1#!/usr/local/bin/python3.8 2from __future__ import (absolute_import, division, print_function) 3# Copyright 2019-2020 Fortinet, Inc. 4# 5# This program is free software: you can redistribute it and/or modify 6# it under the terms of the GNU General Public License as published by 7# the Free Software Foundation, either version 3 of the License, or 8# (at your option) any later version. 9# 10# This program is distributed in the hope that it will be useful, 11# but WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13# GNU General Public License for more details. 14# 15# You should have received a copy of the GNU General Public License 16# along with this program. If not, see <https://www.gnu.org/licenses/>. 17 18__metaclass__ = type 19 20ANSIBLE_METADATA = {'status': ['preview'], 21 'supported_by': 'community', 22 'metadata_version': '1.1'} 23 24DOCUMENTATION = ''' 25--- 26module: fortios_gtp_message_filter_v2 27short_description: Message filter for GTPv2 messages in Fortinet's FortiOS and FortiGate. 28description: 29 - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the 30 user to set and modify gtp feature and message_filter_v2 category. 31 Examples include all parameters and values need to be adjusted to datasources before usage. 32 Tested with FOS v6.0.0 33version_added: "2.10" 34author: 35 - Link Zheng (@chillancezen) 36 - Jie Xue (@JieX19) 37 - Hongbin Lu (@fgtdev-hblu) 38 - Frank Shen (@frankshen01) 39 - Miguel Angel Munoz (@mamunozgonzalez) 40 - Nicolas Thomas (@thomnico) 41notes: 42 - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks 43 44requirements: 45 - ansible>=2.9.0 46options: 47 access_token: 48 description: 49 - Token-based authentication. 50 Generated from GUI of Fortigate. 51 type: str 52 required: false 53 enable_log: 54 description: 55 - Enable/Disable logging for task. 56 type: bool 57 required: false 58 default: false 59 vdom: 60 description: 61 - Virtual domain, among those defined previously. A vdom is a 62 virtual instance of the FortiGate that can be configured and 63 used as a different unit. 64 type: str 65 default: root 66 67 state: 68 description: 69 - Indicates whether to create or remove the object. 70 type: str 71 required: true 72 choices: 73 - present 74 - absent 75 gtp_message_filter_v2: 76 description: 77 - Message filter for GTPv2 messages. 78 default: null 79 type: dict 80 suboptions: 81 bearer_resource_cmd_fail: 82 description: 83 - Bearer resource (command 68, failure indication 69). 84 type: str 85 choices: 86 - allow 87 - deny 88 change_notification: 89 description: 90 - Change notification (req 38, resp 39). 91 type: str 92 choices: 93 - allow 94 - deny 95 create_bearer: 96 description: 97 - Create bearer (req 95, resp 96). 98 type: str 99 choices: 100 - allow 101 - deny 102 create_session: 103 description: 104 - Create session (req 32, resp 33). 105 type: str 106 choices: 107 - allow 108 - deny 109 delete_bearer_cmd_fail: 110 description: 111 - Delete bearer (command 66, failure indication 67). 112 type: str 113 choices: 114 - allow 115 - deny 116 delete_bearer_req_resp: 117 description: 118 - Delete bearer (req 99, resp 100). 119 type: str 120 choices: 121 - allow 122 - deny 123 delete_pdn_connection_set: 124 description: 125 - Delete PDN connection set (req 101, resp 102). 126 type: str 127 choices: 128 - allow 129 - deny 130 delete_session: 131 description: 132 - Delete session (req 36, resp 37). 133 type: str 134 choices: 135 - allow 136 - deny 137 echo: 138 description: 139 - Echo (req 1, resp 2). 140 type: str 141 choices: 142 - allow 143 - deny 144 modify_bearer_cmd_fail: 145 description: 146 - Modify bearer (command 64 , failure indication 65). 147 type: str 148 choices: 149 - allow 150 - deny 151 modify_bearer_req_resp: 152 description: 153 - Modify bearer (req 34, resp 35). 154 type: str 155 choices: 156 - allow 157 - deny 158 name: 159 description: 160 - Message filter name. 161 required: true 162 type: str 163 resume: 164 description: 165 - Resume (notify 164 , ack 165). 