_data = data[ "wireless_controller_hotspot20_h2qp_advice_of_charge" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_h2qp_advice_of_charge_data( - wireless_controller_hotspot20_h2qp_advice_of_charge_data - ) + filtered_data = filter_wireless_controller_hotspot20_h2qp_advice_of_charge_data( + wireless_controller_hotspot20_h2qp_advice_of_charge_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( "wireless-controller.hotspot20", "h2qp-advice-of-charge", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_conn_capability.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_conn_capability.py index 62fc517a6..bd5d15947 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_conn_capability.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_conn_capability.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -339,11 +339,10 @@ def wireless_controller_hotspot20_h2qp_conn_capability(data, fos, check_mode=Fal wireless_controller_hotspot20_h2qp_conn_capability_data = data[ "wireless_controller_hotspot20_h2qp_conn_capability" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_h2qp_conn_capability_data( - wireless_controller_hotspot20_h2qp_conn_capability_data - ) + filtered_data = filter_wireless_controller_hotspot20_h2qp_conn_capability_data( + wireless_controller_hotspot20_h2qp_conn_capability_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -420,7 +419,7 @@ def wireless_controller_hotspot20_h2qp_conn_capability(data, fos, check_mode=Fal return fos.set( "wireless-controller.hotspot20", "h2qp-conn-capability", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_operator_name.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_operator_name.py index 3dd744e6d..e3ed1d033 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_operator_name.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_operator_name.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -251,11 +251,10 @@ def wireless_controller_hotspot20_h2qp_operator_name(data, fos, check_mode=False wireless_controller_hotspot20_h2qp_operator_name_data = data[ "wireless_controller_hotspot20_h2qp_operator_name" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_h2qp_operator_name_data( - wireless_controller_hotspot20_h2qp_operator_name_data - ) + filtered_data = filter_wireless_controller_hotspot20_h2qp_operator_name_data( + wireless_controller_hotspot20_h2qp_operator_name_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -329,7 +328,7 @@ def wireless_controller_hotspot20_h2qp_operator_name(data, fos, check_mode=False return fos.set( "wireless-controller.hotspot20", "h2qp-operator-name", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider.py index 4c8784f51..a0fcd5dd4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -342,11 +342,10 @@ def wireless_controller_hotspot20_h2qp_osu_provider(data, fos, check_mode=False) wireless_controller_hotspot20_h2qp_osu_provider_data ) ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_h2qp_osu_provider_data( - wireless_controller_hotspot20_h2qp_osu_provider_data - ) + filtered_data = filter_wireless_controller_hotspot20_h2qp_osu_provider_data( + wireless_controller_hotspot20_h2qp_osu_provider_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -420,7 +419,7 @@ def wireless_controller_hotspot20_h2qp_osu_provider(data, fos, check_mode=False) return fos.set( "wireless-controller.hotspot20", "h2qp-osu-provider", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider_nai.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider_nai.py index 56d527a7d..e2b9f96a7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider_nai.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_osu_provider_nai.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -237,17 +237,16 @@ def wireless_controller_hotspot20_h2qp_osu_provider_nai(data, fos): wireless_controller_hotspot20_h2qp_osu_provider_nai_data = data[ "wireless_controller_hotspot20_h2qp_osu_provider_nai" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_h2qp_osu_provider_nai_data( - wireless_controller_hotspot20_h2qp_osu_provider_nai_data - ) + filtered_data = filter_wireless_controller_hotspot20_h2qp_osu_provider_nai_data( + wireless_controller_hotspot20_h2qp_osu_provider_nai_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( "wireless-controller.hotspot20", "h2qp-osu-provider-nai", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_terms_and_conditions.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_terms_and_conditions.py index e914d99cd..c9da9caf8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_terms_and_conditions.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_terms_and_conditions.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -233,17 +233,16 @@ def wireless_controller_hotspot20_h2qp_terms_and_conditions(data, fos): wireless_controller_hotspot20_h2qp_terms_and_conditions_data = data[ "wireless_controller_hotspot20_h2qp_terms_and_conditions" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_h2qp_terms_and_conditions_data( - wireless_controller_hotspot20_h2qp_terms_and_conditions_data - ) + filtered_data = filter_wireless_controller_hotspot20_h2qp_terms_and_conditions_data( + wireless_controller_hotspot20_h2qp_terms_and_conditions_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( "wireless-controller.hotspot20", "h2qp-terms-and-conditions", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_wan_metric.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_wan_metric.py index 2b5e5d16c..7bf6bd387 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_wan_metric.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_h2qp_wan_metric.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -287,11 +287,10 @@ def wireless_controller_hotspot20_h2qp_wan_metric(data, fos, check_mode=False): wireless_controller_hotspot20_h2qp_wan_metric_data = data[ "wireless_controller_hotspot20_h2qp_wan_metric" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_h2qp_wan_metric_data( - wireless_controller_hotspot20_h2qp_wan_metric_data - ) + filtered_data = filter_wireless_controller_hotspot20_h2qp_wan_metric_data( + wireless_controller_hotspot20_h2qp_wan_metric_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -362,7 +361,7 @@ def wireless_controller_hotspot20_h2qp_wan_metric(data, fos, check_mode=False): return fos.set( "wireless-controller.hotspot20", "h2qp-wan-metric", - data=filtered_data, + data=converted_data, vdom=vdom, ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_hs_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_hs_profile.py index b8bd640df..705228eb7 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_hs_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_hs_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -561,9 +561,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"3gpp_plmn": "plmn_3gpp"} + speciallist = {"3gpp_plmn": "plmn_3gpp"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -572,8 +572,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -591,12 +594,10 @@ def wireless_controller_hotspot20_hs_profile(data, fos, check_mode=False): wireless_controller_hotspot20_hs_profile_data = data[ "wireless_controller_hotspot20_hs_profile" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_hs_profile_data( - wireless_controller_hotspot20_hs_profile_data - ) + filtered_data = filter_wireless_controller_hotspot20_hs_profile_data( + wireless_controller_hotspot20_hs_profile_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_icon.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_icon.py index 9147af4a1..609a5b52b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_icon.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_icon.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -270,11 +270,10 @@ def wireless_controller_hotspot20_icon(data, fos, check_mode=False): state = data["state"] wireless_controller_hotspot20_icon_data = data["wireless_controller_hotspot20_icon"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_icon_data( - wireless_controller_hotspot20_icon_data - ) + filtered_data = filter_wireless_controller_hotspot20_icon_data( + wireless_controller_hotspot20_icon_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -343,7 +342,7 @@ def wireless_controller_hotspot20_icon(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller.hotspot20", "icon", data=filtered_data, vdom=vdom + "wireless-controller.hotspot20", "icon", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_qos_map.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_qos_map.py index 14ca2856d..4d65040e8 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_qos_map.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_hotspot20_qos_map.