1#!/usr/local/bin/python3.8 2from __future__ import (absolute_import, division, print_function) 3# Copyright 2019-2020 Fortinet, Inc. 4# 5# This program is free software: you can redistribute it and/or modify 6# it under the terms of the GNU General Public License as published by 7# the Free Software Foundation, either version 3 of the License, or 8# (at your option) any later version. 9# 10# This program is distributed in the hope that it will be useful, 11# but WITHOUT ANY WARRANTY; without even the implied warranty of 12# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 13# GNU General Public License for more details. 14# 15# You should have received a copy of the GNU General Public License 16# along with this program. If not, see <https://www.gnu.org/licenses/>. 17 18__metaclass__ = type 19 20ANSIBLE_METADATA = {'status': ['preview'], 21 'supported_by': 'community', 22 'metadata_version': '1.1'} 23 24DOCUMENTATION = ''' 25--- 26module: fortios_vpn_ssl_settings 27short_description: Configure SSL VPN in Fortinet's FortiOS and FortiGate. 28description: 29 - This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the 30 user to set and modify vpn_ssl feature and settings category. 31 Examples include all parameters and values need to be adjusted to datasources before usage. 32 Tested with FOS v6.0.0 33version_added: "2.10" 34author: 35 - Link Zheng (@chillancezen) 36 - Jie Xue (@JieX19) 37 - Hongbin Lu (@fgtdev-hblu) 38 - Frank Shen (@frankshen01) 39 - Miguel Angel Munoz (@mamunozgonzalez) 40 - Nicolas Thomas (@thomnico) 41notes: 42 - Legacy fortiosapi has been deprecated, httpapi is the preferred way to run playbooks 43 44requirements: 45 - ansible>=2.9.0 46options: 47 access_token: 48 description: 49 - Token-based authentication. 50 Generated from GUI of Fortigate. 51 type: str 52 required: false 53 enable_log: 54 description: 55 - Enable/Disable logging for task. 56 type: bool 57 required: false 58 default: false 59 vdom: 60 description: 61 - Virtual domain, among those defined previously. A vdom is a 62 virtual instance of the FortiGate that can be configured and 63 used as a different unit. 64 type: str 65 default: root 66 67 vpn_ssl_settings: 68 description: 69 - Configure SSL VPN. 70 default: null 71 type: dict 72 suboptions: 73 algorithm: 74 description: 75 - Force the SSL-VPN security level. High allows only high. Medium allows medium and high. Low allows any. 76 type: str 77 choices: 78 - high 79 - medium 80 - default 81 - low 82 auth_session_check_source_ip: 83 description: 84 - Enable/disable checking of source IP for authentication session. 85 type: str 86 choices: 87 - enable 88 - disable 89 auth_timeout: 90 description: 91 - SSL-VPN authentication timeout (1 - 259200 sec (3 days), 0 for no timeout). 92 type: int 93 authentication_rule: 94 description: 95 - Authentication rule for SSL VPN. 96 type: list 97 suboptions: 98 auth: 99 description: 100 - SSL VPN authentication method restriction. 101 type: str 102 choices: 103 - any 104 - local 105 - radius 106 - tacacs+ 107 - ldap 108 cipher: 109 description: 110 - SSL VPN cipher strength. 111 type: str 112 choices: 113 - any 114 - high 115 - medium 116 client_cert: 117 description: 118 - Enable/disable SSL VPN client certificate restrictive. 119 type: str 120 choices: 121 - enable 122 - disable 123 groups: 124 description: 125 - User groups. 126 type: list 127 suboptions: 128 name: 129 description: 130 - Group name. Source user.group.name. 131 required: true 132 type: str 133 id: 134 description: 135 - ID (0 - 4294967295). 136 required: true 137 type: int 138 portal: 139 description: 140 - SSL VPN portal. Source vpn.ssl.web.portal.name. 141 type: str 142 realm: 143 description: 144 - SSL VPN realm. Source vpn.ssl.web.realm.url-path. 145 type: str 146 source_address: 147 description: 148 - Source address of incoming traffic. 149 type: list 150 suboptions: 151 name: 152 description: 153 - Address name. Source firewall.address.name firewall.addrgrp.name. 154 required: true 155 type: str 156 source_address_negate: 157 description: 158 - Enable/disable negated source address match. 159 type: str 160 choices: 161 - enable 162 - disable 163 source_address6: 164 description: 165 - IPv6 source address of incoming traffic. 166 type: list 167 suboptions: 168 name: 169 description: 170 - IPv6 address name. Source firewall.address6.name firewall.addrgrp6.name. 171 required: true 172 type: str 173 source_address6_negate: 174 description: 175 - Enable/disable negated source IPv6 address match. 176 type: str 177 choices: 178 - enable 179 - disable 180 source_interface: 181 description: 182 - SSL VPN source interface of incoming traffic. 183 type: list 184 suboptions: 185 name: 186 description: 187 - Interface name. Source system.interface.name system.zone.name. 188 required: true 189 type: str 190 user_peer: 191 description: 192 - Name of user peer. Source user.peer.name. 193 type: str 194 users: 195 description: 196 - User name. 197 type: list 198 suboptions: 199 name: 200 description: 201 - User name. Source user.local.name. 202 required: true 203 type: str 204 auto_tunnel_static_route: 205 description: 206 - Enable to auto-create static routes for the SSL-VPN tunnel IP addresses. 207 type: str 208 choices: 209 - enable 210 - disable 211 banned_cipher: 212 description: 213 - Select one or more cipher technologies that cannot be used in SSL-VPN negotiations. 214 type: list 215 choices: 216 - RSA 217 - DH 218 - DHE 219 - ECDH 220 - ECDHE 221 - DSS 222 - ECDSA 223 - AES 224 - AESGCM 225 - CAMELLIA 226 - 3DES 227 - SHA1 228 - SHA256 229 - SHA384 230 - STATIC 231 - CHACHA20 232 - ARIA 233 - AESCCM 234 check_referer: 235 description: 236 - Enable/disable verification of referer field in HTTP request header. 237 type: str 238 choices: 239 - enable 240 - disable 241 ciphersuite: 242 description: 243 - Select one or more TLS 1.3 ciphersuites to enable. Does not affect ciphers in TLS 1.2 and below. At least one must be enabled. To 244 disable all, set ssl-max-proto-ver to tls1-2 or below. 245 type: list 246 choices: 247 - TLS-AES-128-GCM-SHA256 248 - TLS-AES-256-GCM-SHA384 249 - TLS-CHACHA20-POLY1305-SHA256 250 - TLS-AES-128-CCM-SHA256 251 - TLS-AES-128-CCM-8-SHA256 252 client_sigalgs: 253 description: 254 - Set signature algorithms related to client authentication. Affects TLS version <= 1.2 only. 255 type: str 256 choices: 257 - no-rsa-pss 258 - all 259 default_portal: 260 description: 261 - Default SSL VPN portal. Source vpn.ssl.web.portal.name. 262 type: str 263 deflate_compression_level: 264 description: 265 - Compression level (0~9). 266 type: int 267 deflate_min_data_size: 268 description: 269 - Minimum amount of data that triggers compression (200 - 65535 bytes). 270 type: int 271 dns_server1: 272 description: 273 - DNS server 1. 274 type: str 275 dns_server2: 276 description: 277 - DNS server 2. 278 type: str 279 dns_suffix: 280 description: 281 - DNS suffix used for SSL-VPN clients. 282 type: str 283 dtls_hello_timeout: 284 description: 285 - SSLVPN maximum DTLS hello timeout (10 - 60 sec). 286 type: int 287 dtls_max_proto_ver: 288 description: 289 - DTLS maximum protocol version. 290 type: str 291 choices: 292 - dtls1-0 293 - dtls1-2 294 dtls_min_proto_ver: 295 description: 296 - DTLS minimum protocol version. 297 type: str 298 choices: 299 - dtls1-0 300 - dtls1-2 301 dtls_tunnel: 302 description: 303 - Enable DTLS to prevent eavesdropping, tampering, or message forgery. 304 type: str 305 choices: 306 - enable 307 - disable 308 dual_stack_mode: 309 description: 310 - 'Tunnel mode: enable parallel IPv4 and IPv6 tunnel. Web mode: support IPv4 and IPv6 bookmarks in the portal.' 311 type: str 312 choices: 313 - enable 314 - disable 315 encode_2f_sequence: 316 description: 317 - Encode 2F sequence to forward slash in URLs. 318 type: str 319 choices: 320 - enable 321 - disable 322 encrypt_and_store_password: 323 description: 324 - Encrypt and store user passwords for SSL VPN web sessions. 325 type: str 326 choices: 327 - enable 328 - disable 329 force_two_factor_auth: 330 description: 331 - Enable to force two-factor authentication for all SSL-VPNs. 332 type: str 333 choices: 334 - enable 335 - disable 336 header_x_forwarded_for: 337 description: 338 - Forward the same, add, or remove HTTP header. 339 type: str 340 choices: 341 - pass 342 - add 343 - remove 344 hsts_include_subdomains: 345 description: 346 - Add HSTS includeSubDomains response header. 347 type: str 348 choices: 349 - enable 350 - disable 351 http_compression: 352 description: 353 - Enable to allow HTTP compression over SSL-VPN tunnels. 354 type: str 355 choices: 356 - enable 357 - disable 358 http_only_cookie: 359 description: 360 - Enable/disable SSL-VPN support for HttpOnly cookies. 361 type: str 362 choices: 363 - enable 364 - disable 365 http_request_body_timeout: 366 description: 367 - SSL-VPN session is disconnected if an HTTP request body is not received within this time (1 - 60 sec). 368 type: int 369 http_request_header_timeout: 370 description: 371 - SSL-VPN session is disconnected if an HTTP request header is not received within this time (1 - 60 sec). 372 type: int 373 https_redirect: 374 description: 375 - Enable/disable redirect of port 80 to SSL-VPN port. 376 type: str 377 choices: 378 - enable 379 - disable 380 idle_timeout: 381 description: 382 - SSL VPN disconnects if idle for specified time in seconds. 383 type: int 384 ipv6_dns_server1: 385 description: 386 - IPv6 DNS server 1. 387 type: str 388 ipv6_dns_server2: 389 description: 390 - IPv6 DNS server 2. 391 type: str 392 ipv6_wins_server1: 393 description: 394 - IPv6 WINS server 1. 395 type: str 396 ipv6_wins_server2: 397 description: 398 - IPv6 WINS server 2. 399 type: str 400 login_attempt_limit: 401 description: 402 - SSL VPN maximum login attempt times before block (0 - 10). 403 type: int 404 login_block_time: 405 description: 406 - Time for which a user is blocked from logging in after too many failed login attempts (0 - 86400 sec). 407 type: int 408 login_timeout: 409 description: 410 - SSLVPN maximum login timeout (10 - 180 sec). 411 type: int 412 port: 413 description: 414 - SSL-VPN access port (1 - 65535). 415 type: int 416 port_precedence: 417 description: 418 - Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface. 419 type: str 420 choices: 421 - enable 422 - disable 423 reqclientcert: 424 description: 425 - Enable to require client certificates for all SSL-VPN users. 426 type: str 427 choices: 428 - enable 429 - disable 430 route_source_interface: 431 description: 432 - Enable to allow SSL-VPN sessions to bypass routing and bind to the incoming interface. 