166 type: str 167 choices: 168 - allow 169 - deny 170 suspend: 171 description: 172 - Suspend (notify 162, ack 163). 173 type: str 174 choices: 175 - allow 176 - deny 177 trace_session: 178 description: 179 - Trace session (activation 71, deactivation 72). 180 type: str 181 choices: 182 - allow 183 - deny 184 unknown_message: 185 description: 186 - Allow or Deny unknown messages. 187 type: str 188 choices: 189 - allow 190 - deny 191 unknown_message_white_list: 192 description: 193 - White list (to allow) of unknown messages. 194 type: list 195 suboptions: 196 id: 197 description: 198 - Message IDs. 199 required: true 200 type: int 201 update_bearer: 202 description: 203 - Update bearer (req 97, resp 98). 204 type: str 205 choices: 206 - allow 207 - deny 208 update_pdn_connection_set: 209 description: 210 - Update PDN connection set (req 200, resp 201). 211 type: str 212 choices: 213 - allow 214 - deny 215 version_not_support: 216 description: 217 - Version not supported (3). 218 type: str 219 choices: 220 - allow 221 - deny 222''' 223 224EXAMPLES = ''' 225- hosts: fortigates 226 collections: 227 - fortinet.fortios 228 connection: httpapi 229 vars: 230 vdom: "root" 231 ansible_httpapi_use_ssl: yes 232 ansible_httpapi_validate_certs: no 233 ansible_httpapi_port: 443 234 tasks: 235 - name: Message filter for GTPv2 messages. 236 fortios_gtp_message_filter_v2: 237 vdom: "{{ vdom }}" 238 state: "present" 239 access_token: "<your_own_value>" 240 gtp_message_filter_v2: 241 bearer_resource_cmd_fail: "allow" 242 change_notification: "allow" 243 create_bearer: "allow" 244 create_session: "allow" 245 delete_bearer_cmd_fail: "allow" 246 delete_bearer_req_resp: "allow" 247 delete_pdn_connection_set: "allow" 248 delete_session: "allow" 249 echo: "allow" 250 modify_bearer_cmd_fail: "allow" 251 modify_bearer_req_resp: "allow" 252 name: "default_name_14" 253 resume: "allow" 254 suspend: "allow" 255 trace_session: "allow" 256 unknown_message: "allow" 257 unknown_message_white_list: 258 - 259 id: "20" 260 update_bearer: "allow" 261 update_pdn_connection_set: "allow" 262 version_not_support: "allow" 263 264''' 265 266RETURN = ''' 267build: 268 description: Build number of the fortigate image 269 returned: always 270 type: str 271 sample: '1547' 272http_method: 273 description: Last method used to provision the content into FortiGate 274 returned: always 275 type: str 276 sample: 'PUT' 277http_status: 278 description: Last result given by FortiGate on last operation applied 279 returned: always 280 type: str 281 sample: "200" 282mkey: 283 description: Master key (id) used in the last call to FortiGate 284 returned: success 285 type: str 286 sample: "id" 287name: 288 description: Name of the table used to fulfill the request 289 returned: always 290 type: str 291 sample: "urlfilter" 292path: 293 description: Path of the table used to fulfill the request 294 returned: always 295 type: str 296 sample: "webfilter" 297revision: 298 description: Internal revision number 299 returned: always 300 type: str 301 sample: "17.0.2.10658" 302serial: 303 description: Serial number of the unit 304 returned: always 305 type: str 306 sample: "FGVMEVYYQT3AB5352" 307status: 308 description: Indication of the operation's result 309 returned: always 310 type: str 311 sample: "success" 312vdom: 313 description: Virtual domain used 314 returned: always 315 type: str 316 sample: "root" 317version: 318 description: Version of the FortiGate 319 returned: always 320 type: str 321 sample: "v5.6.3" 322 323''' 324from ansible.module_utils.basic import AnsibleModule 325from ansible.module_utils.connection import Connection 326from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import FortiOSHandler 327from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_legacy_fortiosapi 328from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import