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -280,11 +280,10 @@ def wireless_controller_hotspot20_qos_map(data, fos, check_mode=False): wireless_controller_hotspot20_qos_map_data = data[ "wireless_controller_hotspot20_qos_map" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_hotspot20_qos_map_data( - wireless_controller_hotspot20_qos_map_data - ) + filtered_data = filter_wireless_controller_hotspot20_qos_map_data( + wireless_controller_hotspot20_qos_map_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -353,7 +352,7 @@ def wireless_controller_hotspot20_qos_map(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller.hotspot20", "qos-map", data=filtered_data, vdom=vdom + "wireless-controller.hotspot20", "qos-map", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_inter_controller.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_inter_controller.py index 3ef90ebc0..606856c51 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_inter_controller.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_inter_controller.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -279,14 +279,13 @@ def wireless_controller_inter_controller(data, fos): wireless_controller_inter_controller_data = data[ "wireless_controller_inter_controller" ] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_inter_controller_data( - wireless_controller_inter_controller_data - ) + filtered_data = filter_wireless_controller_inter_controller_data( + wireless_controller_inter_controller_data ) + converted_data = underscore_to_hyphen(filtered_data) return fos.set( - "wireless-controller", "inter-controller", data=filtered_data, vdom=vdom + "wireless-controller", "inter-controller", data=converted_data, vdom=vdom ) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_log.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_log.py index bfbc71240..b67c83fa5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_log.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_log.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -372,11 +372,10 @@ def underscore_to_hyphen(data): def wireless_controller_log(data, fos): vdom = data["vdom"] wireless_controller_log_data = data["wireless_controller_log"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_log_data(wireless_controller_log_data) - ) + filtered_data = filter_wireless_controller_log_data(wireless_controller_log_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wireless-controller", "log", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "log", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_mpsk_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_mpsk_profile.py index 4109c8c12..5d6b3af0a 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_mpsk_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_mpsk_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -315,11 +315,10 @@ def wireless_controller_mpsk_profile(data, fos, check_mode=False): state = data["state"] wireless_controller_mpsk_profile_data = data["wireless_controller_mpsk_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_mpsk_profile_data( - wireless_controller_mpsk_profile_data - ) + filtered_data = filter_wireless_controller_mpsk_profile_data( + wireless_controller_mpsk_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -388,7 +387,7 @@ def wireless_controller_mpsk_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "mpsk-profile", data=filtered_data, vdom=vdom + "wireless-controller", "mpsk-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_nac_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_nac_profile.py index 02ab779cc..72fb5f27c 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_nac_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_nac_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -226,15 +226,14 @@ def wireless_controller_nac_profile(data, fos): state = data["state"] wireless_controller_nac_profile_data = data["wireless_controller_nac_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_nac_profile_data( - wireless_controller_nac_profile_data - ) + filtered_data = filter_wireless_controller_nac_profile_data( + wireless_controller_nac_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "wireless-controller", "nac-profile", data=filtered_data, vdom=vdom + "wireless-controller", "nac-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_qos_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_qos_profile.py index 0f87775e0..473cf6f68 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_qos_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_qos_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -416,11 +416,10 @@ def wireless_controller_qos_profile(data, fos, check_mode=False): state = data["state"] wireless_controller_qos_profile_data = data["wireless_controller_qos_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_qos_profile_data( - wireless_controller_qos_profile_data - ) + filtered_data = filter_wireless_controller_qos_profile_data( + wireless_controller_qos_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -489,7 +488,7 @@ def wireless_controller_qos_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "qos-profile", data=filtered_data, vdom=vdom + "wireless-controller", "qos-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_region.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_region.py index d23410a46..1af99015d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_region.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_region.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -252,9 +252,10 @@ def wireless_controller_region(data, fos, check_mode=False): state = data["state"] wireless_controller_region_data = data["wireless_controller_region"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_region_data(wireless_controller_region_data) + filtered_data = filter_wireless_controller_region_data( + wireless_controller_region_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -318,7 +319,7 @@ def wireless_controller_region(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wireless-controller", "region", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "region", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_rf_analysis.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_rf_analysis.py index 3c978a2f2..791eb95f9 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_rf_analysis.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_rf_analysis.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<wtp_id>": "wtp_id"} + speciallist = {"<wtp_id>": "wtp_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,12 +228,10 @@ def valid_attr_to_invalid_attrs(data): def wireless_controller_rf_analysis(data, fos): vdom = data["vdom"] wireless_controller_rf_analysis_data = data["wireless_controller_rf_analysis"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_rf_analysis_data( - wireless_controller_rf_analysis_data - ) + filtered_data = filter_wireless_controller_rf_analysis_data( + wireless_controller_rf_analysis_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("wireless-controller", "rf-analysis", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_setting.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_setting.py index 46a3e8363..9ca4ddf23 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_setting.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_setting.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -377,6 +377,13 @@ options: choices: - 'enable' - 'disable' + rolling_wtp_upgrade: + description: + - Enable/disable rolling WTP upgrade . + type: str + choices: + - 'enable' + - 'disable' wfa_compatibility: description: - Enable/disable WFA compatibility. @@ -410,6 +417,7 @@ EXAMPLES = """ id: "17" ssid_pattern: "<your_own_value>" phishing_ssid_detect: "enable" + rolling_wtp_upgrade: "enable" wfa_compatibility: "enable" """ @@ -507,6 +515,7 @@ def filter_wireless_controller_setting_data(json): "firmware_provision_on_authorization", "offending_ssid", "phishing_ssid_detect", + "rolling_wtp_upgrade", "wfa_compatibility", ] @@ -569,11 +578,12 @@ def wireless_controller_setting(data, fos): wireless_controller_setting_data = flatten_multilists_attributes( wireless_controller_setting_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_setting_data(wireless_controller_setting_data) + filtered_data = filter_wireless_controller_setting_data( + wireless_controller_setting_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wireless-controller", "setting", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "setting", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -882,6 +892,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "rolling_wtp_upgrade": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "darrp_optimize": {"v_range": [["v6.2.0", ""]], "type": "integer"}, "darrp_optimize_schedules": { "type": "list", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_snmp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_snmp.py index c2aeb28fd..e0e72a8f4 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_snmp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_snmp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -415,11 +415,10 @@ def wireless_controller_snmp(data, fos): wireless_controller_snmp_data = flatten_multilists_attributes( wireless_controller_snmp_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_snmp_data(wireless_controller_snmp_data) - ) + filtered_data = filter_wireless_controller_snmp_data(wireless_controller_snmp_data) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wireless-controller", "snmp", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "snmp", data=converted_data, vdom=vdom) def is_successful_status(resp): diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_spectral_info.