From 2efacfcdad13fee78f035cd9f3fd2a39260da16e Mon Sep 17 00:00:00 2001 From: ftntcorecse <43451990+ftntcorecse@users.noreply.github.com> Date: Wed, 27 Feb 2019 01:45:06 -0500 Subject: [PATCH] FortiManager Plugin Module Conversion: fmgr_fwpol_ipv4 (#52785) * Auto Commit for: fmgr_fwpol_ipv4 * Auto Commit for: fmgr_fwpol_ipv4 --- .../network/fortimanager/fmgr_fwpol_ipv4.py | 299 +--- .../fixtures/test_fmgr_fwpol_ipv4.json | 1469 +++++++---------- .../fortimanager/test_fmgr_fwpol_ipv4.py | 306 +--- 3 files changed, 703 insertions(+), 1371 deletions(-) diff --git a/lib/ansible/modules/network/fortimanager/fmgr_fwpol_ipv4.py b/lib/ansible/modules/network/fortimanager/fmgr_fwpol_ipv4.py index 34452bf0a36..75210779004 100644 --- a/lib/ansible/modules/network/fortimanager/fmgr_fwpol_ipv4.py +++ b/lib/ansible/modules/network/fortimanager/fmgr_fwpol_ipv4.py @@ -28,6 +28,8 @@ DOCUMENTATION = ''' --- module: fmgr_fwpol_ipv4 version_added: "2.8" +notes: + - Full Documentation at U(https://ftnt-ansible-docs.readthedocs.io/en/latest/). author: - Luke Weighall (@lweighall) - Andrew Welsh (@Ghilli3) @@ -43,21 +45,6 @@ options: required: false default: root - host: - description: - - The FortiManager's address. - required: true - - username: - description: - - The username associated with the account. - required: true - - password: - description: - - The password associated with the username account. - required: true - mode: description: - Sets one of three modes for managing the object. @@ -913,9 +900,6 @@ options: EXAMPLES = ''' - name: ADD VERY BASIC IPV4 POLICY WITH NO NAT (WIDE OPEN) fmgr_fwpol_ipv4: - host: "{{ inventory_hostname }}" - username: "{{ username }}" - password: "{{ password }}" mode: "set" adom: "ansible" package_name: "default" @@ -932,9 +916,6 @@ EXAMPLES = ''' - name: ADD VERY BASIC IPV4 POLICY WITH NAT AND MULTIPLE ENTRIES fmgr_fwpol_ipv4: - host: "{{ inventory_hostname }}" - username: "{{ username }}" - password: "{{ password }}" mode: "set" adom: "ansible" package_name: "default" @@ -953,9 +934,6 @@ EXAMPLES = ''' - name: ADD VERY BASIC IPV4 POLICY WITH NAT AND MULTIPLE ENTRIES AND SEC PROFILES fmgr_fwpol_ipv4: - host: "{{ inventory_hostname }}" - username: "{{ username }}" - password: "{{ password }}" mode: "set" adom: "ansible" package_name: "default" @@ -983,45 +961,47 @@ api_result: type: str """ -from ansible.module_utils.basic import AnsibleModule, env_fallback -from ansible.module_utils.network.fortimanager.fortimanager import AnsibleFortiManager - -# check for pyFMG lib -try: - from pyFMG.fortimgr import FortiManager - - HAS_PYFMGR = True -except ImportError: - HAS_PYFMGR = False +from ansible.module_utils.basic import AnsibleModule +from ansible.module_utils.connection import Connection +from ansible.module_utils.network.fortimanager.fortimanager import FortiManagerHandler +from ansible.module_utils.network.fortimanager.common import FMGBaseException +from ansible.module_utils.network.fortimanager.common import FMGRCommon +from ansible.module_utils.network.fortimanager.common import FMGRMethods +from ansible.module_utils.network.fortimanager.common import DEFAULT_RESULT_OBJ +from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG +from ansible.module_utils.network.fortimanager.common import prepare_dict +from ansible.module_utils.network.fortimanager.common import scrub_dict -############### -# START METHODS -############### - -def fmgr_firewall_policy_addsetdelete(fmg, paramgram): +def fmgr_firewall_policy_modify(fmgr, paramgram): """ fmgr_firewall_policy -- Add/Set/Deletes Firewall Policy Objects defined in the "paramgram" + + :param fmgr: The fmgr object instance from fmgr_utils.py + :type fmgr: class object + :param paramgram: The formatted dictionary of options to process + :type paramgram: dict + + :return: The response from the FortiManager + :rtype: dict """ mode = paramgram["mode"] adom = paramgram["adom"] # INIT A BASIC OBJECTS - response = (-100000, {"msg": "Illegal or malformed paramgram discovered. System Exception"}) + response = DEFAULT_RESULT_OBJ url = "" datagram = {} # EVAL THE MODE PARAMETER FOR SET OR ADD if mode in ['set', 'add', 'update']: url = '/pm/config/adom/{adom}/pkg/{pkg}/firewall/policy'.format(adom=adom, pkg=paramgram["package_name"]) - datagram = fmgr_del_none(fmgr_prepare_dict(paramgram)) + datagram = scrub_dict((prepare_dict(paramgram))) del datagram["package_name"] - datagram = fmgr_split_comma_strings_into_lists(datagram) + datagram = fmgr._tools.split_comma_strings_into_lists(datagram) # EVAL THE MODE PARAMETER FOR DELETE elif mode == "delete": - - # WE NEED TO GET THE POLICY ID FROM THE NAME OF THE POLICY url = '/pm/config/adom/{adom}/pkg/{pkg}/firewall' \ '/policy/{policyid}'.format(adom=paramgram["adom"], pkg=paramgram["package_name"], @@ -1030,127 +1010,10 @@ def fmgr_firewall_policy_addsetdelete(fmg, paramgram): "policyid": paramgram["policyid"] } - # IF MODE = SET -- USE THE 'SET' API CALL MODE - if mode == "set": - response = fmg.set(url, datagram) - # IF MODE = UPDATE -- USER THE 'UPDATE' API CALL MODE - elif mode == "update": - response = fmg.update(url, datagram) - # IF MODE = ADD -- USE THE 'ADD' API CALL MODE - elif mode == "add": - response = fmg.add(url, datagram) - # IF MODE = DELETE -- USE THE DELETE URL AND API CALL MODE - elif mode == "delete": - response = fmg.delete(url, datagram) - + response = fmgr.process_request(url, datagram, paramgram["mode"]) return response -# ADDITIONAL COMMON FUNCTIONS -# FUNCTION/METHOD FOR LOGGING OUT AND ANALYZING ERROR CODES -def fmgr_logout(fmg, module, msg="NULL", results=(), good_codes=(0,), logout_on_fail=True, logout_on_success=False): - """ - THIS METHOD CONTROLS THE LOGOUT AND ERROR REPORTING AFTER AN METHOD OR FUNCTION RUNS - """ - - # VALIDATION ERROR (NO RESULTS, JUST AN EXIT) - if msg != "NULL" and len(results) == 0: - try: - fmg.logout() - except Exception: - pass - module.fail_json(msg=msg) - - # SUBMISSION ERROR - if len(results) > 0: - if msg == "NULL": - try: - msg = results[1]['status']['message'] - except Exception: - msg = "No status message returned from pyFMG. Possible that this was a GET with a tuple result." - - if results[0] not in good_codes: - if logout_on_fail: - fmg.logout() - module.fail_json(msg=msg, **results[1]) - else: - if logout_on_success: - fmg.logout() - module.exit_json(msg="API Called worked, but logout handler has been asked to logout on success", - **results[1]) - - return msg - - -# FUNCTION/METHOD FOR CONVERTING CIDR TO A NETMASK -# DID NOT USE IP ADDRESS MODULE TO KEEP INCLUDES TO A MINIMUM -def fmgr_cidr_to_netmask(cidr): - cidr = int(cidr) - mask = (0xffffffff >> (32 - cidr)) << (32 - cidr) - return (str((0xff000000 & mask) >> 24) + '.' + - str((0x00ff0000 & mask) >> 16) + '.' + - str((0x0000ff00 & mask) >> 8) + '.' + - str((0x000000ff & mask))) - - -# utility function: removing keys wih value of None, nothing in playbook for that key -def fmgr_del_none(obj): - if isinstance(obj, dict): - return type(obj)((fmgr_del_none(k), fmgr_del_none(v)) - for k, v in obj.items() if k is not None and (v is not None and not fmgr_is_empty_dict(v))) - else: - return obj - - -# utility function: remove keys that are need for the logic but the FMG API won't accept them -def fmgr_prepare_dict(obj): - list_of_elems = ["mode", "adom", "host", "username", "password"] - if isinstance(obj, dict): - obj = dict((key, fmgr_prepare_dict(value)) for (key, value) in obj.items() if key not in list_of_elems) - return obj - - -def fmgr_is_empty_dict(obj): - return_val = False - if isinstance(obj, dict): - if