:source: fmgd_system_settings.py :orphan: .. _fmgd_system_settings: fmgd_system_settings -- Configure VDOM settings. ++++++++++++++++++++++++++++++++++++++++++++++++ .. versionadded:: 1.0.0 .. contents:: :local: :depth: 1 Synopsis -------- - This module is able to configure a FortiManager device. - Examples include all parameters and values need to be adjusted to data sources before usage. - Tested with FortiManager v7.x. Requirements ------------ The below requirements are needed on the host that executes this module. - ansible-core>=2.16.0 FortiManager Version Compatibility ---------------------------------- .. raw:: html

Supported Version Ranges: v7.2.6 -> v7.2.12, v7.4.3 -> latest

Parameters ---------- .. raw:: html Notes ----- .. note:: - Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work. - To create or update an object, use state: present directive. - To delete an object, use state: absent directive - Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded Examples -------- .. code-block:: yaml+jinja - name: Example playbook (generated based on argument schema) hosts: fortimanagers connection: httpapi gather_facts: false vars: ansible_httpapi_use_ssl: true ansible_httpapi_validate_certs: false ansible_httpapi_port: 443 tasks: - name: Configure VDOM settings. fortinet.fmgdevice.fmgd_system_settings: # bypass_validation: false # workspace_locking_adom: # workspace_locking_timeout: 300 # rc_succeeded: [0, -2, -3, ...] # rc_failed: [-2, -3, ...] device: vdom: system_settings: # allow_linkdown_path: # allow_subnet_overlap: # application_bandwidth_tracking: # asymroute: # asymroute_icmp: # asymroute6: # asymroute6_icmp: # auxiliary_session: # bfd: # bfd_desired_min_tx: # bfd_detect_mult: # bfd_dont_enforce_src_port: # bfd_required_min_rx: # block_land_attack: # central_nat: # comments: # default_app_port_as_service: # default_policy_expiry_days: # default_voip_alg_mode: # deny_tcp_with_icmp: # detect_unknown_esp: # device: # dhcp_proxy: # dhcp_proxy_interface: # dhcp_proxy_interface_select_method: # dhcp_server_ip: # dhcp6_server_ip: # discovered_device_timeout: # dp_load_distribution_method: # dyn_addr_session_check: # ecmp_max_paths: # email_portal_check_dns: # ext_resource_session_check: # firewall_session_dirty: # fqdn_session_check: # fw_session_hairpin: # gateway: # gateway6: # gtp_asym_fgsp: # gtp_monitor_mode: # gui_advanced_policy: # gui_advanced_wireless_features: # gui_allow_unnamed_policy: # gui_antivirus: # gui_ap_profile: # gui_application_control: # gui_casb: # gui_default_policy_columns: # gui_dhcp_advanced: # gui_dlp_profile: # gui_dns_database: # gui_dnsfilter: # gui_dos_policy: # gui_dynamic_device_os_id: # gui_dynamic_routing: # gui_email_collection: # gui_enforce_change_summary: # gui_explicit_proxy: # gui_file_filter: # gui_fortiap_split_tunneling: # gui_fortiextender_controller: # gui_icap: # gui_implicit_policy: # gui_ips: # gui_load_balance: # gui_local_in_policy: # gui_multicast_policy: # gui_multiple_interface_policy: # gui_object_colors: # gui_ot: # gui_policy_based_ipsec: # gui_policy_disclaimer: # gui_proxy_inspection: # gui_route_tag_address_creation: # gui_security_profile_group: # gui_spamfilter: # gui_sslvpn: # gui_sslvpn_personal_bookmarks: # gui_sslvpn_realms: # gui_switch_controller: # gui_threat_weight: # gui_traffic_shaping: # gui_videofilter: # gui_virtual_patch_profile: # gui_voip_profile: # gui_vpn: # gui_waf_profile: # gui_wan_load_balancing: # gui_wanopt_cache: # gui_webfilter: # gui_webfilter_advanced: # gui_wireless_controller: # gui_ztna: # h323_direct_model: # http_external_dest: # hyperscale_default_policy_action: # ike_dn_format: # ike_policy_route: # ike_port: # ike_quick_crash_detect: # ike_session_resume: # ike_tcp_port: # internet_service_app_ctrl_size: # internet_service_database_cache: # ip: # ip6: # lan_extension_controller_addr: # link_down_access: # lldp_reception: # lldp_transmission: # location_id: # mac_ttl: # manageip: # manageip6: # multicast_forward: # multicast_skip_policy: # multicast_ttl_notchange: # nat46_force_ipv4_packet_forwarding: # nat46_generate_ipv6_fragment_header: # nat64_force_ipv6_packet_forwarding: # ngfw_mode: # npu_group_id: # opmode: # pfcp_monitor_mode: # policy_offload_level: # prp_trailer_action: # sccp_port: # sctp_session_without_init: # ses_denied_traffic: # session_insert_trial: # sip_expectation: # sip_nat_trace: # sip_ssl_port: # sip_tcp_port: # sip_udp_port: # snat_hairpin_traffic: # status: # strict_src_check: # tcp_session_without_syn: # trap_local_session: # trap_session_flag: # utf8_spam_tagging: # v4_ecmp_mode: # vdom_type: # vpn_stats_log: # - "ipsec" # - "pptp" # - "l2tp" # - "ssl" # vpn_stats_period: # wccp_cache_engine: # gui_endpoint_control_advanced: # gui_endpoint_control: # gui_local_reports: # gui_nat46_64: # gui_dynamic_profile_display: # gui_replacement_message_groups: # gui_domain_ip_reputation: # gui_multiple_utm_profiles: # implicit_allow_dns: # gui_per_policy_disclaimer: # consolidated_firewall_mode: # motherboard_traffic_forwarding: # - "icmp" # - "admin" # - "auth" # gui_gtp: # nonat_eif_key_sel: # ses_denied_multicast_traffic: # dhcp_proxy_vrf_select: # dp_load_distribution_group: # gui_dlp_advanced: # gui_sslvpn_clients: # intree_ses_best_route: # gui_fortitelemetry: # ike_detailed_event_logs: # forward_domain: # wccp_local_route: # gui_dlp: # lan_extension_controller_port: Return Values ------------- Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module: .. raw:: html
  • meta - The result of the request.returned: always type: dict
    • request_url - The full url requested. returned: always type: str sample: /sys/login/user
    • response_code - The status of api request. returned: always type: int sample: 0
    • response_data - The data body of the api response. returned: optional type: list or dict
    • response_message - The descriptive message of the api response. returned: always type: str sample: OK
    • system_information - The information of the target system. returned: always type: dict
  • rc - The status the request. returned: always type: int sample: 0
  • version_check_warning - Warning if the parameters used in the playbook are not supported by the current FortiManager version. returned: if at least one parameter not supported by the current FortiManager version type: list
Status ------ - This module is not guaranteed to have a backwards compatible interface. Authors ------- - Xinwei Du (@dux-fortinet) - Xing Li (@lix-fortinet) - Jie Xue (@JieX19) - Link Zheng (@chillancezen) - Frank Shen (@fshen01) - Hongbin Lu (@fgtdev-hblu)