433 type: str 434 choices: 435 - enable 436 - disable 437 servercert: 438 description: 439 - Name of the server certificate to be used for SSL-VPNs. Source vpn.certificate.local.name. 440 type: str 441 source_address: 442 description: 443 - Source address of incoming traffic. 444 type: list 445 suboptions: 446 name: 447 description: 448 - Address name. Source firewall.address.name firewall.addrgrp.name. 449 required: true 450 type: str 451 source_address_negate: 452 description: 453 - Enable/disable negated source address match. 454 type: str 455 choices: 456 - enable 457 - disable 458 source_address6: 459 description: 460 - IPv6 source address of incoming traffic. 461 type: list 462 suboptions: 463 name: 464 description: 465 - IPv6 address name. Source firewall.address6.name firewall.addrgrp6.name. 466 required: true 467 type: str 468 source_address6_negate: 469 description: 470 - Enable/disable negated source IPv6 address match. 471 type: str 472 choices: 473 - enable 474 - disable 475 source_interface: 476 description: 477 - SSL VPN source interface of incoming traffic. 478 type: list 479 suboptions: 480 name: 481 description: 482 - Interface name. Source system.interface.name system.zone.name. 483 required: true 484 type: str 485 ssl_client_renegotiation: 486 description: 487 - Enable to allow client renegotiation by the server if the tunnel goes down. 488 type: str 489 choices: 490 - disable 491 - enable 492 ssl_insert_empty_fragment: 493 description: 494 - Enable/disable insertion of empty fragment. 495 type: str 496 choices: 497 - enable 498 - disable 499 ssl_max_proto_ver: 500 description: 501 - SSL maximum protocol version. 502 type: str 503 choices: 504 - tls1-0 505 - tls1-1 506 - tls1-2 507 - tls1-3 508 ssl_min_proto_ver: 509 description: 510 - SSL minimum protocol version. 511 type: str 512 choices: 513 - tls1-0 514 - tls1-1 515 - tls1-2 516 - tls1-3 517 tlsv1_0: 518 description: 519 - Enable/disable TLSv1.0. 520 type: str 521 choices: 522 - enable 523 - disable 524 tlsv1_1: 525 description: 526 - Enable/disable TLSv1.1. 527 type: str 528 choices: 529 - enable 530 - disable 531 tlsv1_2: 532 description: 533 - Enable/disable TLSv1.2. 534 type: str 535 choices: 536 - enable 537 - disable 538 tlsv1_3: 539 description: 540 - tlsv1-3 541 type: str 542 choices: 543 - enable 544 - disable 545 transform_backward_slashes: 546 description: 547 - Transform backward slashes to forward slashes in URLs. 548 type: str 549 choices: 550 - enable 551 - disable 552 tunnel_addr_assigned_method: 553 description: 554 - Method used for assigning address for tunnel. 555 type: str 556 choices: 557 - first-available 558 - round-robin 559 tunnel_connect_without_reauth: 560 description: 561 - Enable/disable tunnel connection without re-authorization if previous connection dropped. 562 type: str 563 choices: 564 - enable 565 - disable 566 tunnel_ip_pools: 567 description: 568 - Names of the IPv4 IP Pool firewall objects that define the IP addresses reserved for remote clients. 569 type: list 570 suboptions: 571 name: 572 description: 573 - Address name. Source firewall.address.name firewall.addrgrp.name. 574 required: true 575 type: str 576 tunnel_ipv6_pools: 577 description: 578 - Names of the IPv6 IP Pool firewall objects that define the IP addresses reserved for remote clients. 579 type: list 580 suboptions: 581 name: 582 description: 583 - Address name. Source firewall.address6.name firewall.addrgrp6.name. 584 required: true 585 type: str 586 tunnel_user_session_timeout: 587 description: 588 - Time out value to clean up user session after tunnel connection is dropped (1 - 255 sec). 589 type: int 590 unsafe_legacy_renegotiation: 591 description: 592 - Enable/disable unsafe legacy re-negotiation. 593 type: str 594 choices: 595 - enable 596 - disable 597 url_obscuration: 598 description: 599 - Enable to obscure the host name of the URL of the web browser display. 600 type: str 601 choices: 602 - enable 603 - disable 604 user_peer: 605 description: 606 - Name of user peer. Source user.peer.name. 607 type: str 608 wins_server1: 609 description: 610 - WINS server 1. 611 type: str 612 wins_server2: 613 description: 614 - WINS server 2. 615 type: str 616 x_content_type_options: 617 description: 618 - Add HTTP X-Content-Type-Options header. 619 type: str 620 choices: 621 - enable 622 - disable 623''' 624 625EXAMPLES = ''' 626- hosts: fortigates 627 collections: 628 - fortinet.fortios 629 connection: httpapi 630 vars: 631 vdom: "root" 632 ansible_httpapi_use_ssl: yes 633 ansible_httpapi_validate_certs: no 634 ansible_httpapi_port: 443 635 tasks: 636 - name: Configure SSL VPN. 637 fortios_vpn_ssl_settings: 638 vdom: "{{ vdom }}" 639 vpn_ssl_settings: 640 algorithm: "high" 641 auth_session_check_source_ip: "enable" 642 auth_timeout: "5" 643 authentication_rule: 644 - 645 auth: "any" 646 cipher: "any" 647 client_cert: "enable" 648 groups: 649 - 650 name: "default_name_11 (source user.group.name)" 651 id: "12" 652 portal: "<your_own_value> (source vpn.ssl.web.portal.name)" 653 realm: "<your_own_value> (source vpn.ssl.web.realm.url-path)" 654 source_address: 655 - 656 name: "default_name_16 (source firewall.address.name firewall.addrgrp.name)" 657 source_address_negate: "enable" 658 source_address6: 659 - 660 name: "default_name_19 (source firewall.address6.name firewall.addrgrp6.name)" 661 source_address6_negate: "enable" 662 source_interface: 663 - 664 name: "default_name_22 (source system.interface.name system.zone.name)" 665 user_peer: "<your_own_value> (source user.peer.name)" 666 users: 667 - 668 name: "default_name_25 (source user.local.name)" 669 auto_tunnel_static_route: "enable" 670 banned_cipher: "RSA" 671 check_referer: "enable" 672 ciphersuite: "TLS-AES-128-GCM-SHA256" 673 client_sigalgs: "no-rsa-pss" 674 default_portal: "<your_own_value> (source vpn.ssl.web.portal.name)" 675 deflate_compression_level: "32" 676 deflate_min_data_size: "33" 677 dns_server1: "<your_own_value>" 678 dns_server2: "<your_own_value>" 679 dns_suffix: "<your_own_value>" 680 dtls_hello_timeout: "37" 681 dtls_max_proto_ver: "dtls1-0" 682 dtls_min_proto_ver: "dtls1-0" 683 dtls_tunnel: "enable" 684 dual_stack_mode: "enable" 685 encode_2f_sequence: "enable" 686 encrypt_and_store_password: "enable" 687 force_two_factor_auth: "enable" 688 header_x_forwarded_for: "pass" 689 hsts_include_subdomains: "enable" 690 http_compression: "enable" 691 http_only_cookie: "enable" 692 http_request_body_timeout: "49" 693 http_request_header_timeout: "50" 694 https_redirect: "enable" 695 idle_timeout: "52" 696 ipv6_dns_server1: "<your_own_value>" 697 ipv6_dns_server2: "<your_own_value>" 698 ipv6_wins_server1: "<your_own_value>" 699 ipv6_wins_server2: "<your_own_value>" 700 login_attempt_limit: "57" 701 login_block_time: "58" 702 login_timeout: "59" 703 port: "60" 704 port_precedence: "enable" 705 reqclientcert: "enable" 706 route_source_interface: "enable" 707 servercert: "<your_own_value> (source vpn.certificate.local.name)" 708 source_address: 709 - 710 name: "default_name_66 (source firewall.address.name firewall.addrgrp.name)" 711 source_address_negate: "enable" 712 source_address6: 713 - 714 name: "default_name_69 (source firewall.address6.name firewall.addrgrp6.name)" 715 source_address6_negate: "enable" 716 source_interface: 717 - 718 name: "default_name_72 (source system.interface.name system.zone.name)" 719 ssl_client_renegotiation: "disable" 720 ssl_insert_empty_fragment: "enable" 721 ssl_max_proto_ver: "tls1-0" 722 ssl_min_proto_ver: "tls1-0" 723 tlsv1_0: "enable" 724 tlsv1_1: "enable" 725 tlsv1_2: "enable" 726 tlsv1_3: "enable" 727 transform_backward_slashes: "enable" 728 tunnel_addr_assigned_method: "first-available" 729 tunnel_connect_without_reauth: "enable" 730 tunnel_ip_pools: 731 - 732 name: "default_name_85 (source firewall.address.name firewall.addrgrp.name)" 733 tunnel_ipv6_pools: 734 - 735 name: "default_name_87 (source firewall.address6.name firewall.addrgrp6.name)" 736 tunnel_user_session_timeout: "88" 737 unsafe_legacy_renegotiation: "enable" 738 url_obscuration: "enable" 739 user_peer: "<your_own_value> (source user.peer.name)" 740 wins_server1: "<your_own_value>" 741 wins_server2: "<your_own_value>" 742 x_content_type_options: "enable" 743 744''' 745 746RETURN = ''' 747build: 748 description: Build number of the fortigate image 749 returned: always 750 type: str 751 sample: '1547' 752http_method: 753 description: Last method used to provision the content into FortiGate 754 returned: always 755 type: str 756 sample: 'PUT' 757http_status: 758 description: Last result given by FortiGate on last operation applied 759 returned: always 760 type: str 761 sample: "200" 762mkey: 763 description: Master key (id) used in the last call to FortiGate 764 returned: success 765 type: str 766 sample: "id" 767name: 768 description: Name of the table used to fulfill the request 769 returned: always 770 type: str 771 sample: "urlfilter" 772path: 773 description: Path of the table used to fulfill the request 774 returned: always 775 type: str 776 sample: "webfilter" 777revision: 778 description: Internal revision number 779 returned: always 780 type: str 781 sample: "17.0.2.10658" 782serial: 783 description: Serial number of the unit 784 returned: always 785 type: str 786 sample: "FGVMEVYYQT3AB5352" 787status: 788 description: Indication of the operation's result 789 returned: always 790 type: str 791 sample: "success" 792vdom: 793 description: Virtual domain used 794 returned: always 795 type: str 796 sample: "root" 797version: 798 description: Version of the FortiGate 799 returned: always 800 type: str 801 sample: "v5.6.3" 802 803''' 804from ansible.module_utils.basic import AnsibleModule 805from ansible.module_utils.connection import Connection 806from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import FortiOSHandler 807from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_legacy_fortiosapi 808from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import schema_to_module_spec 809from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.fortios import check_schema_versioning 810from ansible_collections.fortinet.fortios.plugins.module_utils.fortimanager.common import FAIL_SOCKET_MSG 811from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import is_same_comparison 812from ansible_collections.fortinet.fortios.plugins.module_utils.fortios.comparison import serialize 813 814 815def filter_vpn_ssl_settings_data(json): 816 option_list = ['algorithm', 'auth_session_check_source_ip', 'auth_timeout', 817 'authentication_rule', 'auto_tunnel_static_route', 'banned_cipher', 818 'check_referer', 'ciphersuite', 'client_sigalgs', 819 'default_portal', 'deflate_compression_level', 'deflate_min_data_size', 820 'dns_server1', 'dns_server2', 'dns_suffix', 821 'dtls_hello_timeout', 'dtls_max_proto_ver', 'dtls_min_proto_ver', 822 'dtls_tunnel', 'dual_stack_mode', 'encode_2f_sequence', 823 'encrypt_and_store_password', 'force_two_factor_auth', 'header_x_forwarded_for', 824 'hsts_include_subdomains', 'http_compression', 'http_only_cookie', 825 'http_request_body_timeout', 'http_request_header_timeout', 'https_redirect', 826 'idle_timeout', 'ipv6_dns_server1', 'ipv6_dns_server2', 827 'ipv6_wins_server1', 'ipv6_wins_server2', 'login_attempt_limit', 828 'login_block_time', 'login_timeout', 'port', 829 'port_precedence', 'reqclientcert', 'route_source_interface', 830 'servercert', 'source_address', 'source_address_negate', 831 'source_address6', 'source_address6_negate', 'source_interface', 832 'ssl_client_renegotiation', 'ssl_insert_empty_fragment', 'ssl_max_proto_ver', 833 'ssl_min_proto_ver', 'tlsv1_0', 'tlsv1_1', 834 'tlsv1_2', 'tlsv1_3', 'transform_backward_slashes', 835 'tunnel_addr_assigned_method', 'tunnel_connect_without_reauth', 'tunnel_ip_pools', 836 'tunnel_ipv6_pools', 'tunnel_user_session_timeout', 'unsafe_legacy_renegotiation', 837 'url_obscuration', 'user_peer', 'wins_server1', 838 'wins_server2', 'x_content_type_options'] 839 dictionary = {} 840 841 for attribute in option_list: 842 if attribute in json and json[attribute] is not None: 843 dictionary[attribute] = json[attribute] 844 845 return dictionary 846 847 848def flatten_single_path(data, path, index): 849 if not data or index == len(path) or path[index] not in data or not data[path[index]]: 850 return 851 852 if index == len(path) - 1: 853 data[path[index]] = ' '.join(str(elem) for elem in data[path[index]]) 854 elif isinstance(data[path[index]], list): 855 for value in data[path[index]]: 856 flatten_single_path(value, path, index + 1) 857 else: 858 flatten_single_path(data[path[index]], path, index + 1) 859 860 861def flatten_multilists_attributes(data): 862 multilist_attrs = [[u'banned_cipher'], [u'ciphersuite']] 863 864 for attr in multilist_attrs: 865 flatten_single_path(data, attr, 0) 866 867 return data 868 869 870def underscore_to_hyphen(data): 871 if isinstance(data, list): 872 for i, elem in enumerate(data): 873 data[i] = underscore_to_hyphen(elem) 874 elif isinstance(data, dict): 875 new_data = {} 876 for k, v in data.items(): 877 new_data[k.replace('_', '-')] = underscore_to_hyphen(v) 878 data = new_data 879 880 return data 881 882 883def vpn_ssl_settings(data, fos): 884 vdom = data['vdom'] 885 vpn_ssl_settings_data = data['vpn_ssl_settings'] 886 vpn_ssl_settings_data = flatten_multilists_attributes(vpn_ssl_settings_data) 887 filtered_data = underscore_to_hyphen(filter_vpn_ssl_settings_data(vpn_ssl_settings_data)) 888 889 return fos.set('vpn.ssl', 890 'settings', 891 data=filtered_data, 892 vdom=vdom) 893 894 895def is_successful_status(status): 896 return status['status'] == "success" or \ 897 status['http_method'] == "DELETE" and status['http_status'] == 404 898 899 900def fortios_vpn_ssl(data, fos): 901 902 if data['vpn_ssl_settings']: 903 resp = vpn_ssl_settings(data, fos) 904 else: 905 fos._module.fail_json(msg='missing task body: %s' % ('vpn_ssl_settings')) 906 907 return not is_successful_status(resp), \ 908 resp['status'] == "success" and \ 909 (resp['revision_changed'] if 'revision_changed' in resp else True), \ 910 resp 911 912 913versioned_schema = { 914 "type": "dict", 915 "children": { 916 "force_two_factor_auth": { 917 "type": "string", 918 "options": [ 919 { 920 "value": "enable", 921 "revisions": { 922 "v6.0.0": True, 923 "v7.0.0": True, 924 "v6.0.5": True, 925 "v6.4.4": True, 926 "v6.4.0": True, 927 "v6.4.1": True, 928 "v6.2.0": True, 929 "v6.2.3": True, 930 "v6.2.5": True, 931 "v6.2.7": True, 932 "v6.0.11": True 933 } 934 }, 935 { 936 "value": "disable", 937 "revisions": { 938 "v6.0.0": True, 939 "v7.0.0": True, 940 "v6.0.5": True, 941 "v6.4.4": True, 942 "v6.4.0": True, 943 "v6.4.1": True, 944 "v6.2.0": True, 945 "v6.2.3": True, 946 "v6.2.5": True, 947 "v6.2.7": True, 948 "v6.0.11": True 949 } 950 } 951 ], 952 "revisions": { 953 "v6.0.0": True, 954 "v7.0.0": True, 955 "v6.0.5": True, 956 "v6.4.4": True, 957 "v6.4.0": True, 958 "v6.4.1": True, 959 "v6.2.0": True, 960 "v6.2.3": True, 961 "v6.2.5": True, 962 "v6.2.7": True, 963 "v6.0.11": True 964 } 965 }, 966 "banned_cipher": { 967 "multiple_values": True, 968 "type": "list", 969 "options": [ 970 { 971 "value": "RSA", 972 "revisions": { 973 "v6.0.0": True, 974 "v7.0.0": True, 975 "v6.0.5": True, 976 "v6.4.4": True, 977 "v6.4.0": True, 978 "v6.4.1": True, 979 "v6.2.0": True, 980 "v6.2.3": True, 981 "v6.2.5": True, 982 "v6.2.7": True, 983 "v6.0.11": True 984 } 985 }, 986 { 987 "value": "DH", 988 "revisions": { 989 "v6.0.0": True, 990 "v7.0.0": False, 991 "v6.0.5": True, 992 "v6.4.4": False, 993 "v6.4.0": False, 994 "v6.4.1": False, 995 "v6.2.0": False, 996 "v6.2.3": False, 997 "v6.2.5": False, 998 "v6.2.7": False, 999 "v6.0.11": True 1000 } 1001 }, 1002 { 1003 "value": "DHE", 1004 "revisions": { 1005 "v6.0.0": True, 1006 "v7.0.0": True, 1007 "v6.0.5": True, 1008 "v6.4.4": True, 1009 "v6.4.0": True, 1010 "v6.4.1": True, 1011 "v6.2.0": True, 1012 "v6.2.3": True, 1013 "v6.2.5": True, 1014 "v6.2.7": True, 1015 "v6.0.11": True 1016 } 1017 }, 1018 { 1019 "value": "ECDH", 1020 "revisions": { 1021 "v6.0.0": True, 1022 "v7.0.0": False, 1023 "v6.0.5": True, 1024 "v6.4.4": False, 1025 "v6.4.0": False, 1026 "v6.4.1": False, 1027 "v6.2.0": False, 1028 "v6.2.3": False, 1029 "v6.2.5": False, 1030 "v6.2.7": False, 1031 "v6.0.11": True 1032 } 1033 }, 1034 { 1035 "value": "ECDHE", 1036 "revisions": { 1037 "v6.0.0": True, 1038 "v7.0.0": True, 1039 "v6.0.5": True, 1040 "v6.4.4": True, 1041 "v6.4.0": True, 1042 "v6.4.1": True, 1043 "v6.2.0": True, 1044 "v6.2.3": True, 1045 "v6.2.5": True, 1046 "v6.2.7": True, 1047 "v6.0.11": True 1048 } 1049 }, 1050 { 1051 "value": "DSS", 1052 "revisions": { 1053 "v6.0.0": True, 1054 "v7.0.0": True, 1055 "v6.0.5": True, 1056 "v6.4.4": True, 1057 "v6.4.0": True, 1058 "v6.4.1": True, 1059 "v6.2.0": True, 1060 "v6.2.3": True, 1061 "v6.2.5": True, 1062 "v6.2.7": True, 1063 "v6.0.11": True 1064 } 1065 }, 1066 { 1067 "value": "ECDSA", 1068 "revisions": { 1069 "v6.0.0": True, 1070 "v7.0.0": True, 1071 "v6.0.5": True, 1072 "v6.4.4": True, 1073 "v6.4.0": True, 1074 "v6.4.1": True, 1075 "v6.2.0": True, 1076 "v6.2.3": True, 1077 "v6.2.5": True, 1078 "v6.2.7": True, 1079 "v6.0.11": True 1080 } 1081 }, 1082 { 1083 "value": "AES", 1084 "revisions": { 1085 "v6.0.0": True, 1086 "v7.0.0": True, 1087 "v6.0.5": True, 1088 "v6.4.4": True, 1089 "v6.4.0": True, 1090 "v6.4.1": True, 1091 "v6.2.0": True, 1092 "v6.2.3": True, 1093 "v6.2.5": True, 1094 "v6.2.7": True, 1095 "v6.0.11": True 1096 } 1097 }, 1098 { 1099 "value": "AESGCM", 1100 "revisions": { 1101 "v6.0.0": True, 1102 "v7.0.0": True, 1103 "v6.0.5": True, 1104 "v6.4.4": True, 1105 "v6.4.0": True, 1106 "v6.4.1": True, 1107 "v6.2.0": True, 1108 "v6.2.3": True, 1109 "v6.2.5": True, 1110 "v6.2.7": True, 1111 "v6.0.11": True 1112 } 1113 }, 1114 { 1115 "value": "CAMELLIA", 1116 "revisions": { 1117 "v6.0.0": True, 1118 "v7.0.0": True, 1119 "v6.0.5": True, 1120 "v6.4.4": True, 1121 "v6.4.0": True, 1122 "v6.4.1": True, 1123 "v6.2.0": True, 1124 "v6.2.3": True, 1125 "v6.2.5": True, 1126 "v6.2.7": True, 1127 "v6.0.11": True 1128 } 1129 }, 1130 { 1131 "value": "3DES", 1132 "revisions": { 1133 "v6.0.0": True, 1134 "v7.0.0": True, 1135 "v6.0.5": True, 1136 "v6.4.4": True, 1137 "v6.4.0": True, 1138 "v6.4.1": True, 1139 "v6.2.0": True, 1140 "v6.2.3": True, 1141 "v6.2.5": True, 1142 "v6.2.7": True, 1143 "v6.0.11": True 1144 } 1145 }, 1146 { 1147 "value": "SHA1", 1148 "revisions": { 1149 "v6.0.0": True, 1150 "v7.0.0": True, 1151 "v6.0.5": True, 1152 "v6.4.4": True, 1153 "v6.4.0": True, 1154 "v6.4.1": True, 1155 "v6.2.0": True, 1156 "v6.2.3": True, 1157 "v6.2.5": True, 1158 "v6.2.7": True, 1159 "v6.0.11": True 1160 } 1161 }, 1162 { 1163 "value": "SHA256", 1164 "revisions": { 1165 "v6.0.0": True, 1166 "v7.0.0": True, 1167 "v6.0.5": True, 1168 "v6.4.4": True, 1169 "v6.4.0": True, 1170 "v6.4.1": True, 1171 "v6.2.0": True, 1172 "v6.2.3": True, 1173 "v6.2.5": True, 1174 "v6.2.7": True, 1175 "v6.0.11": True 1176 } 1177 }, 1178 { 1179 "value": "SHA384", 1180 "revisions": { 1181 "v6.0.0": True, 1182 "v7.0.0": True, 1183 "v6.0.5": True, 1184 "v6.4.4": True, 1185 "v6.4.0": True, 1186 "v6.4.1": True, 1187 "v6.2.0": True, 1188 "v6.2.3": True, 1189 "v6.2.5": True, 1190 "v6.2.7": True, 1191 "v6.0.11": True 1192 } 1193 }, 1194 { 1195 "value": "STATIC", 1196 "revisions": { 1197 "v6.0.0": True, 1198 "v7.0.0": True, 1199 "v6.0.5": True, 1200 "v6.4.4": True, 1201 "v6.4.0": True, 1202 "v6.4.1": True, 1203 "v6.2.0": True, 1204 "v6.2.3": True, 1205 "v6.2.5": True, 1206 "v6.2.7": True, 1207 "v6.0.11": True 1208 } 1209 }, 1210 { 1211 "value": "CHACHA20", 1212 "revisions": { 1213 "v7.0.0": True 1214 } 1215 }, 1216 { 1217 "value": "ARIA", 1218 "revisions": { 1219 "v7.0.0": True 1220 } 1221 }, 1222 { 1223 "value": "AESCCM", 1224 "revisions": { 1225 "v7.0.0": True 1226 } 1227 } 1228 ], 1229 "revisions": { 1230 "v6.0.0": True, 1231 "v7.0.0": True, 1232 "v6.0.5": True, 1233 "v6.4.4": True, 1234 "v6.4.0": True, 1235 "v6.4.1": True, 1236 "v6.2.0": True, 1237 "v6.2.3": True, 1238 "v6.2.5": True, 1239 "v6.2.7": True, 1240 "v6.0.11": True 1241 } 1242 }, 1243 "dns_suffix": { 1244 "type": "string", 1245 "revisions": { 1246 "v6.0.0": True, 1247 "v7.0.0": True, 1248 "v6.0.5": True, 1249 "v6.4.4": True, 1250 "v6.4.0": True, 1251 "v6.4.1": True, 1252 "v6.2.0": True, 1253 "v6.2.3": True, 1254 "v6.2.5": True, 1255 "v6.2.7": True, 1256 "v6.0.11": True 1257 } 1258 }, 1259 "dns_server2": { 1260 "type": "string", 1261 "revisions": { 1262 "v6.0.0": True, 1263 "v7.0.0": True, 1264 "v6.0.5": True, 1265 "v6.4.4": True, 1266 "v6.4.0": True, 1267 "v6.4.1": True, 1268 "v6.2.0": True, 1269 "v6.2.3": True, 1270 "v6.2.5": True, 1271 "v6.2.7": True, 1272 "v6.0.11": True 1273 } 1274 }, 1275 "authentication_rule": { 1276 "type": "list", 1277 "children": { 1278 "realm": { 1279 "type": "string", 1280 "revisions": { 1281 "v6.0.0": True, 1282 "v7.0.0": True, 1283 "v6.0.5": True, 1284 "v6.4.4": True, 1285 "v6.4.0": True, 1286 "v6.4.1": True, 1287 "v6.2.0": True, 1288 "v6.2.3": True, 1289 "v6.2.5": True, 1290 "v6.2.7": True, 