Note
This plugin is part of the fortinet.fortios collection (version 2.1.2).
You might already have this collection installed if you are using the ansible
package. It is not included in ansible-core
. To check whether it is installed, run ansible-galaxy collection list
.
To install it, use: ansible-galaxy collection install fortinet.fortios
.
To use it in a playbook, specify: fortinet.fortios.fortios_firewall_mms_profile
.
New in version 2.10: of fortinet.fortios
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
access_token string | Token-based authentication. Generated from GUI of Fortigate. | |||
enable_log boolean |
| Enable/Disable logging for task. | ||
firewall_mms_profile dictionary | Configure MMS profiles. | |||
avnotificationtable integer | AntiVirus notification table ID. Source antivirus.notification.id. | |||
bwordtable integer | MMS banned word table ID. Source webfilter.content.id. | |||
carrier_endpoint_prefix string |
| Enable/disable prefixing of end point values. | ||
carrier_endpoint_prefix_range_max integer | Maximum length of end point value that can be prefixed (1 - 48). | |||
carrier_endpoint_prefix_range_min integer | Minimum end point length to be prefixed (1 - 48). | |||
carrier_endpoint_prefix_string string | String with which to prefix End point values. | |||
carrierendpointbwltable integer | Carrier end point filter table ID. Source firewall.carrier-endpoint-bwl.id. | |||
comment string | Comment. | |||
dupe list / elements=string | Duplicate configuration. | |||
action1 list / elements=string |
| Action to take when threshold reached. | ||
action2 list / elements=string |
| Action to take when threshold reached. | ||
action3 list / elements=string |
| Action to take when threshold reached. | ||
block_time1 integer | Duration for which action takes effect (0 - 35791 min). | |||
block_time2 integer | Duration for which action takes effect (0 - 35791 min). | |||
block_time3 integer | Duration action takes effect (0 - 35791 min). | |||
limit1 integer | Maximum number of messages allowed. | |||
limit2 integer | Maximum number of messages allowed. | |||
limit3 integer | Maximum number of messages allowed. | |||
protocol string / required | Protocol. | |||
status1 string |
| Enable/disable status1 detection. | ||
status2 string |
| Enable/disable status2 detection. | ||
status3 string |
| Enable/disable status3 detection. | ||
window1 integer | Window to count messages over (1 - 2880 min). | |||
window2 integer | Window to count messages over (1 - 2880 min). | |||
window3 integer | Window to count messages over (1 - 2880 min). | |||
extended_utm_log string | Enable/disable detailed UTM log messages. | |||
flood list / elements=string | Flood configuration. | |||
action1 list / elements=string |
| Action to take when threshold reached. | ||
action2 list / elements=string |
| Action to take when threshold reached. | ||
action3 list / elements=string |
| Action to take when threshold reached. | ||
block_time1 integer | Duration for which action takes effect (0 - 35791 min). | |||
block_time2 integer | Duration for which action takes effect (0 - 35791 min). | |||
block_time3 integer | Duration action takes effect (0 - 35791 min). | |||
limit1 integer | Maximum number of messages allowed. | |||
limit2 integer | Maximum number of messages allowed. | |||
limit3 integer | Maximum number of messages allowed. | |||
protocol string / required | Protocol. | |||
status1 string |
| Enable/disable status1 detection. | ||
status2 string |
| Enable/disable status2 detection. | ||
status3 string |
| Enable/disable status3 detection. | ||
window1 integer | Window to count messages over (1 - 2880 min). | |||
window2 integer | Window to count messages over (1 - 2880 min). | |||
window3 integer | Window to count messages over (1 - 2880 min). | |||
mm1 list / elements=string |
| MM1 options. | ||
mm1_addr_hdr string | HTTP header field (for MM1) containing user address. | |||
mm1_addr_source string |
| Source for MM1 user address. | ||
mm1_convert_hex string |
| Enable/disable converting user address from HEX string for MM1. | ||
mm1_outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
mm1_retr_dupe string |
| Enable/disable duplicate scanning of MM1 retr. | ||
mm1_retrieve_scan string |
| Enable/disable scanning on MM1 retrieve configuration messages. | ||
mm1comfortamount integer | MM1 comfort amount (0 - 4294967295). | |||
mm1comfortinterval integer | MM1 comfort interval (0 - 4294967295). | |||
mm1oversizelimit integer | Maximum file size to scan (1 - 819200 kB). | |||
mm3 list / elements=string |
| MM3 options. | ||
mm3_outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
mm3oversizelimit integer | Maximum file size to scan (1 - 819200 kB). | |||
mm4 list / elements=string |
| MM4 options. | ||
mm4_outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
mm4oversizelimit integer | Maximum file size to scan (1 - 819200 kB). | |||
mm7 list / elements=string |
| MM7 options. | ||
mm7_addr_hdr string | HTTP header field (for MM7) containing user address. | |||
