Note
This plugin is part of the community.fortios collection (version 1.0.0).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install community.fortios
.
To use it in a playbook, specify: community.fortios.fmgr_secprof_dns
.
Parameter | Choices/Defaults | Comments |
---|---|---|
adom string | Default: "root" | The ADOM the configuration should belong to. |
block_action string |
| Action to take for blocked domains. choice | block | Return NXDOMAIN for blocked domains. choice | redirect | Redirect blocked domains to SDNS portal. |
block_botnet string |
| Enable/disable blocking botnet C&C; DNS lookups. choice | disable | Disable blocking botnet C&C; DNS lookups. choice | enable | Enable blocking botnet C&C; DNS lookups. |
comment string | Comment for the security profile to show in the FortiManager GUI. | |
domain_filter_domain_filter_table string | DNS domain filter table ID. | |
external_ip_blocklist string | One or more external IP block lists. | |
ftgd_dns_filters_action string |
| Action to take for DNS requests matching the category. choice | monitor | Allow DNS requests matching the category and log the result. choice | block | Block DNS requests matching the category. |
ftgd_dns_filters_category string | Category number. | |
ftgd_dns_filters_log string |
| Enable/disable DNS filter logging for this DNS profile. choice | disable | Disable DNS filter logging. choice | enable | Enable DNS filter logging. |
ftgd_dns_options string |
| FortiGuard DNS filter options. FLAG Based Options. Specify multiple in list form. flag | error-allow | Allow all domains when FortiGuard DNS servers fail. flag | ftgd-disable | Disable FortiGuard DNS domain rating. |
log_all_domain string |
| Enable/disable logging of all domains visited (detailed DNS logging). choice | disable | Disable logging of all domains visited. choice | enable | Enable logging of all domains visited. |
mode string |
| Sets one of three modes for managing the object. Allows use of soft-adds instead of overwriting existing values. |
name string | Profile name. | |
redirect_portal string | IP address of the SDNS redirect portal. | |
safe_search string |
| Enable/disable Google, Bing, and YouTube safe search. choice | disable | Disable Google, Bing, and YouTube safe search. choice | enable | Enable Google, Bing, and YouTube safe search. |
sdns_domain_log string |
| Enable/disable domain filtering and botnet domain logging. choice | disable | Disable domain filtering and botnet domain logging. choice | enable | Enable domain filtering and botnet domain logging. |
sdns_ftgd_err_log string |
| Enable/disable FortiGuard SDNS rating error logging. choice | disable | Disable FortiGuard SDNS rating error logging. choice | enable | Enable FortiGuard SDNS rating error logging. |
youtube_restrict string |
| Set safe search for YouTube restriction level. choice | strict | Enable strict safe seach for YouTube. choice | moderate | Enable moderate safe search for YouTube. |
Note
- name: DELETE Profile community.fortios.fmgr_secprof_dns: name: "Ansible_DNS_Profile" comment: "Created by Ansible Module TEST" mode: "delete" - name: CREATE Profile community.fortios.fmgr_secprof_dns: name: "Ansible_DNS_Profile" comment: "Created by Ansible Module TEST" mode: "set" block_action: "block"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
api_result string | always | full API response, includes status code and message |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/community/fortios/fmgr_secprof_dns_module.html