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_spectral_info.py index 412dd2747..c1ae108eb 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_spectral_info.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_spectral_info.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"[wtp_id]": "set_wtp_id"} + speciallist = {"[wtp_id]": "set_wtp_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,12 +228,10 @@ def valid_attr_to_invalid_attrs(data): def wireless_controller_spectral_info(data, fos, check_mode=False): vdom = data["vdom"] wireless_controller_spectral_info_data = data["wireless_controller_spectral_info"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_spectral_info_data( - wireless_controller_spectral_info_data - ) + filtered_data = filter_wireless_controller_spectral_info_data( + wireless_controller_spectral_info_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set( "wireless-controller", "spectral-info", data=converted_data, vdom=vdom diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ssid_policy.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ssid_policy.py index cbc591e35..127e5558e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ssid_policy.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_ssid_policy.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -226,15 +226,14 @@ def wireless_controller_ssid_policy(data, fos): state = data["state"] wireless_controller_ssid_policy_data = data["wireless_controller_ssid_policy"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_ssid_policy_data( - wireless_controller_ssid_policy_data - ) + filtered_data = filter_wireless_controller_ssid_policy_data( + wireless_controller_ssid_policy_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "wireless-controller", "ssid-policy", data=filtered_data, vdom=vdom + "wireless-controller", "ssid-policy", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_status.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_status.py index 7e0df42ac..021d06c0b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_status.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_status.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"[1|2]": "set_1_2"} + speciallist = {"[1|2]": "set_1_2"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,10 @@ def valid_attr_to_invalid_attrs(data): def wireless_controller_status(data, fos): vdom = data["vdom"] wireless_controller_status_data = data["wireless_controller_status"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_status_data(wireless_controller_status_data) + filtered_data = filter_wireless_controller_status_data( + wireless_controller_status_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("wireless-controller", "status", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_syslog_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_syslog_profile.py index b83690a6f..9b09dca68 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_syslog_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_syslog_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -275,15 +275,14 @@ def wireless_controller_syslog_profile(data, fos): state = data["state"] wireless_controller_syslog_profile_data = data["wireless_controller_syslog_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_syslog_profile_data( - wireless_controller_syslog_profile_data - ) + filtered_data = filter_wireless_controller_syslog_profile_data( + wireless_controller_syslog_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) if state == "present" or state is True: return fos.set( - "wireless-controller", "syslog-profile", data=filtered_data, vdom=vdom + "wireless-controller", "syslog-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_timers.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_timers.py index 89303b171..78cf83dca 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_timers.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_timers.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -80,6 +80,20 @@ options: default: null type: dict suboptions: + ap_reboot_wait_interval1: + description: + - Time in minutes to wait before AP reboots when there is no controller detected (5 - 65535). + type: int + ap_reboot_wait_interval2: + description: + - Time in minutes to wait before AP reboots when there is no controller detected and standalone SSIDs are pushed to the AP in the previous + session (5 - 65535). + type: int + ap_reboot_wait_time: + description: + - 'Time to reboot the AP when there is no controller detected and standalone SSIDs are pushed to the AP in the previous session, format hh + :mm.' + type: str auth_timeout: description: - Time after which a client is considered failed in RADIUS authentication and times out (5 - 30 sec). @@ -143,6 +157,10 @@ options: description: - Time period to keep IPsec VPN interfaces up after WTP sessions are disconnected (30 - 3600 sec). type: int + nat_session_keep_alive: + description: + - Maximal time in seconds between control requests sent by the managed WTP, AP, or FortiAP (0 - 255 sec). + type: int radio_stats_interval: description: - Time between running radio reports (1 - 255 sec). @@ -178,6 +196,9 @@ EXAMPLES = """ fortinet.fortios.fortios_wireless_controller_timers: vdom: "{{ vdom }}" wireless_controller_timers: + ap_reboot_wait_interval1: "0" + ap_reboot_wait_interval2: "0" + ap_reboot_wait_time: "<your_own_value>" auth_timeout: "5" ble_scan_report_intv: "30" client_idle_rehome_timeout: "20" @@ -192,12 +213,13 @@ EXAMPLES = """ echo_interval: "30" fake_ap_log: "1" ipsec_intf_cleanup: "120" + nat_session_keep_alive: "0" radio_stats_interval: "15" rogue_ap_cleanup: "0" rogue_ap_log: "0" sta_capability_interval: "30" sta_locate_timer: "1800" - sta_stats_interval: "1" + sta_stats_interval: "10" vap_stats_interval: "15" """ @@ -282,6 +304,9 @@ from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.data_post def filter_wireless_controller_timers_data(json): option_list = [ + "ap_reboot_wait_interval1", + "ap_reboot_wait_interval2", + "ap_reboot_wait_time", "auth_timeout", "ble_scan_report_intv", "client_idle_rehome_timeout", @@ -294,6 +319,7 @@ def filter_wireless_controller_timers_data(json): "echo_interval", "fake_ap_log", "ipsec_intf_cleanup", + "nat_session_keep_alive", "radio_stats_interval", "rogue_ap_cleanup", "rogue_ap_log", @@ -329,11 +355,12 @@ def underscore_to_hyphen(data): def wireless_controller_timers(data, fos): vdom = data["vdom"] wireless_controller_timers_data = data["wireless_controller_timers"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_timers_data(wireless_controller_timers_data) + filtered_data = filter_wireless_controller_timers_data( + wireless_controller_timers_data ) + converted_data = underscore_to_hyphen(filtered_data) - return fos.set("wireless-controller", "timers", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "timers", data=converted_data, vdom=vdom) def is_successful_status(resp): @@ -371,6 +398,7 @@ versioned_schema = { "type": "dict", "children": { "echo_interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "nat_session_keep_alive": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "discovery_interval": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "client_idle_timeout": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "client_idle_rehome_timeout": {"v_range": [["v7.2.0", ""]], "type": "integer"}, @@ -386,6 +414,9 @@ versioned_schema = { "ipsec_intf_cleanup": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "ble_scan_report_intv": {"v_range": [["v6.0.0", ""]], "type": "integer"}, "drma_interval": {"v_range": [["v6.4.4", ""]], "type": "integer"}, + "ap_reboot_wait_interval1": {"v_range": [["v7.4.2", ""]], "type": "integer"}, + "ap_reboot_wait_time": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "ap_reboot_wait_interval2": {"v_range": [["v7.4.2", ""]], "type": "integer"}, "darrp_optimize": {"v_range": [["v6.0.0", "v6.0.11"]], "type": "integer"}, "darrp_day": { "v_range": [["v6.0.0", "v6.0.11"]], diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_utm_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_utm_profile.py index a630c1dbe..f1af516f2 