mm7_addr_source string |
| Source for MM7 user address. | ||
mm7_convert_hex string |
| Enable/disable conversion of user address from HEX string for MM7. | ||
mm7_outbreak_prevention string |
| Enable FortiGuard Virus Outbreak Prevention service. | ||
mm7comfortamount integer | MM7 comfort amount (0 - 4294967295). | |||
mm7comfortinterval integer | MM7 comfort interval (0 - 4294967295). | |||
mm7oversizelimit integer | Maximum file size to scan (1 - 819200 kB). | |||
mms_antispam_mass_log string |
| Enable/disable logging for MMS antispam mass. | ||
mms_av_block_log string |
| Enable/disable logging for MMS antivirus file blocking. | ||
mms_av_oversize_log string |
| Enable/disable logging for MMS antivirus oversize file blocking. | ||
mms_av_virus_log string |
| Enable/disable logging for MMS antivirus scanning. | ||
mms_carrier_endpoint_filter_log string |
| Enable/disable logging for MMS end point filter blocking. | ||
mms_checksum_log string |
| Enable/disable MMS content checksum logging. | ||
mms_checksum_table integer | MMS content checksum table ID. Source antivirus.mms-checksum.id. | |||
mms_notification_log string |
| Enable/disable logging for MMS notification messages. | ||
mms_web_content_log string |
| Enable/disable logging for MMS web content blocking. | ||
mmsbwordthreshold integer | MMS banned word threshold. | |||
name string / required | Profile name. | |||
notif_msisdn list / elements=string | Notification for MSISDNs. | |||
msisdn string / required | Recipient MSISDN. | |||
threshold string |
| Thresholds on which this MSISDN will receive an alert. | ||
notification list / elements=string | Notification configuration. | |||
alert_int integer | Alert notification send interval. | |||
alert_int_mode string |
| Alert notification interval mode. | ||
alert_src_msisdn string | Specify from address for alert messages. | |||
alert_status string |
| Alert notification status. | ||
bword_int integer | Banned word notification send interval. | |||
bword_int_mode string |
| Banned word notification interval mode. | ||
bword_status string |
| Banned word notification status. | ||
carrier_endpoint_bwl_int integer | Carrier end point black/white list notification send interval. | |||
carrier_endpoint_bwl_int_mode string |
| Carrier end point black/white list notification interval mode. | ||
carrier_endpoint_bwl_status string |
| Carrier end point black/white list notification status. | ||
days_allowed list / elements=string |
| Weekdays on which notification messages may be sent. | ||
detect_server string |
| Enable/disable automatic server address determination. | ||
dupe_int integer | Duplicate notification send interval. | |||
dupe_int_mode string |
| Duplicate notification interval mode. | ||
dupe_status string |
| Duplicate notification status. | ||
file_block_int integer | File block notification send interval. | |||
file_block_int_mode string |
| File block notification interval mode. | ||
file_block_status string |
| File block notification status. | ||
flood_int integer | Flood notification send interval. | |||
flood_int_mode string |
| Flood notification interval mode. | ||
flood_status string |
| Flood notification status. | ||
from_in_header string |
| Enable/disable insertion of from address in HTTP header. | ||
mms_checksum_int integer | MMS checksum notification send interval. | |||
mms_checksum_int_mode string |
| MMS checksum notification interval mode. | ||
mms_checksum_status string |
| MMS checksum notification status. | ||
mmsc_hostname string | Host name or IP address of the MMSC. | |||
mmsc_password string | Password required for authentication with the MMSC. | |||
mmsc_port integer | Port used on the MMSC for sending MMS messages (1 - 65535). | |||
mmsc_url string | URL used on the MMSC for sending MMS messages. | |||
mmsc_username string | User name required for authentication with the MMSC. | |||
msg_protocol string |
| Protocol to use for sending notification messages. | ||
msg_type string |
| MM7 message type. | ||
protocol string / required | Protocol. | |||
rate_limit integer | Rate limit for sending notification messages (0 - 250). | |||
tod_window_duration string | Time of day window duration. | |||
tod_window_end string | Obsolete. | |||
tod_window_start string | Time of day window start. | |||
user_domain string | Domain name to which the user addresses belong. | |||
vas_id string | VAS identifier. | |||
vasp_id string | VASP identifier. | |||
virus_int integer | Virus notification send interval. | |||
virus_int_mode string |
| Virus notification interval mode. | ||
virus_status string |
| Virus notification status. | ||
outbreak_prevention dictionary | Configure Virus Outbreak Prevention settings. | |||
external_blocklist string |
| Enable/disable external malware blocklist. | ||
ftgd_service string |
| Enable/disable FortiGuard Virus outbreak prevention service. | ||
remove_blocked_const_length string |
| Enable/disable MMS replacement of blocked file constant length. | ||
replacemsg_group string | Replacement message group. Source system.replacemsg-group.name. | |||
