diff --git a/lib/ansible/modules/network/fortios/fortios_report_layout.py b/lib/ansible/modules/network/fortios/fortios_report_layout.py
index b28f89410ad..1f5ee774865 100644
--- a/lib/ansible/modules/network/fortios/fortios_report_layout.py
+++ b/lib/ansible/modules/network/fortios/fortios_report_layout.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_report_layout
short_description: Report layout configuration in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify report feature and layout category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,50 +41,66 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
+ state:
+ description:
+ - Indicates whether to create or remove the object.
+ type: str
+ required: true
+ choices:
+ - present
+ - absent
+ version_added: 2.9
report_layout:
description:
- Report layout configuration.
default: null
+ type: dict
suboptions:
- state:
- description:
- - Indicates whether to create or remove the object
- choices:
- - present
- - absent
- body-item:
+ body_item:
description:
- Configure report body item.
+ type: list
suboptions:
chart:
description:
- Report item chart name.
- chart-options:
+ type: str
+ chart_options:
description:
- Report chart options.
+ type: str
choices:
- include-no-data
- hide-title
@@ -95,21 +108,27 @@ options:
column:
description:
- Report section column number.
+ type: int
content:
description:
- Report item text content.
+ type: str
description:
description:
- Description.
- drill-down-items:
+ type: str
+ drill_down_items:
description:
- Control how drill down charts are shown.
- drill-down-types:
+ type: str
+ drill_down_types:
description:
- Control whether keys from the parent being combined or not.
+ type: str
hide:
description:
- Enable/disable hide item in report.
+ type: str
choices:
- enable
- disable
@@ -117,29 +136,36 @@ options:
description:
- Report item ID.
required: true
- img-src:
+ type: int
+ img_src:
description:
- Report item image file name.
+ type: str
list:
description:
- Configure report list item.
+ type: list
suboptions:
content:
description:
- List entry content.
+ type: str
id:
description:
- List entry ID.
required: true
- list-component:
+ type: int
+ list_component:
description:
- Report item list component.
+ type: str
choices:
- bullet
- numbered
- misc-component:
+ misc_component:
description:
- Report item miscellaneous component.
+ type: str
choices:
- hline
- page-break
@@ -148,38 +174,49 @@ options:
parameters:
description:
- Parameters.
+ type: list
suboptions:
id:
description:
- ID.
required: true
+ type: int
name:
description:
- Field name that match field of parameters defined in dataset.
+ type: str
value:
description:
- Value to replace corresponding field of parameters defined in dataset.
+ type: str
style:
description:
- Report item style.
- table-caption-style:
+ type: str
+ table_caption_style:
description:
- Table chart caption style.
- table-column-widths:
+ type: str
+ table_column_widths:
description:
- Report item table column widths.
- table-even-row-style:
+ type: str
+ table_even_row_style:
description:
- Table chart even row style.
- table-head-style:
+ type: str
+ table_head_style:
description:
- Table chart head style.
- table-odd-row-style:
+ type: str
+ table_odd_row_style:
description:
- Table chart odd row style.
- text-component:
+ type: str
+ text_component:
description:
- Report item text component.
+ type: str
choices:
- text
- heading1
@@ -188,29 +225,35 @@ options:
title:
description:
- Report section title.
- top-n:
+ type: str
+ top_n:
description:
- Value of top.
+ type: int
type:
description:
- Report item type.
+ type: str
choices:
- text
- image
- chart
- misc
- cutoff-option:
+ cutoff_option:
description:
- Cutoff-option is either run-time or custom.
+ type: str
choices:
- run-time
- custom
- cutoff-time:
+ cutoff_time:
description:
- "Custom cutoff time to generate report [hh:mm]."
+ type: str
day:
description:
- Schedule days of week to generate report.
+ type: str
choices:
- sunday
- monday
@@ -222,30 +265,37 @@ options:
description:
description:
- Description.
- email-recipients:
+ type: str
+ email_recipients:
description:
- Email recipients for generated reports.
- email-send:
+ type: str
+ email_send:
description:
- Enable/disable sending emails after reports are generated.
+ type: str
choices:
- enable
- disable
format:
description:
- Report format.
+ type: str
choices:
- pdf
- max-pdf-report:
+ max_pdf_report:
description:
- Maximum number of PDF reports to keep at one time (oldest report is overwritten).
+ type: int
name:
description:
- Report layout name.
required: true
+ type: str
options:
description:
- Report layout options.
+ type: str
choices:
- include-table-of-content
- auto-numbering-heading
@@ -255,10 +305,12 @@ options:
page:
description:
- Configure report page.
+ type: dict
suboptions:
- column-break-before:
+ column_break_before:
description:
- Report page auto column break before heading.
+ type: str
choices:
- heading1
- heading2
@@ -266,78 +318,98 @@ options:
footer:
description:
- Configure report page footer.
+ type: dict
suboptions:
- footer-item:
+ footer_item:
description:
- Configure report footer item.
+ type: list
suboptions:
content:
description:
- Report item text content.
+ type: str
description:
description:
- Description.
+ type: str
id:
description:
- Report item ID.
required: true
- img-src:
+ type: int
+ img_src:
description:
- Report item image file name.
+ type: str
style:
description:
- Report item style.
+ type: str
type:
description:
- Report item type.
+ type: str
choices:
- text
- image
style:
description:
- Report footer style.
+ type: str
header:
description:
- Configure report page header.
+ type: dict
suboptions:
- header-item:
+ header_item:
description:
- Configure report header item.
+ type: list
suboptions:
content:
description:
- Report item text content.
+ type: str
description:
description:
- Description.
+ type: str
id:
description:
- Report item ID.
required: true
- img-src:
+ type: int
+ img_src:
description:
- Report item image file name.
+ type: str
style:
description:
- Report item style.
+ type: str
type:
description:
- Report item type.
+ type: str
choices:
- text
- image
style:
description:
- Report header style.
+ type: str
options:
description:
- Report page options.
+ type: str
choices:
- header-on-first-page
- footer-on-first-page
- page-break-before:
+ page_break_before:
description:
- Report page auto page break before heading.
+ type: str
choices:
- heading1
- heading2
@@ -345,28 +417,34 @@ options:
paper:
description:
- Report page paper.
+ type: str
choices:
- a4
- letter
- schedule-type:
+ schedule_type:
description:
- Report schedule type.
+ type: str
choices:
- demand
- daily
- weekly
- style-theme:
+ style_theme:
description:
- Report style theme.
+ type: str
subtitle:
description:
- Report subtitle.
+ type: str
time:
description:
- "Schedule time to generate report [hh:mm]."
+ type: str
title:
description:
- Report title.
+ type: str
'''
EXAMPLES = '''
@@ -376,6 +454,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Report layout configuration.
fortios_report_layout:
@@ -384,78 +463,78 @@ EXAMPLES = '''
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
+ state: "present"
report_layout:
- state: "present"
- body-item:
+ body_item:
-
chart: ""
- chart-options: "include-no-data"
+ chart_options: "include-no-data"
column: "6"
content: ""
description: ""
- drill-down-items: ""
- drill-down-types: ""
+ drill_down_items: ""
+ drill_down_types: ""
hide: "enable"
id: "12"
- img-src: ""
+ img_src: ""
list:
-
content: ""
id: "16"
- list-component: "bullet"
- misc-component: "hline"
+ list_component: "bullet"
+ misc_component: "hline"
parameters:
-
id: "20"
name: "default_name_21"
value: ""
style: ""
- table-caption-style: ""
- table-column-widths: ""
- table-even-row-style: ""
- table-head-style: ""
- table-odd-row-style: ""
- text-component: "text"
+ table_caption_style: ""
+ table_column_widths: ""
+ table_even_row_style: ""
+ table_head_style: ""
+ table_odd_row_style: ""
+ text_component: "text"
title: ""
- top-n: "31"
+ top_n: "31"
type: "text"
- cutoff-option: "run-time"
- cutoff-time: ""
+ cutoff_option: "run-time"
+ cutoff_time: ""
day: "sunday"
description: ""
- email-recipients: ""
- email-send: "enable"
+ email_recipients: ""
+ email_send: "enable"
format: "pdf"
- max-pdf-report: "40"
+ max_pdf_report: "40"
name: "default_name_41"
options: "include-table-of-content"
page:
- column-break-before: "heading1"
+ column_break_before: "heading1"
footer:
- footer-item:
+ footer_item:
-
content: ""
description: ""
id: "49"
- img-src: ""
+ img_src: ""
style: ""
type: "text"
style: ""
header:
- header-item:
+ header_item:
-
content: ""
description: ""
id: "58"
- img-src: ""
+ img_src: ""
style: ""
type: "text"
style: ""
options: "header-on-first-page"
- page-break-before: "heading1"
+ page_break_before: "heading1"
paper: "a4"
- schedule-type: "demand"
- style-theme: ""
+ schedule_type: "demand"
+ style_theme: ""
subtitle: ""
time: ""
title: ""
@@ -521,14 +600,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -536,15 +617,15 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_report_layout_data(json):
- option_list = ['body-item', 'cutoff-option', 'cutoff-time',
- 'day', 'description', 'email-recipients',
- 'email-send', 'format', 'max-pdf-report',
+ option_list = ['body_item', 'cutoff_option', 'cutoff_time',
+ 'day', 'description', 'email_recipients',
+ 'email_send', 'format', 'max_pdf_report',
'name', 'options', 'page',
- 'schedule-type', 'style-theme', 'subtitle',
+ 'schedule_type', 'style_theme', 'subtitle',
'time', 'title']
dictionary = {}
@@ -555,83 +636,88 @@ def filter_report_layout_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
def report_layout(data, fos):
vdom = data['vdom']
+ state = data['state']
report_layout_data = data['report_layout']
- flattened_data = flatten_multilists_attributes(report_layout_data)
- filtered_data = filter_report_layout_data(flattened_data)
- if report_layout_data['state'] == "present":
+ filtered_data = underscore_to_hyphen(filter_report_layout_data(report_layout_data))
+
+ if state == "present":
return fos.set('report',
'layout',
data=filtered_data,
vdom=vdom)
- elif report_layout_data['state'] == "absent":
+ elif state == "absent":
return fos.delete('report',
'layout',
mkey=filtered_data['name'],
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_report(data, fos):
- login(data)
if data['report_layout']:
resp = report_layout(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
+ "state": {"required": True, "type": "str",
+ "choices": ["present", "absent"]},
"report_layout": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
- "state": {"required": True, "type": "str",
- "choices": ["present", "absent"]},
- "body-item": {"required": False, "type": "list",
+ "body_item": {"required": False, "type": "list",
"options": {
"chart": {"required": False, "type": "str"},
- "chart-options": {"required": False, "type": "str",
+ "chart_options": {"required": False, "type": "str",
"choices": ["include-no-data", "hide-title", "show-caption"]},
"column": {"required": False, "type": "int"},
"content": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
- "drill-down-items": {"required": False, "type": "str"},
- "drill-down-types": {"required": False, "type": "str"},
+ "drill_down_items": {"required": False, "type": "str"},
+ "drill_down_types": {"required": False, "type": "str"},
"hide": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"id": {"required": True, "type": "int"},
- "img-src": {"required": False, "type": "str"},
+ "img_src": {"required": False, "type": "str"},
"list": {"required": False, "type": "list",
"options": {
"content": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"}
}},
- "list-component": {"required": False, "type": "str",
+ "list_component": {"required": False, "type": "str",
"choices": ["bullet", "numbered"]},
- "misc-component": {"required": False, "type": "str",
+ "misc_component": {"required": False, "type": "str",
"choices": ["hline", "page-break", "column-break",
"section-start"]},
"parameters": {"required": False, "type": "list",
@@ -641,50 +727,50 @@ def main():
"value": {"required": False, "type": "str"}
}},
"style": {"required": False, "type": "str"},
- "table-caption-style": {"required": False, "type": "str"},
- "table-column-widths": {"required": False, "type": "str"},
- "table-even-row-style": {"required": False, "type": "str"},
- "table-head-style": {"required": False, "type": "str"},
- "table-odd-row-style": {"required": False, "type": "str"},
- "text-component": {"required": False, "type": "str",
+ "table_caption_style": {"required": False, "type": "str"},
+ "table_column_widths": {"required": False, "type": "str"},
+ "table_even_row_style": {"required": False, "type": "str"},
+ "table_head_style": {"required": False, "type": "str"},
+ "table_odd_row_style": {"required": False, "type": "str"},
+ "text_component": {"required": False, "type": "str",
"choices": ["text", "heading1", "heading2",
"heading3"]},
"title": {"required": False, "type": "str"},
- "top-n": {"required": False, "type": "int"},
+ "top_n": {"required": False, "type": "int"},
"type": {"required": False, "type": "str",
"choices": ["text", "image", "chart",
"misc"]}
}},
- "cutoff-option": {"required": False, "type": "str",
+ "cutoff_option": {"required": False, "type": "str",
"choices": ["run-time", "custom"]},
- "cutoff-time": {"required": False, "type": "str"},
+ "cutoff_time": {"required": False, "type": "str"},
"day": {"required": False, "type": "str",
"choices": ["sunday", "monday", "tuesday",
"wednesday", "thursday", "friday",
"saturday"]},
"description": {"required": False, "type": "str"},
- "email-recipients": {"required": False, "type": "str"},
- "email-send": {"required": False, "type": "str",
+ "email_recipients": {"required": False, "type": "str"},
+ "email_send": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"format": {"required": False, "type": "str",
"choices": ["pdf"]},
- "max-pdf-report": {"required": False, "type": "int"},
+ "max_pdf_report": {"required": False, "type": "int"},
"name": {"required": True, "type": "str"},
"options": {"required": False, "type": "str",
"choices": ["include-table-of-content", "auto-numbering-heading", "view-chart-as-heading",
"show-html-navbar-before-heading", "dummy-option"]},
"page": {"required": False, "type": "dict",
"options": {
- "column-break-before": {"required": False, "type": "str",
+ "column_break_before": {"required": False, "type": "str",
"choices": ["heading1", "heading2", "heading3"]},
"footer": {"required": False, "type": "dict",
"options": {
- "footer-item": {"required": False, "type": "list",
+ "footer_item": {"required": False, "type": "list",
"options": {
"content": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
- "img-src": {"required": False, "type": "str"},
+ "img_src": {"required": False, "type": "str"},
"style": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["text", "image"]}
@@ -693,12 +779,12 @@ def main():
}},
"header": {"required": False, "type": "dict",
"options": {
- "header-item": {"required": False, "type": "list",
+ "header_item": {"required": False, "type": "list",
"options": {
"content": {"required": False, "type": "str"},
"description": {"required": False, "type": "str"},
"id": {"required": True, "type": "int"},
- "img-src": {"required": False, "type": "str"},
+ "img_src": {"required": False, "type": "str"},
"style": {"required": False, "type": "str"},
"type": {"required": False, "type": "str",
"choices": ["text", "image"]}
@@ -707,14 +793,14 @@ def main():
}},
"options": {"required": False, "type": "str",
"choices": ["header-on-first-page", "footer-on-first-page"]},
- "page-break-before": {"required": False, "type": "str",
+ "page_break_before": {"required": False, "type": "str",
"choices": ["heading1", "heading2", "heading3"]},
"paper": {"required": False, "type": "str",
"choices": ["a4", "letter"]}
}},
- "schedule-type": {"required": False, "type": "str",
+ "schedule_type": {"required": False, "type": "str",
"choices": ["demand", "daily", "weekly"]},
- "style-theme": {"required": False, "type": "str"},
+ "style_theme": {"required": False, "type": "str"},
"subtitle": {"required": False, "type": "str"},
"time": {"required": False, "type": "str"},
"title": {"required": False, "type": "str"}
@@ -725,15 +811,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_report(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_report_setting.py b/lib/ansible/modules/network/fortios/fortios_report_setting.py
index a98dcffaeb6..57fbf314362 100644
--- a/lib/ansible/modules/network/fortios/fortios_report_setting.py
+++ b/lib/ansible/modules/network/fortios/fortios_report_setting.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_report_setting
short_description: Report setting configuration in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify report feature and setting category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,59 +41,74 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
report_setting:
description:
- Report setting configuration.