len(obj) > 0: - for k, v in obj.items(): - if isinstance(v, dict): - if len(v) == 0: - return_val = True - elif len(v) > 0: - for k1, v1 in v.items(): - if v1 is None: - return_val = True - elif v1 is not None: - return_val = False - return return_val - elif v is None: - return_val = True - elif v is not None: - return_val = False - return return_val - elif len(obj) == 0: - return_val = True - - return return_val - - -def fmgr_split_comma_strings_into_lists(obj): - if isinstance(obj, dict): - if len(obj) > 0: - for k, v in obj.items(): - if isinstance(v, str): - new_list = list() - if "," in v: - new_items = v.split(",") - for item in new_items: - new_list.append(item.strip()) - obj[k] = new_list - - return obj - - ############# # END METHODS ############# @@ -1159,9 +1022,6 @@ def fmgr_split_comma_strings_into_lists(obj): def main(): argument_spec = dict( adom=dict(type="str", default="root"), - host=dict(required=True, type="str"), - password=dict(fallback=(env_fallback, ["ANSIBLE_NET_PASSWORD"]), no_log=True, required=True), - username=dict(fallback=(env_fallback, ["ANSIBLE_NET_USERNAME"]), no_log=True, required=True), mode=dict(choices=["add", "set", "delete", "update"], type="str", default="add"), package_name=dict(type="str", required=False, default="default"), @@ -1298,8 +1158,7 @@ def main(): ) - module = AnsibleModule(argument_spec, supports_check_mode=False) - + module = AnsibleModule(argument_spec=argument_spec, supports_check_mode=False, ) # MODULE PARAMGRAM paramgram = { "mode": module.params["mode"], @@ -1438,70 +1297,50 @@ def main(): "subnet": module.params["vpn_src_node_subnet"], } } - list_overrides = ['vpn_dst_node', 'vpn_src_node'] - for list_variable in list_overrides: - override_data = list() - try: - override_data = module.params[list_variable] - except Exception: - pass - try: - if override_data: - del paramgram[list_variable] - paramgram[list_variable] = override_data - except Exception: - pass - - # CHECK IF THE HOST/USERNAME/PW EXISTS, AND IF IT DOES, LOGIN. - host = module.params["host"] - password = module.params["password"] - username = module.params["username"] - if host is None or username is None or password is None: - module.fail_json(msg="Host and username and password are required") - - # CHECK IF LOGIN FAILED - fmg = AnsibleFortiManager(module, module.params["host"], module.params["username"], module.params["password"]) - - response = fmg.login() - if response[1]['status']['code'] != 0: - module.fail_json(msg="Connection to FortiManager Failed") - - if paramgram["mode"] == "delete": - # WE NEED TO GET THE POLICY ID FROM THE NAME OF THE POLICY TO DELETE IT - url = '/pm/config/adom/{adom}/pkg/{pkg}/firewall' \ - '/policy/'.format(adom=paramgram["adom"], - pkg=paramgram["package_name"]) - datagram = { - "filter": ["name", "==", paramgram["name"]] - } - response = fmg.get(url, datagram) - try: - if response[1][0]["policyid"]: - policy_id = response[1][0]["policyid"] - paramgram["policyid"] = policy_id - except Exception: - fmgr_logout(fmg, module, results=response, msg="Couldn't get Policy ID from name, delete failed") - - results = fmgr_firewall_policy_addsetdelete(fmg, paramgram) - if results[0] == -10131: - fmgr_logout(fmg, module, results=results, good_codes=[0, -9998, ], - msg=str(results[0]) + " - Object Dependency Failed. Do the objects named in parameters exist?!") - elif results[0] == -3: - fmgr_logout(fmg, module, results=results, good_codes=[0, -3], - msg="Couldn't Delete - Policy Doesn't Exist") - elif results[0] == 0: - fmgr_logout(fmg, module, results=results, good_codes=[0, -9998], - msg="Successfully Set FW Policy") - elif results[0] not in [0, -9998]: - fmgr_logout(fmg, module, results=results, good_codes=[0, -9998], - msg=str(results[0]) + "Could not set FW policy.") - - fmg.logout() - - if results is not None: - return module.exit_json(**results[1]) + module.paramgram = paramgram + fmgr = None + if module._socket_path: + connection = Connection(module._socket_path) + fmgr = FortiManagerHandler(connection, module) + fmgr.tools = FMGRCommon() else: - return module.exit_json(msg="No results were returned from the API call.") + module.fail_json(**FAIL_SOCKET_MSG) + + list_overrides = ['vpn_dst_node', 'vpn_src_node'] + paramgram = fmgr.tools.paramgram_child_list_override(list_overrides=list_overrides, + paramgram=paramgram, module=module) + + # BEGIN MODULE-SPECIFIC LOGIC -- THINGS NEED TO HAPPEN DEPENDING ON THE ENDPOINT AND OPERATION + results = DEFAULT_RESULT_OBJ + try: + if paramgram["mode"] == "delete": + # WE NEED TO GET THE POLICY ID FROM THE NAME OF THE POLICY TO DELETE IT + url = '/pm/config/adom/{adom}/pkg/{pkg}/firewall' \ + '/policy/'.format(adom=paramgram["adom"], + pkg=paramgram["package_name"]) + datagram = { + "filter": ["name", "==", paramgram["name"]] + } + response = fmgr.process_request(url, datagram, FMGRMethods.GET) + try: + if response[1][0]["policyid"]: + policy_id = response[1][0]["policyid"] + paramgram["policyid"] = policy_id + except BaseException: + fmgr.return_response(module=module, results=response, good_codes=[0, ], stop_on_success=True, + ansible_facts=fmgr.construct_ansible_facts(results, module.params, paramgram), + msg="Couldn't find policy ID number for policy name specified.") + except Exception as err: + raise FMGBaseException(err) + + try: + results = fmgr_firewall_policy_modify(fmgr, paramgram) + fmgr.govern_response(module=module, results=results, good_codes=[0, -9998], + ansible_facts=fmgr.construct_ansible_facts(results, module.params, paramgram)) + except Exception as err: + raise FMGBaseException(err) + + return module.exit_json(**results[1]) if __name__ == "__main__": diff --git a/test/units/modules/network/fortimanager/fixtures/test_fmgr_fwpol_ipv4.json b/test/units/modules/network/fortimanager/fixtures/test_fmgr_fwpol_ipv4.json index d86f49b76b0..3de787e6b3c 100644 --- a/test/units/modules/network/fortimanager/fixtures/test_fmgr_fwpol_ipv4.json +++ b/test/units/modules/network/fortimanager/fixtures/test_fmgr_fwpol_ipv4.json @@ -1,877 +1,620 @@ { - "fmgr_firewall_policy_addsetdelete": [ - { - "url": "/pm/config/adom/ansible/pkg/default/firewall/policy", - "paramgram_used": { - "wanopt-passive-opt": null, - "package_name": "default", - "wanopt-detection": null, - "scan-botnet-connections": null, - "profile-group": null, - "wanopt-peer": null, - "dscp-match": null, - "replacemsg-override-group": null, - "internet-service-negate": null, - "np-acceleration": null, - "learning-mode": null, - "session-ttl": null, - "ntlm-guest": null, - "ips-sensor": null, - "diffservcode-rev": null, - "match-vip": null, - "natip": null, - "dlp-sensor": null, - "traffic-shaper": null, - "groups": null, - "schedule-timeout": null, - "name": "Basic_IPv4_Policy", - "tcp-session-without-syn": null, - "ntlm": null, - "permit-stun-host": null, - "diffservcode-forward": null, - "internet-service-src-custom": null, - "mode": "set", - "disclaimer": null, - "rtp-nat": null, - "auth-cert": null, - "timeout-send-rst": null, - "auth-redirect-addr": null, - "ssl-mirror-intf": null, - "identity-based-route": null, - "natoutbound": null, - "wanopt-profile": null, - "per-ip-shaper": null, - "profile-protocol-options": null, - "diffserv-forward": null, - "poolname": null, - "comments": "Created by