state string / required |
| Indicates whether to create or remove the object. | ||
vdom string | Default: "root" | Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. |
Note
- hosts: fortigates collections: - fortinet.fortios connection: httpapi vars: vdom: "root" ansible_httpapi_use_ssl: yes ansible_httpapi_validate_certs: no ansible_httpapi_port: 443 tasks: - name: Configure MMS profiles. fortios_firewall_mms_profile: vdom: "{{ vdom }}" state: "present" access_token: "<your_own_value>" firewall_mms_profile: avnotificationtable: "3 (source antivirus.notification.id)" bwordtable: "4 (source webfilter.content.id)" carrier_endpoint_prefix: "enable" carrier_endpoint_prefix_range_max: "6" carrier_endpoint_prefix_range_min: "7" carrier_endpoint_prefix_string: "<your_own_value>" carrierendpointbwltable: "9 (source firewall.carrier-endpoint-bwl.id)" comment: "Comment." dupe: - action1: "block" action2: "block" action3: "block" block_time1: "15" block_time2: "16" block_time3: "17" limit1: "18" limit2: "19" limit3: "20" protocol: "<your_own_value>" status1: "enable" status2: "enable" status3: "enable" window1: "25" window2: "26" window3: "27" extended_utm_log: "<your_own_value>" flood: - action1: "block" action2: "block" action3: "block" block_time1: "33" block_time2: "34" block_time3: "35" limit1: "36" limit2: "37" limit3: "38" protocol: "<your_own_value>" status1: "enable" status2: "enable" status3: "enable" window1: "43" window2: "44" window3: "45" mm1: "avmonitor" mm1_addr_hdr: "<your_own_value>" mm1_addr_source: "http-header" mm1_convert_hex: "enable" mm1_outbreak_prevention: "disabled" mm1_retr_dupe: "enable" mm1_retrieve_scan: "enable" mm1comfortamount: "53" mm1comfortinterval: "54" mm1oversizelimit: "55" mm3: "avmonitor" mm3_outbreak_prevention: "disabled" mm3oversizelimit: "58" mm4: "avmonitor" mm4_outbreak_prevention: "disabled" mm4oversizelimit: "61" mm7: "avmonitor" mm7_addr_hdr: "<your_own_value>" mm7_addr_source: "http-header" mm7_convert_hex: "enable" mm7_outbreak_prevention: "disabled" mm7comfortamount: "67" mm7comfortinterval: "68" mm7oversizelimit: "69" mms_antispam_mass_log: "enable" mms_av_block_log: "enable" mms_av_oversize_log: "enable" mms_av_virus_log: "enable" mms_carrier_endpoint_filter_log: "enable" mms_checksum_log: "enable" mms_checksum_table: "76 (source antivirus.mms-checksum.id)" mms_notification_log: "enable" mms_web_content_log: "enable" mmsbwordthreshold: "79" name: "default_name_80" notif_msisdn: - msisdn: "<your_own_value>" threshold: "flood-thresh-1" notification: - alert_int: "85" alert_int_mode: "hours" alert_src_msisdn: "<your_own_value>" alert_status: "enable" bword_int: "89" bword_int_mode: "hours" bword_status: "enable" carrier_endpoint_bwl_int: "92" carrier_endpoint_bwl_int_mode: "hours" carrier_endpoint_bwl_status: "enable" days_allowed: "sunday" detect_server: "enable" dupe_int: "97" dupe_int_mode: "hours" dupe_status: "enable" file_block_int: "100" file_block_int_mode: "hours" file_block_status: "enable" flood_int: "103" flood_int_mode: "hours" flood_status: "enable" from_in_header: "enable" mms_checksum_int: "107" mms_checksum_int_mode: "hours" mms_checksum_status: "enable" mmsc_hostname: "myhostname" mmsc_password: "<your_own_value>" mmsc_port: "112" mmsc_url: "<your_own_value>" mmsc_username: "<your_own_value>" msg_protocol: "mm1" msg_type: "submit-req" protocol: "<your_own_value>" rate_limit: "118" tod_window_duration: "<your_own_value>" tod_window_end: "<your_own_value>" tod_window_start: "<your_own_value>" user_domain: "<your_own_value>" vas_id: "<your_own_value>" vasp_id: "<your_own_value>" virus_int: "125" virus_int_mode: "hours" virus_status: "enable" outbreak_prevention: external_blocklist: "disable" ftgd_service: "disable" remove_blocked_const_length: "enable" replacemsg_group: "<your_own_value> (source system.replacemsg-group.name)"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build string | always | Build number of the fortigate image Sample: 1547 |
http_method string | always | Last method used to provision the content into FortiGate Sample: PUT |
http_status string | always | Last result given by FortiGate on last operation applied Sample: 200 |
mkey string | success | Master key (id) used in the last call to FortiGate Sample: id |
name string | always | Name of the table used to fulfill the request Sample: urlfilter |
path string | always | Path of the table used to fulfill the request Sample: webfilter |
revision string | always | Internal revision number Sample: 17.0.2.10658 |
serial string | always | Serial number of the unit Sample: FGVMEVYYQT3AB5352 |
status string | always | Indication of the operation's result Sample: success |
vdom string | always | Virtual domain used Sample: root |
version string | always | Version of the FortiGate Sample: v5.6.3 |
© 2012–2018 Michael DeHaan
© 2018–2021 Red Hat, Inc.
Licensed under the GNU General Public License version 3.
https://docs.ansible.com/ansible/latest/collections/fortinet/fortios/fortios_firewall_mms_profile_module.html