1291 "v6.0.11": True 1292 } 1293 }, 1294 "users": { 1295 "type": "list", 1296 "children": { 1297 "name": { 1298 "type": "string", 1299 "revisions": { 1300 "v6.0.0": True, 1301 "v7.0.0": True, 1302 "v6.0.5": True, 1303 "v6.4.4": True, 1304 "v6.4.0": True, 1305 "v6.4.1": True, 1306 "v6.2.0": True, 1307 "v6.2.3": True, 1308 "v6.2.5": True, 1309 "v6.2.7": True, 1310 "v6.0.11": True 1311 } 1312 } 1313 }, 1314 "revisions": { 1315 "v6.0.0": True, 1316 "v7.0.0": True, 1317 "v6.0.5": True, 1318 "v6.4.4": True, 1319 "v6.4.0": True, 1320 "v6.4.1": True, 1321 "v6.2.0": True, 1322 "v6.2.3": True, 1323 "v6.2.5": True, 1324 "v6.2.7": True, 1325 "v6.0.11": True 1326 } 1327 }, 1328 "source_address6_negate": { 1329 "type": "string", 1330 "options": [ 1331 { 1332 "value": "enable", 1333 "revisions": { 1334 "v6.0.0": True, 1335 "v7.0.0": True, 1336 "v6.0.5": True, 1337 "v6.4.4": True, 1338 "v6.4.0": True, 1339 "v6.4.1": True, 1340 "v6.2.0": True, 1341 "v6.2.3": True, 1342 "v6.2.5": True, 1343 "v6.2.7": True, 1344 "v6.0.11": True 1345 } 1346 }, 1347 { 1348 "value": "disable", 1349 "revisions": { 1350 "v6.0.0": True, 1351 "v7.0.0": True, 1352 "v6.0.5": True, 1353 "v6.4.4": True, 1354 "v6.4.0": True, 1355 "v6.4.1": True, 1356 "v6.2.0": True, 1357 "v6.2.3": True, 1358 "v6.2.5": True, 1359 "v6.2.7": True, 1360 "v6.0.11": True 1361 } 1362 } 1363 ], 1364 "revisions": { 1365 "v6.0.0": True, 1366 "v7.0.0": True, 1367 "v6.0.5": True, 1368 "v6.4.4": True, 1369 "v6.4.0": True, 1370 "v6.4.1": True, 1371 "v6.2.0": True, 1372 "v6.2.3": True, 1373 "v6.2.5": True, 1374 "v6.2.7": True, 1375 "v6.0.11": True 1376 } 1377 }, 1378 "auth": { 1379 "type": "string", 1380 "options": [ 1381 { 1382 "value": "any", 1383 "revisions": { 1384 "v6.0.0": True, 1385 "v7.0.0": True, 1386 "v6.0.5": True, 1387 "v6.4.4": True, 1388 "v6.4.0": True, 1389 "v6.4.1": True, 1390 "v6.2.0": True, 1391 "v6.2.3": True, 1392 "v6.2.5": True, 1393 "v6.2.7": True, 1394 "v6.0.11": True 1395 } 1396 }, 1397 { 1398 "value": "local", 1399 "revisions": { 1400 "v6.0.0": True, 1401 "v7.0.0": True, 1402 "v6.0.5": True, 1403 "v6.4.4": True, 1404 "v6.4.0": True, 1405 "v6.4.1": True, 1406 "v6.2.0": True, 1407 "v6.2.3": True, 1408 "v6.2.5": True, 1409 "v6.2.7": True, 1410 "v6.0.11": True 1411 } 1412 }, 1413 { 1414 "value": "radius", 1415 "revisions": { 1416 "v6.0.0": True, 1417 "v7.0.0": True, 1418 "v6.0.5": True, 1419 "v6.4.4": True, 1420 "v6.4.0": True, 1421 "v6.4.1": True, 1422 "v6.2.0": True, 1423 "v6.2.3": True, 1424 "v6.2.5": True, 1425 "v6.2.7": True, 1426 "v6.0.11": True 1427 } 1428 }, 1429 { 1430 "value": "tacacs+", 1431 "revisions": { 1432 "v6.0.0": True, 1433 "v7.0.0": True, 1434 "v6.0.5": True, 1435 "v6.4.4": True, 1436 "v6.4.0": True, 1437 "v6.4.1": True, 1438 "v6.2.0": True, 1439 "v6.2.3": True, 1440 "v6.2.5": True, 1441 "v6.2.7": True, 1442 "v6.0.11": True 1443 } 1444 }, 1445 { 1446 "value": "ldap", 1447 "revisions": { 1448 "v6.0.0": True, 1449 "v7.0.0": True, 1450 "v6.0.5": True, 1451 "v6.4.4": True, 1452 "v6.4.0": True, 1453 "v6.4.1": True, 1454 "v6.2.0": True, 1455 "v6.2.3": True, 1456 "v6.2.5": True, 1457 "v6.2.7": True, 1458 "v6.0.11": True 1459 } 1460 } 1461 ], 1462 "revisions": { 1463 "v6.0.0": True, 1464 "v7.0.0": True, 1465 "v6.0.5": True, 1466 "v6.4.4": True, 1467 "v6.4.0": True, 1468 "v6.4.1": True, 1469 "v6.2.0": True, 1470 "v6.2.3": True, 1471 "v6.2.5": True, 1472 "v6.2.7": True, 1473 "v6.0.11": True 1474 } 1475 }, 1476 "source_address6": { 1477 "type": "list", 1478 "children": { 1479 "name": { 1480 "type": "string", 1481 "revisions": { 1482 "v6.0.0": True, 1483 "v7.0.0": True, 1484 "v6.0.5": True, 1485 "v6.4.4": True, 1486 "v6.4.0": True, 1487 "v6.4.1": True, 1488 "v6.2.0": True, 1489 "v6.2.3": True, 1490 "v6.2.5": True, 1491 "v6.2.7": True, 1492 "v6.0.11": True 1493 } 1494 } 1495 }, 1496 "revisions": { 1497 "v6.0.0": True, 1498 "v7.0.0": True, 1499 "v6.0.5": True, 1500 "v6.4.4": True, 1501 "v6.4.0": True, 1502 "v6.4.1": True, 1503 "v6.2.0": True, 1504 "v6.2.3": True, 1505 "v6.2.5": True, 1506 "v6.2.7": True, 1507 "v6.0.11": True 1508 } 1509 }, 1510 "user_peer": { 1511 "type": "string", 1512 "revisions": { 1513 "v7.0.0": True, 1514 "v6.4.4": True, 1515 "v6.4.0": True, 1516 "v6.4.1": True, 1517 "v6.2.0": True, 1518 "v6.2.3": True, 1519 "v6.2.5": True, 1520 "v6.2.7": True 1521 } 1522 }, 1523 "cipher": { 1524 "type": "string", 1525 "options": [ 1526 { 1527 "value": "any", 1528 "revisions": { 1529 "v6.0.0": True, 1530 "v7.0.0": True, 1531 "v6.0.5": True, 1532 "v6.4.4": True, 1533 "v6.4.0": True, 1534 "v6.4.1": True, 1535 "v6.2.0": True, 1536 "v6.2.3": True, 1537 "v6.2.5": True, 1538 "v6.2.7": True, 1539 "v6.0.11": True 1540 } 1541 }, 1542 { 1543 "value": "high", 1544 "revisions": { 1545 "v6.0.0": True, 1546 "v7.0.0": True, 1547 "v6.0.5": True, 1548 "v6.4.4": True, 1549 "v6.4.0": True, 1550 "v6.4.1": True, 1551 "v6.2.0": True, 1552 "v6.2.3": True, 1553 "v6.2.5": True, 1554 "v6.2.7": True, 1555 "v6.0.11": True 1556 } 1557 }, 1558 { 1559 "value": "medium", 1560 "revisions": { 1561 "v6.0.0": True, 1562 "v7.0.0": True, 1563 "v6.0.5": True, 1564 "v6.4.4": True, 1565 "v6.4.0": True, 1566 "v6.4.1": True, 1567 "v6.2.0": True, 1568 "v6.2.3": True, 1569 "v6.2.5": True, 1570 "v6.2.7": True, 1571 "v6.0.11": True 1572 } 1573 } 1574 ], 1575 "revisions": { 1576 "v6.0.0": True, 1577 "v7.0.0": True, 1578 "v6.0.5": True, 1579 "v6.4.4": True, 1580 "v6.4.0": True, 1581 "v6.4.1": True, 1582 "v6.2.0": True, 1583 "v6.2.3": True, 1584 "v6.2.5": True, 1585 "v6.2.7": True, 1586 "v6.0.11": True 1587 } 1588 }, 1589 "portal": { 1590 "type": "string", 1591 "revisions": { 1592 "v6.0.0": True, 1593 "v7.0.0": True, 1594 "v6.0.5": True, 1595 "v6.4.4": True, 1596 "v6.4.0": True, 1597 "v6.4.1": True, 1598 "v6.2.0": True, 1599 "v6.2.3": True, 1600 "v6.2.5": True, 1601 "v6.2.7": True, 1602 "v6.0.11": True 1603 } 1604 }, 1605 "groups": { 1606 "type": "list", 1607 "children": { 1608 "name": { 1609 "type": "string", 1610 "revisions": { 1611 "v6.0.0": True, 1612 "v7.0.0": True, 1613 "v6.0.5": True, 1614 "v6.4.4": True, 1615 "v6.4.0": True, 1616 "v6.4.1": True, 1617 "v6.2.0": True, 1618 "v6.2.3": True, 1619 "v6.2.5": True, 1620 "v6.2.7": True, 1621 "v6.0.11": True 1622 } 1623 } 1624 }, 1625 "revisions": { 1626 "v6.0.0": True, 1627 "v7.0.0": True, 1628 "v6.0.5": True, 1629 "v6.4.4": True, 1630 "v6.4.0": True, 1631 "v6.4.1": True, 1632 "v6.2.0": True, 1633 "v6.2.3": True, 1634 "v6.2.5": True, 1635 "v6.2.7": True, 1636 "v6.0.11": True 1637 } 1638 }, 1639 "source_interface": { 1640 "type": "list", 1641 "children": { 1642 "name": { 1643 "type": "string", 1644 "revisions": { 1645 "v6.0.0": True, 1646 "v7.0.0": True, 1647 "v6.0.5": True, 1648 "v6.4.4": True, 1649 "v6.4.0": True, 1650 "v6.4.1": True, 1651 "v6.2.0": True, 1652 "v6.2.3": True, 1653 "v6.2.5": True, 1654 "v6.2.7": True, 1655 "v6.0.11": True 1656 } 1657 } 1658 }, 1659 "revisions": { 1660 "v6.0.0": True, 1661 "v7.0.0": True, 1662 "v6.0.5": True, 1663 "v6.4.4": True, 1664 "v6.4.0": True, 1665 "v6.4.1": True, 1666 "v6.2.0": True, 1667 "v6.2.3": True, 1668 "v6.2.5": True, 1669 "v6.2.7": True, 1670 "v6.0.11": True 1671 } 1672 }, 1673 "id": { 1674 "type": "integer", 1675 "revisions": { 1676 "v6.0.0": True, 1677 "v7.0.0": True, 1678 "v6.0.5": True, 1679 "v6.4.4": True, 1680 "v6.4.0": True, 1681 "v6.4.1": True, 1682 "v6.2.0": True, 1683 "v6.2.3": True, 1684 "v6.2.5": True, 1685 "v6.2.7": True, 1686 "v6.0.11": True 1687 } 1688 }, 1689 "source_address": { 1690 "type": "list", 1691 "children": { 1692 "name": { 1693 "type": "string", 1694 "revisions": { 1695 "v6.0.0": True, 1696 "v7.0.0": True, 1697 "v6.0.5": True, 1698 "v6.4.4": True, 1699 "v6.4.0": True, 1700 "v6.4.1": True, 1701 "v6.2.0": True, 1702 "v6.2.3": True, 1703 "v6.2.5": True, 1704 "v6.2.7": True, 1705 "v6.0.11": True 1706 } 1707 } 1708 }, 1709 "revisions": { 1710 "v6.0.0": True, 1711 "v7.0.0": True, 1712 "v6.0.5": True, 1713 "v6.4.4": True, 1714 "v6.4.0": True, 1715 "v6.4.1": True, 1716 "v6.2.0": True, 1717 "v6.2.3": True, 1718 "v6.2.5": True, 1719 "v6.2.7": True, 1720 "v6.0.11": True 1721 } 1722 }, 1723 "client_cert": { 1724 "type": "string", 1725 "options": [ 1726 { 1727 "value": "enable", 1728 "revisions": { 1729 "v6.0.0": True, 1730 "v7.0.0": True, 1731 "v6.0.5": True, 1732 "v6.4.4": True, 1733 "v6.4.0": True, 1734 "v6.4.1": True, 1735 "v6.2.0": True, 1736 "v6.2.3": True, 1737 "v6.2.5": True, 1738 "v6.2.7": True, 1739 "v6.0.11": True 1740 } 1741 }, 1742 { 1743 "value": "disable", 1744 "revisions": { 1745 "v6.0.0": True, 1746 "v7.0.0": True, 1747 "v6.0.5": True, 1748 "v6.4.4": True, 1749 "v6.4.0": True, 1750 "v6.4.1": True, 1751 "v6.2.0": True, 1752 "v6.2.3": True, 1753 "v6.2.5": True, 1754 "v6.2.7": True, 1755 "v6.0.11": True 1756 } 1757 } 1758 ], 1759 "revisions": { 1760 "v6.0.0": True, 1761 "v7.0.0": True, 1762 "v6.0.5": True, 1763 "v6.4.4": True, 1764 "v6.4.0": True, 1765 "v6.4.1": True, 1766 "v6.2.0": True, 1767 "v6.2.3": True, 1768 "v6.2.5": True, 1769 "v6.2.7": True, 1770 "v6.0.11": True 1771 } 1772 }, 1773 "source_address_negate": { 1774 "type": "string", 1775 "options": [ 1776 { 1777 "value": "enable", 1778 "revisions": { 1779 "v6.0.0": True, 1780 "v7.0.0": True, 1781 "v6.0.5": True, 1782 "v6.4.4": True, 1783 "v6.4.0": True, 1784 "v6.4.1": True, 1785 "v6.2.0": True, 1786 "v6.2.3": True, 1787 "v6.2.5": True, 1788 "v6.2.7": True, 1789 "v6.0.11": True 1790 } 1791 }, 1792 { 1793 "value": "disable", 1794 "revisions": { 1795 "v6.0.0": True, 1796 "v7.0.0": True, 1797 "v6.0.5": True, 1798 "v6.4.4": True, 1799 "v6.4.0": True, 1800 "v6.4.1": True, 1801 "v6.2.0": True, 1802 "v6.2.3": True, 1803 "v6.2.5": True, 1804 "v6.2.7": True, 1805 "v6.0.11": True 1806 } 1807 } 1808 ], 1809 "revisions": { 1810 "v6.0.0": True, 1811 "v7.0.0": True, 1812 "v6.0.5": True, 1813 "v6.4.4": True, 1814 "v6.4.0": True, 1815 "v6.4.1": True, 1816 "v6.2.0": True, 1817 "v6.2.3": True, 1818 "v6.2.5": True, 1819 "v6.2.7": True, 1820 "v6.0.11": True 1821 } 1822 } 1823 }, 1824 "revisions": { 1825 "v6.0.0": True, 1826 "v7.0.0": True, 1827 "v6.0.5": True, 1828 "v6.4.4": True, 1829 "v6.4.0": True, 1830 "v6.4.1": True, 1831 "v6.2.0": True, 1832 "v6.2.3": True, 1833 "v6.2.5": True, 1834 "v6.2.7": True, 1835 "v6.0.11": True 1836 } 1837 }, 1838 "dual_stack_mode": { 1839 "type": "string", 1840 "options": [ 1841 { 1842 "value": "enable", 1843 "revisions": { 1844 "v7.0.0": True 1845 } 1846 }, 1847 { 1848 "value": "disable", 1849 "revisions": { 1850 "v7.0.0": True 1851 } 1852 } 1853 ], 1854 "revisions": { 1855 "v7.0.0": True 1856 } 1857 }, 1858 "user_peer": { 1859 "type": "string", 1860 "revisions": { 1861 "v7.0.0": True, 1862 "v6.4.4": True, 1863 "v6.4.0": True, 1864 "v6.4.1": True, 1865 "v6.2.0": True, 1866 "v6.2.3": True, 1867 "v6.2.5": True, 1868 "v6.2.7": True 1869 } 1870 }, 1871 "default_portal": { 1872 "type": "string", 1873 "revisions": { 1874 "v6.0.0": True, 1875 "v7.0.0": True, 1876 "v6.0.5": True, 1877 "v6.4.4": True, 1878 "v6.4.0": True, 1879 "v6.4.1": True, 1880 "v6.2.0": True, 1881 "v6.2.3": True, 1882 "v6.2.5": True, 1883 "v6.2.7": True, 1884 "v6.0.11": True 1885 } 1886 }, 1887 "login_timeout": { 1888 "type": "integer", 1889 "revisions": { 1890 "v6.0.0": True, 1891 "v7.0.0": True, 1892 "v6.0.5": True, 1893 "v6.4.4": True, 1894 "v6.4.0": True, 1895 "v6.4.1": True, 1896 "v6.2.0": True, 1897 "v6.2.3": True, 1898 "v6.2.5": True, 1899 "v6.2.7": True, 1900 "v6.0.11": True 1901 } 1902 }, 1903 "login_block_time": { 1904 "type": "integer", 1905 "revisions": { 1906 "v6.0.0": True, 1907 "v7.0.0": True, 1908 "v6.0.5": True, 1909 "v6.4.4": True, 1910 "v6.4.0": True, 1911 "v6.4.1": True, 1912 "v6.2.0": True, 1913 "v6.2.3": True, 1914 "v6.2.5": True, 1915 "v6.2.7": True, 1916 "v6.0.11": True 1917 } 1918 }, 1919 "ipv6_dns_server1": { 1920 "type": "string", 1921 "revisions": { 1922 "v6.0.0": True, 1923 "v7.0.0": True, 1924 "v6.0.5": True, 1925 "v6.4.4": True, 1926 "v6.4.0": True, 1927 "v6.4.1": True, 1928 "v6.2.0": True, 1929 "v6.2.3": True, 1930 "v6.2.5": True, 1931 "v6.2.7": True, 1932 "v6.0.11": True 1933 } 1934 }, 1935 "dtls_tunnel": { 1936 "type": "string", 1937 "options": [ 1938 { 1939 "value": "enable", 1940 "revisions": { 1941 "v6.0.0": True, 1942 "v7.0.0": True, 1943 "v6.0.5": True, 1944 "v6.4.4": True, 1945 "v6.4.0": True, 1946 "v6.4.1": True, 1947 "v6.2.0": True, 1948 "v6.2.3": True, 1949 "v6.2.5": True, 1950 "v6.2.7": True, 1951 "v6.0.11": True 1952 } 1953 }, 1954 { 1955 "value": "disable", 1956 "revisions": { 1957 "v6.0.0": True, 1958 "v7.0.0": True, 1959 "v6.0.5": True, 1960 "v6.4.4": True, 1961 "v6.4.0": True, 1962 "v6.4.1": True, 1963 "v6.2.0": True, 1964 "v6.2.3": True, 1965 "v6.2.5": True, 1966 "v6.2.7": True, 1967 "v6.0.11": True 1968 } 1969 } 1970 ], 1971 "revisions": { 1972 "v6.0.0": True, 1973 "v7.0.0": True, 1974 "v6.0.5": True, 1975 "v6.4.4": True, 1976 "v6.4.0": True, 1977 "v6.4.1": True, 1978 "v6.2.0": True, 1979 "v6.2.3": True, 1980 "v6.2.5": True, 1981 "v6.2.7": True, 1982 "v6.0.11": True 1983 } 1984 }, 1985 "auto_tunnel_static_route": { 1986 "type": "string", 1987 "options": [ 1988 { 1989 "value": "enable", 1990 "revisions": { 1991 "v6.0.0": True, 1992 "v7.0.0": True, 1993 "v6.0.5": True, 1994 "v6.4.4": True, 1995 "v6.4.0": True, 1996 "v6.4.1": True, 1997 "v6.2.0": True, 1998 "v6.2.3": True, 1999 "v6.2.5": True, 2000 "v6.2.7": True, 2001 "v6.0.11": True 2002 } 2003 }, 2004 { 2005 "value": "disable", 2006 "revisions": { 2007 "v6.0.0": True, 2008 "v7.0.0": True, 2009 "v6.0.5": True, 2010 "v6.4.4": True, 2011 "v6.4.0": True, 2012 "v6.4.1": True, 2013 "v6.2.0": True, 2014 "v6.2.3": True, 2015 "v6.2.5": True, 2016 "v6.2.7": True, 2017 "v6.0.11": True 2018 } 2019 } 2020 ], 2021 "revisions": { 2022 "v6.0.0": True, 2023 "v7.0.0": True, 2024 "v6.0.5": True, 2025 "v6.4.4": True, 2026 "v6.4.0": True, 2027 "v6.4.1": True, 2028 "v6.2.0": True, 2029 "v6.2.3": True, 2030 "v6.2.5": True, 2031 "v6.2.7": True, 2032 "v6.0.11": True 2033 } 2034 }, 2035 "header_x_forwarded_for": { 2036 "type": "string", 2037 "options": [ 2038 { 2039 "value": "pass", 2040 "revisions": { 2041 "v6.0.0": True, 2042 "v7.0.0": True, 2043 "v6.0.5": True, 2044 "v6.4.4": True, 2045 "v6.4.0": True, 2046 "v6.4.1": True, 2047 "v6.2.0": True, 2048 "v6.2.3": True, 2049 "v6.2.5": True, 2050 "v6.2.7": True, 2051 "v6.0.11": True 2052 } 2053 }, 2054 { 2055 "value": "add", 2056 "revisions": { 2057 "v6.0.0": True, 2058 "v7.0.0": True, 2059 "v6.0.5": True, 2060 "v6.4.4": True, 2061 "v6.4.0": True, 2062 "v6.4.1": True, 2063 "v6.2.0": True, 2064 "v6.2.3": True, 2065 "v6.2.5": True, 2066 "v6.2.7": True, 2067 "v6.0.11": True 2068 } 2069 }, 2070 { 2071 "value": "remove", 2072 "revisions": { 2073 "v6.0.0": True, 2074 "v7.0.0": True, 2075 "v6.0.5": True, 2076 "v6.4.4": True, 2077 "v6.4.0": True, 2078 "v6.4.1": True, 2079 "v6.2.0": True, 2080 "v6.2.3": True, 2081 "v6.2.5": True, 2082 "v6.2.7": True, 2083 "v6.0.11": True 2084 } 2085 } 2086 ], 2087 "revisions": { 2088 "v6.0.0": True, 2089 "v7.0.0": True, 2090 "v6.0.5": True, 2091 "v6.4.4": True, 2092 "v6.4.0": True, 2093 "v6.4.1": True, 2094 "v6.2.0": True, 2095 "v6.2.3": True, 2096 "v6.2.5": True, 2097 "v6.2.7": True, 2098 "v6.0.11": True 2099 } 2100 }, 2101 "tunnel_connect_without_reauth": { 2102 "type": "string", 2103 "options": [ 2104 { 2105 "value": "enable", 2106 "revisions": { 2107 "v7.0.0": True, 2108 "v6.4.4": True, 2109 "v6.4.0": True, 2110 "v6.4.1": True, 2111 "v6.2.0": True, 2112 "v6.2.3": True, 2113 "v6.2.5": True, 2114 "v6.2.7": True 2115 } 2116 }, 2117 { 2118 "value": "disable", 2119 "revisions": { 2120 "v7.0.0": True, 2121 "v6.4.4": True, 2122 "v6.4.0": True, 2123 "v6.4.1": True, 2124 "v6.2.0": True, 2125 "v6.2.3": True, 2126 "v6.2.5": True, 2127 "v6.2.7": True 2128 } 2129 } 2130 ], 2131 "revisions": { 2132 "v7.0.0": True, 2133 "v6.4.4": True, 2134 "v6.4.0": True, 2135 "v6.4.1": True, 2136 "v6.2.0": True, 2137 "v6.2.3": True, 2138 "v6.2.5": True, 2139 "v6.2.7": True 2140 } 2141 }, 2142 "servercert": { 2143 "type": "string", 2144 "revisions": { 2145 "v6.0.0": True, 2146 "v7.0.0": True, 2147 "v6.0.5": True, 2148 "v6.4.4": True, 2149 "v6.4.0": True, 2150 "v6.4.1": True, 2151 "v6.2.0": True, 2152 "v6.2.3": True, 2153 "v6.2.5": True, 2154 "v6.2.7": True, 2155 "v6.0.11": True 2156 } 2157 }, 2158 "ssl_insert_empty_fragment": { 2159 "type": "string", 2160 "options": [ 2161 { 2162 "value": "enable", 2163 "revisions": { 2164 "v6.0.0": True, 2165 "v7.0.0": True, 2166 "v6.0.5": True, 2167 "v6.4.4": True, 2168 "v6.4.0": True, 2169 "v6.4.1": True, 2170 "v6.2.0": True, 2171 "v6.2.3": True, 2172 "v6.2.5": True, 2173 "v6.2.7": True, 2174 "v6.0.11": True 2175 } 2176 }, 2177 { 2178 "value": "disable", 2179 "revisions": { 2180 "v6.0.0": True, 2181 "v7.0.0": True, 2182 "v6.0.5": True, 2183 "v6.4.4": True, 2184 "v6.4.0": True, 2185 "v6.4.1": True, 2186 "v6.2.0": True, 2187 "v6.2.3": True, 2188 "v6.2.5": True, 2189 "v6.2.7": True, 2190 "v6.0.11": True 2191 } 2192 } 2193 ], 2194 "revisions": { 2195 "v6.0.0": True, 2196 "v7.0.0": True, 2197 "v6.0.5": True, 2198 "v6.4.4": True, 2199 "v6.4.0": True, 2200 "v6.4.1": True, 2201 "v6.2.0": True, 2202 "v6.2.3": True, 2203 "v6.2.5": True, 2204 "v6.2.7": True, 2205 "v6.0.11": True 2206 } 2207 }, 2208 "ssl_min_proto_ver": { 2209 "type": "string", 2210 "options": [ 2211 { 2212 "value": "tls1-0", 2213 "revisions": { 2214 "v7.0.0": True, 2215 "v6.4.4": True, 2216 "v6.4.0": True, 2217 "v6.4.1": True, 2218 "v6.2.0": True, 2219 "v6.2.3": True, 2220 "v6.2.5": True, 2221 "v6.2.7": True 2222 } 2223 }, 2224 { 2225 "value": "tls1-1", 2226 "revisions": { 2227 "v7.0.0": True, 2228 "v6.4.4": True, 2229 "v6.4.0": True, 2230 "v6.4.1": True, 2231 "v6.2.0": True, 2232 "v6.2.3": True, 2233 "v6.2.5": True, 2234 "v6.2.7": True 2235 } 2236 }, 2237 { 2238 "value": "tls1-2", 2239 "revisions": { 2240 "v7.0.0": True, 2241 "v6.4.4": True, 2242 "v6.4.0": True, 2243 "v6.4.1": True, 2244 "v6.2.0": True, 2245 "v6.2.3": True, 2246 "v6.2.5": True, 2247 "v6.2.7": True 2248 } 2249 }, 2250 { 2251 "value": "tls1-3", 2252 "revisions": { 2253 "v7.0.0": True, 2254 "v6.4.4": True, 2255 "v6.4.0": True, 2256 "v6.4.1": True, 2257 "v6.2.0": True, 2258 "v6.2.3": True, 2259 "v6.2.5": True, 2260 "v6.2.7": True 2261 } 2262 } 2263 ], 2264 "revisions": { 2265 "v7.0.0": True, 2266 "v6.4.4": True, 2267 "v6.4.0": True, 2268 "v6.4.1": True, 2269 "v6.2.0": True, 2270 "v6.2.3": True, 2271 "v6.2.5": True, 2272 "v6.2.7": True 2273 } 2274 }, 2275 "deflate_min_data_size": { 2276 "type": "integer", 2277 "revisions": { 2278 "v6.0.0": True, 2279 "v7.0.0": True, 2280 "v6.0.5": True, 2281 "v6.4.4": True, 2282 "v6.4.0": True, 2283 "v6.4.1": True, 2284 "v6.2.0": True, 2285 "v6.2.3": True, 2286 "v6.2.5": True, 2287 "v6.2.7": True, 2288 "v6.0.11": True 2289 } 2290 }, 2291 "ipv6_wins_server1": { 2292 "type": "string", 2293 "revisions": { 2294 "v6.0.0": True, 2295 "v7.0.0": True, 2296 "v6.0.5": True, 2297 "v6.4.4": True, 2298 "v6.4.0": True, 2299 "v6.4.1": True, 2300 "v6.2.0": True, 2301 "v6.2.3": True, 2302 "v6.2.5": True, 2303 "v6.2.7": True, 2304 "v6.0.11": True 2305 } 2306 }, 2307 "ipv6_wins_server2": { 2308 "type": "string", 2309 "revisions": { 2310 "v6.0.0": True, 2311 "v7.0.0": True, 2312 "v6.0.5": True, 2313 "v6.4.4": True, 2314 "v6.4.0": True, 2315 "v6.4.1": True, 2316 "v6.2.0": True, 2317 "v6.2.3": True, 2318 "v6.2.5": True, 2319 "v6.2.7": True, 2320 "v6.0.11": True 2321 } 2322 }, 2323 "x_content_type_options": { 2324 "type": "string", 2325 "options": [ 2326 { 2327 "value": "enable", 2328 "revisions": { 2329 "v6.0.0": True, 2330 "v7.0.0": True, 2331 "v6.0.5": True, 2332 "v6.4.4": True, 2333 "v6.4.0": True, 2334 "v6.4.1": True, 2335 "v6.2.0": True, 2336 "v6.2.3": True, 2337 "v6.2.5": True, 2338 "v6.2.7": True, 2339 "v6.0.11": True 2340 } 2341 }, 2342 { 2343 "value": "disable", 2344 "revisions": { 2345 "v6.0.0": True, 2346 "v7.0.0": True, 2347 "v6.0.5": True, 2348 "v6.4.4": True, 2349 "v6.4.0": True, 2350 "v6.4.1": True, 2351 "v6.2.0": True, 2352 "v6.2.3": True, 2353 "v6.2.5": True, 2354 "v6.2.7": True, 2355 "v6.0.11": True 2356 } 2357 } 2358 ], 2359 "revisions": { 2360 "v6.0.0": True, 2361 "v7.0.0": True, 2362 "v6.0.5": True, 2363 "v6.4.4": True, 2364 "v6.4.0": True, 2365 "v6.4.1": True, 2366 "v6.2.0": True, 2367 "v6.2.3": True, 2368 "v6.2.5": True, 2369 "v6.2.7": True, 2370 "v6.0.11": True 2371 } 2372 }, 2373 "port": { 2374 "type": "integer", 2375 "revisions": { 2376 "v6.0.0": True, 2377 "v7.0.0": True, 2378 "v6.0.5": True, 2379 "v6.4.4": True, 2380 "v6.4.0": True, 2381 "v6.4.1": True, 2382 "v6.2.0": True, 2383 "v6.2.3": True, 2384 "v6.2.5": True, 2385 "v6.2.7": True, 2386 "v6.0.11": True 2387 } 2388 }, 2389 "deflate_compression_level": { 2390 "type": "integer", 2391 "revisions": { 2392 "v6.0.0": True, 2393 "v7.0.0": True, 2394 "v6.0.5": True, 2395 "v6.4.4": True, 2396 "v6.4.0": True, 2397 "v6.4.1": True, 2398 "v6.2.0": True, 2399 "v6.2.3": True, 2400 "v6.2.5": True, 2401 "v6.2.7": True, 2402 "v6.0.11": True 2403 } 2404 }, 2405 "encode_2f_sequence": { 2406 "type": "string", 2407 "options": [ 2408 { 2409 "value": "enable", 2410 "revisions": { 2411 "v7.0.0": True, 2412 "v6.4.4": True, 2413 "v6.4.0": True, 2414 "v6.4.1": True, 2415 "v6.2.0": True, 2416 "v6.2.5": True, 2417 "v6.2.7": True 2418 } 2419 }, 