default: null
+ type: dict
suboptions:
fortiview:
description:
- Enable/disable historical FortiView.
+ type: str
choices:
- enable
- disable
- pdf-report:
+ pdf_report:
description:
- Enable/disable PDF report.
+ type: str
choices:
- enable
- disable
- report-source:
+ report_source:
description:
- Report log source.
+ type: str
choices:
- forward-traffic
- sniffer-traffic
- local-deny-traffic
- top-n:
+ top_n:
description:
- Number of items to populate (100 - 4000).
- web-browsing-threshold:
+ type: int
+ web_browsing_threshold:
description:
- Web browsing time calculation threshold (3 - 15 min).
+ type: int
'''
EXAMPLES = '''
@@ -106,6 +118,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Report setting configuration.
fortios_report_setting:
@@ -116,10 +129,10 @@ EXAMPLES = '''
https: "False"
report_setting:
fortiview: "enable"
- pdf-report: "enable"
- report-source: "forward-traffic"
- top-n: "6"
- web-browsing-threshold: "7"
+ pdf_report: "enable"
+ report_source: "forward-traffic"
+ top_n: "6"
+ web_browsing_threshold: "7"
'''
RETURN = '''
@@ -182,14 +195,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -197,12 +212,12 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_report_setting_data(json):
- option_list = ['fortiview', 'pdf-report', 'report-source',
- 'top-n', 'web-browsing-threshold']
+ option_list = ['fortiview', 'pdf_report', 'report_source',
+ 'top_n', 'web_browsing_threshold']
dictionary = {}
for attribute in option_list:
@@ -212,17 +227,15 @@ def filter_report_setting_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
@@ -230,42 +243,48 @@ def flatten_multilists_attributes(data):
def report_setting(data, fos):
vdom = data['vdom']
report_setting_data = data['report_setting']
- flattened_data = flatten_multilists_attributes(report_setting_data)
- filtered_data = filter_report_setting_data(flattened_data)
+ filtered_data = underscore_to_hyphen(filter_report_setting_data(report_setting_data))
+
return fos.set('report',
'setting',
data=filtered_data,
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_report(data, fos):
- login(data)
if data['report_setting']:
resp = report_setting(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
"report_setting": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
"fortiview": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
- "pdf-report": {"required": False, "type": "str",
+ "pdf_report": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
- "report-source": {"required": False, "type": "str",
+ "report_source": {"required": False, "type": "str",
"choices": ["forward-traffic", "sniffer-traffic", "local-deny-traffic"]},
- "top-n": {"required": False, "type": "int"},
- "web-browsing-threshold": {"required": False, "type": "int"}
+ "top_n": {"required": False, "type": "int"},
+ "web_browsing_threshold": {"required": False, "type": "int"}
}
}
@@ -273,15 +292,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_report(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_report_style.py b/lib/ansible/modules/network/fortios/fortios_report_style.py
index 952a6687e6d..34974032918 100644
--- a/lib/ansible/modules/network/fortios/fortios_report_style.py
+++ b/lib/ansible/modules/network/fortios/fortios_report_style.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_report_style
short_description: Report style configuration in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify report feature and style category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,124 +41,158 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
+ state:
+ description:
+ - Indicates whether to create or remove the object.
+ type: str
+ required: true
+ choices:
+ - present
+ - absent
+ version_added: 2.9
report_style:
description:
- Report style configuration.
default: null
+ type: dict
suboptions:
- state:
- description:
- - Indicates whether to create or remove the object
- choices:
- - present
- - absent
align:
description:
- Alignment.
+ type: str
choices:
- left
- center
- right
- justify
- bg-color:
+ bg_color:
description:
- Background color.
- border-bottom:
+ type: str
+ border_bottom:
description:
- Border bottom.
- border-left:
+ type: str
+ border_left:
description:
- Border left.
- border-right:
+ type: str
+ border_right:
description:
- Border right.
- border-top:
+ type: str
+ border_top:
description:
- Border top.
- column-gap:
+ type: str
+ column_gap:
description:
- Column gap.
- column-span:
+ type: str
+ column_span:
description:
- Column span.
+ type: str
choices:
- none
- all
- fg-color:
+ fg_color:
description:
- Foreground color.
- font-family:
+ type: str
+ font_family:
description:
- Font family.
+ type: str
choices:
- Verdana
- Arial
- Helvetica
- Courier
- Times
- font-size:
+ font_size:
description:
- Font size.
- font-style:
+ type: str
+ font_style:
description:
- Font style.
+ type: str
choices:
- normal
- italic
- font-weight:
+ font_weight:
description:
- Font weight.
+ type: str
choices:
- normal
- bold
height:
description:
- Height.
- line-height:
+ type: str
+ line_height:
description:
- Text line height.
- margin-bottom:
+ type: str
+ margin_bottom:
description:
- Margin bottom.
- margin-left:
+ type: str
+ margin_left:
description:
- Margin left.
- margin-right:
+ type: str
+ margin_right:
description:
- Margin right.
- margin-top:
+ type: str
+ margin_top:
description:
- Margin top.
+ type: str
name:
description:
- Report style name.
required: true
+ type: str
options:
description:
- Report style options.
+ type: str
choices:
- font
- text
@@ -172,21 +203,26 @@ options:
- border
- padding
- column
- padding-bottom:
+ padding_bottom:
description:
- Padding bottom.
- padding-left:
+ type: str
+ padding_left:
description:
- Padding left.
- padding-right:
+ type: str
+ padding_right:
description:
- Padding right.
- padding-top:
+ type: str
+ padding_top:
description:
- Padding top.
+ type: str
width:
description:
- Width.
+ type: str
'''
EXAMPLES = '''
@@ -196,6 +232,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Report style configuration.
fortios_report_style:
@@ -204,33 +241,33 @@ EXAMPLES = '''
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
+ state: "present"
report_style:
- state: "present"
align: "left"
- bg-color: ""
- border-bottom: ""
- border-left: ""
- border-right: ""
- border-top: ""
- column-gap: ""
- column-span: "none"
- fg-color: ""
- font-family: "Verdana"
- font-size: ""
- font-style: "normal"
- font-weight: "normal"
+ bg_color: ""
+ border_bottom: ""
+ border_left: ""
+ border_right: ""
+ border_top: ""
+ column_gap: ""
+ column_span: "none"
+ fg_color: ""
+ font_family: "Verdana"
+ font_size: ""
+ font_style: "normal"
+ font_weight: "normal"
height: ""
- line-height: ""
- margin-bottom: ""
- margin-left: ""
- margin-right: ""
- margin-top: ""
+ line_height: ""
+ margin_bottom: ""
+ margin_left: ""
+ margin_right: ""
+ margin_top: ""
name: "default_name_22"
options: "font"
- padding-bottom: ""
- padding-left: ""
- padding-right: ""
- padding-top: ""
+ padding_bottom: ""
+ padding_left: ""
+ padding_right: ""
+ padding_top: ""
width: ""
'''
@@ -294,14 +331,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -309,19 +348,19 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_report_style_data(json):
- option_list = ['align', 'bg-color', 'border-bottom',
- 'border-left', 'border-right', 'border-top',
- 'column-gap', 'column-span', 'fg-color',
- 'font-family', 'font-size', 'font-style',
- 'font-weight', 'height', 'line-height',
- 'margin-bottom', 'margin-left', 'margin-right',
- 'margin-top', 'name', 'options',
- 'padding-bottom', 'padding-left', 'padding-right',
- 'padding-top', 'width']
+ option_list = ['align', 'bg_color', 'border_bottom',
+ 'border_left', 'border_right', 'border_top',
+ 'column_gap', 'column_span', 'fg_color',
+ 'font_family', 'font_size', 'font_style',
+ 'font_weight', 'height', 'line_height',
+ 'margin_bottom', 'margin_left', 'margin_right',
+ 'margin_top', 'name', 'options',
+ 'padding_bottom', 'padding_left', 'padding_right',
+ 'padding_top', 'width']
dictionary = {}
for attribute in option_list:
@@ -331,96 +370,101 @@ def filter_report_style_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
def report_style(data, fos):
vdom = data['vdom']
+ state = data['state']
report_style_data = data['report_style']
- flattened_data = flatten_multilists_attributes(report_style_data)
- filtered_data = filter_report_style_data(flattened_data)
- if report_style_data['state'] == "present":
+ filtered_data = underscore_to_hyphen(filter_report_style_data(report_style_data))
+
+ if state == "present":
return fos.set('report',
'style',
data=filtered_data,
vdom=vdom)
- elif report_style_data['state'] == "absent":
+ elif state == "absent":
return fos.delete('report',
'style',
mkey=filtered_data['name'],
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_report(data, fos):
- login(data)
if data['report_style']:
resp = report_style(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
+ "state": {"required": True, "type": "str",
+ "choices": ["present", "absent"]},
"report_style": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
- "state": {"required": True, "type": "str",
- "choices": ["present", "absent"]},
"align": {"required": False, "type": "str",
"choices": ["left", "center", "right",
"justify"]},
- "bg-color": {"required": False, "type": "str"},
- "border-bottom": {"required": False, "type": "str"},
- "border-left": {"required": False, "type": "str"},
- "border-right": {"required": False, "type": "str"},
- "border-top": {"required": False, "type": "str"},
- "column-gap": {"required": False, "type": "str"},
- "column-span": {"required": False, "type": "str",
+ "bg_color": {"required": False, "type": "str"},
+ "border_bottom": {"required": False, "type": "str"},
+ "border_left": {"required": False, "type": "str"},
+ "border_right": {"required": False, "type": "str"},
+ "border_top": {"required": False, "type": "str"},
+ "column_gap": {"required": False, "type": "str"},
+ "column_span": {"required": False, "type": "str",
"choices": ["none", "all"]},
- "fg-color": {"required": False, "type": "str"},
- "font-family": {"required": False, "type": "str",
+ "fg_color": {"required": False, "type": "str"},
+ "font_family": {"required": False, "type": "str",
"choices": ["Verdana", "Arial", "Helvetica",
"Courier", "Times"]},
- "font-size": {"required": False, "type": "str"},
- "font-style": {"required": False, "type": "str",
+ "font_size": {"required": False, "type": "str"},
+ "font_style": {"required": False, "type": "str",
"choices": ["normal", "italic"]},
- "font-weight": {"required": False, "type": "str",
+ "font_weight": {"required": False, "type": "str",
"choices": ["normal", "bold"]},
"height": {"required": False, "type": "str"},
- "line-height": {"required": False, "type": "str"},
- "margin-bottom": {"required": False, "type": "str"},
- "margin-left": {"required": False, "type": "str"},
- "margin-right": {"required": False, "type": "str"},
- "margin-top": {"required": False, "type": "str"},
+ "line_height": {"required": False, "type": "str"},
+ "margin_bottom": {"required": False, "type": "str"},
+ "margin_left": {"required": False, "type": "str"},
+ "margin_right": {"required": False, "type": "str"},
+ "margin_top": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"options": {"required": False, "type": "str",
"choices": ["font", "text", "color",
"align", "size", "margin",
"border", "padding", "column"]},
- "padding-bottom": {"required": False, "type": "str"},
- "padding-left": {"required": False, "type": "str"},
- "padding-right": {"required": False, "type": "str"},
- "padding-top": {"required": False, "type": "str"},
+ "padding_bottom": {"required": False, "type": "str"},
+ "padding_left": {"required": False, "type": "str"},
+ "padding_right": {"required": False, "type": "str"},
+ "padding_top": {"required": False, "type": "str"},
"width": {"required": False, "type": "str"}
}
@@ -429,15 +473,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_report(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_report_theme.py b/lib/ansible/modules/network/fortios/fortios_report_theme.py
index d88f18d2b27..0928b98e920 100644
--- a/lib/ansible/modules/network/fortios/fortios_report_theme.py
+++ b/lib/ansible/modules/network/fortios/fortios_report_theme.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_report_theme
short_description: Report themes configuratio in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify report feature and theme category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,138 +41,181 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
+ state:
+ description:
+ - Indicates whether to create or remove the object.