schema_to_module_spec 329from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_schema_versioning 330from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import FAIL_SOCKET_MSG 331from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import is_same_comparison 332from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import serialize 333 334 335def filter_gtp_message_filter_v2_data(json): 336 option_list = ['bearer_resource_cmd_fail', 'change_notification', 'create_bearer', 337 'create_session', 'delete_bearer_cmd_fail', 'delete_bearer_req_resp', 338 'delete_pdn_connection_set', 'delete_session', 'echo', 339 'modify_bearer_cmd_fail', 'modify_bearer_req_resp', 'name', 340 'resume', 'suspend', 'trace_session', 341 'unknown_message', 'unknown_message_white_list', 'update_bearer', 342 'update_pdn_connection_set', 'version_not_support'] 343 dictionary = {} 344 345 for attribute in option_list: 346 if attribute in json and json[attribute] is not None: 347 dictionary[attribute] = json[attribute] 348 349 return dictionary 350 351 352def underscore_to_hyphen(data): 353 if isinstance(data, list): 354 for i, elem in enumerate(data): 355 data[i] = underscore_to_hyphen(elem) 356 elif isinstance(data, dict): 357 new_data = {} 358 for k, v in data.items(): 359 new_data[k.replace('_', '-')] = underscore_to_hyphen(v) 360 data = new_data 361 362 return data 363 364 365def gtp_message_filter_v2(data, fos, check_mode=False): 366 367 vdom = data['vdom'] 368 369 state = data['state'] 370 371 gtp_message_filter_v2_data = data['gtp_message_filter_v2'] 372 filtered_data = underscore_to_hyphen(filter_gtp_message_filter_v2_data(gtp_message_filter_v2_data)) 373 374 # check_mode starts from here 375 if check_mode: 376 mkey = fos.get_mkey('system', 'interface', filtered_data, vdom=vdom) 377 current_data = fos.get('system', 'interface', vdom=vdom, mkey=mkey) 378 is_existed = current_data and current_data.get('http_status') == 200 \ 379 and isinstance(current_data.get('results'), list) \ 380 and len(current_data['results']) > 0 381 382 # 2. if it exists and the state is 'present' then compare current settings with desired 383 if state == 'present' or state is True: 384 if mkey is None: 385 return False, True, filtered_data 386 387 # if mkey exists then compare each other 388 # record exits and they're matched or not 389 if is_existed: 390 is_same = is_same_comparison( 391 serialize(current_data['results'][0]), serialize(filtered_data)) 392 return False, not is_same, filtered_data 393 394 # record does not exist 395 return False, True, filtered_data 396 397 if state == 'absent': 398 if mkey is None: 399 return False, False, filtered_data 400 401 if is_existed: 402 return False, True, filtered_data 403 return False, False, filtered_data 404 405 return True, False, {'reason: ': 'Must provide state parameter'} 406 407 if state == "present" or state is True: 408 return fos.set('gtp', 409 'message-filter-v2', 410 data=filtered_data, 411 vdom=vdom) 412 413 elif state == "absent": 414 return fos.delete('gtp', 415 'message-filter-v2', 416 mkey=filtered_data['name'], 417 vdom=vdom) 418 else: 419 fos._module.fail_json(msg='state must be present or absent!') 420 421 422def is_successful_status(status): 423 return status['status'] == "success" or \ 424 status['http_method'] == "DELETE" and status['http_status'] == 404 425 426 427def fortios_gtp(data, fos, check_mode): 428 429 if data['gtp_message_filter_v2']: 430 resp = gtp_message_filter_v2(data, fos, check_mode) 431 else: 432 fos._module.fail_json(msg='missing task body: %s' % ('gtp_message_filter_v2')) 433 if check_mode: 434 return resp 435 return not is_successful_status(resp), \ 436 resp['status'] == "success" and \ 437 (resp['revision_changed'] if 'revision_changed' in resp else True), \ 438 resp 439 440 441versioned_schema = { 442 "type": "list", 443 "children": { 444 "change_notification": { 445 "type": "string", 446 "options": [ 447 { 448 "value": "allow", 