2420 { 2421 "value": "disable", 2422 "revisions": { 2423 "v7.0.0": True, 2424 "v6.4.4": True, 2425 "v6.4.0": True, 2426 "v6.4.1": True, 2427 "v6.2.0": True, 2428 "v6.2.5": True, 2429 "v6.2.7": True 2430 } 2431 } 2432 ], 2433 "revisions": { 2434 "v7.0.0": True, 2435 "v6.4.4": True, 2436 "v6.4.0": True, 2437 "v6.4.1": True, 2438 "v6.2.0": True, 2439 "v6.2.3": False, 2440 "v6.2.5": True, 2441 "v6.2.7": True 2442 } 2443 }, 2444 "unsafe_legacy_renegotiation": { 2445 "type": "string", 2446 "options": [ 2447 { 2448 "value": "enable", 2449 "revisions": { 2450 "v6.0.0": True, 2451 "v7.0.0": True, 2452 "v6.0.5": True, 2453 "v6.4.4": True, 2454 "v6.4.0": True, 2455 "v6.4.1": True, 2456 "v6.2.0": True, 2457 "v6.2.3": True, 2458 "v6.2.5": True, 2459 "v6.2.7": True, 2460 "v6.0.11": True 2461 } 2462 }, 2463 { 2464 "value": "disable", 2465 "revisions": { 2466 "v6.0.0": True, 2467 "v7.0.0": True, 2468 "v6.0.5": True, 2469 "v6.4.4": True, 2470 "v6.4.0": True, 2471 "v6.4.1": True, 2472 "v6.2.0": True, 2473 "v6.2.3": True, 2474 "v6.2.5": True, 2475 "v6.2.7": True, 2476 "v6.0.11": True 2477 } 2478 } 2479 ], 2480 "revisions": { 2481 "v6.0.0": True, 2482 "v7.0.0": True, 2483 "v6.0.5": True, 2484 "v6.4.4": True, 2485 "v6.4.0": True, 2486 "v6.4.1": True, 2487 "v6.2.0": True, 2488 "v6.2.3": True, 2489 "v6.2.5": True, 2490 "v6.2.7": True, 2491 "v6.0.11": True 2492 } 2493 }, 2494 "hsts_include_subdomains": { 2495 "type": "string", 2496 "options": [ 2497 { 2498 "value": "enable", 2499 "revisions": { 2500 "v7.0.0": True, 2501 "v6.4.4": True, 2502 "v6.4.0": True, 2503 "v6.4.1": True, 2504 "v6.2.0": True, 2505 "v6.2.3": True, 2506 "v6.2.5": True, 2507 "v6.2.7": True 2508 } 2509 }, 2510 { 2511 "value": "disable", 2512 "revisions": { 2513 "v7.0.0": True, 2514 "v6.4.4": True, 2515 "v6.4.0": True, 2516 "v6.4.1": True, 2517 "v6.2.0": True, 2518 "v6.2.3": True, 2519 "v6.2.5": True, 2520 "v6.2.7": True 2521 } 2522 } 2523 ], 2524 "revisions": { 2525 "v7.0.0": True, 2526 "v6.4.4": True, 2527 "v6.4.0": True, 2528 "v6.4.1": True, 2529 "v6.2.0": True, 2530 "v6.2.3": True, 2531 "v6.2.5": True, 2532 "v6.2.7": True 2533 } 2534 }, 2535 "dtls_min_proto_ver": { 2536 "type": "string", 2537 "options": [ 2538 { 2539 "value": "dtls1-0", 2540 "revisions": { 2541 "v7.0.0": True, 2542 "v6.4.4": True, 2543 "v6.4.0": True, 2544 "v6.4.1": True, 2545 "v6.2.0": True, 2546 "v6.2.3": True, 2547 "v6.2.5": True, 2548 "v6.2.7": True 2549 } 2550 }, 2551 { 2552 "value": "dtls1-2", 2553 "revisions": { 2554 "v7.0.0": True, 2555 "v6.4.4": True, 2556 "v6.4.0": True, 2557 "v6.4.1": True, 2558 "v6.2.0": True, 2559 "v6.2.3": True, 2560 "v6.2.5": True, 2561 "v6.2.7": True 2562 } 2563 } 2564 ], 2565 "revisions": { 2566 "v7.0.0": True, 2567 "v6.4.4": True, 2568 "v6.4.0": True, 2569 "v6.4.1": True, 2570 "v6.2.0": True, 2571 "v6.2.3": True, 2572 "v6.2.5": True, 2573 "v6.2.7": True 2574 } 2575 }, 2576 "algorithm": { 2577 "type": "string", 2578 "options": [ 2579 { 2580 "value": "high", 2581 "revisions": { 2582 "v6.0.0": True, 2583 "v7.0.0": True, 2584 "v6.0.5": True, 2585 "v6.4.4": True, 2586 "v6.4.0": True, 2587 "v6.4.1": True, 2588 "v6.2.0": True, 2589 "v6.2.3": True, 2590 "v6.2.5": True, 2591 "v6.2.7": True, 2592 "v6.0.11": True 2593 } 2594 }, 2595 { 2596 "value": "medium", 2597 "revisions": { 2598 "v6.0.0": True, 2599 "v7.0.0": True, 2600 "v6.0.5": True, 2601 "v6.4.4": True, 2602 "v6.4.0": True, 2603 "v6.4.1": True, 2604 "v6.2.0": True, 2605 "v6.2.3": True, 2606 "v6.2.5": True, 2607 "v6.2.7": True, 2608 "v6.0.11": True 2609 } 2610 }, 2611 { 2612 "value": "default", 2613 "revisions": { 2614 "v6.0.0": True, 2615 "v7.0.0": True, 2616 "v6.0.5": True, 2617 "v6.4.4": True, 2618 "v6.4.0": True, 2619 "v6.4.1": True, 2620 "v6.2.0": True, 2621 "v6.2.3": True, 2622 "v6.2.5": True, 2623 "v6.2.7": True, 2624 "v6.0.11": True 2625 } 2626 }, 2627 { 2628 "value": "low", 2629 "revisions": { 2630 "v6.0.0": True, 2631 "v7.0.0": True, 2632 "v6.0.5": True, 2633 "v6.4.4": True, 2634 "v6.4.0": True, 2635 "v6.4.1": True, 2636 "v6.2.0": True, 2637 "v6.2.3": True, 2638 "v6.2.5": True, 2639 "v6.2.7": True, 2640 "v6.0.11": True 2641 } 2642 } 2643 ], 2644 "revisions": { 2645 "v6.0.0": True, 2646 "v7.0.0": True, 2647 "v6.0.5": True, 2648 "v6.4.4": True, 2649 "v6.4.0": True, 2650 "v6.4.1": True, 2651 "v6.2.0": True, 2652 "v6.2.3": True, 2653 "v6.2.5": True, 2654 "v6.2.7": True, 2655 "v6.0.11": True 2656 } 2657 }, 2658 "port_precedence": { 2659 "type": "string", 2660 "options": [ 2661 { 2662 "value": "enable", 2663 "revisions": { 2664 "v6.0.0": True, 2665 "v7.0.0": True, 2666 "v6.0.5": True, 2667 "v6.4.4": True, 2668 "v6.4.0": True, 2669 "v6.4.1": True, 2670 "v6.2.0": True, 2671 "v6.2.3": True, 2672 "v6.2.5": True, 2673 "v6.2.7": True, 2674 "v6.0.11": True 2675 } 2676 }, 2677 { 2678 "value": "disable", 2679 "revisions": { 2680 "v6.0.0": True, 2681 "v7.0.0": True, 2682 "v6.0.5": True, 2683 "v6.4.4": True, 2684 "v6.4.0": True, 2685 "v6.4.1": True, 2686 "v6.2.0": True, 2687 "v6.2.3": True, 2688 "v6.2.5": True, 2689 "v6.2.7": True, 2690 "v6.0.11": True 2691 } 2692 } 2693 ], 2694 "revisions": { 2695 "v6.0.0": True, 2696 "v7.0.0": True, 2697 "v6.0.5": True, 2698 "v6.4.4": True, 2699 "v6.4.0": True, 2700 "v6.4.1": True, 2701 "v6.2.0": True, 2702 "v6.2.3": True, 2703 "v6.2.5": True, 2704 "v6.2.7": True, 2705 "v6.0.11": True 2706 } 2707 }, 2708 "source_address": { 2709 "type": "list", 2710 "children": { 2711 "name": { 2712 "type": "string", 2713 "revisions": { 2714 "v6.0.0": True, 2715 "v7.0.0": True, 2716 "v6.0.5": True, 2717 "v6.4.4": True, 2718 "v6.4.0": True, 2719 "v6.4.1": True, 2720 "v6.2.0": True, 2721 "v6.2.3": True, 2722 "v6.2.5": True, 2723 "v6.2.7": True, 2724 "v6.0.11": True 2725 } 2726 } 2727 }, 2728 "revisions": { 2729 "v6.0.0": True, 2730 "v7.0.0": True, 2731 "v6.0.5": True, 2732 "v6.4.4": True, 2733 "v6.4.0": True, 2734 "v6.4.1": True, 2735 "v6.2.0": True, 2736 "v6.2.3": True, 2737 "v6.2.5": True, 2738 "v6.2.7": True, 2739 "v6.0.11": True 2740 } 2741 }, 2742 "ssl_client_renegotiation": { 2743 "type": "string", 2744 "options": [ 2745 { 2746 "value": "disable", 2747 "revisions": { 2748 "v6.0.0": True, 2749 "v7.0.0": True, 2750 "v6.0.5": True, 2751 "v6.4.4": True, 2752 "v6.4.0": True, 2753 "v6.4.1": True, 2754 "v6.2.0": True, 2755 "v6.2.3": True, 2756 "v6.2.5": True, 2757 "v6.2.7": True, 2758 "v6.0.11": True 2759 } 2760 }, 2761 { 2762 "value": "enable", 2763 "revisions": { 2764 "v6.0.0": True, 2765 "v7.0.0": True, 2766 "v6.0.5": True, 2767 "v6.4.4": True, 2768 "v6.4.0": True, 2769 "v6.4.1": True, 2770 "v6.2.0": True, 2771 "v6.2.3": True, 2772 "v6.2.5": True, 2773 "v6.2.7": True, 2774 "v6.0.11": True 2775 } 2776 } 2777 ], 2778 "revisions": { 2779 "v6.0.0": True, 2780 "v7.0.0": True, 2781 "v6.0.5": True, 2782 "v6.4.4": True, 2783 "v6.4.0": True, 2784 "v6.4.1": True, 2785 "v6.2.0": True, 2786 "v6.2.3": True, 2787 "v6.2.5": True, 2788 "v6.2.7": True, 2789 "v6.0.11": True 2790 } 2791 }, 2792 "ciphersuite": { 2793 "multiple_values": True, 2794 "type": "list", 2795 "options": [ 2796 { 2797 "value": "TLS-AES-128-GCM-SHA256", 2798 "revisions": { 2799 "v7.0.0": True 2800 } 2801 }, 2802 { 2803 "value": "TLS-AES-256-GCM-SHA384", 2804 "revisions": { 2805 "v7.0.0": True 2806 } 2807 }, 2808 { 2809 "value": "TLS-CHACHA20-POLY1305-SHA256", 2810 "revisions": { 2811 "v7.0.0": True 2812 } 2813 }, 2814 { 2815 "value": "TLS-AES-128-CCM-SHA256", 2816 "revisions": { 2817 "v7.0.0": True 2818 } 2819 }, 2820 { 2821 "value": "TLS-AES-128-CCM-8-SHA256", 2822 "revisions": { 2823 "v7.0.0": True 2824 } 2825 } 2826 ], 2827 "revisions": { 2828 "v7.0.0": True 2829 } 2830 }, 2831 "dns_server1": { 2832 "type": "string", 2833 "revisions": { 2834 "v6.0.0": True, 2835 "v7.0.0": True, 2836 "v6.0.5": True, 2837 "v6.4.4": True, 2838 "v6.4.0": True, 2839 "v6.4.1": True, 2840 "v6.2.0": True, 2841 "v6.2.3": True, 2842 "v6.2.5": True, 2843 "v6.2.7": True, 2844 "v6.0.11": True 2845 } 2846 }, 2847 "http_only_cookie": { 2848 "type": "string", 2849 "options": [ 2850 { 2851 "value": "enable", 2852 "revisions": { 2853 "v6.0.0": True, 2854 "v7.0.0": True, 2855 "v6.0.5": True, 2856 "v6.4.4": True, 2857 "v6.4.0": True, 2858 "v6.4.1": True, 2859 "v6.2.0": True, 2860 "v6.2.3": True, 2861 "v6.2.5": True, 2862 "v6.2.7": True, 2863 "v6.0.11": True 2864 } 2865 }, 2866 { 2867 "value": "disable", 2868 "revisions": { 2869 "v6.0.0": True, 2870 "v7.0.0": True, 2871 "v6.0.5": True, 2872 "v6.4.4": True, 2873 "v6.4.0": True, 2874 "v6.4.1": True, 2875 "v6.2.0": True, 2876 "v6.2.3": True, 2877 "v6.2.5": True, 2878 "v6.2.7": True, 2879 "v6.0.11": True 2880 } 2881 } 2882 ], 2883 "revisions": { 2884 "v6.0.0": True, 2885 "v7.0.0": True, 2886 "v6.0.5": True, 2887 "v6.4.4": True, 2888 "v6.4.0": True, 2889 "v6.4.1": True, 2890 "v6.2.0": True, 2891 "v6.2.3": True, 2892 "v6.2.5": True, 2893 "v6.2.7": True, 2894 "v6.0.11": True 2895 } 2896 }, 2897 "route_source_interface": { 2898 "type": "string", 2899 "options": [ 2900 { 2901 "value": "enable", 2902 "revisions": { 2903 "v6.0.0": True, 2904 "v6.0.5": True, 2905 "v6.2.0": True, 2906 "v6.2.3": True, 2907 "v6.2.5": True, 2908 "v6.2.7": True, 2909 "v6.0.11": True 2910 } 2911 }, 2912 { 2913 "value": "disable", 2914 "revisions": { 2915 "v6.0.0": True, 2916 "v6.0.5": True, 2917 "v6.2.0": True, 2918 "v6.2.3": True, 2919 "v6.2.5": True, 2920 "v6.2.7": True, 2921 "v6.0.11": True 2922 } 2923 } 2924 ], 2925 "revisions": { 2926 "v6.0.0": True, 2927 "v7.0.0": False, 2928 "v6.0.5": True, 2929 "v6.4.4": False, 2930 "v6.4.0": False, 2931 "v6.4.1": False, 2932 "v6.2.0": True, 2933 "v6.2.3": True, 2934 "v6.2.5": True, 2935 "v6.2.7": True, 2936 "v6.0.11": True 2937 } 2938 }, 2939 "reqclientcert": { 2940 "type": "string", 2941 "options": [ 2942 { 2943 "value": "enable", 2944 "revisions": { 2945 "v6.0.0": True, 2946 "v7.0.0": True, 2947 "v6.0.5": True, 2948 "v6.4.4": True, 2949 "v6.4.0": True, 2950 "v6.4.1": True, 2951 "v6.2.0": True, 2952 "v6.2.3": True, 2953 "v6.2.5": True, 2954 "v6.2.7": True, 2955 "v6.0.11": True 2956 } 2957 }, 2958 { 2959 "value": "disable", 2960 "revisions": { 2961 "v6.0.0": True, 2962 "v7.0.0": True, 2963 "v6.0.5": True, 2964 "v6.4.4": True, 2965 "v6.4.0": True, 2966 "v6.4.1": True, 2967 "v6.2.0": True, 2968 "v6.2.3": True, 2969 "v6.2.5": True, 2970 "v6.2.7": True, 2971 "v6.0.11": True 2972 } 2973 } 2974 ], 2975 "revisions": { 2976 "v6.0.0": True, 2977 "v7.0.0": True, 2978 "v6.0.5": True, 2979 "v6.4.4": True, 2980 "v6.4.0": True, 2981 "v6.4.1": True, 2982 "v6.2.0": True, 2983 "v6.2.3": True, 2984 "v6.2.5": True, 2985 "v6.2.7": True, 2986 "v6.0.11": True 2987 } 2988 }, 2989 "tunnel_user_session_timeout": { 2990 "type": "integer", 2991 "revisions": { 2992 "v7.0.0": True, 2993 "v6.4.4": True, 2994 "v6.4.0": True, 2995 "v6.4.1": True, 2996 "v6.2.0": True, 2997 "v6.2.3": True, 2998 "v6.2.5": True, 2999 "v6.2.7": True 3000 } 3001 }, 3002 "source_interface": { 3003 "type": "list", 3004 "children": { 3005 "name": { 3006 "type": "string", 3007 "revisions": { 3008 "v6.0.0": True, 3009 "v7.0.0": True, 3010 "v6.0.5": True, 3011 "v6.4.4": True, 3012 "v6.4.0": True, 3013 "v6.4.1": True, 3014 "v6.2.0": True, 3015 "v6.2.3": True, 3016 "v6.2.5": True, 3017 "v6.2.7": True, 3018 "v6.0.11": True 3019 } 3020 } 3021 }, 3022 "revisions": { 3023 "v6.0.0": True, 3024 "v7.0.0": True, 3025 "v6.0.5": True, 3026 "v6.4.4": True, 3027 "v6.4.0": True, 3028 "v6.4.1": True, 3029 "v6.2.0": True, 3030 "v6.2.3": True, 3031 "v6.2.5": True, 3032 "v6.2.7": True, 3033 "v6.0.11": True 3034 } 3035 }, 3036 "https_redirect": { 3037 "type": "string", 3038 "options": [ 3039 { 3040 "value": "enable", 3041 "revisions": { 3042 "v6.0.0": True, 3043 "v7.0.0": True, 3044 "v6.0.5": True, 3045 "v6.4.4": True, 3046 "v6.4.0": True, 3047 "v6.4.1": True, 3048 "v6.2.0": True, 3049 "v6.2.3": True, 3050 "v6.2.5": True, 3051 "v6.2.7": True, 3052 "v6.0.11": True 3053 } 3054 }, 3055 { 3056 "value": "disable", 3057 "revisions": { 3058 "v6.0.0": True, 3059 "v7.0.0": True, 3060 "v6.0.5": True, 3061 "v6.4.4": True, 3062 "v6.4.0": True, 3063 "v6.4.1": True, 3064 "v6.2.0": True, 3065 "v6.2.3": True, 3066 "v6.2.5": True, 3067 "v6.2.7": True, 3068 "v6.0.11": True 3069 } 3070 } 3071 ], 3072 "revisions": { 3073 "v6.0.0": True, 3074 "v7.0.0": True, 3075 "v6.0.5": True, 3076 "v6.4.4": True, 3077 "v6.4.0": True, 3078 "v6.4.1": True, 3079 "v6.2.0": True, 3080 "v6.2.3": True, 3081 "v6.2.5": True, 3082 "v6.2.7": True, 3083 "v6.0.11": True 3084 } 3085 }, 3086 "auth_session_check_source_ip": { 3087 "type": "string", 3088 "options": [ 3089 { 3090 "value": "enable", 3091 "revisions": { 3092 "v7.0.0": True, 3093 "v6.4.4": True, 3094 "v6.4.0": True, 3095 "v6.4.1": True, 3096 "v6.2.0": True, 3097 "v6.2.3": True, 3098 "v6.2.5": True, 3099 "v6.2.7": True 3100 } 3101 }, 3102 { 3103 "value": "disable", 3104 "revisions": { 3105 "v7.0.0": True, 3106 "v6.4.4": True, 3107 "v6.4.0": True, 3108 "v6.4.1": True, 3109 "v6.2.0": True, 3110 "v6.2.3": True, 3111 "v6.2.5": True, 3112 "v6.2.7": True 3113 } 3114 } 3115 ], 3116 "revisions": { 3117 "v7.0.0": True, 3118 "v6.4.4": True, 3119 "v6.4.0": True, 3120 "v6.4.1": True, 3121 "v6.2.0": True, 3122 "v6.2.3": True, 3123 "v6.2.5": True, 3124 "v6.2.7": True 3125 } 3126 }, 3127 "tunnel_ipv6_pools": { 3128 "type": "list", 3129 "children": { 3130 "name": { 3131 "type": "string", 3132 "revisions": { 3133 "v6.0.0": True, 3134 "v7.0.0": True, 3135 "v6.0.5": True, 3136 "v6.4.4": True, 3137 "v6.4.0": True, 3138 "v6.4.1": True, 3139 "v6.2.0": True, 3140 "v6.2.3": True, 3141 "v6.2.5": True, 3142 "v6.2.7": True, 3143 "v6.0.11": True 3144 } 3145 } 3146 }, 3147 "revisions": { 3148 "v6.0.0": True, 3149 "v7.0.0": True, 3150 "v6.0.5": True, 3151 "v6.4.4": True, 3152 "v6.4.0": True, 3153 "v6.4.1": True, 3154 "v6.2.0": True, 3155 "v6.2.3": True, 3156 "v6.2.5": True, 3157 "v6.2.7": True, 3158 "v6.0.11": True 3159 } 3160 }, 3161 "check_referer": { 3162 "type": "string", 3163 "options": [ 3164 { 3165 "value": "enable", 3166 "revisions": { 3167 "v6.0.0": True, 3168 "v7.0.0": True, 3169 "v6.0.5": True, 3170 "v6.4.4": True, 3171 "v6.4.0": True, 3172 "v6.4.1": True, 3173 "v6.2.0": True, 3174 "v6.2.3": True, 3175 "v6.2.5": True, 3176 "v6.2.7": True, 3177 "v6.0.11": True 3178 } 3179 }, 3180 { 3181 "value": "disable", 3182 "revisions": { 3183 "v6.0.0": True, 3184 "v7.0.0": True, 3185 "v6.0.5": True, 3186 "v6.4.4": True, 3187 "v6.4.0": True, 3188 "v6.4.1": True, 3189 "v6.2.0": True, 3190 "v6.2.3": True, 3191 "v6.2.5": True, 3192 "v6.2.7": True, 3193 "v6.0.11": True 3194 } 3195 } 3196 ], 3197 "revisions": { 3198 "v6.0.0": True, 3199 "v7.0.0": True, 3200 "v6.0.5": True, 3201 "v6.4.4": True, 3202 "v6.4.0": True, 3203 "v6.4.1": True, 3204 "v6.2.0": True, 3205 "v6.2.3": True, 3206 "v6.2.5": True, 3207 "v6.2.7": True, 3208 "v6.0.11": True 3209 } 3210 }, 3211 "idle_timeout": { 3212 "type": "integer", 3213 "revisions": { 3214 "v6.0.0": True, 3215 "v7.0.0": True, 3216 "v6.0.5": True, 3217 "v6.4.4": True, 3218 "v6.4.0": True, 3219 "v6.4.1": True, 3220 "v6.2.0": True, 3221 "v6.2.3": True, 3222 "v6.2.5": True, 3223 "v6.2.7": True, 3224 "v6.0.11": True 3225 } 3226 }, 3227 "ipv6_dns_server2": { 3228 "type": "string", 3229 "revisions": { 3230 "v6.0.0": True, 3231 "v7.0.0": True, 3232 "v6.0.5": True, 3233 "v6.4.4": True, 3234 "v6.4.0": True, 3235 "v6.4.1": True, 3236 "v6.2.0": True, 3237 "v6.2.3": True, 3238 "v6.2.5": True, 3239 "v6.2.7": True, 3240 "v6.0.11": True 3241 } 3242 }, 3243 "source_address6": { 3244 "type": "list", 3245 "children": { 3246 "name": { 3247 "type": "string", 3248 "revisions": { 3249 "v6.0.0": True, 3250 "v7.0.0": True, 3251 "v6.0.5": True, 3252 "v6.4.4": True, 3253 "v6.4.0": True, 3254 "v6.4.1": True, 3255 "v6.2.0": True, 3256 "v6.2.3": True, 3257 "v6.2.5": True, 3258 "v6.2.7": True, 3259 "v6.0.11": True 3260 } 3261 } 3262 }, 3263 "revisions": { 3264 "v6.0.0": True, 3265 "v7.0.0": True, 3266 "v6.0.5": True, 3267 "v6.4.4": True, 3268 "v6.4.0": True, 3269 "v6.4.1": True, 3270 "v6.2.0": True, 3271 "v6.2.3": True, 3272 "v6.2.5": True, 3273 "v6.2.7": True, 3274 "v6.0.11": True 3275 } 3276 }, 3277 "http_request_header_timeout": { 3278 "type": "integer", 3279 "revisions": { 3280 "v6.0.0": True, 3281 "v7.0.0": True, 3282 "v6.0.5": True, 3283 "v6.4.4": True, 3284 "v6.4.0": True, 3285 "v6.4.1": True, 3286 "v6.2.0": True, 3287 "v6.2.3": True, 3288 "v6.2.5": True, 3289 "v6.2.7": True, 3290 "v6.0.11": True 3291 } 3292 }, 3293 "url_obscuration": { 3294 "type": "string", 3295 "options": [ 3296 { 3297 "value": "enable", 3298 "revisions": { 3299 "v6.0.0": True, 3300 "v7.0.0": True, 3301 "v6.0.5": True, 3302 "v6.4.4": True, 3303 "v6.4.0": True, 3304 "v6.4.1": True, 3305 "v6.2.0": True, 3306 "v6.2.3": True, 3307 "v6.2.5": True, 3308 "v6.2.7": True, 3309 "v6.0.11": True 3310 } 3311 }, 3312 { 3313 "value": "disable", 3314 "revisions": { 3315 "v6.0.0": True, 3316 "v7.0.0": True, 3317 "v6.0.5": True, 3318 "v6.4.4": True, 3319 "v6.4.0": True, 3320 "v6.4.1": True, 3321 "v6.2.0": True, 3322 "v6.2.3": True, 3323 "v6.2.5": True, 3324 "v6.2.7": True, 3325 "v6.0.11": True 3326 } 3327 } 3328 ], 3329 "revisions": { 3330 "v6.0.0": True, 3331 "v7.0.0": True, 3332 "v6.0.5": True, 3333 "v6.4.4": True, 3334 "v6.4.0": True, 3335 "v6.4.1": True, 3336 "v6.2.0": True, 3337 "v6.2.3": True, 3338 "v6.2.5": True, 3339 "v6.2.7": True, 3340 "v6.0.11": True 3341 } 3342 }, 3343 "wins_server2": { 3344 "type": "string", 3345 "revisions": { 3346 "v6.0.0": True, 3347 "v7.0.0": True, 3348 "v6.0.5": True, 3349 "v6.4.4": True, 3350 "v6.4.0": True, 3351 "v6.4.1": True, 3352 "v6.2.0": True, 3353 "v6.2.3": True, 3354 "v6.2.5": True, 3355 "v6.2.7": True, 3356 "v6.0.11": True 3357 } 3358 }, 3359 "login_attempt_limit": { 3360 "type": "integer", 3361 "revisions": { 3362 "v6.0.0": True, 3363 "v7.0.0": True, 3364 "v6.0.5": True, 3365 "v6.4.4": True, 3366 "v6.4.0": True, 3367 "v6.4.1": True, 3368 "v6.2.0": True, 3369 "v6.2.3": True, 3370 "v6.2.5": True, 3371 "v6.2.7": True, 3372 "v6.0.11": True 3373 } 3374 }, 3375 "tlsv1_3": { 3376 "type": "string", 3377 "options": [ 3378 { 3379 "value": "enable", 3380 "revisions": { 3381 "v6.2.0": True, 3382 "v6.2.3": True, 3383 "v6.2.5": True, 3384 "v6.2.7": True 3385 } 3386 }, 3387 { 3388 "value": "disable", 3389 "revisions": { 3390 "v6.2.0": True, 3391 "v6.2.3": True, 3392 "v6.2.5": True, 3393 "v6.2.7": True 3394 } 3395 } 3396 ], 3397 "revisions": { 3398 "v7.0.0": False, 3399 "v6.4.4": False, 3400 "v6.4.0": False, 3401 "v6.4.1": False, 3402 "v6.2.0": True, 3403 "v6.2.3": True, 3404 "v6.2.5": True, 3405 "v6.2.7": True 3406 } 3407 }, 3408 "http_request_body_timeout": { 3409 "type": "integer", 3410 "revisions": { 3411 "v6.0.0": True, 3412 "v7.0.0": True, 3413 "v6.0.5": True, 3414 "v6.4.4": True, 3415 "v6.4.0": True, 3416 "v6.4.1": True, 3417 "v6.2.0": True, 3418 "v6.2.3": True, 3419 "v6.2.5": True, 3420 "v6.2.7": True, 3421 "v6.0.11": True 3422 } 3423 }, 3424 "tunnel_addr_assigned_method": { 3425 "type": "string", 3426 "options": [ 3427 { 3428 "value": "first-available", 3429 "revisions": { 3430 "v7.0.0": True 3431 } 3432 }, 3433 { 3434 "value": "round-robin", 3435 "revisions": { 3436 "v7.0.0": True 3437 } 3438 } 3439 ], 3440 "revisions": { 3441 "v7.0.0": True 3442 } 3443 }, 3444 "dtls_max_proto_ver": { 3445 "type": "string", 3446 "options": [ 3447 { 3448 "value": "dtls1-0", 3449 "revisions": { 3450 "v7.0.0": True, 3451 "v6.4.4": True, 3452 "v6.4.0": True, 3453 "v6.4.1": True, 3454 "v6.2.0": True, 3455 "v6.2.3": True, 3456 "v6.2.5": True, 3457 "v6.2.7": True 3458 } 3459 }, 3460 { 3461 "value": "dtls1-2", 3462 "revisions": { 3463 "v7.0.0": True, 3464 "v6.4.4": True, 3465 "v6.4.0": True, 3466 "v6.4.1": True, 3467 "v6.2.0": True, 3468 "v6.2.3": True, 3469 "v6.2.5": True, 3470 "v6.2.7": True 3471 } 3472 } 3473 ], 3474 "revisions": { 3475 "v7.0.0": True, 3476 "v6.4.4": True, 3477 "v6.4.0": True, 3478 "v6.4.1": True, 3479 "v6.2.0": True, 3480 "v6.2.3": True, 3481 "v6.2.5": True, 3482 "v6.2.7": True 3483 } 3484 }, 3485 "tlsv1_2": { 3486 "type": "string", 3487 "options": [ 3488 { 3489 "value": "enable", 3490 "revisions": { 3491 "v6.0.0": True, 3492 "v6.0.5": True, 3493 "v6.2.0": True, 3494 "v6.2.3": True, 3495 "v6.2.5": True, 3496 "v6.2.7": True, 3497 "v6.0.11": True 3498 } 3499 }, 3500 { 3501 "value": "disable", 3502 "revisions": { 3503 "v6.0.0": True, 3504 "v6.0.5": True, 3505 "v6.2.0": True, 3506 "v6.2.3": True, 3507 "v6.2.5": True, 3508 "v6.2.7": True, 3509 "v6.0.11": True 3510 } 3511 } 3512 ], 3513 "revisions": { 3514 "v6.0.0": True, 3515 "v7.0.0": False, 3516 "v6.0.5": True, 3517 "v6.4.4": False, 3518 "v6.4.0": False, 3519 "v6.4.1": False, 3520 "v6.2.0": True, 3521 "v6.2.3": True, 3522 "v6.2.5": True, 3523 "v6.2.7": True, 3524 "v6.0.11": True 3525 } 3526 }, 3527 "auth_timeout": { 3528 "type": "integer", 3529 "revisions": { 3530 "v6.0.0": True, 3531 "v7.0.0": True, 3532 "v6.0.5": True, 3533 "v6.4.4": True, 3534 "v6.4.0": True, 3535 "v6.4.1": True, 3536 "v6.2.0": True, 3537 "v6.2.3": True, 3538 "v6.2.5": True, 3539 "v6.2.7": True, 3540 "v6.0.11": True 3541 } 3542 }, 3543 "tlsv1_0": { 3544 "type": "string", 3545 "options": [ 3546 { 3547 "value": "enable", 3548 "revisions": { 3549 "v6.0.0": True, 3550 "v6.0.5": True, 3551 "v6.2.0": True, 3552 "v6.2.3": True, 3553 "v6.2.5": True, 3554 "v6.2.7": True, 