+ type: str
+ required: true
+ choices:
+ - present
+ - absent
+ version_added: 2.9
report_theme:
description:
- Report themes configuration
default: null
+ type: dict
suboptions:
- state:
- description:
- - Indicates whether to create or remove the object
- choices:
- - present
- - absent
- bullet-list-style:
+ bullet_list_style:
description:
- Bullet list style.
- column-count:
+ type: str
+ column_count:
description:
- Report page column count.
+ type: str
choices:
- 1
- 2
- 3
- default-html-style:
+ default_html_style:
description:
- Default HTML report style.
- default-pdf-style:
+ type: str
+ default_pdf_style:
description:
- Default PDF report style.
- graph-chart-style:
+ type: str
+ graph_chart_style:
description:
- Graph chart style.
- heading1-style:
+ type: str
+ heading1_style:
description:
- Report heading style.
- heading2-style:
+ type: str
+ heading2_style:
description:
- Report heading style.
- heading3-style:
+ type: str
+ heading3_style:
description:
- Report heading style.
- heading4-style:
+ type: str
+ heading4_style:
description:
- Report heading style.
- hline-style:
+ type: str
+ hline_style:
description:
- Horizontal line style.
- image-style:
+ type: str
+ image_style:
description:
- Image style.
+ type: str
name:
description:
- Report theme name.
required: true
- normal-text-style:
+ type: str
+ normal_text_style:
description:
- Normal text style.
- numbered-list-style:
+ type: str
+ numbered_list_style:
description:
- Numbered list style.
- page-footer-style:
+ type: str
+ page_footer_style:
description:
- Report page footer style.
- page-header-style:
+ type: str
+ page_header_style:
description:
- Report page header style.
- page-orient:
+ type: str
+ page_orient:
description:
- Report page orientation.
+ type: str
choices:
- portrait
- landscape
- page-style:
+ page_style:
description:
- Report page style.
- report-subtitle-style:
+ type: str
+ report_subtitle_style:
description:
- Report subtitle style.
- report-title-style:
+ type: str
+ report_title_style:
description:
- Report title style.
- table-chart-caption-style:
+ type: str
+ table_chart_caption_style:
description:
- Table chart caption style.
- table-chart-even-row-style:
+ type: str
+ table_chart_even_row_style:
description:
- Table chart even row style.
- table-chart-head-style:
+ type: str
+ table_chart_head_style:
description:
- Table chart head row style.
- table-chart-odd-row-style:
+ type: str
+ table_chart_odd_row_style:
description:
- Table chart odd row style.
- table-chart-style:
+ type: str
+ table_chart_style:
description:
- Table chart style.
- toc-heading1-style:
+ type: str
+ toc_heading1_style:
description:
- Table of contents heading style.
- toc-heading2-style:
+ type: str
+ toc_heading2_style:
description:
- Table of contents heading style.
- toc-heading3-style:
+ type: str
+ toc_heading3_style:
description:
- Table of contents heading style.
- toc-heading4-style:
+ type: str
+ toc_heading4_style:
description:
- Table of contents heading style.
- toc-title-style:
+ type: str
+ toc_title_style:
description:
- Table of contents title style.
+ type: str
'''
EXAMPLES = '''
@@ -185,6 +225,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Report themes configuration
fortios_report_theme:
@@ -193,38 +234,38 @@ EXAMPLES = '''
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
+ state: "present"
report_theme:
- state: "present"
- bullet-list-style: ""
- column-count: "1"
- default-html-style: ""
- default-pdf-style: ""
- graph-chart-style: ""
- heading1-style: ""
- heading2-style: ""
- heading3-style: ""
- heading4-style: ""
- hline-style: ""
- image-style: ""
+ bullet_list_style: ""
+ column_count: "1"
+ default_html_style: ""
+ default_pdf_style: ""
+ graph_chart_style: ""
+ heading1_style: ""
+ heading2_style: ""
+ heading3_style: ""
+ heading4_style: ""
+ hline_style: ""
+ image_style: ""
name: "default_name_14"
- normal-text-style: ""
- numbered-list-style: ""
- page-footer-style: ""
- page-header-style: ""
- page-orient: "portrait"
- page-style: ""
- report-subtitle-style: ""
- report-title-style: ""
- table-chart-caption-style: ""
- table-chart-even-row-style: ""
- table-chart-head-style: ""
- table-chart-odd-row-style: ""
- table-chart-style: ""
- toc-heading1-style: ""
- toc-heading2-style: ""
- toc-heading3-style: ""
- toc-heading4-style: ""
- toc-title-style: ""
+ normal_text_style: ""
+ numbered_list_style: ""
+ page_footer_style: ""
+ page_header_style: ""
+ page_orient: "portrait"
+ page_style: ""
+ report_subtitle_style: ""
+ report_title_style: ""
+ table_chart_caption_style: ""
+ table_chart_even_row_style: ""
+ table_chart_head_style: ""
+ table_chart_odd_row_style: ""
+ table_chart_style: ""
+ toc_heading1_style: ""
+ toc_heading2_style: ""
+ toc_heading3_style: ""
+ toc_heading4_style: ""
+ toc_title_style: ""
'''
RETURN = '''
@@ -287,14 +328,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -302,20 +345,20 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_report_theme_data(json):
- option_list = ['bullet-list-style', 'column-count', 'default-html-style',
- 'default-pdf-style', 'graph-chart-style', 'heading1-style',
- 'heading2-style', 'heading3-style', 'heading4-style',
- 'hline-style', 'image-style', 'name',
- 'normal-text-style', 'numbered-list-style', 'page-footer-style',
- 'page-header-style', 'page-orient', 'page-style',
- 'report-subtitle-style', 'report-title-style', 'table-chart-caption-style',
- 'table-chart-even-row-style', 'table-chart-head-style', 'table-chart-odd-row-style',
- 'table-chart-style', 'toc-heading1-style', 'toc-heading2-style',
- 'toc-heading3-style', 'toc-heading4-style', 'toc-title-style']
+ option_list = ['bullet_list_style', 'column_count', 'default_html_style',
+ 'default_pdf_style', 'graph_chart_style', 'heading1_style',
+ 'heading2_style', 'heading3_style', 'heading4_style',
+ 'hline_style', 'image_style', 'name',
+ 'normal_text_style', 'numbered_list_style', 'page_footer_style',
+ 'page_header_style', 'page_orient', 'page_style',
+ 'report_subtitle_style', 'report_title_style', 'table_chart_caption_style',
+ 'table_chart_even_row_style', 'table_chart_head_style', 'table_chart_odd_row_style',
+ 'table_chart_style', 'toc_heading1_style', 'toc_heading2_style',
+ 'toc_heading3_style', 'toc_heading4_style', 'toc_title_style']
dictionary = {}
for attribute in option_list:
@@ -325,93 +368,98 @@ def filter_report_theme_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
def report_theme(data, fos):
vdom = data['vdom']
+ state = data['state']
report_theme_data = data['report_theme']
- flattened_data = flatten_multilists_attributes(report_theme_data)
- filtered_data = filter_report_theme_data(flattened_data)
- if report_theme_data['state'] == "present":
+ filtered_data = underscore_to_hyphen(filter_report_theme_data(report_theme_data))
+
+ if state == "present":
return fos.set('report',
'theme',
data=filtered_data,
vdom=vdom)
- elif report_theme_data['state'] == "absent":
+ elif state == "absent":
return fos.delete('report',
'theme',
mkey=filtered_data['name'],
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_report(data, fos):
- login(data)
if data['report_theme']:
resp = report_theme(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
+ "state": {"required": True, "type": "str",
+ "choices": ["present", "absent"]},
"report_theme": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
- "state": {"required": True, "type": "str",
- "choices": ["present", "absent"]},
- "bullet-list-style": {"required": False, "type": "str"},
- "column-count": {"required": False, "type": "str",
+ "bullet_list_style": {"required": False, "type": "str"},
+ "column_count": {"required": False, "type": "str",
"choices": ["1", "2", "3"]},
- "default-html-style": {"required": False, "type": "str"},
- "default-pdf-style": {"required": False, "type": "str"},
- "graph-chart-style": {"required": False, "type": "str"},
- "heading1-style": {"required": False, "type": "str"},
- "heading2-style": {"required": False, "type": "str"},
- "heading3-style": {"required": False, "type": "str"},
- "heading4-style": {"required": False, "type": "str"},
- "hline-style": {"required": False, "type": "str"},
- "image-style": {"required": False, "type": "str"},
+ "default_html_style": {"required": False, "type": "str"},
+ "default_pdf_style": {"required": False, "type": "str"},
+ "graph_chart_style": {"required": False, "type": "str"},
+ "heading1_style": {"required": False, "type": "str"},
+ "heading2_style": {"required": False, "type": "str"},
+ "heading3_style": {"required": False, "type": "str"},
+ "heading4_style": {"required": False, "type": "str"},
+ "hline_style": {"required": False, "type": "str"},
+ "image_style": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
- "normal-text-style": {"required": False, "type": "str"},
- "numbered-list-style": {"required": False, "type": "str"},
- "page-footer-style": {"required": False, "type": "str"},
- "page-header-style": {"required": False, "type": "str"},
- "page-orient": {"required": False, "type": "str",
+ "normal_text_style": {"required": False, "type": "str"},
+ "numbered_list_style": {"required": False, "type": "str"},
+ "page_footer_style": {"required": False, "type": "str"},
+ "page_header_style": {"required": False, "type": "str"},
+ "page_orient": {"required": False, "type": "str",
"choices": ["portrait", "landscape"]},
- "page-style": {"required": False, "type": "str"},
- "report-subtitle-style": {"required": False, "type": "str"},
- "report-title-style": {"required": False, "type": "str"},
- "table-chart-caption-style": {"required": False, "type": "str"},
- "table-chart-even-row-style": {"required": False, "type": "str"},
- "table-chart-head-style": {"required": False, "type": "str"},
- "table-chart-odd-row-style": {"required": False, "type": "str"},
- "table-chart-style": {"required": False, "type": "str"},
- "toc-heading1-style": {"required": False, "type": "str"},
- "toc-heading2-style": {"required": False, "type": "str"},
- "toc-heading3-style": {"required": False, "type": "str"},
- "toc-heading4-style": {"required": False, "type": "str"},
- "toc-title-style": {"required": False, "type": "str"}
+ "page_style": {"required": False, "type": "str"},
+ "report_subtitle_style": {"required": False, "type": "str"},
+ "report_title_style": {"required": False, "type": "str"},
+ "table_chart_caption_style": {"required": False, "type": "str"},
+ "table_chart_even_row_style": {"required": False, "type": "str"},
+ "table_chart_head_style": {"required": False, "type": "str"},
+ "table_chart_odd_row_style": {"required": False, "type": "str"},
+ "table_chart_style": {"required": False, "type": "str"},
+ "toc_heading1_style": {"required": False, "type": "str"},
+ "toc_heading2_style": {"required": False, "type": "str"},
+ "toc_heading3_style": {"required": False, "type": "str"},
+ "toc_heading4_style": {"required": False, "type": "str"},
+ "toc_title_style": {"required": False, "type": "str"}
}
}
@@ -419,15 +467,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_report(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_report(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_router_access_list.py b/lib/ansible/modules/network/fortios/fortios_router_access_list.py
index a2988e295d5..73ccb90965e 100644
--- a/lib/ansible/modules/network/fortios/fortios_router_access_list.py
+++ b/lib/ansible/modules/network/fortios/fortios_router_access_list.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_router_access_list
short_description: Configure access lists in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify router feature and access_list category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,76 +41,98 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
+ state:
+ description:
+ - Indicates whether to create or remove the object.