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_utm_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_utm_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -276,11 +276,10 @@ def wireless_controller_utm_profile(data, fos, check_mode=False): state = data["state"] wireless_controller_utm_profile_data = data["wireless_controller_utm_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_utm_profile_data( - wireless_controller_utm_profile_data - ) + filtered_data = filter_wireless_controller_utm_profile_data( + wireless_controller_utm_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -349,7 +348,7 @@ def wireless_controller_utm_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "utm-profile", data=filtered_data, vdom=vdom + "wireless-controller", "utm-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap.py index a93e9e4d0..2ece585cc 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -954,6 +954,14 @@ options: type: list elements: str choices: + - '1' + - '1-basic' + - '2' + - '2-basic' + - '5.5' + - '5.5-basic' + - '11' + - '11-basic' - '6' - '6-basic' - '9' @@ -970,14 +978,6 @@ options: - '48-basic' - '54' - '54-basic' - - '1' - - '1-basic' - - '2' - - '2-basic' - - '5.5' - - '5.5-basic' - - '11' - - '11-basic' rates_11ac_mcs_map: description: - Comma separated list of max supported VHT MCS for spatial streams 1 through 8. @@ -1112,6 +1112,14 @@ options: type: list elements: str choices: + - '1' + - '1-basic' + - '2' + - '2-basic' + - '5.5' + - '5.5-basic' + - '11' + - '11-basic' - '6' - '6-basic' - '9' @@ -1128,14 +1136,6 @@ options: - '48-basic' - '54' - '54-basic' - - '1' - - '1-basic' - - '2' - - '2-basic' - - '5.5' - - '5.5-basic' - - '11' - - '11-basic' rates_11n_ss12: description: - Allowed data rates for 802.11n with 1 or 2 spatial streams. @@ -1180,6 +1180,13 @@ options: - 'mcs29/4' - 'mcs30/4' - 'mcs31/4' + roaming_acct_interim_update: + description: + - Enable/disable using accounting interim update instead of accounting start/stop on roaming for WPA-Enterprise security. + type: str + choices: + - 'enable' + - 'disable' sae_groups: description: - SAE-Groups. @@ -1209,6 +1216,13 @@ options: choices: - 'enable' - 'disable' + sae_hnp_only: + description: + - Use hunting-and-pecking-only mechanism for PWE derivation . + type: str + choices: + - 'enable' + - 'disable' sae_password: description: - WPA3 SAE password to be used to authenticate WiFi users. @@ -1299,6 +1313,20 @@ options: - User group name. Source user.group.name. required: true type: str + set_80211k: + description: + - Enable/disable 802.11k assisted roaming . + type: str + choices: + - 'disable' + - 'enable' + set_80211v: + description: + - Enable/disable 802.11v assisted roaming . + type: str + choices: + - 'disable' + - 'enable' split_tunneling: description: - Enable/disable split tunneling . @@ -1606,25 +1634,27 @@ EXAMPLES = """ radius_mac_mpsk_auth: "enable" radius_mac_mpsk_timeout: "86400" radius_server: "<your_own_value> (source user.radius.name)" - rates_11a: "6" + rates_11a: "1" rates_11ac_mcs_map: "<your_own_value>" rates_11ac_ss12: "mcs0/1" rates_11ac_ss34: "mcs0/3" rates_11ax_mcs_map: "<your_own_value>" rates_11ax_ss12: "mcs0/1" rates_11ax_ss34: "mcs0/3" - rates_11bg: "6" + rates_11bg: "1" rates_11n_ss12: "mcs0/1" rates_11n_ss34: "mcs16/3" + roaming_acct_interim_update: "enable" sae_groups: "19" sae_h2e_only: "enable" + sae_hnp_only: "enable" sae_password: "<your_own_value>" sae_pk: "enable" sae_private_key: "<your_own_value>" scan_botnet_connections: "disable" schedule: - - name: "default_name_165 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)" + name: "default_name_167 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)" secondary_wag_profile: "<your_own_value> (source wireless-controller.wag-profile.name)" security: "open" security_exempt_list: "<your_own_value> (source user.security-exempt-list.name)" @@ -1632,7 +1662,9 @@ EXAMPLES = """ security_redirect_url: "<your_own_value>" selected_usergroups: - - name: "default_name_172 (source user.group.name)" + name: "default_name_174 (source user.group.name)" + set_80211k: "disable" + set_80211v: "disable" split_tunneling: "enable" ssid: "<your_own_value>" sticky_client_remove: "enable" @@ -1645,7 +1677,7 @@ EXAMPLES = """ tunnel_fallback_interval: "7200" usergroup: - - name: "default_name_184 (source user.group.name)" + name: "default_name_188 (source user.group.name)" utm_log: "enable" utm_profile: "<your_own_value> (source wireless-controller.utm-profile.name)" utm_status: "enable" @@ -1653,11 +1685,11 @@ EXAMPLES = """ vlan_auto: "enable" vlan_name: - - name: "default_name_191" + name: "default_name_195" vlan_id: "<your_own_value>" vlan_pool: - - id: "194" + id: "198" wtp_group: "<your_own_value> (source wireless-controller.wtp-group.name)" vlan_pooling: "wtp-group" vlanid: "0" @@ -1896,8 +1928,10 @@ def filter_wireless_controller_vap_data(json): "rates_11bg", "rates_11n_ss12", "rates_11n_ss34", + "roaming_acct_interim_update", "sae_groups", "sae_h2e_only", + "sae_hnp_only", "sae_password", "sae_pk", "sae_private_key", @@ -1909,6 +1943,8 @@ def filter_wireless_controller_vap_data(json): "security_obsolete_option", "security_redirect_url", "selected_usergroups", + "set_80211k", + "set_80211v", "split_tunneling", "ssid", "sticky_client_remove", @@ -2000,6 +2036,32 @@ def underscore_to_hyphen(data): return data +def valid_attr_to_invalid_attr(data): + speciallist = {"80211k": "set_80211k", "80211v": "set_80211v"} + + for k, v in speciallist.items(): + if v == data: + return k + + return data + + +def valid_attr_to_invalid_attrs(data): + if isinstance(data, list): + new_data = [] + for elem in data: + elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data + elif isinstance(data, dict): + new_data = {} + for k, v in data.items(): + new_data[valid_attr_to_invalid_attr(k)] = valid_attr_to_invalid_attrs(v) + data = new_data + + return data + + def wireless_controller_vap(data, fos, check_mode=False): vdom = data["vdom"] @@ -2009,9 +2071,8 @@ def wireless_controller_vap(data, fos, check_mode=False): wireless_controller_vap_data = flatten_multilists_attributes( wireless_controller_vap_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_vap_data(wireless_controller_vap_data) - ) + filtered_data = filter_wireless_controller_vap_data(wireless_controller_vap_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: @@ -2075,7 +2136,7 @@ def wireless_controller_vap(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wireless-controller", "vap", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "vap", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -2201,11 +2262,6 @@ versioned_schema = { {"value": "prefer-use"}, ], }, - "voice_enterprise": { - "v_range": [["v6.0.0", ""]], - "type": "string", - "options": [{"value": "disable"}, {"value": "enable"}], - }, "neighbor_report_dual_band": { "v_range": [["v7.0.0", ""]], "type": "string", @@ -2389,6 +2445,11 @@ versioned_schema = { "type": "string", "options": [{"value": "enable"}, {"value": "disable"}], }, + "sae_hnp_only": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "sae_pk": { "v_range": [["v7.0.8", "v7.0.12"], ["v7.2.1", ""]], "type": "string", @@ -2755,6 +2816,11 @@ versioned_schema = { "options": [{"value": "enable"}, {"value": "disable"}], }, "eap_reauth_intv": {"v_range": [["v6.0.0", ""]], "type": "integer"}, + "roaming_acct_interim_update": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "qos_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "hotspot20_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "access_control_list": {"v_range": [["v6.4.0", ""]], "type": "string"}, @@ -2766,6 +2832,20 @@ versioned_schema = { "v_range": [["v6.0.0", ""]], "type": "list", "options": [ + {"value": "1", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "1-basic", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "2", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "2-basic", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "5.5", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + { + "value": "5.5-basic", + "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]], + }, + {"value": "11", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + { + "value": "11-basic", + "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]], + }, {"value": "6"}, {"value": "6-basic"}, {"value": "9"}, @@ -2782,14 +2862,6 @@ versioned_schema = { {"value": "48-basic"}, {"value": "54"}, {"value": "54-basic"}, - {"value": "1", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "1-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "2", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "2-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "5.5", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "5.5-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "11", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "11-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, ], "multiple_values": True, "elements": "str", @@ -2798,6 +2870,20 @@ versioned_schema = { "v_range": [["v6.0.0", ""]], "type": "list", "options": [ + {"value": "1", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "1-basic", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "2", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "2-basic", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + {"value": "5.5", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + { + "value": "5.5-basic", + "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]], + }, + {"value": "11", "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]]}, + { + "value": "11-basic", + "v_range": [["v6.0.0", "v7.4.0"], ["v7.4.2", ""]], + }, {"value": "6"}, {"value": "6-basic"}, {"value": "9"}, @@ -2814,14 +2900,6 @@ versioned_schema = { {"value": "48-basic"}, {"value": "54"}, {"value": "54-basic"}, - {"value": "1", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "1-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "2", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "2-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "5.5", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "5.5-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "11", "v_range": [["v6.0.0", "v7.4.0"]]}, - {"value": "11-basic", "v_range": [["v6.0.0", "v7.4.0"]]}, ], "multiple_values": True, "elements": "str", @@ -2960,6 +3038,11 @@ versioned_schema = { "type": "string", "options": [{"value": "direct"}, {"value": "indirect"}], }, + "voice_enterprise": { + "v_range": [["v6.0.0", "v7.4.1"]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, "mac_filter": { "v_range": [["v6.0.0", "v7.4.0"]], "type": "string", @@ -3192,6 +3275,16 @@ versioned_schema = { "type": "string", }, "vdom": {"v_range": [["v6.0.0", "v6.0.11"]], "type": "string"}, + "set_80211k": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, + "set_80211v": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "disable"}, {"value": "enable"}], + }, }, "v_range": [["v6.0.0", ""]], } diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_group.py index 3840c8f0f..ed9b150f6 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -244,9 +244,10 @@ def wireless_controller_vap_group(data, fos, check_mode=False): state = data["state"] wireless_controller_vap_group_data = data["wireless_controller_vap_group"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_vap_group_data(wireless_controller_vap_group_data) + filtered_data = filter_wireless_controller_vap_group_data( + wireless_controller_vap_group_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -313,7 +314,7 @@ def wireless_controller_vap_group(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "vap-group", data=filtered_data, vdom=vdom + "wireless-controller", "vap-group", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_status.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_status.py index df3598dcf..c4becd60e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_status.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_vap_status.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"[1]": "set_1"} + speciallist = {"[1]": "set_1"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,10 @@ def valid_attr_to_invalid_attrs(data): def wireless_controller_vap_status(data, fos): vdom = data["vdom"] wireless_controller_vap_status_data = data["wireless_controller_vap_status"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_vap_status_data(wireless_controller_vap_status_data) + filtered_data = filter_wireless_controller_vap_status_data( + wireless_controller_vap_status_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("wireless-controller", "vap-status", data=converted_data, vdom=vdom) diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wag_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wag_profile.py index 45859c662..3cfb8193e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wag_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wag_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -278,11 +278,10 @@ def wireless_controller_wag_profile(data, fos, check_mode=False): state = data["state"] wireless_controller_wag_profile_data = data["wireless_controller_wag_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_wag_profile_data( - wireless_controller_wag_profile_data - ) + filtered_data = filter_wireless_controller_wag_profile_data( + wireless_controller_wag_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -351,7 +350,7 @@ def wireless_controller_wag_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "wag-profile", data=filtered_data, vdom=vdom + "wireless-controller", "wag-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wids_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wids_profile.py index 49583d5af..815fdf52b 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wids_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wids_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -636,11 +636,10 @@ def wireless_controller_wids_profile(data, fos, check_mode=False): state = data["state"] wireless_controller_wids_profile_data = data["wireless_controller_wids_profile"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_wids_profile_data( - wireless_controller_wids_profile_data - ) + filtered_data = filter_wireless_controller_wids_profile_data( + wireless_controller_wids_profile_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -709,7 +708,7 @@ def wireless_controller_wids_profile(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "wids-profile", data=filtered_data, vdom=vdom + "wireless-controller", "wids-profile", data=converted_data, vdom=vdom ) elif state == "absent": diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp.py index cfc572495..d1c0450e5 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -397,6 +397,20 @@ options: choices: - 'enable' - 'disable' + purdue_level: + description: + - Purdue Level of this WTP. + type: str + choices: + - '1' + - '1.5' + - '2' + - '2.5' + - '3' + - '3.5' + - '4' + - '5' + - '5.5' radio_1: description: - Configuration options for radio 1. @@ -1161,6 +1175,7 @@ EXAMPLES = """ override_login_passwd_change: "enable" override_split_tunnel: "enable" override_wan_port_mode: "enable" + purdue_level: "1" radio_1: auto_power_high: "17" auto_power_level: "enable" @@ -1184,7 +1199,7 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_74 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_75 (source wireless-controller.vap-group.name system.interface.name)" radio_2: auto_power_high: "17" auto_power_level: "enable" @@ -1208,7 +1223,7 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_96 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_97 (source wireless-controller.vap-group.name system.interface.name)" radio_3: auto_power_high: "17" auto_power_level: "enable" @@ -1232,7 +1247,7 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_118 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_119 (source wireless-controller.vap-group.name system.interface.name)" radio_4: auto_power_high: "17" auto_power_level: "enable" @@ -1255,14 +1270,14 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_139 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_140 (source wireless-controller.vap-group.name system.interface.name)" region: "<your_own_value> (source wireless-controller.region.name)" region_x: "<your_own_value>" region_y: "<your_own_value>" split_tunneling_acl: - dest_ip: "<your_own_value>" - id: "145" + id: "146" split_tunneling_acl_local_ap_subnet: "enable" split_tunneling_acl_path: "tunnel" tun_mtu_downlink: "0" @@ -1394,6 +1409,7 @@ def filter_wireless_controller_wtp_data(json): "override_login_passwd_change", "override_split_tunnel", "override_wan_port_mode", + "purdue_level", "radio_1", "radio_2", "radio_3", @@ -1475,9 +1491,8 @@ def wireless_controller_wtp(data, fos, check_mode=False): wireless_controller_wtp_data = flatten_multilists_attributes( wireless_controller_wtp_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_wtp_data(wireless_controller_wtp_data) - ) + filtered_data = filter_wireless_controller_wtp_data(wireless_controller_wtp_data) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -1541,7 +1556,7 @@ def wireless_controller_wtp(data, fos, check_mode=False): return True, False, {"reason: ": "Must provide state parameter"}, {} if state == "present" or state is True: - return fos.set("wireless-controller", "wtp", data=filtered_data, vdom=vdom) + return fos.set("wireless-controller", "wtp", data=converted_data, vdom=vdom) elif state == "absent": return fos.delete( @@ -2408,6 +2423,21 @@ versioned_schema = { {"value": "disable"}, ], }, + "purdue_level": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [ + {"value": "1"}, + {"value": "1.5"}, + {"value": "2"}, + {"value": "2.5"}, + {"value": "3"}, + {"value": "3.5"}, + {"value": "4"}, + {"value": "5"}, + {"value": "5.5"}, + ], + }, "coordinate_latitude": {"v_range": [["v6.0.0", ""]], "type": "string"}, "coordinate_longitude": {"v_range": [["v6.0.0", ""]], "type": "string"}, "index": { diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_group.