449 "revisions": { 450 "v6.0.0": True, 451 "v7.0.0": True, 452 "v6.0.5": True, 453 "v6.4.4": True, 454 "v6.4.0": True, 455 "v6.4.1": True, 456 "v6.2.0": True, 457 "v6.2.3": True, 458 "v6.2.5": True, 459 "v6.2.7": True, 460 "v6.0.11": True 461 } 462 }, 463 { 464 "value": "deny", 465 "revisions": { 466 "v6.0.0": True, 467 "v7.0.0": True, 468 "v6.0.5": True, 469 "v6.4.4": True, 470 "v6.4.0": True, 471 "v6.4.1": True, 472 "v6.2.0": True, 473 "v6.2.3": True, 474 "v6.2.5": True, 475 "v6.2.7": True, 476 "v6.0.11": True 477 } 478 } 479 ], 480 "revisions": { 481 "v6.0.0": True, 482 "v7.0.0": True, 483 "v6.0.5": True, 484 "v6.4.4": True, 485 "v6.4.0": True, 486 "v6.4.1": True, 487 "v6.2.0": True, 488 "v6.2.3": True, 489 "v6.2.5": True, 490 "v6.2.7": True, 491 "v6.0.11": True 492 } 493 }, 494 "delete_bearer_cmd_fail": { 495 "type": "string", 496 "options": [ 497 { 498 "value": "allow", 499 "revisions": { 500 "v6.0.0": True, 501 "v7.0.0": True, 502 "v6.0.5": True, 503 "v6.4.4": True, 504 "v6.4.0": True, 505 "v6.4.1": True, 506 "v6.2.0": True, 507 "v6.2.3": True, 508 "v6.2.5": True, 509 "v6.2.7": True, 510 "v6.0.11": True 511 } 512 }, 513 { 514 "value": "deny", 515 "revisions": { 516 "v6.0.0": True, 517 "v7.0.0": True, 518 "v6.0.5": True, 519 "v6.4.4": True, 520 "v6.4.0": True, 521 "v6.4.1": True, 522 "v6.2.0": True, 523 "v6.2.3": True, 524 "v6.2.5": True, 525 "v6.2.7": True, 526 "v6.0.11": True 527 } 528 } 529 ], 530 "revisions": { 531 "v6.0.0": True, 532 "v7.0.0": True, 533 "v6.0.5": True, 534 "v6.4.4": True, 535 "v6.4.0": True, 536 "v6.4.1": True, 537 "v6.2.0": True, 538 "v6.2.3": True, 539 "v6.2.5": True, 540 "v6.2.7": True, 541 "v6.0.11": True 542 } 543 }, 544 "modify_bearer_cmd_fail": { 545 "type": "string", 546 "options": [ 547 { 548 "value": "allow", 549 "revisions": { 550 "v6.0.0": True, 551 "v7.0.0": True, 552 "v6.0.5": True, 553 "v6.4.4": True, 554 "v6.4.0": True, 555 "v6.4.1": True, 556 "v6.2.0": True, 557 "v6.2.3": True, 558 "v6.2.5": True, 559 "v6.2.7": True, 560 "v6.0.11": True 561 } 562 }, 563 { 564 "value": "deny", 565 "revisions": { 566 "v6.0.0": True, 567 "v7.0.0": True, 568 "v6.0.5": True, 569 "v6.4.4": True, 570 "v6.4.0": True, 571 "v6.4.1": True, 572 "v6.2.0": True, 573 "v6.2.3": True, 574 "v6.2.5": True, 575 "v6.2.7": True, 576 "v6.0.11": True 577 } 578 } 579 ], 580 "revisions": { 581 "v6.0.0": True, 582 "v7.0.0": True, 583 "v6.0.5": True, 584 "v6.4.4": True, 585 "v6.4.0": True, 586 "v6.4.1": True, 587 "v6.2.0": True, 588 "v6.2.3": True, 589 "v6.2.5": True, 590 "v6.2.7": True, 591 "v6.0.11": True 592 } 593 }, 594 "name": { 595 "type": "string", 596 "revisions": { 597 "v6.0.0": True, 598 "v7.0.0": True, 599 "v6.0.5": True, 600 "v6.4.4": True, 601 "v6.4.0": True, 602 "v6.4.1": True, 603 "v6.2.0": True, 604 "v6.2.3": True, 605 "v6.2.5": True, 606 "v6.2.7": True, 607 "v6.0.11": True 608 } 609 }, 610 "resume": { 611 "type": "string", 612 "options": [ 613 { 614 "value": "allow", 615 "revisions": { 616 "v6.0.0": True, 617 "v7.0.0": True, 618 "v6.0.5": True, 619 "v6.4.4": True, 620 "v6.4.0": True, 621 "v6.4.1": True, 622 "v6.2.0": True, 623 "v6.2.3": True, 624 "v6.2.5": True, 625 "v6.2.7": True, 626 "v6.0.11": True 627 } 628 }, 629 { 630 "value": "deny", 631 "revisions": { 632 "v6.0.0": True, 633 "v7.0.0": True, 634 "v6.0.5": True, 635 "v6.4.4": True, 636 "v6.4.0": True, 637 "v6.4.1": True, 638 "v6.2.0": True, 639 "v6.2.3": True, 640 "v6.2.5": True, 641 "v6.2.7": True, 642 "v6.0.11": True 643 } 644 } 645 ], 646 "revisions": { 647 "v6.0.0": True, 648 "v7.0.0": True, 649 "v6.0.5": True, 650 "v6.4.4": True, 651 "v6.4.0": True, 652 "v6.4.1": True, 653 "v6.2.0": True, 654 "v6.2.3": True, 655 "v6.2.5": True, 656 "v6.2.7": True, 657 "v6.0.11": True 658 } 659 }, 660 "version_not_support": { 661 "type": "string", 662 "options": [ 663 { 664 "value": "allow", 665 "revisions": { 666 "v6.0.0": True, 667 "v7.0.0": True, 668 "v6.0.5": True, 669 "v6.4.4": True, 670 "v6.4.0": True, 