+ type: str
+ required: true
+ choices:
+ - present
+ - absent
+ version_added: 2.9
router_access_list:
description:
- Configure access lists.
default: null
+ type: dict
suboptions:
- state:
- description:
- - Indicates whether to create or remove the object
- choices:
- - present
- - absent
comments:
description:
- Comment.
+ type: str
name:
description:
- Name.
required: true
+ type: str
rule:
description:
- Rule.
+ type: list
suboptions:
action:
description:
- Permit or deny this IP address and netmask prefix.
+ type: str
choices:
- permit
- deny
- exact-match:
+ exact_match:
description:
- Enable/disable exact match.
+ type: str
choices:
- enable
- disable
flags:
description:
- Flags.
+ type: int
id:
description:
- Rule ID.
required: true
+ type: int
prefix:
description:
- IPv4 prefix to define regular filter criteria, such as "any" or subnets.
+ type: str
wildcard:
description:
- Wildcard to define Cisco-style wildcard filter criteria.
+ type: str
'''
EXAMPLES = '''
@@ -123,6 +142,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Configure access lists.
fortios_router_access_list:
@@ -131,14 +151,14 @@ EXAMPLES = '''
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
+ state: "present"
router_access_list:
- state: "present"
comments: ""
name: "default_name_4"
rule:
-
action: "permit"
- exact-match: "enable"
+ exact_match: "enable"
flags: "8"
id: "9"
prefix: ""
@@ -205,14 +225,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -220,7 +242,7 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_router_access_list_data(json):
@@ -234,68 +256,73 @@ def filter_router_access_list_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
def router_access_list(data, fos):
vdom = data['vdom']
+ state = data['state']
router_access_list_data = data['router_access_list']
- flattened_data = flatten_multilists_attributes(router_access_list_data)
- filtered_data = filter_router_access_list_data(flattened_data)
- if router_access_list_data['state'] == "present":
+ filtered_data = underscore_to_hyphen(filter_router_access_list_data(router_access_list_data))
+
+ if state == "present":
return fos.set('router',
'access-list',
data=filtered_data,
vdom=vdom)
- elif router_access_list_data['state'] == "absent":
+ elif state == "absent":
return fos.delete('router',
'access-list',
mkey=filtered_data['name'],
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_router(data, fos):
- login(data)
if data['router_access_list']:
resp = router_access_list(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
+ "state": {"required": True, "type": "str",
+ "choices": ["present", "absent"]},
"router_access_list": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
- "state": {"required": True, "type": "str",
- "choices": ["present", "absent"]},
"comments": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"},
"rule": {"required": False, "type": "list",
"options": {
"action": {"required": False, "type": "str",
"choices": ["permit", "deny"]},
- "exact-match": {"required": False, "type": "str",
+ "exact_match": {"required": False, "type": "str",
"choices": ["enable", "disable"]},
"flags": {"required": False, "type": "int"},
"id": {"required": True, "type": "int"},
@@ -309,15 +336,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_router(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_router_auth_path.py b/lib/ansible/modules/network/fortios/fortios_router_auth_path.py
index 5bf082ab198..aeb7f711752 100644
--- a/lib/ansible/modules/network/fortios/fortios_router_auth_path.py
+++ b/lib/ansible/modules/network/fortios/fortios_router_auth_path.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_router_auth_path
short_description: Configure authentication based routing in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify router feature and auth_path category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,50 +41,66 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
+ state:
+ description:
+ - Indicates whether to create or remove the object.
+ type: str
+ required: true
+ choices:
+ - present
+ - absent
+ version_added: 2.9
router_auth_path:
description:
- Configure authentication based routing.
default: null
+ type: dict
suboptions:
- state:
- description:
- - Indicates whether to create or remove the object
- choices:
- - present
- - absent
device:
description:
- Outgoing interface. Source system.interface.name.
+ type: str
gateway:
description:
- Gateway IP address.
+ type: str
name:
description:
- Name of the entry.
required: true
+ type: str
'''
EXAMPLES = '''
@@ -97,6 +110,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Configure authentication based routing.
fortios_router_auth_path:
@@ -105,8 +119,8 @@ EXAMPLES = '''
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
+ state: "present"
router_auth_path:
- state: "present"
device: " (source system.interface.name)"
gateway: ""
name: "default_name_5"
@@ -172,14 +186,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -187,7 +203,7 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_router_auth_path_data(json):
@@ -201,61 +217,66 @@ def filter_router_auth_path_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
def router_auth_path(data, fos):
vdom = data['vdom']
+ state = data['state']
router_auth_path_data = data['router_auth_path']
- flattened_data = flatten_multilists_attributes(router_auth_path_data)
- filtered_data = filter_router_auth_path_data(flattened_data)
- if router_auth_path_data['state'] == "present":
+ filtered_data = underscore_to_hyphen(filter_router_auth_path_data(router_auth_path_data))
+
+ if state == "present":
return fos.set('router',
'auth-path',
data=filtered_data,
vdom=vdom)
- elif router_auth_path_data['state'] == "absent":
+ elif state == "absent":
return fos.delete('router',
'auth-path',
mkey=filtered_data['name'],
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_router(data, fos):
- login(data)
if data['router_auth_path']:
resp = router_auth_path(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
+ "state": {"required": True, "type": "str",
+ "choices": ["present", "absent"]},
"router_auth_path": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
- "state": {"required": True, "type": "str",
- "choices": ["present", "absent"]},
"device": {"required": False, "type": "str"},
"gateway": {"required": False, "type": "str"},
"name": {"required": True, "type": "str"}
@@ -266,15 +287,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_router(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_router_bfd.py b/lib/ansible/modules/network/fortios/fortios_router_bfd.py
index faf40c7e176..c1fce847096 100644
--- a/lib/ansible/modules/network/fortios/fortios_router_bfd.py
+++ b/lib/ansible/modules/network/fortios/fortios_router_bfd.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_router_bfd
short_description: Configure BFD in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify router feature and bfd category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,45 +41,58 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
router_bfd:
description:
- Configure BFD.
default: null
+ type: dict
suboptions:
neighbor:
description:
- neighbor
+ type: list
suboptions:
interface:
description:
- Interface name. Source system.interface.name.
+ type: str
ip:
description:
- IPv4 address of the BFD neighbor.
required: true
+ type: str
'''
EXAMPLES = '''
@@ -92,6 +102,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Configure BFD.
fortios_router_bfd:
@@ -167,14 +178,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -182,7 +195,7 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_router_bfd_data(json):
@@ -196,17 +209,15 @@ def filter_router_bfd_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
@@ -214,33 +225,39 @@ def flatten_multilists_attributes(data):
def router_bfd(data, fos):
vdom = data['vdom']
router_bfd_data = data['router_bfd']
- flattened_data = flatten_multilists_attributes(router_bfd_data)
- filtered_data = filter_router_bfd_data(flattened_data)
+ filtered_data = underscore_to_hyphen(filter_router_bfd_data(router_bfd_data))
+
return fos.set('router',
'bfd',
data=filtered_data,
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_router(data, fos):
- login(data)
if data['router_bfd']:
resp = router_bfd(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
"router_bfd": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
"neighbor": {"required": False, "type": "list",
"options": {
@@ -254,15 +271,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_router(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_router_bfd6.py b/lib/ansible/modules/network/fortios/fortios_router_bfd6.py
index 4f855d465c4..b08803f91b6 100644
--- a/lib/ansible/modules/network/fortios/fortios_router_bfd6.py
+++ b/lib/ansible/modules/network/fortios/fortios_router_bfd6.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_router_bfd6
short_description: Configure IPv6 BFD in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify router feature and bfd6 category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,45 +41,57 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
router_bfd6:
description:
- Configure IPv6 BFD.
default: null
+ type: dict
suboptions:
neighbor:
description:
- Configure neighbor of IPv6 BFD.
+ type: list
suboptions:
interface:
description:
- Interface to the BFD neighbor. Source system.interface.name.
- ip6-address:
+ type: str
+ ip6_address:
description:
- IPv6 address of the BFD neighbor.
- required: true
+ type: str
'''
EXAMPLES = '''
@@ -92,6 +101,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Configure IPv6 BFD.
fortios_router_bfd6:
@@ -104,7 +114,7 @@ EXAMPLES = '''
neighbor:
-
interface: " (source system.interface.name)"
- ip6-address: ""
+ ip6_address: ""
'''
RETURN = '''
@@ -167,14 +177,16 @@ version:
'''
from ansible.module_utils.basic import AnsibleModule
-
-fos = None
+from ansible.module_utils.connection import Connection
+from ansible.module_utils.network.fortios.fortios import FortiOSHandler
+from ansible.module_utils.network.fortimanager.common import FAIL_SOCKET_MSG
-def login(data):
+def login(data, fos):
host = data['host']
username = data['username']
password = data['password']
+ ssl_verify = data['ssl_verify']
fos.debug('on')
if 'https' in data and not data['https']:
@@ -182,7 +194,7 @@ def login(data):
else:
fos.https('on')
- fos.login(host, username, password)
+ fos.login(host, username, password, verify=ssl_verify)
def filter_router_bfd6_data(json):
@@ -196,17 +208,15 @@ def filter_router_bfd6_data(json):
return dictionary
-def flatten_multilists_attributes(data):
- multilist_attrs = []
-
- for attr in multilist_attrs:
- try:
- path = "data['" + "']['".join(elem for elem in attr) + "']"
- current_val = eval(path)
- flattened_val = ' '.join(elem for elem in current_val)
- exec(path + '= flattened_val')
- except BaseException:
- pass
+def underscore_to_hyphen(data):
+ if isinstance(data, list):
+ for elem in data:
+ elem = underscore_to_hyphen(elem)
+ elif isinstance(data, dict):
+ new_data = {}
+ for k, v in data.items():
+ new_data[k.replace('_', '-')] = underscore_to_hyphen(v)
+ data = new_data
return data
@@ -214,38 +224,44 @@ def flatten_multilists_attributes(data):
def router_bfd6(data, fos):
vdom = data['vdom']
router_bfd6_data = data['router_bfd6']
- flattened_data = flatten_multilists_attributes(router_bfd6_data)
- filtered_data = filter_router_bfd6_data(flattened_data)
+ filtered_data = underscore_to_hyphen(filter_router_bfd6_data(router_bfd6_data))
+
return fos.set('router',
'bfd6',
data=filtered_data,
vdom=vdom)
+def is_successful_status(status):
+ return status['status'] == "success" or \
+ status['http_method'] == "DELETE" and status['http_status'] == 404
+
+
def fortios_router(data, fos):
- login(data)
if data['router_bfd6']:
resp = router_bfd6(data, fos)
- fos.logout()
- return not resp['status'] == "success", resp['status'] == "success", resp
+ return not is_successful_status(resp), \
+ resp['status'] == "success", \
+ resp
def main():
fields = {
- "host": {"required": True, "type": "str"},
- "username": {"required": True, "type": "str"},
- "password": {"required": False, "type": "str", "no_log": True},
+ "host": {"required": False, "type": "str"},
+ "username": {"required": False, "type": "str"},
+ "password": {"required": False, "type": "str", "default": "", "no_log": True},
"vdom": {"required": False, "type": "str", "default": "root"},
"https": {"required": False, "type": "bool", "default": True},
+ "ssl_verify": {"required": False, "type": "bool", "default": True},
"router_bfd6": {
- "required": False, "type": "dict",
+ "required": False, "type": "dict", "default": None,
"options": {
"neighbor": {"required": False, "type": "list",
"options": {
"interface": {"required": False, "type": "str"},
- "ip6-address": {"required": True, "type": "str"}
+ "ip6_address": {"required": False, "type": "str"}
}}
}
@@ -254,15 +270,31 @@ def main():
module = AnsibleModule(argument_spec=fields,
supports_check_mode=False)
- try:
- from fortiosapi import FortiOSAPI
- except ImportError:
- module.fail_json(msg="fortiosapi module is required")
- global fos
- fos = FortiOSAPI()
+ # legacy_mode refers to using fortiosapi instead of HTTPAPI
+ legacy_mode = 'host' in module.params and module.params['host'] is not None and \
+ 'username' in module.params and module.params['username'] is not None and \
+ 'password' in module.params and module.params['password'] is not None
+
+ if not legacy_mode:
+ if module._socket_path:
+ connection = Connection(module._socket_path)
+ fos = FortiOSHandler(connection)
+
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ else:
+ module.fail_json(**FAIL_SOCKET_MSG)
+ else:
+ try:
+ from fortiosapi import FortiOSAPI
+ except ImportError:
+ module.fail_json(msg="fortiosapi module is required")
+
+ fos = FortiOSAPI()
- is_error, has_changed, result = fortios_router(module.params, fos)
+ login(module.params, fos)
+ is_error, has_changed, result = fortios_router(module.params, fos)
+ fos.logout()
if not is_error:
module.exit_json(changed=has_changed, meta=result)
diff --git a/lib/ansible/modules/network/fortios/fortios_router_bgp.py b/lib/ansible/modules/network/fortios/fortios_router_bgp.py
index 7e94911136c..9c090de9560 100644
--- a/lib/ansible/modules/network/fortios/fortios_router_bgp.py
+++ b/lib/ansible/modules/network/fortios/fortios_router_bgp.py
@@ -14,9 +14,6 @@ from __future__ import (absolute_import, division, print_function)
#
# You should have received a copy of the GNU General Public License
# along with this program. If not, see .
-#
-# the lib use python logging can get it if the following is set in your
-# Ansible config.