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_group.py index 422171bef..f4d86d89e 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_group.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_group.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -127,7 +127,12 @@ options: - '233G' - '234G' - '431G' + - '432G' - '433G' + - '241K' + - '243K' + - '441K' + - '443K' - 'U421E' - 'U422EV' - 'U423E' @@ -327,9 +332,10 @@ def wireless_controller_wtp_group(data, fos, check_mode=False): state = data["state"] wireless_controller_wtp_group_data = data["wireless_controller_wtp_group"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_wtp_group_data(wireless_controller_wtp_group_data) + filtered_data = filter_wireless_controller_wtp_group_data( + wireless_controller_wtp_group_data ) + converted_data = underscore_to_hyphen(filtered_data) # check_mode starts from here if check_mode: @@ -396,7 +402,7 @@ def wireless_controller_wtp_group(data, fos, check_mode=False): if state == "present" or state is True: return fos.set( - "wireless-controller", "wtp-group", data=filtered_data, vdom=vdom + "wireless-controller", "wtp-group", data=converted_data, vdom=vdom ) elif state == "absent": @@ -500,7 +506,12 @@ versioned_schema = { {"value": "233G", "v_range": [["v7.0.8", "v7.0.12"], ["v7.2.1", ""]]}, {"value": "234G", "v_range": [["v7.4.0", ""]]}, {"value": "431G", "v_range": [["v7.0.8", "v7.0.12"], ["v7.2.1", ""]]}, + {"value": "432G", "v_range": [["v7.4.2", ""]]}, {"value": "433G", "v_range": [["v7.0.8", "v7.0.12"], ["v7.2.1", ""]]}, + {"value": "241K", "v_range": [["v7.4.2", ""]]}, + {"value": "243K", "v_range": [["v7.4.2", ""]]}, + {"value": "441K", "v_range": [["v7.4.2", ""]]}, + {"value": "443K", "v_range": [["v7.4.2", ""]]}, {"value": "U421E"}, {"value": "U422EV"}, {"value": "U423E"}, diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_profile.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_profile.py index cd974c556..3ef9b2755 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_profile.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_profile.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -320,6 +320,10 @@ options: description: - Bluetooth Low Energy profile name. Source wireless-controller.ble-profile.name. type: str + bonjour_profile: + description: + - Bonjour profile name. Source wireless-controller.bonjour-profile.name. + type: str comment: description: - Comment. @@ -943,7 +947,12 @@ options: - '233G' - '234G' - '431G' + - '432G' - '433G' + - '241K' + - '243K' + - '441K' + - '443K' - 'U421E' - 'U422EV' - 'U423E' @@ -1299,6 +1308,7 @@ options: type: str choices: - 'none' + - 'custom' - 'FANT-04ABGN-0606-O-N' - 'FANT-04ABGN-1414-P-N' - 'FANT-04ABGN-8065-P-N' @@ -1306,6 +1316,10 @@ options: - 'FANT-04ABGN-0606-P-R' - 'FANT-10ACAX-1213-D-N' - 'FANT-08ABGN-1213-D-R' + optional_antenna_gain: + description: + - Optional antenna gain in dBi (0 to 20). + type: str power_level: description: - Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). @@ -1354,6 +1368,10 @@ options: description: - BSSID for WiFi network. type: str + sam_ca_certificate: + description: + - CA certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_captive_portal: description: - Enable/disable Captive Portal Authentication . @@ -1361,6 +1379,10 @@ options: choices: - 'enable' - 'disable' + sam_client_certificate: + description: + - Client certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_cwp_failure_string: description: - Failure identification on the page after an incorrect login. @@ -1385,10 +1407,26 @@ options: description: - Username for captive portal authentication. type: str + sam_eap_method: + description: + - Select WPA2/WPA3-ENTERPRISE EAP Method . + type: str + choices: + - 'both' + - 'tls' + - 'peap' sam_password: description: - Passphrase for WiFi network connection. type: str + sam_private_key: + description: + - Private key for WPA2/WPA3-ENTERPRISE. + type: str + sam_private_key_password: + description: + - Password for private key file for WPA2/WPA3-ENTERPRISE. + type: str sam_report_intv: description: - SAM report interval (sec), 0 for a one-time report. @@ -1401,6 +1439,8 @@ options: - 'open' - 'wpa-personal' - 'wpa-enterprise' + - 'wpa3-sae' + - 'owe' sam_server: description: - SAM test server IP address or domain name. @@ -1793,6 +1833,7 @@ options: type: str choices: - 'none' + - 'custom' - 'FANT-04ABGN-0606-O-N' - 'FANT-04ABGN-1414-P-N' - 'FANT-04ABGN-8065-P-N' @@ -1800,6 +1841,10 @@ options: - 'FANT-04ABGN-0606-P-R' - 'FANT-10ACAX-1213-D-N' - 'FANT-08ABGN-1213-D-R' + optional_antenna_gain: + description: + - Optional antenna gain in dBi (0 to 20). + type: str power_level: description: - Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). @@ -1848,6 +1893,10 @@ options: description: - BSSID for WiFi network. type: str + sam_ca_certificate: + description: + - CA certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_captive_portal: description: - Enable/disable Captive Portal Authentication . @@ -1855,6 +1904,10 @@ options: choices: - 'enable' - 'disable' + sam_client_certificate: + description: + - Client certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_cwp_failure_string: description: - Failure identification on the page after an incorrect login. @@ -1879,10 +1932,26 @@ options: description: - Username for captive portal authentication. type: str + sam_eap_method: + description: + - Select WPA2/WPA3-ENTERPRISE EAP Method . + type: str + choices: + - 'both' + - 'tls' + - 'peap' sam_password: description: - Passphrase for WiFi network connection. type: str + sam_private_key: + description: + - Private key for WPA2/WPA3-ENTERPRISE. + type: str + sam_private_key_password: + description: + - Password for private key file for WPA2/WPA3-ENTERPRISE. + type: str sam_report_intv: description: - SAM report interval (sec), 0 for a one-time report. @@ -1895,6 +1964,8 @@ options: - 'open' - 'wpa-personal' - 'wpa-enterprise' + - 'wpa3-sae' + - 'owe' sam_server: description: - SAM test server IP address or domain name. @@ -2287,6 +2358,7 @@ options: type: str choices: - 'none' + - 'custom' - 'FANT-04ABGN-0606-O-N' - 'FANT-04ABGN-1414-P-N' - 'FANT-04ABGN-8065-P-N' @@ -2294,6 +2366,10 @@ options: - 'FANT-04ABGN-0606-P-R' - 'FANT-10ACAX-1213-D-N' - 'FANT-08ABGN-1213-D-R' + optional_antenna_gain: + description: + - Optional antenna gain in dBi (0 to 20). + type: str power_level: description: - Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). @@ -2342,6 +2418,10 @@ options: description: - BSSID for WiFi network. type: str + sam_ca_certificate: + description: + - CA certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_captive_portal: description: - Enable/disable Captive Portal Authentication . @@ -2349,6 +2429,10 @@ options: choices: - 'enable' - 'disable' + sam_client_certificate: + description: + - Client certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_cwp_failure_string: description: - Failure identification on the page after an incorrect login. @@ -2373,10 +2457,26 @@ options: description: - Username for captive portal authentication. type: str + sam_eap_method: + description: + - Select WPA2/WPA3-ENTERPRISE EAP Method . + type: str + choices: + - 'both' + - 'tls' + - 'peap' sam_password: description: - Passphrase for WiFi network connection. type: str + sam_private_key: + description: + - Private key for WPA2/WPA3-ENTERPRISE. + type: str + sam_private_key_password: + description: + - Password for private key file for WPA2/WPA3-ENTERPRISE. + type: str sam_report_intv: description: - SAM report interval (sec), 0 for a one-time report. @@ -2389,6 +2489,8 @@ options: - 'open' - 'wpa-personal' - 'wpa-enterprise' + - 'wpa3-sae' + - 'owe' sam_server: description: - SAM test server IP address or domain name. @@ -2590,7 +2692,7 @@ options: type: str band: description: - - WiFi band that Radio 3 operates on. + - WiFi band that Radio 4 operates on. type: str choices: - '802.11a' @@ -2767,7 +2869,7 @@ options: - '8x8' mode: description: - - Mode of radio 3. Radio 3 can be disabled, configured as an access point, a rogue AP monitor, a sniffer, or a station. + - Mode of radio 4. Radio 4 can be disabled, configured as an access point, a rogue AP monitor, a sniffer, or a station. type: str choices: - 'disabled' @@ -2781,6 +2883,7 @@ options: type: str choices: - 'none' + - 'custom' - 'FANT-04ABGN-0606-O-N' - 'FANT-04ABGN-1414-P-N' - 'FANT-04ABGN-8065-P-N' @@ -2788,6 +2891,10 @@ options: - 'FANT-04ABGN-0606-P-R' - 'FANT-10ACAX-1213-D-N' - 'FANT-08ABGN-1213-D-R' + optional_antenna_gain: + description: + - Optional antenna gain in dBi (0 to 20). + type: str power_level: description: - Radio EIRP power