3555 "v6.0.11": True 3556 } 3557 }, 3558 { 3559 "value": "disable", 3560 "revisions": { 3561 "v6.0.0": True, 3562 "v6.0.5": True, 3563 "v6.2.0": True, 3564 "v6.2.3": True, 3565 "v6.2.5": True, 3566 "v6.2.7": True, 3567 "v6.0.11": True 3568 } 3569 } 3570 ], 3571 "revisions": { 3572 "v6.0.0": True, 3573 "v7.0.0": False, 3574 "v6.0.5": True, 3575 "v6.4.4": False, 3576 "v6.4.0": False, 3577 "v6.4.1": False, 3578 "v6.2.0": True, 3579 "v6.2.3": True, 3580 "v6.2.5": True, 3581 "v6.2.7": True, 3582 "v6.0.11": True 3583 } 3584 }, 3585 "tlsv1_1": { 3586 "type": "string", 3587 "options": [ 3588 { 3589 "value": "enable", 3590 "revisions": { 3591 "v6.0.0": True, 3592 "v6.0.5": True, 3593 "v6.2.0": True, 3594 "v6.2.3": True, 3595 "v6.2.5": True, 3596 "v6.2.7": True, 3597 "v6.0.11": True 3598 } 3599 }, 3600 { 3601 "value": "disable", 3602 "revisions": { 3603 "v6.0.0": True, 3604 "v6.0.5": True, 3605 "v6.2.0": True, 3606 "v6.2.3": True, 3607 "v6.2.5": True, 3608 "v6.2.7": True, 3609 "v6.0.11": True 3610 } 3611 } 3612 ], 3613 "revisions": { 3614 "v6.0.0": True, 3615 "v7.0.0": False, 3616 "v6.0.5": True, 3617 "v6.4.4": False, 3618 "v6.4.0": False, 3619 "v6.4.1": False, 3620 "v6.2.0": True, 3621 "v6.2.3": True, 3622 "v6.2.5": True, 3623 "v6.2.7": True, 3624 "v6.0.11": True 3625 } 3626 }, 3627 "wins_server1": { 3628 "type": "string", 3629 "revisions": { 3630 "v6.0.0": True, 3631 "v7.0.0": True, 3632 "v6.0.5": True, 3633 "v6.4.4": True, 3634 "v6.4.0": True, 3635 "v6.4.1": True, 3636 "v6.2.0": True, 3637 "v6.2.3": True, 3638 "v6.2.5": True, 3639 "v6.2.7": True, 3640 "v6.0.11": True 3641 } 3642 }, 3643 "ssl_max_proto_ver": { 3644 "type": "string", 3645 "options": [ 3646 { 3647 "value": "tls1-0", 3648 "revisions": { 3649 "v7.0.0": True, 3650 "v6.4.4": True, 3651 "v6.4.0": True, 3652 "v6.4.1": True, 3653 "v6.2.0": True, 3654 "v6.2.3": True, 3655 "v6.2.5": True, 3656 "v6.2.7": True 3657 } 3658 }, 3659 { 3660 "value": "tls1-1", 3661 "revisions": { 3662 "v7.0.0": True, 3663 "v6.4.4": True, 3664 "v6.4.0": True, 3665 "v6.4.1": True, 3666 "v6.2.0": True, 3667 "v6.2.3": True, 3668 "v6.2.5": True, 3669 "v6.2.7": True 3670 } 3671 }, 3672 { 3673 "value": "tls1-2", 3674 "revisions": { 3675 "v7.0.0": True, 3676 "v6.4.4": True, 3677 "v6.4.0": True, 3678 "v6.4.1": True, 3679 "v6.2.0": True, 3680 "v6.2.3": True, 3681 "v6.2.5": True, 3682 "v6.2.7": True 3683 } 3684 }, 3685 { 3686 "value": "tls1-3", 3687 "revisions": { 3688 "v7.0.0": True, 3689 "v6.4.4": True, 3690 "v6.4.0": True, 3691 "v6.4.1": True, 3692 "v6.2.0": True, 3693 "v6.2.3": True, 3694 "v6.2.5": True, 3695 "v6.2.7": True 3696 } 3697 } 3698 ], 3699 "revisions": { 3700 "v7.0.0": True, 3701 "v6.4.4": True, 3702 "v6.4.0": True, 3703 "v6.4.1": True, 3704 "v6.2.0": True, 3705 "v6.2.3": True, 3706 "v6.2.5": True, 3707 "v6.2.7": True 3708 } 3709 }, 3710 "source_address6_negate": { 3711 "type": "string", 3712 "options": [ 3713 { 3714 "value": "enable", 3715 "revisions": { 3716 "v6.0.0": True, 3717 "v7.0.0": True, 3718 "v6.0.5": True, 3719 "v6.4.4": True, 3720 "v6.4.0": True, 3721 "v6.4.1": True, 3722 "v6.2.0": True, 3723 "v6.2.3": True, 3724 "v6.2.5": True, 3725 "v6.2.7": True, 3726 "v6.0.11": True 3727 } 3728 }, 3729 { 3730 "value": "disable", 3731 "revisions": { 3732 "v6.0.0": True, 3733 "v7.0.0": True, 3734 "v6.0.5": True, 3735 "v6.4.4": True, 3736 "v6.4.0": True, 3737 "v6.4.1": True, 3738 "v6.2.0": True, 3739 "v6.2.3": True, 3740 "v6.2.5": True, 3741 "v6.2.7": True, 3742 "v6.0.11": True 3743 } 3744 } 3745 ], 3746 "revisions": { 3747 "v6.0.0": True, 3748 "v7.0.0": True, 3749 "v6.0.5": True, 3750 "v6.4.4": True, 3751 "v6.4.0": True, 3752 "v6.4.1": True, 3753 "v6.2.0": True, 3754 "v6.2.3": True, 3755 "v6.2.5": True, 3756 "v6.2.7": True, 3757 "v6.0.11": True 3758 } 3759 }, 3760 "http_compression": { 3761 "type": "string", 3762 "options": [ 3763 { 3764 "value": "enable", 3765 "revisions": { 3766 "v6.0.0": True, 3767 "v7.0.0": True, 3768 "v6.0.5": True, 3769 "v6.4.4": True, 3770 "v6.4.0": True, 3771 "v6.4.1": True, 3772 "v6.2.0": True, 3773 "v6.2.3": True, 3774 "v6.2.5": True, 3775 "v6.2.7": True, 3776 "v6.0.11": True 3777 } 3778 }, 3779 { 3780 "value": "disable", 3781 "revisions": { 3782 "v6.0.0": True, 3783 "v7.0.0": True, 3784 "v6.0.5": True, 3785 "v6.4.4": True, 3786 "v6.4.0": True, 3787 "v6.4.1": True, 3788 "v6.2.0": True, 3789 "v6.2.3": True, 3790 "v6.2.5": True, 3791 "v6.2.7": True, 3792 "v6.0.11": True 3793 } 3794 } 3795 ], 3796 "revisions": { 3797 "v6.0.0": True, 3798 "v7.0.0": True, 3799 "v6.0.5": True, 3800 "v6.4.4": True, 3801 "v6.4.0": True, 3802 "v6.4.1": True, 3803 "v6.2.0": True, 3804 "v6.2.3": True, 3805 "v6.2.5": True, 3806 "v6.2.7": True, 3807 "v6.0.11": True 3808 } 3809 }, 3810 "dtls_hello_timeout": { 3811 "type": "integer", 3812 "revisions": { 3813 "v6.0.0": True, 3814 "v7.0.0": True, 3815 "v6.0.5": True, 3816 "v6.4.4": True, 3817 "v6.4.0": True, 3818 "v6.4.1": True, 3819 "v6.2.0": True, 3820 "v6.2.3": True, 3821 "v6.2.5": True, 3822 "v6.2.7": True, 3823 "v6.0.11": True 3824 } 3825 }, 3826 "client_sigalgs": { 3827 "type": "string", 3828 "options": [ 3829 { 3830 "value": "no-rsa-pss", 3831 "revisions": { 3832 "v6.4.4": True, 3833 "v7.0.0": True 3834 } 3835 }, 3836 { 3837 "value": "all", 3838 "revisions": { 3839 "v6.4.4": True, 3840 "v7.0.0": True 3841 } 3842 } 3843 ], 3844 "revisions": { 3845 "v6.4.4": True, 3846 "v7.0.0": True 3847 } 3848 }, 3849 "tunnel_ip_pools": { 3850 "type": "list", 3851 "children": { 3852 "name": { 3853 "type": "string", 3854 "revisions": { 3855 "v6.0.0": True, 3856 "v7.0.0": True, 3857 "v6.0.5": True, 3858 "v6.4.4": True, 3859 "v6.4.0": True, 3860 "v6.4.1": True, 3861 "v6.2.0": True, 3862 "v6.2.3": True, 3863 "v6.2.5": True, 3864 "v6.2.7": True, 3865 "v6.0.11": True 3866 } 3867 } 3868 }, 3869 "revisions": { 3870 "v6.0.0": True, 3871 "v7.0.0": True, 3872 "v6.0.5": True, 3873 "v6.4.4": True, 3874 "v6.4.0": True, 3875 "v6.4.1": True, 3876 "v6.2.0": True, 3877 "v6.2.3": True, 3878 "v6.2.5": True, 3879 "v6.2.7": True, 3880 "v6.0.11": True 3881 } 3882 }, 3883 "transform_backward_slashes": { 3884 "type": "string", 3885 "options": [ 3886 { 3887 "value": "enable", 3888 "revisions": { 3889 "v6.4.4": True, 3890 "v7.0.0": True, 3891 "v6.4.0": True, 3892 "v6.4.1": True 3893 } 3894 }, 3895 { 3896 "value": "disable", 3897 "revisions": { 3898 "v6.4.4": True, 3899 "v7.0.0": True, 3900 "v6.4.0": True, 3901 "v6.4.1": True 3902 } 3903 } 3904 ], 3905 "revisions": { 3906 "v6.4.4": True, 3907 "v7.0.0": True, 3908 "v6.4.0": True, 3909 "v6.4.1": True 3910 } 3911 }, 3912 "encrypt_and_store_password": { 3913 "type": "string", 3914 "options": [ 3915 { 3916 "value": "enable", 3917 "revisions": { 3918 "v6.4.4": True, 3919 "v7.0.0": True, 3920 "v6.4.0": True, 3921 "v6.4.1": True 3922 } 3923 }, 3924 { 3925 "value": "disable", 3926 "revisions": { 3927 "v6.4.4": True, 3928 "v7.0.0": True, 3929 "v6.4.0": True, 3930 "v6.4.1": True 3931 } 3932 } 3933 ], 3934 "revisions": { 3935 "v6.4.4": True, 3936 "v7.0.0": True, 3937 "v6.4.0": True, 3938 "v6.4.1": True 3939 } 3940 }, 3941 "source_address_negate": { 3942 "type": "string", 3943 "options": [ 3944 { 3945 "value": "enable", 3946 "revisions": { 3947 "v6.0.0": True, 3948 "v7.0.0": True, 3949 "v6.0.5": True, 3950 "v6.4.4": True, 3951 "v6.4.0": True, 3952 "v6.4.1": True, 3953 "v6.2.0": True, 3954 "v6.2.3": True, 3955 "v6.2.5": True, 3956 "v6.2.7": True, 3957 "v6.0.11": True 3958 } 3959 }, 3960 { 3961 "value": "disable", 3962 "revisions": { 3963 "v6.0.0": True, 3964 "v7.0.0": True, 3965 "v6.0.5": True, 3966 "v6.4.4": True, 3967 "v6.4.0": True, 3968 "v6.4.1": True, 3969 "v6.2.0": True, 3970 "v6.2.3": True, 3971 "v6.2.5": True, 3972 "v6.2.7": True, 3973 "v6.0.11": True 3974 } 3975 } 3976 ], 3977 "revisions": { 3978 "v6.0.0": True, 3979 "v7.0.0": True, 3980 "v6.0.5": True, 3981 "v6.4.4": True, 3982 "v6.4.0": True, 3983 "v6.4.1": True, 3984 "v6.2.0": True, 3985 "v6.2.3": True, 3986 "v6.2.5": True, 3987 "v6.2.7": True, 3988 "v6.0.11": True 3989 } 3990 } 3991 }, 3992 "revisions": { 3993 "v6.0.0": True, 3994 "v7.0.0": True, 3995 "v6.0.5": True, 3996 "v6.4.4": True, 3997 "v6.4.0": True, 3998 "v6.4.1": True, 3999 "v6.2.0": True, 4000 "v6.2.3": True, 4001 "v6.2.5": True, 4002 "v6.2.7": True, 4003 "v6.0.11": True 4004 } 4005} 4006 4007 4008def main(): 4009 module_spec = schema_to_module_spec(versioned_schema) 4010 mkeyname = None 4011 fields = { 4012 "access_token": {"required": False, "type": "str", "no_log": True}, 4013 "enable_log": {"required": False, "type": bool}, 4014 "vdom": {"required": False, "type": "str", "default": "root"}, 4015 "vpn_ssl_settings": { 4016 "required": False, "type": "dict", "default": None, 4017 "options": { 4018 } 4019 } 4020 } 4021 for attribute_name in module_spec['options']: 4022 fields["vpn_ssl_settings"]['options'][attribute_name] = module_spec['options'][attribute_name] 4023 if mkeyname and mkeyname == attribute_name: 4024 fields["vpn_ssl_settings"]['options'][attribute_name]['required'] = True 4025 4026 check_legacy_fortiosapi() 4027 module = AnsibleModule(argument_spec=fields, 4028 supports_check_mode=False) 4029 4030 versions_check_result = None 4031 if module._socket_path: 4032 connection = Connection(module._socket_path) 4033 if 'access_token' in module.params: 4034 connection.set_option('access_token', module.params['access_token']) 4035 4036 if 'enable_log' in module.params: 4037 connection.set_option('enable_log', module.params['enable_log']) 4038 else: 4039 connection.set_option('enable_log', False) 4040 fos = FortiOSHandler(connection, module, mkeyname) 4041 versions_check_result = check_schema_versioning(fos, versioned_schema, "vpn_ssl_settings") 4042 4043 is_error, has_changed, result = fortios_vpn_ssl(module.params, fos) 4044 4045 else: 4046 module.fail_json(**FAIL_SOCKET_MSG) 4047 4048 if versions_check_result and versions_check_result['matched'] is False: 4049 module.warn("Ansible has detected version mismatch between FortOS system and your playbook, see more details by specifying option -vvv") 4050 4051 if not is_error: 4052 if versions_check_result and versions_check_result['matched'] is False: 4053 module.exit_json(changed=has_changed, version_check_warning=versions_check_result, meta=result) 4054 else: 4055 module.exit_json(changed=has_changed, meta=result) 4056 else: 4057 if versions_check_result and versions_check_result['matched'] is False: 4058 module.fail_json(msg="Error in repo", version_check_warning=versions_check_result, meta=result) 4059 else: 4060 module.fail_json(msg="Error in repo", meta=result) 4061 4062 4063if __name__ == '__main__': 4064 main() 4065