Ansible", - "label": null, - "global-label": null, - "firewall-session-dirty": null, - "wanopt": null, - "schedule": "always", - "internet-service-id": null, - "auth-path": null, - "vlan-cos-fwd": null, - "custom-log-fields": null, - "dstintf": "any", - "srcintf": "any", - "block-notification": null, - "internet-service-src-id": null, - "redirect-url": null, - "waf-profile": null, - "ntlm-enabled-browsers": null, - "dscp-negate": null, - "action": "accept", - "fsso-agent-for-ntlm": null, - "logtraffic": "utm", - "vlan-filter": null, - "policyid": null, - "logtraffic-start": null, - "webcache-https": null, - "webfilter-profile": null, - "internet-service-src": null, - "webcache": null, - "utm-status": null, - "vpn_src_node": { - "subnet": null, - "host": null, - "seq": null - }, - "ippool": null, - "service": "ALL", - "wccp": null, - "auto-asic-offload": null, - "dscp-value": null, - "url-category": null, - "capture-packet": null, - "adom": "ansible", - "inbound": null, - "internet-service": null, - "profile-type": null, - "ssl-mirror": null, - "srcaddr-negate": null, - "gtp-profile": null, - "mms-profile": null, - "send-deny-packet": null, - "devices": null, - "permit-any-host": null, - "av-profile": null, - "internet-service-src-negate": null, - "service-negate": null, - "rsso": null, - "app-group": null, - "tcp-mss-sender": null, - "natinbound": null, - "fixedport": null, - "ssl-ssh-profile": null, - "outbound": null, - "spamfilter-profile": null, - "application-list": null, - "application": null, - "dnsfilter-profile": null, - "nat": null, - "fsso": null, - "vlan-cos-rev": null, - "status": null, - "dsri": null, - "users": null, - "voip-profile": null, - "dstaddr-negate": null, - "traffic-shaper-reverse": null, - "internet-service-custom": null, - "diffserv-reverse": null, - "srcaddr": "all", - "ssh-filter-profile": null, - "delay-tcp-npu-session": null, - "icap-profile": null, - "captive-portal-exempt": null, - "vpn_dst_node": { - "subnet": null, - "host": null, - "seq": null - }, - "app-category": null, - "rtp-addr": null, - "wsso": null, - "tcp-mss-receiver": null, - "dstaddr": "all", - "radius-mac-auth-bypass": null, - "vpntunnel": null - }, - "raw_response": { - "policyid": 25 - }, - "post_method": "set" - }, - { - "url": "/pm/config/adom/ansible/pkg/default/firewall/policy", - "raw_response": { - "policyid": 26 - }, - "paramgram_used": { - "package_name": "default", - "wanopt-detection": null, - "scan-botnet-connections": null, - "profile-group": null, - "dlp-sensor": null, - "dscp-match": null, - "replacemsg-override-group": null, - "internet-service-negate": null, - "np-acceleration": null, - "learning-mode": null, - "session-ttl": null, - "ntlm-guest": null, - "ips-sensor": null, - "diffservcode-rev": null, - "match-vip": null, - "natip": null, - "wanopt-peer": null, - "traffic-shaper": null, - "groups": null, - "schedule-timeout": null, - "name": "Basic_IPv4_Policy_2", - "tcp-session-without-syn": null, - "rtp-nat": null, - "permit-stun-host": null, - "natoutbound": null, - "internet-service-src-custom": null, - "mode": "set", - "logtraffic": "utm", - "ntlm": null, - "auth-cert": null, - "timeout-send-rst": null, - "auth-redirect-addr": null, - "ssl-mirror-intf": null, - "identity-based-route": null, - "diffservcode-forward": null, - "wanopt-profile": null, - "per-ip-shaper": null, - "users": null, - "diffserv-forward": null, - "poolname": null, - "comments": "Created by Ansible", - "label": null, - "global-label": null, - "firewall-session-dirty": null, - "wanopt": null, - "schedule": "always", - "internet-service-id": null, - "auth-path": null, - "vlan-cos-fwd": null, - "custom-log-fields": null, - "dstintf": "any", - "srcintf": "any", - "block-notification": null, - "internet-service-src-id": null, - "redirect-url": null, - "waf-profile": null, - "ntlm-enabled-browsers": null, - "dscp-negate": null, - "action": "accept", - "fsso-agent-for-ntlm": null, - "disclaimer": null, - "vlan-filter": null, - "dstaddr-negate": null, - "logtraffic-start": null, - "webcache-https": null, - "webfilter-profile": null, - "internet-service-src": null, - "webcache": null, - "utm-status": null, - "vpn_src_node": { - "subnet": null, - "host": null, - "seq": null + "fmgr_firewall_policy_modify": [ + { + "url": "/pm/config/adom/ansible/pkg/default/firewall/policy", + "paramgram_used": { + "wanopt-passive-opt": null, + "package_name": "default", + "wanopt-detection": null, + "scan-botnet-connections": null, + "profile-group": null, + "wanopt-peer": null, + "dscp-match": null, + "replacemsg-override-group": null, + "internet-service-negate": null, + "np-acceleration": null, + "learning-mode": null, + "session-ttl": null, + "ntlm-guest": null, + "ips-sensor": null, + "diffservcode-rev": null, + "match-vip": null, + "natip": null, + "dlp-sensor": null, + "traffic-shaper": null, + "groups": null, + "schedule-timeout": null, + "name": "Basic_IPv4_Policy", + "tcp-session-without-syn": null, + "ntlm": null, + "permit-stun-host": null, + "diffservcode-forward": null, + "internet-service-src-custom": null, + "mode": "set", + "disclaimer": null, + "rtp-nat": null, + "auth-cert": null, + "timeout-send-rst": null, + "auth-redirect-addr": null, + "ssl-mirror-intf": null, + "identity-based-route": null, + "natoutbound": null, + "wanopt-profile": null, + "per-ip-shaper": null, + "profile-protocol-options": null, + "diffserv-forward": null, + "poolname": null, + "comments": "Created by Ansible", + "label": null, + "global-label": null, + "firewall-session-dirty": null, + "wanopt": null, + "schedule": "always", + "internet-service-id": null, + "auth-path": null, + "vlan-cos-fwd": null, + "custom-log-fields": null, + "dstintf": "any", + "srcintf": "any", + "block-notification": null, + "internet-service-src-id": null, + "redirect-url": null, + "waf-profile": null, + "ntlm-enabled-browsers": null, + "dscp-negate": null, + "action": "accept", + "fsso-agent-for-ntlm": null, + "logtraffic": "utm", + "vlan-filter": null, + "policyid": null, + "logtraffic-start": null, + "webcache-https": null, + "webfilter-profile": null, + "internet-service-src": null, + "webcache": null, + "utm-status": null, + "vpn_src_node": { + "subnet": null, + "host": null, + "seq": null + }, + "ippool": null, + "service": "ALL", + "wccp": null, + "auto-asic-offload": null, + "dscp-value": null, + "url-category": null, + "capture-packet": null, + "adom": "ansible", + "inbound": null, + "internet-service": null, + "profile-type": null, + "ssl-mirror": null, + "srcaddr-negate": null, + "gtp-profile": null, + "mms-profile": null, + "send-deny-packet": null, + "devices": null, + "permit-any-host": null, + "av-profile": null, + "internet-service-src-negate": null, + "service-negate": null, + "rsso": null, + "app-group": null, + "tcp-mss-sender": null, + "natinbound": null, + "fixedport": null, + "ssl-ssh-profile": null, + "outbound": null, + "spamfilter-profile": null, + "application-list": null, + "application": null, + "dnsfilter-profile": null, + "nat": null, + "fsso": null, + "vlan-cos-rev": null, + "status": null, + "dsri": null, + "users": null, + "voip-profile": null, + "dstaddr-negate": null, + "traffic-shaper-reverse": null, + "internet-service-custom": null, + "diffserv-reverse": null, + "srcaddr": "all", + "ssh-filter-profile": null, + "delay-tcp-npu-session": null, + "icap-profile": null, + "captive-portal-exempt": null, + "vpn_dst_node": { + "subnet": null, + "host": null, + "seq": null + }, + "app-category": null, + "rtp-addr": null, + "wsso": null, + "tcp-mss-receiver": null, + "dstaddr": "all", + "radius-mac-auth-bypass": null, + "vpntunnel": null }, - "ippool": null, - "service": "HTTP, HTTPS", - "wccp": null, - "auto-asic-offload": null, - "dscp-value": null, - "url-category": null, - "capture-packet": null, - "adom": "ansible", - "inbound": null, - "internet-service": null, - "profile-type": null, - "ssl-mirror": null, - "srcaddr-negate": null, - "gtp-profile": null, - "mms-profile": null, - "send-deny-packet": null, - "devices": null, - "permit-any-host": null, - "av-profile": null, - "internet-service-src-negate": null, - "service-negate": null, - "rsso": null, - "application-list": null, - "app-group": null, - "tcp-mss-sender": null, - "natinbound": null, - "fixedport": null, - "ssl-ssh-profile": null, - "outbound": null, - "spamfilter-profile": null, - "wanopt-passive-opt": null, - "application": null, - "dnsfilter-profile": null, - "nat": "enable", - "fsso": null, - "vlan-cos-rev": null, - "status": null, - "dsri": null, - "profile-protocol-options": null, - "voip-profile": null, - "policyid": null, - "traffic-shaper-reverse": null, - "internet-service-custom": null, - "diffserv-reverse": null, - "srcaddr": "all", - "dstaddr": "google-play", - "delay-tcp-npu-session": null, - "icap-profile": null, - "captive-portal-exempt": null, - "vpn_dst_node": { - "subnet": null, - "host": null, - "seq": null + "datagram_sent": { + "name": "Basic_IPv4_Policy", + "service": "ALL", + "schedule": "always", + "comments": "Created by Ansible", + "srcaddr": "all", + "dstintf": "any", + "srcintf": "any", + "action": "accept", + "dstaddr": "all", + "logtraffic": "utm" }, - "app-category": null, - "rtp-addr": null, - "wsso": null, - "tcp-mss-receiver": null, - "ssh-filter-profile": null, - "radius-mac-auth-bypass": null, - "vpntunnel": null - }, - "post_method": "set" - }, - { - "url": "/pm/config/adom/ansible/pkg/default/firewall/policy", - "paramgram_used": { - "wanopt-passive-opt": null, - "package_name": "default", - "wanopt-detection": null, - "scan-botnet-connections": null, - "profile-group": null, - "wanopt-peer": null, - "dscp-match": null, - "replacemsg-override-group": null, - "internet-service-negate": null, - "np-acceleration": null, - "learning-mode": null, - "session-ttl": null, - "ntlm-guest": null, - "ips-sensor": "default", - "diffservcode-rev": null, - "match-vip": null, - "natip": null, - "dlp-sensor": null, - "traffic-shaper": null, - "groups": null, - "schedule-timeout": null, - "name": "Basic_IPv4_Policy_3", - "tcp-session-without-syn": null, - "ntlm": null, - "permit-stun-host": null, - "diffservcode-forward": null, - "internet-service-src-custom": null, - "mode": "set", - "disclaimer": null, - "rtp-nat": null, - "auth-cert": null, - "timeout-send-rst": null, - "auth-redirect-addr": null, - "ssl-mirror-intf": null, - "identity-based-route": null, - "natoutbound": null, - "wanopt-profile": null, - "per-ip-shaper": null, - "profile-protocol-options": null, - "diffserv-forward": null, - "poolname": null, - "comments": "Created by Ansible", - "label": null, - "global-label": null, - "firewall-session-dirty": null, - "wanopt": null, - "schedule": "always", - "internet-service-id": null, - "auth-path": null, - "vlan-cos-fwd": null, - "custom-log-fields": null, - "dstintf": "zone_wan1, zone_wan2", - "srcintf": "zone_int1", - "block-notification": null, - "internet-service-src-id": null, - "redirect-url": null, - "waf-profile": null, - "ntlm-enabled-browsers": null, - "dscp-negate": null, - "action": "accept", - "fsso-agent-for-ntlm": null, - "logtraffic": "utm", - "vlan-filter": null, - "policyid": null, - "logtraffic-start": null, - "webcache-https": null, - "webfilter-profile": null, - "internet-service-src": null, - "webcache": null, - "utm-status": null, - "vpn_src_node": { - "subnet": null, - "host": null, - "seq": null + "raw_response": { + "policyid": 36 }, - "ippool": null, - "service": "HTTP, HTTPS", - "wccp": null, - "auto-asic-offload": null, - "dscp-value": null, - "url-category": null, - "capture-packet": null, - "adom": "ansible", - "inbound": null, - "internet-service": null, - "profile-type": null, - "ssl-mirror": null, - "srcaddr-negate": null, - "gtp-profile": null, - "mms-profile": null, - "send-deny-packet": null, - "devices": null, - "permit-any-host": null, - "av-profile": "sniffer-profile", - "internet-service-src-negate": null, - "service-negate": null, - "rsso": null, - "app-group": null, - "tcp-mss-sender": null, - "natinbound": null, - "fixedport": null, - "ssl-ssh-profile": null, - "outbound": null, - "spamfilter-profile": null, - "application-list": null, - "application": null, - "dnsfilter-profile": null, - "nat": "enable", - "fsso": null, - "vlan-cos-rev": null, - "status": null, - "dsri": null, - "users": null, - "voip-profile": null, - "dstaddr-negate": null, - "traffic-shaper-reverse": null, - "internet-service-custom": null, - "diffserv-reverse": null, - "srcaddr": "corp_internal", - "ssh-filter-profile": null, - "delay-tcp-npu-session": null, - "icap-profile": null, - "captive-portal-exempt": null, - "vpn_dst_node": { - "subnet": null, - "host": null, - "seq": null + "post_method": "set" + }, + { + "url": "/pm/config/adom/ansible/pkg/default/firewall/policy", + "raw_response": { + "policyid": 37 }, - "app-category": null, - "rtp-addr": null, - "wsso": null, - "tcp-mss-receiver": null, - "dstaddr": "google-play, autoupdate.opera.com", - "radius-mac-auth-bypass": null, - "vpntunnel": null - }, - "raw_response": { - "policyid": 27 - }, - "post_method": "set" - }, - { - "raw_response": { - "status": { - "message": "OK", - "code": 0 + "datagram_sent": { + "name": "Basic_IPv4_Policy_2", + "service": [ + "HTTP", + "HTTPS" + ], + "schedule": "always", + "comments": "Created by Ansible", + "srcaddr": "all", + "dstintf": "any", + "srcintf": "any", + "nat": "enable", + "action": "accept", + "dstaddr": "google-play", + "logtraffic": "utm" }, - "url": "/pm/config/adom/ansible/pkg/default/firewall/policy/25" - }, - "paramgram_used": { - "package_name": "default", - "wanopt-detection": null, - "scan-botnet-connections": null, - "profile-group": null, - "dlp-sensor": null, - "dscp-match": null, - "replacemsg-override-group": null, - "internet-service-negate": null, - "np-acceleration": null, - "learning-mode": null, - "session-ttl": null, - "ntlm-guest": null, - "ips-sensor": null, - "diffservcode-rev": null, - "match-vip": null, - "natip": null, - "wanopt-peer": null, - "traffic-shaper": null, - "groups": null, - "schedule-timeout": null, - "name": "Basic_IPv4_Policy", - "tcp-session-without-syn": null, - "rtp-nat": null, - "permit-stun-host": null, - "natoutbound": null, - "internet-service-src-custom": null, - "mode": "delete", - "logtraffic": null, - "ntlm": null, - "auth-cert": null, - "timeout-send-rst": null, - "auth-redirect-addr": null, - "ssl-mirror-intf": null, - "identity-based-route": null, - "diffservcode-forward": null, - "wanopt-profile": null, - "per-ip-shaper": null, - "users": null, - "diffserv-forward": null, - "poolname": null, - "comments": null, - "label": null, - "global-label": null, - "firewall-session-dirty": null, - "wanopt": null, - "schedule": null, - "internet-service-id": null, - "auth-path": null, - "vlan-cos-fwd": null, - "custom-log-fields": null, - "dstintf": null, - "srcintf": null, - "block-notification": null, - "internet-service-src-id": null, - "redirect-url": null, - "waf-profile": null, - "ntlm-enabled-browsers": null, - "dscp-negate": null, - "action": null, - "fsso-agent-for-ntlm": null, - "disclaimer": null, - "vlan-filter": null, - "dstaddr-negate": null, - "logtraffic-start": null, - "webcache-https": null, - "webfilter-profile": null, - "internet-service-src": null, - "webcache": null, - "utm-status": null, - "vpn_src_node": { - "subnet": null, - "host": null, - "seq": null + "paramgram_used": { + "package_name": "default", + "wanopt-detection": null, + "scan-botnet-connections": null, + "profile-group": null, + "dlp-sensor": null, + "dscp-match": null, + "replacemsg-override-group": null, + "internet-service-negate": null, + "np-acceleration": null, + "learning-mode": null, + "session-ttl": null, + "ntlm-guest": null, + "ips-sensor": null, + "diffservcode-rev": null, + "match-vip": null, + "natip": null, + "wanopt-peer": null, + "traffic-shaper": null, + "groups": null, + "schedule-timeout": null, + "name": "Basic_IPv4_Policy_2", + "tcp-session-without-syn": null, + "rtp-nat": null, + "permit-stun-host": null, + "natoutbound": null, + "internet-service-src-custom": null, + "mode": "set", + "logtraffic": "utm", + "ntlm": null, + "auth-cert": null, + "timeout-send-rst": null, + "auth-redirect-addr": null, + "ssl-mirror-intf": null, + "identity-based-route": null, + "diffservcode-forward": null, + "wanopt-profile": null, + "per-ip-shaper": null, + "users": null, + "diffserv-forward": null, + "poolname": null, + "comments": "Created by Ansible", + "label": null, + "global-label": null, + "firewall-session-dirty": null, + "wanopt": null, + "schedule": "always", + "internet-service-id": null, + "auth-path": null, + "vlan-cos-fwd": null, + "custom-log-fields": null, + "dstintf": "any", + "srcintf": "any", + "block-notification": null, + "internet-service-src-id": null, + "redirect-url": null, + "waf-profile": null, + "ntlm-enabled-browsers": null, + "dscp-negate": null, + "action": "accept", + "fsso-agent-for-ntlm": null, + "disclaimer": null, + "vlan-filter": null, + "dstaddr-negate": null, + "logtraffic-start": null, + "webcache-https": null, + "webfilter-profile": null, + "internet-service-src": null, + "webcache": null, + "utm-status": null, + "vpn_src_node": { + "subnet": null, + "host": null, + "seq": null + }, + "ippool": null, + "service": "HTTP, HTTPS", + "wccp": null, + "auto-asic-offload": null, + "dscp-value": null, + "url-category": null, + "capture-packet": null, + "adom": "ansible", + "inbound": null, + "internet-service": null, + "profile-type": null, + "ssl-mirror": null, + "srcaddr-negate": null, + "gtp-profile": null, + "mms-profile": null, + "send-deny-packet": null, + "devices": null, + "permit-any-host": null, + "av-profile": null, + "internet-service-src-negate": null, + "service-negate": null, + "rsso": null, + "application-list": null, + "app-group": null, + "tcp-mss-sender": null, + "natinbound": null, + "fixedport": null, + "ssl-ssh-profile": null, + "outbound": null, + "spamfilter-profile": null, + "wanopt-passive-opt": null, + "application": null, + "dnsfilter-profile": null, + "nat": "enable", + "fsso": null, + "vlan-cos-rev": null, + "status": null, + "dsri": null, + "profile-protocol-options": null, + "voip-profile": null, + "policyid": null, + "traffic-shaper-reverse": null, + "internet-service-custom": null, + "diffserv-reverse": null, + "srcaddr": "all", + "dstaddr": "google-play", + "delay-tcp-npu-session": null, + "icap-profile": null, + "captive-portal-exempt": null, + "vpn_dst_node": { + "subnet": null, + "host": null, + "seq": null + }, + "app-category": null, + "rtp-addr": null, + "wsso": null, + "tcp-mss-receiver": null, + "ssh-filter-profile": null, + "radius-mac-auth-bypass": null, + "vpntunnel": null }, - "ippool": null, - "service": null, - "wccp": null, - "auto-asic-offload": null, - "dscp-value": null, - "url-category": null, - "capture-packet": null, - "adom": "ansible", - "inbound": null, - "internet-service": null, - "profile-type": null, - "ssl-mirror": null, - "srcaddr-negate": null, - "gtp-profile": null, - "mms-profile": null, - "send-deny-packet": null, - "devices": null, - "permit-any-host": null, - "av-profile": null, - "internet-service-src-negate": null, - "service-negate": null, - "rsso": null, - "application-list": null, - "app-group": null, - "tcp-mss-sender": null, - "natinbound": null, - "fixedport": null, - "ssl-ssh-profile": null, - "outbound": null, - "spamfilter-profile": null, - "wanopt-passive-opt": null, - "application": null, - "dnsfilter-profile": null, - "nat": null, - "fsso": null, - "vlan-cos-rev": null, - "status": null, - "dsri": null, - "profile-protocol-options": null, - "voip-profile": null, - "policyid": 25, - "traffic-shaper-reverse": null, - "internet-service-custom": null, - "diffserv-reverse": null, - "srcaddr": null, - "dstaddr": null, - "delay-tcp-npu-session": null, - "icap-profile": null, - "captive-portal-exempt": null, - "vpn_dst_node": { - "subnet": null, - "host": null, - "seq": null + "post_method": "set" + }, + { + "paramgram_used": { + "wanopt-passive-opt": null, + "package_name": "default", + "wanopt-detection": null, + "scan-botnet-connections": null, + "profile-group": null, + "wanopt-peer": null, + "dscp-match": null, + "replacemsg-override-group": null, + "internet-service-negate": null, + "np-acceleration": null, + "learning-mode": null, + "session-ttl": null, + "ntlm-guest": null, + "ips-sensor": null, + "diffservcode-rev": null, + "match-vip": null, + "natip": null, + "dlp-sensor": null, + "traffic-shaper": null, + "groups": null, + "schedule-timeout": null, + "name": "Basic_IPv4_Policy", + "tcp-session-without-syn": null, + "ntlm": null, + "permit-stun-host": null, + "diffservcode-forward": null, + "internet-service-src-custom": null, + "mode": "delete", + "disclaimer": null, + "rtp-nat": null, + "auth-cert": null, + "timeout-send-rst": null, + "auth-redirect-addr": null, + "ssl-mirror-intf": null, + "identity-based-route": null, + "natoutbound": null, + "wanopt-profile": null, + "per-ip-shaper": null, + "profile-protocol-options": null, + "diffserv-forward": null, + "poolname": null, + "comments": null, + "label": null, + "global-label": null, + "firewall-session-dirty": null, + "wanopt": null, + "schedule": null, + "internet-service-id": null, + "auth-path": null, + "vlan-cos-fwd": null, + "custom-log-fields": null, + "dstintf": null, + "srcintf": null, + "block-notification": null, + "internet-service-src-id": null, + "redirect-url": null, + "waf-profile": null, + "ntlm-enabled-browsers": null, + "dscp-negate": null, + "action": null, + "fsso-agent-for-ntlm": null, + "logtraffic": null, + "vlan-filter": null, + "policyid": 36, + "logtraffic-start": null, + "webcache-https": null, + "webfilter-profile": null, + "internet-service-src": null, + "webcache": null, + "utm-status": null, + "vpn_src_node": { + "subnet": null, + "host": null, + "seq": null + }, + "ippool": null, + "service": null, + "wccp": null, + "auto-asic-offload": null, + "dscp-value": null, + "url-category": null, + "capture-packet": null, + "adom": "ansible", + "inbound": null, + "internet-service": null, + "profile-type": null, + "ssl-mirror": null, + "srcaddr-negate": null, + "gtp-profile": null, + "mms-profile": null, + "send-deny-packet": null, + "devices": null, + "permit-any-host": null, + "av-profile": null, + "internet-service-src-negate": null, + "service-negate": null, + "rsso": null, + "app-group": null, + "tcp-mss-sender": null, + "natinbound": null, + "fixedport": null, + "ssl-ssh-profile": null, + "outbound": null, + "spamfilter-profile": null, + "application-list": null, + "application": null, + "dnsfilter-profile": null, + "nat": null, + "fsso": null, + "vlan-cos-rev": null, + "status": null, + "dsri": null, + "users": null, + "voip-profile": null, + "dstaddr-negate": null, + "traffic-shaper-reverse": null, + "internet-service-custom": null, + "diffserv-reverse": null, + "srcaddr": null, + "ssh-filter-profile": null, + "delay-tcp-npu-session": null, + "icap-profile": null, + "captive-portal-exempt": null, + "vpn_dst_node": { + "subnet": null, + "host": null, + "seq": null + }, + "app-category": null, + "rtp-addr": null, + "wsso": null, + "tcp-mss-receiver": null, + "dstaddr": null, + "radius-mac-auth-bypass": null, + "vpntunnel": null }, - "app-category": null, - "rtp-addr": null, - "wsso": null, - "tcp-mss-receiver": null, - "ssh-filter-profile": null, - "radius-mac-auth-bypass": null, - "vpntunnel": null - }, - "post_method": "delete" - }, - { - "paramgram_used": { - "wanopt-passive-opt": null, - "package_name": "default", - "wanopt-detection": null, - "scan-botnet-connections": null, - "profile-group": null, - "wanopt-peer": null, - "dscp-match": null, - "replacemsg-override-group": null, - "internet-service-negate": null, - "np-acceleration": null, - "learning-mode": null, - "session-ttl": null, - "ntlm-guest": null, - "ips-sensor": null, - "diffservcode-rev": null, - "match-vip": null, - "natip": null, - "dlp-sensor": null, - "traffic-shaper": null, - "groups": null, - "schedule-timeout": null, - "name": "Basic_IPv4_Policy_2", - "tcp-session-without-syn": null, - "ntlm": null, - "permit-stun-host": null, - "diffservcode-forward": null, - "internet-service-src-custom": null, - "mode": "delete", - "disclaimer": null, - "rtp-nat": null, - "auth-cert": null, - "timeout-send-rst": null, - "auth-redirect-addr": null, - "ssl-mirror-intf": null, - "identity-based-route": null, - "natoutbound": null, - "wanopt-profile": null, - "per-ip-shaper": null, - "profile-protocol-options": null, - "diffserv-forward": null, - "poolname": null, - "comments": null, - "label": null, - "global-label": null, - "firewall-session-dirty": null, - "wanopt": null, - "schedule": null, - "internet-service-id": null, - "auth-path": null, - "vlan-cos-fwd": null, - "custom-log-fields": null, - "dstintf": null, - "srcintf": null, - "block-notification": null, - "internet-service-src-id": null, - "redirect-url": null, - "waf-profile": null, - "ntlm-enabled-browsers": null, - "dscp-negate": null, - "action": null, - "fsso-agent-for-ntlm": null, - "logtraffic": null, - "vlan-filter": null, - "policyid": 26, - "logtraffic-start": null, - "webcache-https": null, - "webfilter-profile": null, - "internet-service-src": null, - "webcache": null, - "utm-status": null, - "vpn_src_node": { - "subnet": null, - "host": null, - "seq": null + "datagram_sent": { + "policyid": 36 }, - "ippool": null, - "service": null, - "wccp": null, - "auto-asic-offload": null, - "dscp-value": null, - "url-category": null, - "capture-packet": null, - "adom": "ansible", - "inbound": null, - "internet-service": null, - "profile-type": null, - "ssl-mirror": null, - "srcaddr-negate": null, - "gtp-profile": null, - "mms-profile": null, - "send-deny-packet": null, - "devices": null, - "permit-any-host": null, - "av-profile": null, - "internet-service-src-negate": null, - "service-negate": null, - "rsso": null, - "app-group": null, - "tcp-mss-sender": null, - "natinbound": null, - "fixedport": null, - "ssl-ssh-profile": null, - "outbound": null, - "spamfilter-profile": null, - "application-list": null, - "application": null, - "dnsfilter-profile": null, - "nat": null, - "fsso": null, - "vlan-cos-rev": null, - "status": null, - "dsri": null, - "users": null, - "voip-profile": null, - "dstaddr-negate": null, - "traffic-shaper-reverse": null, - "internet-service-custom": null, - "diffserv-reverse": null, - "srcaddr": null, - "ssh-filter-profile": null, - "delay-tcp-npu-session": null, - "icap-profile": null, - "captive-portal-exempt": null, - "vpn_dst_node": { - "subnet": null, - "host": null, - "seq": null + "raw_response": { + "status": { + "message": "OK", + "code": 0 + }, + "url": "/pm/config/adom/ansible/pkg/default/firewall/policy/36" }, - "app-category": null, - "rtp-addr": null, - "wsso": null, - "tcp-mss-receiver": null, - "dstaddr": null, - "radius-mac-auth-bypass": null, - "vpntunnel": null - }, - "raw_response": { - "status": { - "message": "OK", - "code": 0 + "post_method": "delete" + }, + { + "raw_response": { + "status": { + "message": "OK", + "code": 0 + }, + "url": "/pm/config/adom/ansible/pkg/default/firewall/policy/37" }, - "url": "/pm/config/adom/ansible/pkg/default/firewall/policy/26" - }, - "post_method": "delete" - }, - { - "raw_response": { - "status": { - "message": "OK", - "code": 0 + "datagram_sent": { + "policyid": 37 }, - "url": "/pm/config/adom/ansible/pkg/default/firewall/policy/27" - }, - "paramgram_used": { - "package_name": "default", - "wanopt-detection": null, - "scan-botnet-connections": null, - "profile-group": null, - "dlp-sensor": null, - "dscp-match": null, - "replacemsg-override-group": null, - "internet-service-negate": null, - "np-acceleration": null, - "learning-mode": null, - "session-ttl": null, - "ntlm-guest": null, - "ips-sensor": null, - "diffservcode-rev": null, - "match-vip": null, - "natip": null, - "wanopt-peer": null, - "traffic-shaper": null, - "groups": null, - "schedule-timeout": null, - "name": "Basic_IPv4_Policy_3", - "tcp-session-without-syn": null, - "rtp-nat": null, - "permit-stun-host": null, - "natoutbound": null, - "internet-service-src-custom": null, - "mode": "delete", - "logtraffic": null, - "ntlm": null, - "auth-cert": null, - "timeout-send-rst": null, - "auth-redirect-addr": null, - "ssl-mirror-intf": null, - "identity-based-route": null, - "diffservcode-forward": null, - "wanopt-profile": null, - "per-ip-shaper": null, - "users": null, - "diffserv-forward": null, - "poolname": null, - "comments": null, - "label": null, - "global-label": null, - "firewall-session-dirty": null, - "wanopt": null, - "schedule": null, - "internet-service-id": null, - "auth-path": null, - "vlan-cos-fwd": null, - "custom-log-fields": null, - "dstintf": null, - "srcintf": null, - "block-notification": null, - "internet-service-src-id": null, - "redirect-url": null, - "waf-profile": null, - "ntlm-enabled-browsers": null, - "dscp-negate": null, - "action": null, - "fsso-agent-for-ntlm": null, - "disclaimer": null, - "vlan-filter": null, - "dstaddr-negate": null, - "logtraffic-start": null, - "webcache-https": null, - "webfilter-profile": null, - "internet-service-src": null, - "webcache": null, - "utm-status": null, - "vpn_src_node": { - "subnet": null, - "host": null, - "seq": null + "paramgram_used": { + "package_name": "default", + "wanopt-detection": null, + "scan-botnet-connections": null, + "profile-group": null, + "dlp-sensor": null, + "dscp-match": null, + "replacemsg-override-group": null, + "internet-service-negate": null, + "np-acceleration": null, + "learning-mode": null, + "session-ttl": null, + "ntlm-guest": null, + "ips-sensor": null, + "diffservcode-rev": null, + "match-vip": null, + "natip": null, + "wanopt-peer": null, + "traffic-shaper": null, + "groups": null, + "schedule-timeout": null, + "name": "Basic_IPv4_Policy_2", + "tcp-session-without-syn": null, + "rtp-nat": null, + "permit-stun-host": null, + "natoutbound": null, + "internet-service-src-custom": null, + "mode": "delete", + "logtraffic": null, + "ntlm": null, + "auth-cert": null, + "timeout-send-rst": null, + "auth-redirect-addr": null, + "ssl-mirror-intf": null, + "identity-based-route": null, + "diffservcode-forward": null, + "wanopt-profile": null, + "per-ip-shaper": null, + "users": null, + "diffserv-forward": null, + "poolname": null, + "comments": null, + "label": null, + "global-label": null, + "firewall-session-dirty": null, + "wanopt": null, + "schedule": null, + "internet-service-id": null, + "auth-path": null, + "vlan-cos-fwd": null, + "custom-log-fields": null, + "dstintf": null, + "srcintf": null, + "block-notification": null, + "internet-service-src-id": null, + "redirect-url": null, + "waf-profile": null, + "ntlm-enabled-browsers": null, + "dscp-negate": null, + "action": null, + "fsso-agent-for-ntlm": null, + "disclaimer": null, + "vlan-filter": null, + "dstaddr-negate": null, + "logtraffic-start": null, + "webcache-https": null, + "webfilter-profile": null, + "internet-service-src": null, + "webcache": null, + "utm-status": null, + "vpn_src_node": { + "subnet": null, + "host": null, + "seq": null + }, + "ippool": null, + "service": null, + "wccp": null, + "auto-asic-offload": null, + "dscp-value": null, + "url-category": null, + "capture-packet": null, + "adom": "ansible", + "internet-service": null, + "inbound": null, + "profile-type": null, + "ssl-mirror": null, + "srcaddr-negate": null, + "gtp-profile": null, + "mms-profile": null, + "send-deny-packet": null, + "devices": null, + "permit-any-host": null, + "av-profile": null, + "internet-service-src-negate": null, + "service-negate": null, + "rsso": null, + "application-list": null, + "app-group": null, + "tcp-mss-sender": null, + "natinbound": null, + "fixedport": null, + "ssl-ssh-profile": null, + "outbound": null, + "spamfilter-profile": null, + "wanopt-passive-opt": null, + "application": null, + "dnsfilter-profile": null, + "nat": null, + "fsso": null, + "vlan-cos-rev": null, + "status": null, + "dsri": null, + "profile-protocol-options": null, + "voip-profile": null, + "policyid": 37, + "traffic-shaper-reverse": null, + "internet-service-custom": null, + "diffserv-reverse": null, + "srcaddr": null, + "dstaddr": null, + "delay-tcp-npu-session": null, + "icap-profile": null, + "captive-portal-exempt": null, + "vpn_dst_node": { + "subnet": null, + "host": null, + "seq": null + }, + "app-category": null, + "rtp-addr": null, + "wsso": null, + "tcp-mss-receiver": null, + "ssh-filter-profile": null, + "radius-mac-auth-bypass": null, + "vpntunnel": null }, - "ippool": null, - "service": null, - "wccp": null, - "auto-asic-offload": null, - "dscp-value": null, - "url-category": null, - "capture-packet": null, - "adom": "ansible", - "internet-service": null, - "inbound": null, - "profile-type": null, - "ssl-mirror": null, - "srcaddr-negate": null, - "gtp-profile": null, - "mms-profile": null, - "send-deny-packet": null, - "devices": null, - "permit-any-host": null, - "av-profile": null, - "internet-service-src-negate": null, - "service-negate": null, - "rsso": null, - "application-list": null, - "app-group": null, - "tcp-mss-sender": null, - "natinbound": null, - "fixedport": null, - "ssl-ssh-profile": null, - "outbound": null, - "spamfilter-profile": null, - "wanopt-passive-opt": null, - "application": null, - "dnsfilter-profile": null, - "nat": null, - "fsso": null, - "vlan-cos-rev": null, - "status": null, - "dsri": null, - "profile-protocol-options": null, - "voip-profile": null, - "policyid": 27, - "traffic-shaper-reverse": null, - "internet-service-custom": null, - "diffserv-reverse": null, - "srcaddr": null, - "dstaddr": null, - "delay-tcp-npu-session": null, - "icap-profile": null, - "captive-portal-exempt": null, - "vpn_dst_node": { - "subnet": null, - "host": null, - "seq": null - }, - "app-category": null, - "rtp-addr": null, - "wsso": null, - "tcp-mss-receiver": null, - "ssh-filter-profile": null, - "radius-mac-auth-bypass": null, - "vpntunnel": null - }, - "post_method": "delete" - } - ] + "post_method": "delete" + } + ] } diff --git a/test/units/modules/network/fortimanager/test_fmgr_fwpol_ipv4.py b/test/units/modules/network/fortimanager/test_fmgr_fwpol_ipv4.py index 42bb7c3d99f..3ef1e52c78b 100644 --- a/test/units/modules/network/fortimanager/test_fmgr_fwpol_ipv4.py +++ b/test/units/modules/network/fortimanager/test_fmgr_fwpol_ipv4.py @@ -19,7 +19,7 @@ __metaclass__ = type import os import json -from pyFMG.fortimgr import FortiManager +from ansible.module_utils.network.fortimanager.fortimanager import FortiManagerHandler import pytest try: @@ -27,8 +27,6 @@ try: except ImportError: pytest.skip("Could not load required modules for testing", allow_module_level=True) -fmg_instance = FortiManager("1.1.1.1", "admin", "") - def load_fixtures(): fixture_path = os.path.join(os.path.dirname(__file__), 'fixtures') + "/{filename}.json".format( @@ -41,14 +39,30 @@ def load_fixtures(): return [fixture_data] +@pytest.fixture(autouse=True) +def module_mock(mocker): + connection_class_mock = mocker.patch('ansible.module_utils.basic.AnsibleModule') + return connection_class_mock + + +@pytest.fixture(autouse=True) +def connection_mock(mocker): + connection_class_mock = mocker.patch('ansible.modules.network.fortimanager.fmgr_fwpol_ipv4.Connection') + return connection_class_mock + + @pytest.fixture(scope="function", params=load_fixtures()) def fixture_data(request): func_name = request.function.__name__.replace("test_", "") return request.param.get(func_name, None) -def test_fmgr_firewall_policy_addsetdelete(fixture_data, mocker): - mocker.patch("pyFMG.fortimgr.FortiManager._post_request", side_effect=fixture_data) +fmg_instance = FortiManagerHandler(connection_mock, module_mock) + + +def test_fmgr_firewall_policy_modify(fixture_data, mocker): + mocker.patch("ansible.module_utils.network.fortimanager.fortimanager.FortiManagerHandler.process_request", + side_effect=fixture_data) # Fixture sets used:########################### ################################################## @@ -323,264 +337,6 @@ def test_fmgr_firewall_policy_addsetdelete(fixture_data, mocker): # learning-mode: None # session-ttl: None # ntlm-guest: None - # ips-sensor: default - # diffservcode-rev: None - # match-vip: None - # natip: None - # dlp-sensor: None - # traffic-shaper: None - # groups: None - # schedule-timeout: None - # name: Basic_IPv4_Policy_3 - # tcp-session-without-syn: None - # ntlm: None - # permit-stun-host: None - # diffservcode-forward: None - # internet-service-src-custom: None - # mode: set - # disclaimer: None - # rtp-nat: None - # auth-cert: None - # timeout-send-rst: None - # auth-redirect-addr: None - # ssl-mirror-intf: None - # identity-based-route: None - # natoutbound: None - # wanopt-profile: None - # per-ip-shaper: None - # profile-protocol-options: None - # diffserv-forward: None - # poolname: None - # comments: Created by Ansible - # label: None - # global-label: None - # firewall-session-dirty: None - # wanopt: None - # schedule: always - # internet-service-id: None - # auth-path: None - # vlan-cos-fwd: None - # custom-log-fields: None - # dstintf: zone_wan1, zone_wan2 - # srcintf: zone_int1 - # block-notification: None - # internet-service-src-id: None - # redirect-url: None - # waf-profile: None - # ntlm-enabled-browsers: None - # dscp-negate: None - # action: accept - # fsso-agent-for-ntlm: None - # logtraffic: utm - # vlan-filter: None - # policyid: None - # logtraffic-start: None - # webcache-https: None - # webfilter-profile: None - # internet-service-src: None - # webcache: None - # utm-status: None - # vpn_src_node: {'subnet': None, 'host': None, 'seq': None} - # ippool: None - # service: HTTP, HTTPS - # wccp: None - # auto-asic-offload: None - # dscp-value: None - # url-category: None - # capture-packet: None - # adom: ansible - # inbound: None - # internet-service: None - # profile-type: None - # ssl-mirror: None - # srcaddr-negate: None - # gtp-profile: None - # mms-profile: None - # send-deny-packet: None - # devices: None - # permit-any-host: None - # av-profile: sniffer-profile - # internet-service-src-negate: None - # service-negate: None - # rsso: None - # app-group: None - # tcp-mss-sender: None - # natinbound: None - # fixedport: None - # ssl-ssh-profile: None - # outbound: None - # spamfilter-profile: None - # application-list: None - # application: None - # dnsfilter-profile: None - # nat: enable - # fsso: None - # vlan-cos-rev: None - # status: None - # dsri: None - # users: None - # voip-profile: None - # dstaddr-negate: None - # traffic-shaper-reverse: None - # internet-service-custom: None - # diffserv-reverse: None - # srcaddr: corp_internal - # ssh-filter-profile: None - # delay-tcp-npu-session: None - # icap-profile: None - # captive-portal-exempt: None - # vpn_dst_node: {'subnet': None, 'host': None, 'seq': None} - # app-category: None - # rtp-addr: None - # wsso: None - # tcp-mss-receiver: None - # dstaddr: google-play, autoupdate.opera.com - # radius-mac-auth-bypass: None - # vpntunnel: None - ################################################## - ################################################## - # package_name: default - # wanopt-detection: None - # scan-botnet-connections: None - # profile-group: None - # dlp-sensor: None - # dscp-match: None - # replacemsg-override-group: None - # internet-service-negate: None - # np-acceleration: None - # learning-mode: None - # session-ttl: None - # ntlm-guest: None - # ips-sensor: None - # diffservcode-rev: None - # match-vip: None - # natip: None - # wanopt-peer: None - # traffic-shaper: None - # groups: None - # schedule-timeout: None - # name: Basic_IPv4_Policy - # tcp-session-without-syn: None - # rtp-nat: None - # permit-stun-host: None - # natoutbound: None - # internet-service-src-custom: None - # mode: delete - # logtraffic: None - # ntlm: None - # auth-cert: None - # timeout-send-rst: None - # auth-redirect-addr: None - # ssl-mirror-intf: None - # identity-based-route: None - # diffservcode-forward: None - # wanopt-profile: None - # per-ip-shaper: None - # users: None - # diffserv-forward: None - # poolname: None - # comments: None - # label: None - # global-label: None - # firewall-session-dirty: None - # wanopt: None - # schedule: None - # internet-service-id: None - # auth-path: None - # vlan-cos-fwd: None - # custom-log-fields: None - # dstintf: None - # srcintf: None - # block-notification: None - # internet-service-src-id: None - # redirect-url: None - # waf-profile: None - # ntlm-enabled-browsers: None - # dscp-negate: None - # action: None - # fsso-agent-for-ntlm: None - # disclaimer: None - # vlan-filter: None - # dstaddr-negate: None - # logtraffic-start: None - # webcache-https: None - # webfilter-profile: None - # internet-service-src: None - # webcache: None - # utm-status: None - # vpn_src_node: {'subnet': None, 'host': None, 'seq': None} - # ippool: None - # service: None - # wccp: None - # auto-asic-offload: None - # dscp-value: None - # url-category: None - # capture-packet: None - # adom: ansible - # inbound: None - # internet-service: None - # profile-type: None - # ssl-mirror: None - # srcaddr-negate: None - # gtp-profile: None - # mms-profile: None - # send-deny-packet: None - # devices: None - # permit-any-host: None - # av-profile: None - # internet-service-src-negate: None - # service-negate: None - # rsso: None - # application-list: None - # app-group: None - # tcp-mss-sender: None - # natinbound: None - # fixedport: None - # ssl-ssh-profile: None - # outbound: None - # spamfilter-profile: None - # wanopt-passive-opt: None - # application: None - # dnsfilter-profile: None - # nat: None - # fsso: None - # vlan-cos-rev: None - # status: None - # dsri: None - # profile-protocol-options: None - # voip-profile: None - # policyid: 25 - # traffic-shaper-reverse: None - # internet-service-custom: None - # diffserv-reverse: None - # srcaddr: None - # dstaddr: None - # delay-tcp-npu-session: None - # icap-profile: None - # captive-portal-exempt: None - # vpn_dst_node: {'subnet': None, 'host': None, 'seq': None} - # app-category: None - # rtp-addr: None - # wsso: None - # tcp-mss-receiver: None - # ssh-filter-profile: None - # radius-mac-auth-bypass: None - # vpntunnel: None - ################################################## - ################################################## - # wanopt-passive-opt: None - # package_name: default - # wanopt-detection: None - # scan-botnet-connections: None - # profile-group: None - # wanopt-peer: None - # dscp-match: None - # replacemsg-override-group: None - # internet-service-negate: None - # np-acceleration: None - # learning-mode: None - # session-ttl: None - # ntlm-guest: None # ips-sensor: None # diffservcode-rev: None # match-vip: None @@ -589,7 +345,7 @@ def test_fmgr_firewall_policy_addsetdelete(fixture_data, mocker): # traffic-shaper: None # groups: None # schedule-timeout: None - # name: Basic_IPv4_Policy_2 + # name: Basic_IPv4_Policy # tcp-session-without-syn: None # ntlm: None # permit-stun-host: None @@ -631,7 +387,7 @@ def test_fmgr_firewall_policy_addsetdelete(fixture_data, mocker): # fsso-agent-for-ntlm: None # logtraffic: None # vlan-filter: None - # policyid: 26 + # policyid: 36 # logtraffic-start: None # webcache-https: None # webfilter-profile: None @@ -717,7 +473,7 @@ def test_fmgr_firewall_policy_addsetdelete(fixture_data, mocker): # traffic-shaper: None # groups: None # schedule-timeout: None - # name: Basic_IPv4_Policy_3 + # name: Basic_IPv4_Policy_2 # tcp-session-without-syn: None # rtp-nat: None # permit-stun-host: None @@ -807,7 +563,7 @@ def test_fmgr_firewall_policy_addsetdelete(fixture_data, mocker): # dsri: None # profile-protocol-options: None # voip-profile: None - # policyid: 27 + # policyid: 37 # traffic-shaper-reverse: None # internet-service-custom: None # diffserv-reverse: None @@ -827,20 +583,14 @@ def test_fmgr_firewall_policy_addsetdelete(fixture_data, mocker): ################################################## # Test using fixture 1 # - output = fmgr_fwpol_ipv4.fmgr_firewall_policy_addsetdelete(fmg_instance, fixture_data[0]['paramgram_used']) + output = fmgr_fwpol_ipv4.fmgr_firewall_policy_modify(fmg_instance, fixture_data[0]['paramgram_used']) assert isinstance(output['raw_response'], dict) is True # Test using fixture 2 # - output = fmgr_fwpol_ipv4.fmgr_firewall_policy_addsetdelete(fmg_instance, fixture_data[1]['paramgram_used']) + output = fmgr_fwpol_ipv4.fmgr_firewall_policy_modify(fmg_instance, fixture_data[1]['paramgram_used']) assert isinstance(output['raw_response'], dict) is True # Test using fixture 3 # - output = fmgr_fwpol_ipv4.fmgr_firewall_policy_addsetdelete(fmg_instance, fixture_data[2]['paramgram_used']) - assert isinstance(output['raw_response'], dict) is True - # Test using fixture 4 # - output = fmgr_fwpol_ipv4.fmgr_firewall_policy_addsetdelete(fmg_instance, fixture_data[3]['paramgram_used']) + output = fmgr_fwpol_ipv4.fmgr_firewall_policy_modify(fmg_instance, fixture_data[2]['paramgram_used']) assert output['raw_response']['status']['code'] == 0 - # Test using fixture 5 # - output = fmgr_fwpol_ipv4.fmgr_firewall_policy_addsetdelete(fmg_instance, fixture_data[4]['paramgram_used']) - assert output['raw_response']['status']['code'] == 0 - # Test using fixture 6 # - output = fmgr_fwpol_ipv4.fmgr_firewall_policy_addsetdelete(fmg_instance, fixture_data[5]['paramgram_used']) + # Test using fixture 4 # + output = fmgr_fwpol_ipv4.fmgr_firewall_policy_modify(fmg_instance, fixture_data[3]['paramgram_used']) assert output['raw_response']['status']['code'] == 0