671 "v6.4.1": True, 672 "v6.2.0": True, 673 "v6.2.3": True, 674 "v6.2.5": True, 675 "v6.2.7": True, 676 "v6.0.11": True 677 } 678 }, 679 { 680 "value": "deny", 681 "revisions": { 682 "v6.0.0": True, 683 "v7.0.0": True, 684 "v6.0.5": True, 685 "v6.4.4": True, 686 "v6.4.0": True, 687 "v6.4.1": True, 688 "v6.2.0": True, 689 "v6.2.3": True, 690 "v6.2.5": True, 691 "v6.2.7": True, 692 "v6.0.11": True 693 } 694 } 695 ], 696 "revisions": { 697 "v6.0.0": True, 698 "v7.0.0": True, 699 "v6.0.5": True, 700 "v6.4.4": True, 701 "v6.4.0": True, 702 "v6.4.1": True, 703 "v6.2.0": True, 704 "v6.2.3": True, 705 "v6.2.5": True, 706 "v6.2.7": True, 707 "v6.0.11": True 708 } 709 }, 710 "bearer_resource_cmd_fail": { 711 "type": "string", 712 "options": [ 713 { 714 "value": "allow", 715 "revisions": { 716 "v6.0.0": True, 717 "v7.0.0": True, 718 "v6.0.5": True, 719 "v6.4.4": True, 720 "v6.4.0": True, 721 "v6.4.1": True, 722 "v6.2.0": True, 723 "v6.2.3": True, 724 "v6.2.5": True, 725 "v6.2.7": True, 726 "v6.0.11": True 727 } 728 }, 729 { 730 "value": "deny", 731 "revisions": { 732 "v6.0.0": True, 733 "v7.0.0": True, 734 "v6.0.5": True, 735 "v6.4.4": True, 736 "v6.4.0": True, 737 "v6.4.1": True, 738 "v6.2.0": True, 739 "v6.2.3": True, 740 "v6.2.5": True, 741 "v6.2.7": True, 742 "v6.0.11": True 743 } 744 } 745 ], 746 "revisions": { 747 "v6.0.0": True, 748 "v7.0.0": True, 749 "v6.0.5": True, 750 "v6.4.4": True, 751 "v6.4.0": True, 752 "v6.4.1": True, 753 "v6.2.0": True, 754 "v6.2.3": True, 755 "v6.2.5": True, 756 "v6.2.7": True, 757 "v6.0.11": True 758 } 759 }, 760 "delete_bearer_req_resp": { 761 "type": "string", 762 "options": [ 763 { 764 "value": "allow", 765 "revisions": { 766 "v6.0.0": True, 767 "v7.0.0": True, 768 "v6.0.5": True, 769 "v6.4.4": True, 770 "v6.4.0": True, 771 "v6.4.1": True, 772 "v6.2.0": True, 773 "v6.2.3": True, 774 "v6.2.5": True, 775 "v6.2.7": True, 776 "v6.0.11": True 777 } 778 }, 779 { 780 "value": "deny", 781 "revisions": { 782 "v6.0.0": True, 783 "v7.0.0": True, 784 "v6.0.5": True, 785 "v6.4.4": True, 786 "v6.4.0": True, 787 "v6.4.1": True, 788 "v6.2.0": True, 789 "v6.2.3": True, 790 "v6.2.5": True, 791 "v6.2.7": True, 792 "v6.0.11": True 793 } 794 } 795 ], 796 "revisions": { 797 "v6.0.0": True, 798 "v7.0.0": True, 799 "v6.0.5": True, 800 "v6.4.4": True, 801 "v6.4.0": True, 802 "v6.4.1": True, 803 "v6.2.0": True, 804 "v6.2.3": True, 805 "v6.2.5": True, 806 "v6.2.7": True, 807 "v6.0.11": True 808 } 809 }, 810 "echo": { 811 "type": "string", 812 "options": [ 813 { 814 "value": "allow", 815 "revisions": { 816 "v6.0.0": True, 817 "v7.0.0": True, 818 "v6.0.5": True, 819 "v6.4.4": True, 820 "v6.4.0": True, 821 "v6.4.1": True, 822 "v6.2.0": True, 823 "v6.2.3": True, 824 "v6.2.5": True, 825 "v6.2.7": True, 826 "v6.0.11": True 827 } 828 }, 829 { 830 "value": "deny", 831 "revisions": { 832 "v6.0.0": True, 833 "v7.0.0": True, 834 "v6.0.5": True, 835 "v6.4.4": True, 836 "v6.4.0": True, 837 "v6.4.1": True, 838 "v6.2.0": True, 839 "v6.2.3": True, 840 "v6.2.5": True, 841 "v6.2.7": True, 842 "v6.0.11": True 843 } 844 } 845 ], 846 "revisions": { 847 "v6.0.0": True, 848 "v7.0.0": True, 849 "v6.0.5": True, 850 "v6.4.4": True, 851 "v6.4.0": True, 852 "v6.4.1": True, 853 "v6.2.0": True, 854 "v6.2.3": True, 855 "v6.2.5": True, 856 "v6.2.7": True, 857 "v6.0.11": True 858 } 859 }, 860 "update_bearer": { 861 "type": "string", 862 "options": [ 863 { 864 "value": "allow", 865 "revisions": { 866 "v6.0.0": True, 867 "v7.0.0": True, 868 "v6.0.5": True, 869 "v6.4.4": True, 870 "v6.4.0": True, 871 "v6.4.1": True, 872 "v6.2.0": True, 873 "v6.2.3": True, 874 "v6.2.5": True, 875 "v6.2.7": True, 876 "v6.0.11": True 877 } 878 }, 879 { 880 "value": "deny", 881 "revisions": { 882 "v6.0.0": True, 883 "v7.0.0": True, 884 "v6.0.5": True, 885 "v6.4.4": True, 886 "v6.4.0": True, 887 "v6.4.1": True, 888 "v6.2.0": True, 889 "v6.2.3": True, 890 "v6.2.5": True, 891 "v6.2.7": True, 892 "v6.0.11": True 893 } 894 } 895 ], 896 "revisions": { 897 "v6.0.0": True, 898 "v7.0.0": True, 899 "v6.0.5": True, 900 "v6.4.4": True, 901 "v6.4.0": True, 902 "v6.4.1": True, 903 "v6.2.0": True, 904 "v6.2.3": True, 905 "v6.2.5": True, 906 "v6.2.7": True, 907 "v6.0.11": True 908 } 909 }, 910 "delete_pdn_connection_set": { 911 "type": "string", 912 "options": [ 913 { 914 "value": "allow", 915 "revisions": { 916 "v6.0.0": True, 917 "v7.0.0": True, 918 "v6.0.5": True, 919 "v6.4.4": True, 920 "v6.4.0": True, 921 "v6.4.1": True, 922 "v6.2.0": True, 923 "v6.2.3": True, 924 "v6.2.5": True, 925 "v6.2.7": True, 926 "v6.0.11": True 927 } 928 }, 929 { 930 "value": "deny", 931 "revisions": { 932 "v6.0.0": True, 933 "v7.0.0": True, 934 "v6.0.5": True, 935 "v6.4.4": True, 936 "v6.4.0": True, 937 "v6.4.1": True, 938 "v6.2.0": True, 939 "v6.2.3": True, 940 "v6.2.5": True, 941 "v6.2.7": True, 942 "v6.0.11": True 943 } 944 } 945 ], 946 "revisions": { 947 "v6.0.0": True, 948 "v7.0.0": True, 949 "v6.0.5": True, 950 "v6.4.4": True, 951 "v6.4.0": True, 952 "v6.4.1": True, 953 "v6.2.0": True, 954 "v6.2.3": True, 955 "v6.2.5": True, 956 "v6.2.7": True, 957 "v6.0.11": True 958 } 959 }, 960 "suspend": { 961 "type": "string", 962 "options": [ 963 { 964 "value": "allow", 965 "revisions": { 966 "v6.0.0": True, 967 "v7.0.0": True, 968 "v6.0.5": True, 969 "v6.4.4": True, 970 "v6.4.0": True, 971 "v6.4.1": True, 972 "v6.2.0": True, 973 "v6.2.3": True, 974 "v6.2.5": True, 975 "v6.2.7": True, 976 "v6.0.11": True 977 } 978 }, 979 { 980 "value": "deny", 981 "revisions": { 982 "v6.0.0": True, 983 "v7.0.0": True, 984 "v6.0.5": True, 985 "v6.4.4": True, 986 "v6.4.0": True, 987 "v6.4.1": True, 988 "v6.2.0": True, 989 "v6.2.3": True, 990 "v6.2.5": True, 991 "v6.2.7": True, 992 "v6.0.11": True 993 } 994 } 995 ], 996 "revisions": { 997 "v6.0.0": True, 998 "v7.0.0": True, 999 "v6.0.5": True, 1000 "v6.4.4": True, 1001 "v6.4.0": True, 1002 "v6.4.1": True, 1003 "v6.2.0": True, 1004 "v6.2.3": True, 1005 "v6.2.5": True, 1006 "v6.2.7": True, 1007 "v6.0.11": True 1008 } 1009 }, 1010 "unknown_message": { 1011 "type": "string", 1012 "options": [ 1013 { 1014 "value": "allow", 1015 "revisions": { 1016 "v6.0.0": True, 1017 "v7.0.0": True, 1018 "v6.0.5": True, 1019 "v6.4.4": True, 1020 "v6.4.0": True, 1021 "v6.4.1": True, 1022 "v6.2.0": True, 1023 "v6.2.3": True, 1024 "v6.2.5": True, 1025 "v6.2.7": True, 1026 "v6.0.11": True 1027 } 1028 }, 1029 { 1030 "value": "deny", 1031 "revisions": { 1032 "v6.0.0": True, 1033 "v7.0.0": True, 1034 "v6.0.5": True, 1035 "v6.4.4": True, 1036 "v6.4.0": True, 1037 "v6.4.1": True, 1038 "v6.2.0": True, 1039 "v6.2.3": True, 1040 "v6.2.5": True, 1041 "v6.2.7": True, 1042 "v6.0.11": True 1043 } 1044 } 1045 ], 1046 "revisions": { 1047 "v6.0.0": True, 1048 "v7.0.0": True, 1049 "v6.0.5": True, 1050 "v6.4.4": True, 1051 "v6.4.0": True, 1052 "v6.4.1": True, 1053 "v6.2.0": True, 1054 "v6.2.3": True, 1055 "v6.2.5": True, 1056 "v6.2.7": True, 1057 "v6.0.11": True 1058 } 1059 }, 1060 "delete_session": { 1061 "type": "string", 1062 "options": [ 1063 { 1064 "value": "allow", 1065 "revisions": { 1066 "v6.0.0": True, 1067 "v7.0.0": True, 1068 "v6.0.5": True, 1069 "v6.4.4": True, 1070 "v6.4.0": True, 1071 "v6.4.1": True, 1072 "v6.2.0": True, 1073 "v6.2.3": True, 1074 "v6.2.5": True, 1075 "v6.2.7": True, 1076 "v6.0.11": True 1077 } 1078 }, 1079 { 1080 "value": "deny", 1081 "revisions": { 1082 "v6.0.0": True, 1083 "v7.0.0": True, 1084 "v6.0.5": True, 1085 "v6.4.4": True, 1086 "v6.4.0": True, 1087 "v6.4.1": True, 1088 "v6.2.0": True, 1089 "v6.2.3": True, 1090 "v6.2.5": True, 1091 "v6.2.7": True, 1092 "v6.0.11": True 1093 } 1094 } 1095 ], 1096 "revisions": { 1097 "v6.0.0": True, 1098 "v7.0.0": True, 1099 "v6.0.5": True, 1100 "v6.4.4": True, 1101 "v6.4.0": True, 1102 "v6.4.1": True, 1103 "v6.2.0": True, 1104 "v6.2.3": True, 1105 "v6.2.5": True, 1106 "v6.2.7": True, 1107 "v6.0.11": True 1108 } 1109 }, 1110 "update_pdn_connection_set": { 1111 "type": "string", 1112 "options": [ 1113 { 1114 "value": "allow", 1115 "revisions": { 1116 "v6.0.0": True, 1117 "v7.0.0": True, 1118 "v6.0.5": True, 1119 "v6.4.4": True, 1120 "v6.4.0": True, 1121 "v6.4.1": True, 1122 "v6.2.0": True, 1123 "v6.2.3": True, 1124 "v6.2.5": True, 1125 "v6.2.7": True, 1126 "v6.0.11": True 1127 } 1128 }, 1129 { 1130 "value": "deny", 1131 "revisions": { 1132 "v6.0.0": True, 1133 "v7.0.0": True, 1134 "v6.0.5": True, 1135 "v6.4.4": True, 1136 "v6.4.0": True, 1137 "v6.4.1": True, 1138 "v6.2.0": True, 1139 "v6.2.3": True, 1140 "v6.2.5": True, 1141 "v6.2.7": True, 1142 "v6.0.11": True 1143 } 1144 } 1145 ], 1146 "revisions": { 1147 "v6.0.0": True, 1148 "v7.0.0": True, 1149 "v6.0.5": True, 1150 "v6.4.4": True, 1151 "v6.4.0": True, 1152 "v6.4.1": True, 1153 "v6.2.0": True, 1154 "v6.2.3": True, 1155 "v6.2.5": True, 1156 "v6.2.7": True, 1157 "v6.0.11": True 1158 } 1159 }, 1160 "modify_bearer_req_resp": { 1161 "type": "string", 1162 "options": [ 1163 { 1164 "value": "allow", 1165 "revisions": { 1166 "v6.0.0": True, 1167 "v7.0.0": True, 1168 "v6.0.5": True, 1169 "v6.4.4": True, 1170 "v6.4.0": True, 1171 "v6.4.1": True, 1172 "v6.2.0": True, 1173 "v6.2.3": True, 1174 "v6.2.5": True, 1175 "v6.2.7": True, 1176 "v6.0.11": True 1177 } 1178 }, 1179 { 1180 "value": "deny", 1181 "revisions": { 1182 "v6.0.0": True, 1183 "v7.0.0": True, 1184 "v6.0.5": True, 1185 "v6.4.4": True, 1186 "v6.4.0": True, 1187 "v6.4.1": True, 1188 "v6.2.0": True, 1189 "v6.2.3": True, 1190 "v6.2.5": True, 1191 "v6.2.7": True, 1192 "v6.0.11": True 1193 } 1194 } 1195 ], 1196 "revisions": { 1197 "v6.0.0": True, 1198 "v7.0.0": True, 1199 "v6.0.5": True, 1200 "v6.4.4": True, 1201 "v6.4.0": True, 1202 "v6.4.1": True, 1203 "v6.2.0": True, 1204 "v6.2.3": True, 1205 "v6.2.5": True, 1206 "v6.2.7": True, 1207 "v6.0.11": True 1208 } 1209 }, 1210 "create_bearer": { 1211 "type": "string", 1212 "options": [ 1213 { 1214 "value": "allow", 1215 "revisions": { 1216 "v6.0.0": True, 1217 "v7.0.0": True, 1218 "v6.0.5": True, 1219 "v6.4.4": True, 1220 "v6.4.0": True, 1221 "v6.4.1": True, 1222 "v6.2.0": True, 1223 "v6.2.3": True, 1224 "v6.2.5": True, 1225 "v6.2.7": True, 1226 "v6.0.11": True 1227 } 1228 }, 1229 { 1230 "value": "deny", 1231 "revisions": { 1232 "v6.0.0": True, 1233 "v7.0.0": True, 1234 "v6.0.5": True, 1235 "v6.4.4": True, 1236 "v6.4.0": True, 1237 "v6.4.1": True, 1238 "v6.2.0": True, 1239 "v6.2.3": True, 1240 "v6.2.5": True, 1241 "v6.2.7": True, 1242 "v6.0.11": True 1243 } 1244 } 1245 ], 1246 "revisions": { 1247 "v6.0.0": True, 1248 "v7.0.0": True, 1249 "v6.0.5": True, 1250 "v6.4.4": True, 1251 "v6.4.0": True, 1252 "v6.4.1": True, 1253 "v6.2.0": True, 1254 "v6.2.3": True, 1255 "v6.2.5": True, 1256 "v6.2.7": True, 1257 "v6.0.11": True 1258 } 1259 }, 1260 "trace_session": { 1261 "type": "string", 1262 "options": [ 1263 { 1264 "value": "allow", 1265 "revisions": { 1266 "v6.0.0": True, 1267 "v7.0.0": True, 1268 "v6.0.5": True, 1269 "v6.4.4": True, 1270 "v6.4.0": True, 1271 "v6.4.1": True, 1272 "v6.2.0": True, 1273 "v6.2.3": True, 1274 "v6.2.5": True, 1275 "v6.2.7": True, 1276 "v6.0.11": True 1277 } 1278 }, 1279 { 1280 "value": "deny", 1281 "revisions": { 1282 "v6.0.0": True, 1283 "v7.0.0": True, 1284 "v6.0.5": True, 1285 "v6.4.4": True, 1286 "v6.4.0": True, 1287 "v6.4.1": True, 1288 "v6.2.0": True, 1289 "v6.2.3": True, 1290 "v6.2.5": True, 1291 "v6.2.7": True, 1292 "v6.0.11": True 1293 } 1294 } 1295 ], 1296 "revisions": { 1297 "v6.0.0": True, 1298 "v7.0.0": True, 1299 "v6.0.5": True, 1300 "v6.4.4": True, 1301 "v6.4.0": True, 1302 "v6.4.1": True, 1303 "v6.2.0": True, 1304 "v6.2.3": True, 1305 "v6.2.5": True, 1306 "v6.2.7": True, 1307 "v6.0.11": True 1308 } 1309 }, 1310 "unknown_message_white_list": { 1311 "type": "list", 1312 "children": { 1313 "id": { 1314 "type": "integer", 1315 "revisions": { 1316 "v6.0.0": True, 1317 "v7.0.0": True, 1318 "v6.0.5": True, 1319 "v6.4.4": True, 1320 "v6.4.0": True, 1321 "v6.4.1": True, 1322 "v6.2.0": True, 1323 "v6.2.3": True, 1324 "v6.2.5": True, 1325 "v6.2.7": True, 1326 "v6.0.11": True 1327 } 1328 } 1329 }, 1330 "revisions": { 1331 "v6.0.0": True, 1332 "v7.0.0": True, 1333 "v6.0.5": True, 1334 "v6.4.4": True, 1335 "v6.4.0": True, 1336 "v6.4.1": True, 1337 "v6.2.0": True, 1338 "v6.2.3": True, 1339 "v6.2.5": True, 1340 "v6.2.7": True, 1341 "v6.0.11": True 1342 } 1343 }, 1344 "create_session": { 1345 "type": "string", 1346 "options": [ 1347 { 1348 "value": "allow", 1349 "revisions": { 1350 "v6.0.0": True, 1351 "v7.0.0": True, 1352 "v6.0.5": True, 1353 "v6.4.4": True, 1354 "v6.4.0": True, 1355 "v6.4.1": True, 1356 "v6.2.0": True, 1357 "v6.2.3": True, 1358 "v6.2.5": True, 1359 "v6.2.7": True, 1360 "v6.0.11": True 1361 } 1362 }, 1363 { 1364 "value": "deny", 1365 "revisions": { 1366 "v6.0.0": True, 1367 "v7.0.0": True, 1368 "v6.0.5": True, 1369 "v6.4.4": True, 1370 "v6.4.0": True, 1371 "v6.4.1": True, 1372 "v6.2.0": True, 1373 "v6.2.3": True, 1374 "v6.2.5": True, 1375 "v6.2.7": True, 1376 "v6.0.11": True 1377 } 1378 } 1379 ], 1380 "revisions": { 1381 "v6.0.0": True, 1382 "v7.0.0": True, 1383 "v6.0.5": True, 1384 "v6.4.4": True, 1385 "v6.4.0": True, 1386 "v6.4.1": True, 1387 "v6.2.0": True, 1388 "v6.2.3": True, 1389 "v6.2.5": True, 1390 "v6.2.7": True, 1391 "v6.0.11": True 1392 } 1393 } 1394 }, 1395 "revisions": { 1396 "v6.0.0": True, 1397 "v7.0.0": True, 1398 "v6.0.5": True, 1399 "v6.4.4": True, 1400 "v6.4.0": True, 1401 "v6.4.1": True, 1402 "v6.2.0": True, 1403 "v6.2.3": True, 1404 "v6.2.5": True, 1405 "v6.2.7": True, 1406 "v6.0.11": True 1407 } 1408} 1409 1410 1411def main(): 1412 module_spec = schema_to_module_spec(versioned_schema) 1413 mkeyname = 'name' 1414 fields = { 1415 "access_token": {"required": False, "type": "str", "no_log": True}, 1416 "enable_log": {"required": False, "type": bool}, 1417 "vdom": {"required": False, "type": "str", "default": "root"}, 1418 "state": {"required": True, "type": "str", 1419 "choices": ["present", "absent"]}, 1420 "gtp_message_filter_v2": { 1421 "required": False, "type": "dict", "default": None, 1422 "options": { 1423 } 1424 } 1425 } 1426 for attribute_name in module_spec['options']: 1427 fields["gtp_message_filter_v2"]['options'][attribute_name] = module_spec['options'][attribute_name] 1428 if mkeyname and mkeyname == attribute_name: 1429 fields["gtp_message_filter_v2"]['options'][attribute_name]['required'] = True 1430 1431 check_legacy_fortiosapi() 1432 module = AnsibleModule(argument_spec=fields, 1433 supports_check_mode=True) 1434 1435 versions_check_result = None 1436 if module._socket_path: 1437 connection = Connection(module._socket_path) 1438 if 'access_token' in module.params: 1439 connection.set_option('access_token', module.params['access_token']) 1440 1441 if 'enable_log' in module.params: 1442 connection.set_option('enable_log', module.params['enable_log']) 1443 else: 1444 connection.set_option('enable_log', False) 1445 fos = FortiOSHandler(connection, module, mkeyname) 1446 versions_check_result = check_schema_versioning(fos, versioned_schema, "gtp_message_filter_v2") 1447 1448 is_error, has_changed, result = fortios_gtp(module.params, fos, module.check_mode) 1449 1450 else: 1451 module.fail_json(**FAIL_SOCKET_MSG) 1452 1453 if versions_check_result and versions_check_result['matched'] is False: 1454 module.warn("Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv") 1455 1456 if not is_error: 1457 if versions_check_result and versions_check_result['matched'] is False: 1458 module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result) 1459 else: 1460 module.exit_json(changed=has_changed, meta=result) 1461 else: 1462 if versions_check_result and versions_check_result['matched'] is False: 1463 module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result) 1464 else: 1465 module.fail_json(msg="Error in repo", meta=result) 1466 1467 1468if __name__ == '__main__': 1469 main() 1470