__metaclass__ = type
@@ -29,10 +26,10 @@ DOCUMENTATION = '''
module: fortios_router_bgp
short_description: Configure BGP in Fortinet's FortiOS and FortiGate.
description:
- - This module is able to configure a FortiGate or FortiOS by allowing the
+ - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the
user to set and modify router feature and bgp category.
Examples include all parameters and values need to be adjusted to datasources before usage.
- Tested with FOS v6.0.2
+ Tested with FOS v6.0.5
version_added: "2.8"
author:
- Miguel Angel Munoz (@mamunozgonzalez)
@@ -44,58 +41,75 @@ requirements:
- fortiosapi>=0.9.8
options:
host:
- description:
- - FortiOS or FortiGate ip address.
- required: true
+ description:
+ - FortiOS or FortiGate IP address.
+ type: str
+ required: false
username:
description:
- FortiOS or FortiGate username.
- required: true
+ type: str
+ required: false
password:
description:
- FortiOS or FortiGate password.
+ type: str
default: ""
vdom:
description:
- Virtual domain, among those defined previously. A vdom is a
virtual instance of the FortiGate that can be configured and
used as a different unit.
+ type: str
default: root
https:
description:
- - Indicates if the requests towards FortiGate must use HTTPS
- protocol
+ - Indicates if the requests towards FortiGate must use HTTPS protocol.
+ type: bool
+ default: true
+ ssl_verify:
+ description:
+ - Ensures FortiGate certificate must be verified by a proper CA.
type: bool
default: true
+ version_added: 2.9
router_bgp:
description:
- Configure BGP.
default: null
+ type: dict
suboptions:
- admin-distance:
+ admin_distance:
description:
- Administrative distance modifications.
+ type: list
suboptions:
distance:
description:
- Administrative distance to apply (1 - 255).
+ type: int
id:
description:
- ID.
required: true
- neighbour-prefix:
+ type: int
+ neighbour_prefix:
description:
- Neighbor address prefix.
- route-list:
+ type: str
+ route_list:
description:
- Access list of routes to apply new distance to. Source router.access-list.name.
- aggregate-address:
+ type: str
+ aggregate_address:
description:
- BGP aggregate address table.
+ type: list
suboptions:
- as-set:
+ as_set:
description:
- Enable/disable generate AS set path information.
+ type: str
choices:
- enable
- disable
@@ -103,22 +117,27 @@ options:
description:
- ID.
required: true
+ type: int
prefix:
description:
- Aggregate prefix.
- summary-only:
+ type: str
+ summary_only:
description:
- Enable/disable filter more specific routes from updates.
+ type: str
choices:
- enable
- disable
- aggregate-address6:
+ aggregate_address6:
description:
- BGP IPv6 aggregate address table.
+ type: list
suboptions:
- as-set:
+ as_set:
description:
- Enable/disable generate AS set path information.
+ type: str
choices:
- enable
- disable
@@ -126,238 +145,290 @@ options:
description:
- ID.
required: true
+ type: int
prefix6:
description:
- Aggregate IPv6 prefix.
- summary-only:
+ type: str
+ summary_only:
description:
- Enable/disable filter more specific routes from updates.
+ type: str
choices:
- enable
- disable
- always-compare-med:
+ always_compare_med:
description:
- Enable/disable always compare MED.
+ type: str
choices:
- enable
- disable
as:
description:
- Router AS number, valid from 1 to 4294967295, 0 to disable BGP.
- bestpath-as-path-ignore:
+ type: int
+ bestpath_as_path_ignore:
description:
- Enable/disable ignore AS path.
+ type: str
choices:
- enable
- disable
- bestpath-cmp-confed-aspath:
+ bestpath_cmp_confed_aspath:
description:
- Enable/disable compare federation AS path length.
+ type: str
choices:
- enable
- disable
- bestpath-cmp-routerid:
+ bestpath_cmp_routerid:
description:
- Enable/disable compare router ID for identical EBGP paths.
+ type: str
choices:
- enable
- disable
- bestpath-med-confed:
+ bestpath_med_confed:
description:
- Enable/disable compare MED among confederation paths.
+ type: str
choices:
- enable
- disable
- bestpath-med-missing-as-worst:
+ bestpath_med_missing_as_worst:
description:
- Enable/disable treat missing MED as least preferred.
+ type: str
choices:
- enable
- disable
- client-to-client-reflection:
+ client_to_client_reflection:
description:
- Enable/disable client-to-client route reflection.
+ type: str
choices:
- enable
- disable
- cluster-id:
+ cluster_id:
description:
- Route reflector cluster ID.
- confederation-identifier:
+ type: str
+ confederation_identifier:
description:
- Confederation identifier.
- confederation-peers:
+ type: int
+ confederation_peers:
description:
- Confederation peers.
+ type: list
suboptions:
peer:
description:
- Peer ID.
required: true
+ type: str
dampening:
description:
- Enable/disable route-flap dampening.
+ type: str
choices:
- enable
- disable
- dampening-max-suppress-time:
+ dampening_max_suppress_time:
description:
- Maximum minutes a route can be suppressed.
- dampening-reachability-half-life:
+ type: int
+ dampening_reachability_half_life:
description:
- Reachability half-life time for penalty (min).
- dampening-reuse:
+ type: int
+ dampening_reuse:
description:
- Threshold to reuse routes.
- dampening-route-map:
+ type: int
+ dampening_route_map:
description:
- Criteria for dampening. Source router.route-map.name.
- dampening-suppress:
+ type: str
+ dampening_suppress:
description:
- Threshold to suppress routes.
- dampening-unreachability-half-life:
+ type: int
+ dampening_unreachability_half_life:
description:
- Unreachability half-life time for penalty (min).
- default-local-preference:
+ type: int
+ default_local_preference:
description:
- Default local preference.
- deterministic-med:
+ type: int
+ deterministic_med:
description:
- Enable/disable enforce deterministic comparison of MED.
+ type: str
choices:
- enable
- disable
- distance-external:
+ distance_external:
description:
- Distance for routes external to the AS.
- distance-internal:
+ type: int
+ distance_internal:
description:
- Distance for routes internal to the AS.
- distance-local:
+ type: int
+ distance_local:
description:
- Distance for routes local to the AS.
- ebgp-multipath:
+ type: int
+ ebgp_multipath:
description:
- Enable/disable EBGP multi-path.
+ type: str
choices:
- enable
- disable
- enforce-first-as:
+ enforce_first_as:
description:
- Enable/disable enforce first AS for EBGP routes.
+ type: str
choices:
- enable
- disable
- fast-external-failover:
+ fast_external_failover:
description:
- Enable/disable reset peer BGP session if link goes down.
+ type: str
choices:
- enable
- disable
- graceful-end-on-timer:
+ graceful_end_on_timer:
description:
- Enable/disable to exit graceful restart on timer only.
+ type: str
choices:
- enable
- disable
- graceful-restart:
+ graceful_restart:
description:
- Enable/disable BGP graceful restart capabilities.
+ type: str
choices:
- enable
- disable
- graceful-restart-time:
+ graceful_restart_time:
description:
- Time needed for neighbors to restart (sec).
- graceful-stalepath-time:
+ type: int
+ graceful_stalepath_time:
description:
- Time to hold stale paths of restarting neighbor (sec).
- graceful-update-delay:
+ type: int
+ graceful_update_delay:
description:
- Route advertisement/selection delay after restart (sec).
- holdtime-timer:
+ type: int
+ holdtime_timer:
description:
- Number of seconds to mark peer as dead.
- ibgp-multipath:
+ type: int
+ ibgp_multipath:
description:
- Enable/disable IBGP multi-path.
+ type: str
choices:
- enable
- disable
- ignore-optional-capability:
+ ignore_optional_capability:
description:
- Don't send unknown optional capability notification message
+ type: str
choices:
- enable
- disable
- keepalive-timer:
+ keepalive_timer:
description:
- Frequency to send keep alive requests.
- log-neighbour-changes:
+ type: int
+ log_neighbour_changes:
description:
- Enable logging of BGP neighbour's changes
+ type: str
choices:
- enable
- disable
neighbor:
description:
- BGP neighbor table.
+ type: list
suboptions:
activate:
description:
- Enable/disable address family IPv4 for this neighbor.
+ type: str
choices:
- enable
- disable
activate6:
description:
- Enable/disable address family IPv6 for this neighbor.
+ type: str
choices:
- enable
- disable
- advertisement-interval:
+ advertisement_interval:
description:
- Minimum interval (sec) between sending updates.
- allowas-in:
+ type: int
+ allowas_in:
description:
- IPv4 The maximum number of occurrence of my AS number allowed.
- allowas-in-enable:
+ type: int
+ allowas_in_enable:
description:
- Enable/disable IPv4 Enable to allow my AS in AS path.
+ type: str
choices:
- enable
- disable
- allowas-in-enable6:
+ allowas_in_enable6:
description:
- Enable/disable IPv6 Enable to allow my AS in AS path.
+ type: str
choices:
- enable
- disable
- allowas-in6:
+ allowas_in6:
description:
- IPv6 The maximum number of occurrence of my AS number allowed.
- as-override:
+ type: int
+ as_override:
description:
- Enable/disable replace peer AS with own AS for IPv4.
+ type: str
choices:
- enable
- disable
- as-override6:
+ as_override6:
description:
- Enable/disable replace peer AS with own AS for IPv6.
+ type: str
choices:
- enable
- disable
- attribute-unchanged:
+ attribute_unchanged:
description:
- IPv4 List of attributes that should be unchanged.
+ type: str
choices:
- as-path
- med
- next-hop
- attribute-unchanged6:
+ attribute_unchanged6:
description:
- IPv6 List of attributes that should be unchanged.
+ type: str
choices:
- as-path
- med
@@ -365,294 +436,359 @@ options:
bfd:
description:
- Enable/disable BFD for this neighbor.
+ type: str
choices:
- enable
- disable
- capability-default-originate:
+ capability_default_originate:
description:
- Enable/disable advertise default IPv4 route to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-default-originate6:
+ capability_default_originate6:
description:
- Enable/disable advertise default IPv6 route to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-dynamic:
+ capability_dynamic:
description:
- Enable/disable advertise dynamic capability to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-graceful-restart:
+ capability_graceful_restart:
description:
- Enable/disable advertise IPv4 graceful restart capability to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-graceful-restart6:
+ capability_graceful_restart6:
description:
- Enable/disable advertise IPv6 graceful restart capability to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-orf:
+ capability_orf:
description:
- Accept/Send IPv4 ORF lists to/from this neighbor.
+ type: str
choices:
- none
- receive
- send
- both
- capability-orf6:
+ capability_orf6:
description:
- Accept/Send IPv6 ORF lists to/from this neighbor.
+ type: str
choices:
- none
- receive
- send
- both
- capability-route-refresh:
+ capability_route_refresh:
description:
- Enable/disable advertise route refresh capability to this neighbor.
+ type: str
choices:
- enable
- disable
- conditional-advertise:
+ conditional_advertise:
description:
- Conditional advertisement.
+ type: list
suboptions:
- advertise-routemap:
+ advertise_routemap:
description:
- Name of advertising route map. Source router.route-map.name.
- required: true
- condition-routemap:
+ type: str
+ condition_routemap:
description:
- Name of condition route map. Source router.route-map.name.
- condition-type:
+ type: str
+ condition_type:
description:
- Type of condition.
+ type: str
choices:
- exist
- non-exist
- connect-timer:
+ connect_timer:
description:
- Interval (sec) for connect timer.
- default-originate-routemap:
+ type: int
+ default_originate_routemap:
description:
- Route map to specify criteria to originate IPv4 default. Source router.route-map.name.
- default-originate-routemap6:
+ type: str
+ default_originate_routemap6:
description:
- Route map to specify criteria to originate IPv6 default. Source router.route-map.name.