level as a percentage of the maximum EIRP power (0 - 100). @@ -2832,6 +2939,10 @@ options: description: - BSSID for WiFi network. type: str + sam_ca_certificate: + description: + - CA certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_captive_portal: description: - Enable/disable Captive Portal Authentication . @@ -2839,6 +2950,10 @@ options: choices: - 'enable' - 'disable' + sam_client_certificate: + description: + - Client certificate for WPA2/WPA3-ENTERPRISE. + type: str sam_cwp_failure_string: description: - Failure identification on the page after an incorrect login. @@ -2863,10 +2978,26 @@ options: description: - Username for captive portal authentication. type: str + sam_eap_method: + description: + - Select WPA2/WPA3-ENTERPRISE EAP Method . + type: str + choices: + - 'both' + - 'tls' + - 'peap' sam_password: description: - Passphrase for WiFi network connection. type: str + sam_private_key: + description: + - Private key for WPA2/WPA3-ENTERPRISE. + type: str + sam_private_key_password: + description: + - Password for private key file for WPA2/WPA3-ENTERPRISE. + type: str sam_report_intv: description: - SAM report interval (sec), 0 for a one-time report. @@ -2879,6 +3010,8 @@ options: - 'open' - 'wpa-personal' - 'wpa-enterprise' + - 'wpa3-sae' + - 'owe' sam_server: description: - SAM test server IP address or domain name. @@ -3034,6 +3167,13 @@ options: choices: - 'none' - '802.1x' + wan_port_auth_macsec: + description: + - Enable/disable WAN port 802.1x supplicant MACsec policy . + type: str + choices: + - 'enable' + - 'disable' wan_port_auth_methods: description: - WAN port 802.1x supplicant EAP methods . @@ -3072,12 +3212,13 @@ EXAMPLES = """ ap_handoff: "enable" apcfg_profile: "<your_own_value> (source wireless-controller.apcfg-profile.name)" ble_profile: "<your_own_value> (source wireless-controller.ble-profile.name)" + bonjour_profile: "<your_own_value> (source wireless-controller.bonjour-profile.name)" comment: "Comment." console_login: "enable" control_message_offload: "ebp-frame" deny_mac_list: - - id: "12" + id: "13" mac: "<your_own_value>" dtls_in_kernel: "enable" dtls_policy: "clear-text" @@ -3162,13 +3303,13 @@ EXAMPLES = """ station_locate: "enable" led_schedules: - - name: "default_name_96 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)" + name: "default_name_97 (source firewall.schedule.group.name firewall.schedule.recurring.name firewall.schedule.onetime.name)" led_state: "enable" lldp: "enable" login_passwd: "<your_own_value>" login_passwd_change: "yes" max_clients: "0" - name: "default_name_102" + name: "default_name_103" platform: ddscan: "enable" mode: "single-5G" @@ -3219,6 +3360,7 @@ EXAMPLES = """ mimo_mode: "default" mode: "disabled" optional_antenna: "none" + optional_antenna_gain: "<your_own_value>" power_level: "100" power_mode: "dBm" power_value: "27" @@ -3227,14 +3369,19 @@ EXAMPLES = """ radio_id: "2" rts_threshold: "2346" sam_bssid: "<your_own_value>" + sam_ca_certificate: "<your_own_value>" sam_captive_portal: "enable" + sam_client_certificate: "<your_own_value>" sam_cwp_failure_string: "<your_own_value>" sam_cwp_match_string: "<your_own_value>" sam_cwp_password: "<your_own_value>" sam_cwp_success_string: "<your_own_value>" sam_cwp_test_url: "<your_own_value>" sam_cwp_username: "<your_own_value>" + sam_eap_method: "both" sam_password: "<your_own_value>" + sam_private_key: "<your_own_value>" + sam_private_key_password: "<your_own_value>" sam_report_intv: "0" sam_security_type: "open" sam_server: "<your_own_value>" @@ -3251,7 +3398,7 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_183 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_190 (source wireless-controller.vap-group.name system.interface.name)" wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)" zero_wait_dfs: "enable" radio_2: @@ -3299,6 +3446,7 @@ EXAMPLES = """ mimo_mode: "default" mode: "disabled" optional_antenna: "none" + optional_antenna_gain: "<your_own_value>" power_level: "100" power_mode: "dBm" power_value: "27" @@ -3307,14 +3455,19 @@ EXAMPLES = """ radio_id: "2" rts_threshold: "2346" sam_bssid: "<your_own_value>" + sam_ca_certificate: "<your_own_value>" sam_captive_portal: "enable" + sam_client_certificate: "<your_own_value>" sam_cwp_failure_string: "<your_own_value>" sam_cwp_match_string: "<your_own_value>" sam_cwp_password: "<your_own_value>" sam_cwp_success_string: "<your_own_value>" sam_cwp_test_url: "<your_own_value>" sam_cwp_username: "<your_own_value>" + sam_eap_method: "both" sam_password: "<your_own_value>" + sam_private_key: "<your_own_value>" + sam_private_key_password: "<your_own_value>" sam_report_intv: "0" sam_security_type: "open" sam_server: "<your_own_value>" @@ -3331,7 +3484,7 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_261 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_274 (source wireless-controller.vap-group.name system.interface.name)" wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)" zero_wait_dfs: "enable" radio_3: @@ -3340,7 +3493,7 @@ EXAMPLES = """ ap_handoff: "enable" ap_sniffer_addr: "<your_own_value>" ap_sniffer_bufsize: "16" - ap_sniffer_chan: "6" + ap_sniffer_chan: "37" ap_sniffer_ctl: "enable" ap_sniffer_data: "enable" ap_sniffer_mgmt_beacon: "enable" @@ -3379,6 +3532,7 @@ EXAMPLES = """ mimo_mode: "default" mode: "disabled" optional_antenna: "none" + optional_antenna_gain: "<your_own_value>" power_level: "100" power_mode: "dBm" power_value: "27" @@ -3387,14 +3541,19 @@ EXAMPLES = """ radio_id: "2" rts_threshold: "2346" sam_bssid: "<your_own_value>" + sam_ca_certificate: "<your_own_value>" sam_captive_portal: "enable" + sam_client_certificate: "<your_own_value>" sam_cwp_failure_string: "<your_own_value>" sam_cwp_match_string: "<your_own_value>" sam_cwp_password: "<your_own_value>" sam_cwp_success_string: "<your_own_value>" sam_cwp_test_url: "<your_own_value>" sam_cwp_username: "<your_own_value>" + sam_eap_method: "both" sam_password: "<your_own_value>" + sam_private_key: "<your_own_value>" + sam_private_key_password: "<your_own_value>" sam_report_intv: "0" sam_security_type: "open" sam_server: "<your_own_value>" @@ -3411,7 +3570,7 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_339 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_358 (source wireless-controller.vap-group.name system.interface.name)" wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)" zero_wait_dfs: "enable" radio_4: @@ -3459,6 +3618,7 @@ EXAMPLES = """ mimo_mode: "default" mode: "disabled" optional_antenna: "none" + optional_antenna_gain: "<your_own_value>" power_level: "100" power_mode: "dBm" power_value: "27" @@ -3466,14 +3626,19 @@ EXAMPLES = """ protection_mode: "rtscts" rts_threshold: "2346" sam_bssid: "<your_own_value>" + sam_ca_certificate: "<your_own_value>" sam_captive_portal: "enable" + sam_client_certificate: "<your_own_value>" sam_cwp_failure_string: "<your_own_value>" sam_cwp_match_string: "<your_own_value>" sam_cwp_password: "<your_own_value>" sam_cwp_success_string: "<your_own_value>" sam_cwp_test_url: "<your_own_value>" sam_cwp_username: "<your_own_value>" + sam_eap_method: "both" sam_password: "<your_own_value>" + sam_private_key: "<your_own_value>" + sam_private_key_password: "<your_own_value>" sam_report_intv: "0" sam_security_type: "open" sam_server: "<your_own_value>" @@ -3490,13 +3655,13 @@ EXAMPLES = """ vap_all: "tunnel" vaps: - - name: "default_name_416 (source wireless-controller.vap-group.name system.interface.name)" + name: "default_name_441 (source wireless-controller.vap-group.name system.interface.name)" wids_profile: "<your_own_value> (source wireless-controller.wids-profile.name)" zero_wait_dfs: "enable" split_tunneling_acl: - dest_ip: "<your_own_value>" - id: "421" + id: "446" split_tunneling_acl_local_ap_subnet: "enable" split_tunneling_acl_path: "tunnel" syslog_profile: "<your_own_value> (source wireless-controller.syslog-profile.name)" @@ -3504,6 +3669,7 @@ EXAMPLES = """ tun_mtu_uplink: "0" unii_4_5ghz_band: "enable" wan_port_auth: "none" + wan_port_auth_macsec: "enable" wan_port_auth_methods: "all" wan_port_auth_password: "<your_own_value>" wan_port_auth_usrname: "<your_own_value>" @@ -3605,6 +3771,7 @@ def filter_wireless_controller_wtp_profile_data(json): "ap_handoff", "apcfg_profile", "ble_profile", + "bonjour_profile", "comment", "console_login", "control_message_offload", @@ -3643,6 +3810,7 @@ def filter_wireless_controller_wtp_profile_data(json): "tun_mtu_uplink", "unii_4_5ghz_band", "wan_port_auth", + "wan_port_auth_macsec", "wan_port_auth_methods", "wan_port_auth_password", "wan_port_auth_usrname", @@ -3713,9 +3881,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"80211d": "set_80211d"} + speciallist = {"80211d": "set_80211d"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -3724,8 +3892,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -3744,12 +3915,10 @@ def