+ type: str
description:
description:
- Description.
- distribute-list-in:
+ type: str
+ distribute_list_in:
description:
- Filter for IPv4 updates from this neighbor. Source router.access-list.name.
- distribute-list-in6:
+ type: str
+ distribute_list_in6:
description:
- Filter for IPv6 updates from this neighbor. Source router.access-list6.name.
- distribute-list-out:
+ type: str
+ distribute_list_out:
description:
- Filter for IPv4 updates to this neighbor. Source router.access-list.name.
- distribute-list-out6:
+ type: str
+ distribute_list_out6:
description:
- Filter for IPv6 updates to this neighbor. Source router.access-list6.name.
- dont-capability-negotiate:
+ type: str
+ dont_capability_negotiate:
description:
- Don't negotiate capabilities with this neighbor
+ type: str
choices:
- enable
- disable
- ebgp-enforce-multihop:
+ ebgp_enforce_multihop:
description:
- Enable/disable allow multi-hop EBGP neighbors.
+ type: str
choices:
- enable
- disable
- ebgp-multihop-ttl:
+ ebgp_multihop_ttl:
description:
- EBGP multihop TTL for this peer.
- filter-list-in:
+ type: int
+ filter_list_in:
description:
- BGP filter for IPv4 inbound routes. Source router.aspath-list.name.
- filter-list-in6:
+ type: str
+ filter_list_in6:
description:
- BGP filter for IPv6 inbound routes. Source router.aspath-list.name.
- filter-list-out:
+ type: str
+ filter_list_out:
description:
- BGP filter for IPv4 outbound routes. Source router.aspath-list.name.
- filter-list-out6:
+ type: str
+ filter_list_out6:
description:
- BGP filter for IPv6 outbound routes. Source router.aspath-list.name.
- holdtime-timer:
+ type: str
+ holdtime_timer:
description:
- Interval (sec) before peer considered dead.
+ type: int
interface:
description:
- Interface Source system.interface.name.
+ type: str
ip:
description:
- IP/IPv6 address of neighbor.
required: true
- keep-alive-timer:
+ type: str
+ keep_alive_timer:
description:
- Keep alive timer interval (sec).
- link-down-failover:
+ type: int
+ link_down_failover:
description:
- Enable/disable failover upon link down.
+ type: str
choices:
- enable
- disable
- local-as:
+ local_as:
description:
- Local AS number of neighbor.
- local-as-no-prepend:
+ type: int
+ local_as_no_prepend:
description:
- Do not prepend local-as to incoming updates.
+ type: str
choices:
- enable
- disable
- local-as-replace-as:
+ local_as_replace_as:
description:
- Replace real AS with local-as in outgoing updates.
+ type: str
choices:
- enable
- disable
- maximum-prefix:
+ maximum_prefix:
description:
- Maximum number of IPv4 prefixes to accept from this peer.
- maximum-prefix-threshold:
+ type: int
+ maximum_prefix_threshold:
description:
- Maximum IPv4 prefix threshold value (1 - 100 percent).
- maximum-prefix-threshold6:
+ type: int
+ maximum_prefix_threshold6:
description:
- Maximum IPv6 prefix threshold value (1 - 100 percent).
- maximum-prefix-warning-only:
+ type: int
+ maximum_prefix_warning_only:
description:
- Enable/disable IPv4 Only give warning message when limit is exceeded.
+ type: str
choices:
- enable
- disable
- maximum-prefix-warning-only6:
+ maximum_prefix_warning_only6:
description:
- Enable/disable IPv6 Only give warning message when limit is exceeded.
+ type: str
choices:
- enable
- disable
- maximum-prefix6:
+ maximum_prefix6:
description:
- Maximum number of IPv6 prefixes to accept from this peer.
- next-hop-self:
+ type: int
+ next_hop_self:
description:
- Enable/disable IPv4 next-hop calculation for this neighbor.
+ type: str
choices:
- enable
- disable
- next-hop-self6:
+ next_hop_self6:
description:
- Enable/disable IPv6 next-hop calculation for this neighbor.
+ type: str
choices:
- enable
- disable
- override-capability:
+ override_capability:
description:
- Enable/disable override result of capability negotiation.
+ type: str
choices:
- enable
- disable
passive:
description:
- Enable/disable sending of open messages to this neighbor.
+ type: str
choices:
- enable
- disable
password:
description:
- Password used in MD5 authentication.
- prefix-list-in:
+ type: str
+ prefix_list_in:
description:
- IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name.
- prefix-list-in6:
+ type: str
+ prefix_list_in6:
description:
- IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name.
- prefix-list-out:
+ type: str
+ prefix_list_out:
description:
- IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name.
- prefix-list-out6:
+ type: str
+ prefix_list_out6:
description:
- IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name.
- remote-as:
+ type: str
+ remote_as:
description:
- AS number of neighbor.
- remove-private-as:
+ type: int
+ remove_private_as:
description:
- Enable/disable remove private AS number from IPv4 outbound updates.
+ type: str
choices:
- enable
- disable
- remove-private-as6:
+ remove_private_as6:
description:
- Enable/disable remove private AS number from IPv6 outbound updates.
+ type: str
choices:
- enable
- disable
- restart-time:
+ restart_time:
description:
- Graceful restart delay time (sec, 0 = global default).
- retain-stale-time:
+ type: int
+ retain_stale_time:
description:
- Time to retain stale routes.
- route-map-in:
+ type: int
+ route_map_in:
description:
- IPv4 Inbound route map filter. Source router.route-map.name.
- route-map-in6:
+ type: str
+ route_map_in6:
description:
- IPv6 Inbound route map filter. Source router.route-map.name.
- route-map-out:
+ type: str
+ route_map_out:
description:
- IPv4 Outbound route map filter. Source router.route-map.name.
- route-map-out6:
+ type: str
+ route_map_out6:
description:
- IPv6 Outbound route map filter. Source router.route-map.name.
- route-reflector-client:
+ type: str
+ route_reflector_client:
description:
- Enable/disable IPv4 AS route reflector client.
+ type: str
choices:
- enable
- disable
- route-reflector-client6:
+ route_reflector_client6:
description:
- Enable/disable IPv6 AS route reflector client.
+ type: str
choices:
- enable
- disable
- route-server-client:
+ route_server_client:
description:
- Enable/disable IPv4 AS route server client.
+ type: str
choices:
- enable
- disable
- route-server-client6:
+ route_server_client6:
description:
- Enable/disable IPv6 AS route server client.
+ type: str
choices:
- enable
- disable
- send-community:
+ send_community:
description:
- IPv4 Send community attribute to neighbor.
+ type: str
choices:
- standard
- extended
- both
- disable
- send-community6:
+ send_community6:
description:
- IPv6 Send community attribute to neighbor.
+ type: str
choices:
- standard
- extended
@@ -661,104 +797,125 @@ options:
shutdown:
description:
- Enable/disable shutdown this neighbor.
+ type: str
choices:
- enable
- disable
- soft-reconfiguration:
+ soft_reconfiguration:
description:
- Enable/disable allow IPv4 inbound soft reconfiguration.
+ type: str
choices:
- enable
- disable
- soft-reconfiguration6:
+ soft_reconfiguration6:
description:
- Enable/disable allow IPv6 inbound soft reconfiguration.
+ type: str
choices:
- enable
- disable
- stale-route:
+ stale_route:
description:
- Enable/disable stale route after neighbor down.
+ type: str
choices:
- enable
- disable
- strict-capability-match:
+ strict_capability_match:
description:
- Enable/disable strict capability matching.
+ type: str
choices:
- enable
- disable
- unsuppress-map:
+ unsuppress_map:
description:
- IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
- unsuppress-map6:
+ type: str
+ unsuppress_map6:
description:
- IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
- update-source:
+ type: str
+ update_source:
description:
- Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name.
+ type: str
weight:
description:
- Neighbor weight.
- neighbor-group:
+ type: int
+ neighbor_group:
description:
- BGP neighbor group table.
+ type: list
suboptions:
activate:
description:
- Enable/disable address family IPv4 for this neighbor.
+ type: str
choices:
- enable
- disable
activate6:
description:
- Enable/disable address family IPv6 for this neighbor.
+ type: str
choices:
- enable
- disable
- advertisement-interval:
+ advertisement_interval:
description:
- Minimum interval (sec) between sending updates.
- allowas-in:
+ type: int
+ allowas_in:
description:
- IPv4 The maximum number of occurrence of my AS number allowed.
- allowas-in-enable:
+ type: int
+ allowas_in_enable:
description:
- Enable/disable IPv4 Enable to allow my AS in AS path.
+ type: str
choices:
- enable
- disable
- allowas-in-enable6:
+ allowas_in_enable6:
description:
- Enable/disable IPv6 Enable to allow my AS in AS path.
+ type: str
choices:
- enable
- disable
- allowas-in6:
+ allowas_in6:
description:
- IPv6 The maximum number of occurrence of my AS number allowed.
- as-override:
+ type: int
+ as_override:
description:
- Enable/disable replace peer AS with own AS for IPv4.
+ type: str
choices:
- enable
- disable
- as-override6:
+ as_override6:
description:
- Enable/disable replace peer AS with own AS for IPv6.
+ type: str
choices:
- enable
- disable
- attribute-unchanged:
+ attribute_unchanged:
description:
- IPv4 List of attributes that should be unchanged.
+ type: str
choices:
- as-path
- med
- next-hop
- attribute-unchanged6:
+ attribute_unchanged6:
description:
- IPv6 List of attributes that should be unchanged.
+ type: str
choices:
- as-path
- med
@@ -766,274 +923,335 @@ options:
bfd:
description:
- Enable/disable BFD for this neighbor.
+ type: str
choices:
- enable
- disable
- capability-default-originate:
+ capability_default_originate:
description:
- Enable/disable advertise default IPv4 route to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-default-originate6:
+ capability_default_originate6:
description:
- Enable/disable advertise default IPv6 route to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-dynamic:
+ capability_dynamic:
description:
- Enable/disable advertise dynamic capability to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-graceful-restart:
+ capability_graceful_restart:
description:
- Enable/disable advertise IPv4 graceful restart capability to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-graceful-restart6:
+ capability_graceful_restart6:
description:
- Enable/disable advertise IPv6 graceful restart capability to this neighbor.
+ type: str
choices:
- enable
- disable
- capability-orf:
+ capability_orf:
description:
- Accept/Send IPv4 ORF lists to/from this neighbor.
+ type: str
choices:
- none
- receive
- send
- both
- capability-orf6:
+ capability_orf6:
description:
- Accept/Send IPv6 ORF lists to/from this neighbor.
+ type: str
choices:
- none
- receive
- send
- both
- capability-route-refresh:
+ capability_route_refresh:
description:
- Enable/disable advertise route refresh capability to this neighbor.
+ type: str
choices:
- enable
- disable
- connect-timer:
+ connect_timer:
description:
- Interval (sec) for connect timer.
- default-originate-routemap:
+ type: int
+ default_originate_routemap:
description:
- Route map to specify criteria to originate IPv4 default. Source router.route-map.name.
- default-originate-routemap6:
+ type: str
+ default_originate_routemap6:
description:
- Route map to specify criteria to originate IPv6 default. Source router.route-map.name.
+ type: str
description:
description:
- Description.
- distribute-list-in:
+ type: str
+ distribute_list_in:
description:
- Filter for IPv4 updates from this neighbor. Source router.access-list.name.
- distribute-list-in6:
+ type: str
+ distribute_list_in6:
description:
- Filter for IPv6 updates from this neighbor. Source router.access-list6.name.
- distribute-list-out:
+ type: str
+ distribute_list_out:
description:
- Filter for IPv4 updates to this neighbor. Source router.access-list.name.
- distribute-list-out6:
+ type: str
+ distribute_list_out6:
description:
- Filter for IPv6 updates to this neighbor. Source router.access-list6.name.
- dont-capability-negotiate:
+ type: str
+ dont_capability_negotiate:
description:
- Don't negotiate capabilities with this neighbor
+ type: str
choices:
- enable
- disable
- ebgp-enforce-multihop:
+ ebgp_enforce_multihop:
description:
- Enable/disable allow multi-hop EBGP neighbors.
+ type: str
choices:
- enable
- disable
- ebgp-multihop-ttl:
+ ebgp_multihop_ttl:
description:
- EBGP multihop TTL for this peer.
- filter-list-in:
+ type: int
+ filter_list_in:
description:
- BGP filter for IPv4 inbound routes. Source router.aspath-list.name.
- filter-list-in6:
+ type: str
+ filter_list_in6:
description:
- BGP filter for IPv6 inbound routes. Source router.aspath-list.name.
- filter-list-out:
+ type: str
+ filter_list_out:
description:
- BGP filter for IPv4 outbound routes. Source router.aspath-list.name.
- filter-list-out6:
+ type: str
+ filter_list_out6:
description:
- BGP filter for IPv6 outbound routes. Source router.aspath-list.name.
- holdtime-timer:
+ type: str
+ holdtime_timer:
description:
- Interval (sec) before peer considered dead.
+ type: int
interface:
description:
- Interface Source system.interface.name.
- keep-alive-timer:
+ type: str
+ keep_alive_timer:
description:
- Keep alive timer interval (sec).
- link-down-failover:
+ type: int
+ link_down_failover:
description:
- Enable/disable failover upon link down.
+ type: str
choices:
- enable
- disable
- local-as:
+ local_as:
description:
- Local AS number of neighbor.
- local-as-no-prepend:
+ type: int
+ local_as_no_prepend:
description:
- Do not prepend local-as to incoming updates.
+ type: str
choices:
- enable
- disable
- local-as-replace-as:
+ local_as_replace_as:
description:
- Replace real AS with local-as in outgoing updates.
+ type: str
choices:
- enable
- disable
- maximum-prefix:
+ maximum_prefix:
description:
- Maximum number of IPv4 prefixes to accept from this peer.
- maximum-prefix-threshold:
+ type: int
+ maximum_prefix_threshold:
description:
- Maximum IPv4 prefix threshold value (1 - 100 percent).
- maximum-prefix-threshold6:
+ type: int
+ maximum_prefix_threshold6:
description:
- Maximum IPv6 prefix threshold value (1 - 100 percent).
- maximum-prefix-warning-only:
+ type: int
+ maximum_prefix_warning_only:
description:
- Enable/disable IPv4 Only give warning message when limit is exceeded.
+ type: str
choices:
- enable
- disable
- maximum-prefix-warning-only6:
+ maximum_prefix_warning_only6:
description:
- Enable/disable IPv6 Only give warning message when limit is exceeded.
+ type: str
choices:
- enable
- disable
- maximum-prefix6:
+ maximum_prefix6:
description:
- Maximum number of IPv6 prefixes to accept from this peer.
+ type: int
name:
description:
- Neighbor group name.
required: true
- next-hop-self:
+ type: str
+ next_hop_self:
description:
- Enable/disable IPv4 next-hop calculation for this neighbor.
+ type: str
choices:
- enable
- disable
- next-hop-self6:
+ next_hop_self6:
description:
- Enable/disable IPv6 next-hop calculation for this neighbor.
+ type: str
choices:
- enable
- disable
- override-capability:
+ override_capability:
description:
- Enable/disable override result of capability negotiation.
+ type: str
choices:
- enable
- disable
passive:
description:
- Enable/disable sending of open messages to this neighbor.
+ type: str
choices:
- enable
- disable
- prefix-list-in:
+ prefix_list_in:
description:
- IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name.
- prefix-list-in6:
+ type: str
+ prefix_list_in6:
description:
- IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name.
- prefix-list-out:
+ type: str
+ prefix_list_out:
description:
- IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name.
- prefix-list-out6:
+ type: str
+ prefix_list_out6:
description:
- IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name.
- remote-as:
+ type: str
+ remote_as:
description:
- AS number of neighbor.
- remove-private-as:
+ type: int
+ remove_private_as:
description:
- Enable/disable remove private AS number from IPv4 outbound updates.
+ type: str
choices:
- enable
- disable
- remove-private-as6:
+ remove_private_as6:
description:
- Enable/disable remove private AS number from IPv6 outbound updates.
+ type: str
choices:
- enable
- disable
- restart-time:
+ restart_time:
description:
- Graceful restart delay time (sec, 0 = global default).
- retain-stale-time:
+ type: int
+ retain_stale_time:
description:
- Time to retain stale routes.
- route-map-in:
+ type: int
+ route_map_in:
description:
- IPv4 Inbound route map filter. Source router.route-map.name.
- route-map-in6:
+ type: str
+ route_map_in6:
description:
- IPv6 Inbound route map filter. Source router.route-map.name.
- route-map-out:
+ type: str
+ route_map_out:
description:
- IPv4 Outbound route map filter. Source router.route-map.name.
- route-map-out6:
+ type: str
+ route_map_out6:
description:
- IPv6 Outbound route map filter. Source router.route-map.name.
- route-reflector-client:
+ type: str
+ route_reflector_client:
description:
- Enable/disable IPv4 AS route reflector client.
+ type: str
choices:
- enable
- disable
- route-reflector-client6:
+ route_reflector_client6:
description:
- Enable/disable IPv6 AS route reflector client.
+ type: str
choices:
- enable
- disable
- route-server-client:
+ route_server_client:
description:
- Enable/disable IPv4 AS route server client.
+ type: str
choices:
- enable
- disable
- route-server-client6:
+ route_server_client6:
description:
- Enable/disable IPv6 AS route server client.
+ type: str
choices:
- enable
- disable
- send-community:
+ send_community:
description:
- IPv4 Send community attribute to neighbor.
+ type: str
choices:
- standard
- extended
- both
- disable
- send-community6:
+ send_community6:
description:
- IPv6 Send community attribute to neighbor.
+ type: str
choices:
- standard
- extended
@@ -1042,69 +1260,107 @@ options:
shutdown:
description:
- Enable/disable shutdown this neighbor.
+ type: str
choices:
- enable
- disable
- soft-reconfiguration:
+ soft_reconfiguration:
description:
- Enable/disable allow IPv4 inbound soft reconfiguration.
+ type: str
choices:
- enable
- disable
- soft-reconfiguration6:
+ soft_reconfiguration6:
description:
- Enable/disable allow IPv6 inbound soft reconfiguration.
+ type: str
choices:
- enable
- disable
- stale-route:
+ stale_route:
description:
- Enable/disable stale route after neighbor down.
+ type: str
choices:
- enable
- disable
- strict-capability-match:
+ strict_capability_match:
description:
- Enable/disable strict capability matching.
+ type: str
choices:
- enable
- disable
- unsuppress-map:
+ unsuppress_map:
description:
- IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
- unsuppress-map6:
+ type: str
+ unsuppress_map6:
description:
- IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name.
- update-source:
+ type: str
+ update_source:
description:
- Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name.
+ type: str
weight:
description:
- Neighbor weight.
- neighbor-range:
+ type: int
+ neighbor_range:
description:
- BGP neighbor range table.
+ type: list
suboptions:
id:
description:
- Neighbor range ID.
required: true
- max-neighbor-num:
+ type: int
+ max_neighbor_num:
description:
- Maximum number of neighbors.
- neighbor-group:
+ type: int
+ neighbor_group:
description:
- Neighbor group name. Source router.bgp.neighbor-group.name.
+ type: str
prefix:
description:
- Neighbor range prefix.
+ type: str
+ neighbor_range6:
+ description:
+ - BGP IPv6 neighbor range table.
+ type: list
+ suboptions:
+ id:
+ description:
+ - IPv6 neighbor range ID.
+ required: true
+ type: int
+ max_neighbor_num:
+ description:
+ - Maximum number of neighbors.
+ type: int
+ neighbor_group:
+ description:
+ - Neighbor group name. Source router.bgp.neighbor-group.name.
+ type: str
+ prefix6:
+ description:
+ - IPv6 prefix.
+ type: str
network:
description:
- BGP network table.
+ type: list
suboptions:
backdoor:
description:
- Enable/disable route as backdoor.
+ type: str
choices:
- enable
- disable
@@ -1112,25 +1368,31 @@ options:
description:
- ID.
required: true
+ type: int
prefix:
description:
- Network prefix.
- route-map:
+ type: str
+ route_map:
description:
- Route map to modify generated route. Source router.route-map.name.
- network-import-check:
+ type: str
+ network_import_check:
description:
- Enable/disable ensure BGP network route exists in IGP.
+ type: str
choices:
- enable
- disable
network6:
description:
- BGP IPv6 network table.
+ type: list
suboptions:
backdoor:
description:
- Enable/disable route as backdoor.
+ type: str
choices:
- enable
- disable
@@ -1138,55 +1400,69 @@ options:
description:
- ID.
required: true
+ type: int
prefix6:
description:
- Network IPv6 prefix.
- route-map:
+ type: str
+ route_map:
description:
- Route map to modify generated route. Source router.route-map.name.
+ type: str
redistribute:
description:
- BGP IPv4 redistribute table.
+ type: list
suboptions:
name:
description:
- Distribute list entry name.
required: true
- route-map:
+ type: str
+ route_map:
description:
- Route map name. Source router.route-map.name.
+ type: str
status:
description:
- Status
+ type: str
choices:
- enable
- disable
redistribute6:
description:
- BGP IPv6 redistribute table.
+ type: list
suboptions:
name:
description:
- Distribute list entry name.
required: true
- route-map:
+ type: str
+ route_map:
description:
- Route map name. Source router.route-map.name.
+ type: str
status:
description:
- Status
+ type: str
choices:
- enable
- disable
- router-id:
+ router_id:
description:
- Router ID.
- scan-time:
+ type: str
+ scan_time:
description:
- Background scanner interval (sec), 0 to disable it.
+ type: int
synchronization:
description:
- Enable/disable only advertise routes from iBGP if routes present in an IGP.
+ type: str
choices:
- enable
- disable
@@ -1199,6 +1475,7 @@ EXAMPLES = '''
username: "admin"
password: ""
vdom: "root"
+ ssl_verify: "False"
tasks:
- name: Configure BGP.