wireless_controller_wtp_profile(data, fos, check_mode=False): wireless_controller_wtp_profile_data = flatten_multilists_attributes( wireless_controller_wtp_profile_data ) - filtered_data = underscore_to_hyphen( - filter_wireless_controller_wtp_profile_data( - wireless_controller_wtp_profile_data - ) + filtered_data = filter_wireless_controller_wtp_profile_data( + wireless_controller_wtp_profile_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) # check_mode starts from here if check_mode: @@ -3957,10 +4126,15 @@ versioned_schema = { "value": "431G", "v_range": [["v7.0.8", "v7.0.12"], ["v7.2.1", ""]], }, + {"value": "432G", "v_range": [["v7.4.2", ""]]}, { "value": "433G", "v_range": [["v7.0.8", "v7.0.12"], ["v7.2.1", ""]], }, + {"value": "241K", "v_range": [["v7.4.2", ""]]}, + {"value": "243K", "v_range": [["v7.4.2", ""]]}, + {"value": "441K", "v_range": [["v7.4.2", ""]]}, + {"value": "443K", "v_range": [["v7.4.2", ""]]}, {"value": "U421E"}, {"value": "U422EV"}, {"value": "U423E"}, @@ -4049,6 +4223,7 @@ versioned_schema = { "multiple_values": True, "elements": "str", }, + "bonjour_profile": {"v_range": [["v7.4.2", ""]], "type": "string"}, "apcfg_profile": {"v_range": [["v6.4.0", ""]], "type": "string"}, "ble_profile": {"v_range": [["v6.0.0", ""]], "type": "string"}, "syslog_profile": {"v_range": [["v7.0.2", ""]], "type": "string"}, @@ -4687,6 +4862,7 @@ versioned_schema = { "type": "string", "options": [ {"value": "none"}, + {"value": "custom", "v_range": [["v7.4.2", ""]]}, {"value": "FANT-04ABGN-0606-O-N"}, {"value": "FANT-04ABGN-1414-P-N"}, {"value": "FANT-04ABGN-8065-P-N"}, @@ -4696,6 +4872,10 @@ versioned_schema = { {"value": "FANT-08ABGN-1213-D-R"}, ], }, + "optional_antenna_gain": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "auto_power_level": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -4752,6 +4932,8 @@ versioned_schema = { {"value": "open"}, {"value": "wpa-personal"}, {"value": "wpa-enterprise"}, + {"value": "wpa3-sae", "v_range": [["v7.4.2", ""]]}, + {"value": "owe", "v_range": [["v7.4.2", ""]]}, ], }, "sam_captive_portal": { @@ -4771,6 +4953,21 @@ versioned_schema = { "v_range": [["v7.0.1", ""]], "type": "string", }, + "sam_eap_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "both"}, {"value": "tls"}, {"value": "peap"}], + }, + "sam_client_certificate": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_private_key": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "sam_private_key_password": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_ca_certificate": {"v_range": [["v7.4.2", ""]], "type": "string"}, "sam_username": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_password": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_test": { @@ -5049,6 +5246,7 @@ versioned_schema = { "type": "string", "options": [ {"value": "none"}, + {"value": "custom", "v_range": [["v7.4.2", ""]]}, {"value": "FANT-04ABGN-0606-O-N"}, {"value": "FANT-04ABGN-1414-P-N"}, {"value": "FANT-04ABGN-8065-P-N"}, @@ -5058,6 +5256,10 @@ versioned_schema = { {"value": "FANT-08ABGN-1213-D-R"}, ], }, + "optional_antenna_gain": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "auto_power_level": { "v_range": [["v6.0.0", ""]], "type": "string", @@ -5114,6 +5316,8 @@ versioned_schema = { {"value": "open"}, {"value": "wpa-personal"}, {"value": "wpa-enterprise"}, + {"value": "wpa3-sae", "v_range": [["v7.4.2", ""]]}, + {"value": "owe", "v_range": [["v7.4.2", ""]]}, ], }, "sam_captive_portal": { @@ -5133,6 +5337,21 @@ versioned_schema = { "v_range": [["v7.0.1", ""]], "type": "string", }, + "sam_eap_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "both"}, {"value": "tls"}, {"value": "peap"}], + }, + "sam_client_certificate": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_private_key": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "sam_private_key_password": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_ca_certificate": {"v_range": [["v7.4.2", ""]], "type": "string"}, "sam_username": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_password": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_test": { @@ -5411,6 +5630,7 @@ versioned_schema = { "type": "string", "options": [ {"value": "none"}, + {"value": "custom", "v_range": [["v7.4.2", ""]]}, {"value": "FANT-04ABGN-0606-O-N"}, {"value": "FANT-04ABGN-1414-P-N"}, {"value": "FANT-04ABGN-8065-P-N"}, @@ -5420,6 +5640,10 @@ versioned_schema = { {"value": "FANT-08ABGN-1213-D-R"}, ], }, + "optional_antenna_gain": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "auto_power_level": { "v_range": [["v6.2.0", ""]], "type": "string", @@ -5476,6 +5700,8 @@ versioned_schema = { {"value": "open"}, {"value": "wpa-personal"}, {"value": "wpa-enterprise"}, + {"value": "wpa3-sae", "v_range": [["v7.4.2", ""]]}, + {"value": "owe", "v_range": [["v7.4.2", ""]]}, ], }, "sam_captive_portal": { @@ -5495,6 +5721,21 @@ versioned_schema = { "v_range": [["v7.0.1", ""]], "type": "string", }, + "sam_eap_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "both"}, {"value": "tls"}, {"value": "peap"}], + }, + "sam_client_certificate": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_private_key": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "sam_private_key_password": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_ca_certificate": {"v_range": [["v7.4.2", ""]], "type": "string"}, "sam_username": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_password": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_test": { @@ -5770,6 +6011,7 @@ versioned_schema = { "type": "string", "options": [ {"value": "none"}, + {"value": "custom", "v_range": [["v7.4.2", ""]]}, {"value": "FANT-04ABGN-0606-O-N"}, {"value": "FANT-04ABGN-1414-P-N"}, {"value": "FANT-04ABGN-8065-P-N"}, @@ -5779,6 +6021,10 @@ versioned_schema = { {"value": "FANT-08ABGN-1213-D-R"}, ], }, + "optional_antenna_gain": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, "auto_power_level": { "v_range": [["v6.2.0", "v6.2.0"], ["v6.2.5", ""]], "type": "string", @@ -5865,6 +6111,8 @@ versioned_schema = { {"value": "open"}, {"value": "wpa-personal"}, {"value": "wpa-enterprise"}, + {"value": "wpa3-sae", "v_range": [["v7.4.2", ""]]}, + {"value": "owe", "v_range": [["v7.4.2", ""]]}, ], }, "sam_captive_portal": { @@ -5884,6 +6132,21 @@ versioned_schema = { "v_range": [["v7.0.1", ""]], "type": "string", }, + "sam_eap_method": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "both"}, {"value": "tls"}, {"value": "peap"}], + }, + "sam_client_certificate": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_private_key": {"v_range": [["v7.4.2", ""]], "type": "string"}, + "sam_private_key_password": { + "v_range": [["v7.4.2", ""]], + "type": "string", + }, + "sam_ca_certificate": {"v_range": [["v7.4.2", ""]], "type": "string"}, "sam_username": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_password": {"v_range": [["v7.0.0", ""]], "type": "string"}, "sam_test": { @@ -6267,6 +6530,11 @@ versioned_schema = { {"value": "EAP-PEAP"}, ], }, + "wan_port_auth_macsec": { + "v_range": [["v7.4.2", ""]], + "type": "string", + "options": [{"value": "enable"}, {"value": "disable"}], + }, "unii_4_5ghz_band": { "v_range": [["v7.4.0", ""]], "type": "string", diff --git a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_status.py b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_status.py index e7e3e0827..3f5b5929d 100644 --- a/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_status.py +++ b/ansible_collections/fortinet/fortios/plugins/modules/fortios_wireless_controller_wtp_status.py @@ -38,7 +38,7 @@ notes: - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks requirements: - - ansible>=2.14 + - ansible>=2.15 options: access_token: description: @@ -200,9 +200,9 @@ def underscore_to_hyphen(data): def valid_attr_to_invalid_attr(data): - specillist = {"<wtp_id>": "wtp_id"} + speciallist = {"<wtp_id>": "wtp_id"} - for k, v in specillist.items(): + for k, v in speciallist.items(): if v == data: return k @@ -211,8 +211,11 @@ def valid_attr_to_invalid_attr(data): def valid_attr_to_invalid_attrs(data): if isinstance(data, list): + new_data = [] for elem in data: elem = valid_attr_to_invalid_attrs(elem) + new_data.append(elem) + data = new_data elif isinstance(data, dict): new_data = {} for k, v in data.items(): @@ -225,10 +228,10 @@ def valid_attr_to_invalid_attrs(data): def wireless_controller_wtp_status(data, fos): vdom = data["vdom"] wireless_controller_wtp_status_data = data["wireless_controller_wtp_status"] - filtered_data = underscore_to_hyphen( - filter_wireless_controller_wtp_status_data(wireless_controller_wtp_status_data) + filtered_data = filter_wireless_controller_wtp_status_data( + wireless_controller_wtp_status_data ) - converted_data = valid_attr_to_invalid_attrs(filtered_data) + converted_data = underscore_to_hyphen(valid_attr_to_invalid_attrs(filtered_data)) return fos.set("wireless-controller", "wtp-status", data=converted_data, vdom=vdom) |