fortios_router_bgp:
@@ -1208,265 +1485,271 @@ EXAMPLES = '''
vdom: "{{ vdom }}"
https: "False"
router_bgp:
- admin-distance:
+ admin_distance:
-
distance: "4"
id: "5"
- neighbour-prefix: ""
- route-list: " (source router.access-list.name)"
- aggregate-address:
+ neighbour_prefix: ""
+ route_list: " (source router.access-list.name)"
+ aggregate_address:
-
- as-set: "enable"
+ as_set: "enable"
id: "10"
prefix: ""
- summary-only: "enable"
- aggregate-address6:
+ summary_only: "enable"
+ aggregate_address6:
-
- as-set: "enable"
+ as_set: "enable"
id: "15"
prefix6: ""
- summary-only: "enable"
- always-compare-med: "enable"
+ summary_only: "enable"
+ always_compare_med: "enable"
as: "19"
- bestpath-as-path-ignore: "enable"
- bestpath-cmp-confed-aspath: "enable"
- bestpath-cmp-routerid: "enable"
- bestpath-med-confed: "enable"
- bestpath-med-missing-as-worst: "enable"
- client-to-client-reflection: "enable"
- cluster-id: ""
- confederation-identifier: "27"
- confederation-peers:
+ bestpath_as_path_ignore: "enable"
+ bestpath_cmp_confed_aspath: "enable"
+ bestpath_cmp_routerid: "enable"
+ bestpath_med_confed: "enable"
+ bestpath_med_missing_as_worst: "enable"
+ client_to_client_reflection: "enable"
+ cluster_id: ""
+ confederation_identifier: "27"
+ confederation_peers:
-
peer: ""
dampening: "enable"
- dampening-max-suppress-time: "31"
- dampening-reachability-half-life: "32"
- dampening-reuse: "33"
- dampening-route-map: " (source router.route-map.name)"
- dampening-suppress: "35"
- dampening-unreachability-half-life: "36"
- default-local-preference: "37"
- deterministic-med: "enable"
- distance-external: "39"
- distance-internal: "40"
- distance-local: "41"
- ebgp-multipath: "enable"
- enforce-first-as: "enable"
- fast-external-failover: "enable"
- graceful-end-on-timer: "enable"
- graceful-restart: "enable"
- graceful-restart-time: "47"
- graceful-stalepath-time: "48"
- graceful-update-delay: "49"
- holdtime-timer: "50"
- ibgp-multipath: "enable"
- ignore-optional-capability: "enable"
- keepalive-timer: "53"
- log-neighbour-changes: "enable"
+ dampening_max_suppress_time: "31"
+ dampening_reachability_half_life: "32"
+ dampening_reuse: "33"
+ dampening_route_map: " (source router.route-map.name)"
+ dampening_suppress: "35"
+ dampening_unreachability_half_life: "36"
+ default_local_preference: "37"
+ deterministic_med: "enable"
+ distance_external: "39"
+ distance_internal: "40"
+ distance_local: "41"
+ ebgp_multipath: "enable"
+ enforce_first_as: "enable"
+ fast_external_failover: "enable"
+ graceful_end_on_timer: "enable"
+ graceful_restart: "enable"
+ graceful_restart_time: "47"
+ graceful_stalepath_time: "48"
+ graceful_update_delay: "49"
+ holdtime_timer: "50"
+ ibgp_multipath: "enable"
+ ignore_optional_capability: "enable"
+ keepalive_timer: "53"
+ log_neighbour_changes: "enable"
neighbor:
-
activate: "enable"
activate6: "enable"
- advertisement-interval: "58"
- allowas-in: "59"
- allowas-in-enable: "enable"
- allowas-in-enable6: "enable"
- allowas-in6: "62"
- as-override: "enable"
- as-override6: "enable"
- attribute-unchanged: "as-path"
- attribute-unchanged6: "as-path"
+ advertisement_interval: "58"
+ allowas_in: "59"
+ allowas_in_enable: "enable"
+ allowas_in_enable6: "enable"
+ allowas_in6: "62"
+ as_override: "enable"
+ as_override6: "enable"
+ attribute_unchanged: "as-path"
+ attribute_unchanged6: "as-path"
bfd: "enable"
- capability-default-originate: "enable"
- capability-default-originate6: "enable"
- capability-dynamic: "enable"
- capability-graceful-restart: "enable"
- capability-graceful-restart6: "enable"
- capability-orf: "none"
- capability-orf6: "none"
- capability-route-refresh: "enable"
- conditional-advertise:
+ capability_default_originate: "enable"
+ capability_default_originate6: "enable"
+ capability_dynamic: "enable"
+ capability_graceful_restart: "enable"
+ capability_graceful_restart6: "enable"
+ capability_orf: "none"
+ capability_orf6: "none"
+ capability_route_refresh: "enable"
+ conditional_advertise:
-
- advertise-routemap: " (source router.route-map.name)"
- condition-routemap: " (source router.route-map.name)"
- condition-type: "exist"
- connect-timer: "80"
- default-originate-routemap: " (source router.route-map.name)"
- default-originate-routemap6: " (source router.route-map.name)"
+ advertise_routemap: " (source router.route-map.name)"
+ condition_routemap: " (source router.route-map.name)"
+ condition_type: "exist"
+ connect_timer: "80"
+ default_originate_routemap: " (source router.route-map.name)"
+ default_originate_routemap6: " (source router.route-map.name)"
description: ""
- distribute-list-in: " (source router.access-list.name)"
- distribute-list-in6: " (source router.access-list6.name)"
- distribute-list-out: " (source router.access-list.name)"
- distribute-list-out6: " (source router.access-list6.name)"
- dont-capability-negotiate: "enable"
- ebgp-enforce-multihop: "enable"
- ebgp-multihop-ttl: "90"
- filter-list-in: " (source router.aspath-list.name)"
- filter-list-in6: " (source router.aspath-list.name)"
- filter-list-out: " (source router.aspath-list.name)"
- filter-list-out6: " (source router.aspath-list.name)"
- holdtime-timer: "95"
+ distribute_list_in: " (source router.access-list.name)"
+ distribute_list_in6: " (source router.access-list6.name)"
+ distribute_list_out: " (source router.access-list.name)"
+ distribute_list_out6: " (source router.access-list6.name)"
+ dont_capability_negotiate: "enable"
+ ebgp_enforce_multihop: "enable"
+ ebgp_multihop_ttl: "90"
+ filter_list_in: " (source router.aspath-list.name)"
+ filter_list_in6: " (source router.aspath-list.name)"
+ filter_list_out: " (source router.aspath-list.name)"
+ filter_list_out6: " (source router.aspath-list.name)"
+ holdtime_timer: "95"
interface: " (source system.interface.name)"
ip: ""
- keep-alive-timer: "98"
- link-down-failover: "enable"
- local-as: "100"
- local-as-no-prepend: "enable"
- local-as-replace-as: "enable"
- maximum-prefix: "103"
- maximum-prefix-threshold: "104"
- maximum-prefix-threshold6: "105"
- maximum-prefix-warning-only: "enable"
- maximum-prefix-warning-only6: "enable"
- maximum-prefix6: "108"
- next-hop-self: "enable"
- next-hop-self6: "enable"
- override-capability: "enable"
+ keep_alive_timer: "98"
+ link_down_failover: "enable"
+ local_as: "100"
+ local_as_no_prepend: "enable"
+ local_as_replace_as: "enable"
+ maximum_prefix: "103"
+ maximum_prefix_threshold: "104"
+ maximum_prefix_threshold6: "105"
+ maximum_prefix_warning_only: "enable"
+ maximum_prefix_warning_only6: "enable"
+ maximum_prefix6: "108"
+ next_hop_self: "enable"
+ next_hop_self6: "enable"
+ override_capability: "enable"
passive: "enable"
password: ""
- prefix-list-in: " (source router.prefix-list.name)"
- prefix-list-in6: " (source router.prefix-list6.name)"
- prefix-list-out: " (source router.prefix-list.name)"
- prefix-list-out6: " (source router.prefix-list6.name)"
- remote-as: "118"
- remove-private-as: "enable"
- remove-private-as6: "enable"
- restart-time: "121"
- retain-stale-time: "122"
- route-map-in: " (source router.route-map.name)"
- route-map-in6: " (source router.route-map.name)"
- route-map-out: " (source router.route-map.name)"
- route-map-out6: " (source router.route-map.name)"
- route-reflector-client: "enable"
- route-reflector-client6: "enable"
- route-server-client: "enable"
- route-server-client6: "enable"
- send-community: "standard"
- send-community6: "standard"
+ prefix_list_in: " (source router.prefix-list.name)"
+ prefix_list_in6: " (source router.prefix-list6.name)"
+ prefix_list_out: " (source router.prefix-list.name)"
+ prefix_list_out6: " (source router.prefix-list6.name)"
+ remote_as: "118"
+ remove_private_as: "enable"
+ remove_private_as6: "enable"
+ restart_time: "121"
+ retain_stale_time: "122"
+ route_map_in: " (source router.route-map.name)"
+ route_map_in6: " (source router.route-map.name)"
+ route_map_out: " (source router.route-map.name)"
+ route_map_out6: " (source router.route-map.name)"
+ route_reflector_client: "enable"
+ route_reflector_client6: "enable"
+ route_server_client: "enable"
+ route_server_client6: "enable"
+ send_community: "standard"
+ send_community6: "standard"
shutdown: "enable"
- soft-reconfiguration: "enable"
- soft-reconfiguration6: "enable"
- stale-route: "enable"
- strict-capability-match: "enable"
- unsuppress-map: " (source router.route-map.name)"
- unsuppress-map6: " (source router.route-map.name)"
- update-source: " (source system.interface.name)"
+ soft_reconfiguration: "enable"
+ soft_reconfiguration6: "enable"
+ stale_route: "enable"
+ strict_capability_match: "enable"
+ unsuppress_map: " (source router.route-map.name)"
+ unsuppress_map6: " (source router.route-map.name)"
+ update_source: " (source system.interface.name)"
weight: "141"
- neighbor-group:
+ neighbor_group:
-
activate: "enable"
activate6: "enable"
- advertisement-interval: "145"
- allowas-in: "146"
- allowas-in-enable: "enable"
- allowas-in-enable6: "enable"
- allowas-in6: "149"
- as-override: "enable"
- as-override6: "enable"
- attribute-unchanged: "as-path"
- attribute-unchanged6: "as-path"
+ advertisement_interval: "145"
+ allowas_in: "146"
+ allowas_in_enable: "enable"
+ allowas_in_enable6: "enable"
+ allowas_in6: "149"
+ as_override: "enable"
+ as_override6: "enable"
+ attribute_unchanged: "as-path"
+ attribute_unchanged6: "as-path"
bfd: "enable"
- capability-default-originate: "enable"
- capability-default-originate6: "enable"
- capability-dynamic: "enable"
- capability-graceful-restart: "enable"
- capability-graceful-restart6: "enable"
- capability-orf: "none"
- capability-orf6: "none"
- capability-route-refresh: "enable"
- connect-timer: "163"
- default-originate-routemap: " (source router.route-map.name)"
- default-originate-routemap6: " (source router.route-map.name)"
+ capability_default_originate: "enable"
+ capability_default_originate6: "enable"
+ capability_dynamic: "enable"
+ capability_graceful_restart: "enable"
+ capability_graceful_restart6: "enable"
+ capability_orf: "none"
+ capability_orf6: "none"
+ capability_route_refresh: "enable"
+ connect_timer: "163"
+ default_originate_routemap: " (source router.route-map.name)"
+ default_originate_routemap6: " (source router.route-map.name)"
description: ""
- distribute-list-in: " (source router.access-list.name)"
- distribute-list-in6: " (source router.access-list6.name)"
- distribute-list-out: " (source router.access-list.name)"
- distribute-list-out6: " (source router.access-list6.name)"
- dont-capability-negotiate: "enable"
- ebgp-enforce-multihop: "enable"
- ebgp-multihop-ttl: "173"
- filter-list-in: " (source router.aspath-list.name)"
- filter-list-in6: " (source router.aspath-list.name)"
- filter-list-out: " (source router.aspath-list.name)"
- filter-list-out6: " (source router.aspath-list.name)"
- holdtime-timer: "178"
+ distribute_list_in: " (source router.access-list.name)"
+ distribute_list_in6: " (source router.access-list6.name)"
+ distribute_list_out: " (source router.access-list.name)"
+ distribute_list_out6: " (source router.access-list6.name)"
+ dont_capability_negotiate: "enable"
+ ebgp_enforce_multihop: "enable"
+ ebgp_multihop_ttl: "173"
+ filter_list_in: " (source router.aspath-list.name)"
+ filter_list_in6: " (source router.aspath-list.name)"
+ filter_list_out: " (source router.aspath-list.name)"
+ filter_list_out6: " (source router.aspath-list.name)"
+ holdtime_timer: "178"
interface: " (source system.interface.name)"
- keep-alive-timer: "180"
- link-down-failover: "enable"
- local-as: "182"
- local-as-no-prepend: "enable"
- local-as-replace-as: "enable"
- maximum-prefix: "185"
- maximum-prefix-threshold: "186"
- maximum-prefix-threshold6: "187"
- maximum-prefix-warning-only: "enable"
- maximum-prefix-warning-only6: "enable"
- maximum-prefix6: "190"
+ keep_alive_timer: "180"
+ link_down_failover: "enable"
+ local_as: "182"
+ local_as_no_prepend: "enable"
+ local_as_replace_as: "enable"
+ maximum_prefix: "185"
+ maximum_prefix_threshold: "186"
+ maximum_prefix_threshold6: "187"
+ maximum_prefix_warning_only: "enable"
+ maximum_prefix_warning_only6: "enable"
+ maximum_prefix6: "190"
name: "default_name_191"
- next-hop-self: "enable"
- next-hop-self6: "enable"
- override-capability: "enable"
+ next_hop_self: "enable"
+ next_hop_self6: "enable"
+ override_capability: "enable"
passive: "enable"
- prefix-list-in: " (source router.prefix-list.name)"
- prefix-list-in6: " (source router.prefix-list6.name)"
- prefix-list-out: " (source router.prefix-list.name)"
- prefix-list-out6: " (source router.prefix-list6.name)"
- remote-as: "200"
- remove-private-as: "enable"
- remove-private-as6: "enable"
- restart-time: "203"
- retain-stale-time: "204"
- route-map-in: " (source router.route-map.name)"
- route-map-in6: " (source router.route-map.name)"
- route-map-out: " (source router.route-map.name)"
- route-map-out6: " (source router.route-map.name)"
- route-reflector-client: "enable"
- route-reflector-client6: "enable"
- route-server-client: "enable"
- route-server-client6: "enable"
- send-community: "standard"
- send-community6: "standard"
+ prefix_list_in: " (source router.prefix-list.name)"
+ prefix_list_in6: " (source router.prefix-list6.name)"
+ prefix_list_out: " (source router.prefix-list.name)"
+ prefix_list_out6: " (source router.prefix-list6.name)"
+ remote_as: "200"
+ remove_private_as: "enable"
+ remove_private_as6: "enable"
+ restart_time: "203"
+ retain_stale_time: "204"
+ route_map_in: " (source router.route-map.name)"
+ route_map_in6: " (source router.route-map.name)"
+ route_map_out: " (source router.route-map.name)"
+ route_map_out6: " (source router.route-map.name)"
+ route_reflector_client: "enable"
+ route_reflector_client6: "enable"
+ route_server_client: "enable"
+ route_server_client6: "enable"
+ send_community: "standard"
+ send_community6: "standard"
shutdown: "enable"
- soft-reconfiguration: "enable"
- soft-reconfiguration6: "enable"
- stale-route: "enable"
- strict-capability-match: "enable"
- unsuppress-map: " (source router.route-map.name)"
- unsuppress-map6: " (source router.route-map.name)"
- update-source: " (source system.interface.name)"
+ soft_reconfiguration: "enable"
+ soft_reconfiguration6: "enable"
+ stale_route: "enable"
+ strict_capability_match: "enable"
+ unsuppress_map: " (source router.route-map.name)"
+ unsuppress_map6: " (source router.route-map.name)"
+ update_source: " (source system.interface.name)"
weight: "223"
- neighbor-range:
+ neighbor_range:
-
id: "225"
- max-neighbor-num: "226"
- neighbor-group: " (source router.bgp.neighbor-group.name)"
+ max_neighbor_num: "226"
+ neighbor_group: " (source router.bgp.neighbor-group.name)"
prefix: ""
+ neighbor_range6:
+ -
+ id: "230"
+ max_neighbor_num: "231"
+ neighbor_group: " (source router.bgp.neighbor-group.name)"
+ prefix6: ""
network:
-
backdoor: "enable"
- id: "231"
+ id: "236"
prefix: ""
- route-map: " (source router.route-map.name)"
- network-import-check: "enable"
+ route_map: "