New in version 2.8.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
host
-
/ required
|
FortiOS or FortiGate ip address.
|
|||
https
boolean
|
|
Indicates if the requests towards FortiGate must use HTTPS protocol
|
||
password
-
|
Default: ""
|
FortiOS or FortiGate password.
|
||
router_policy
-
|
Default: null
|
Configure IPv4 routing policies.
|
||
action
-
|
|
Action of the policy route.
|
||
comments
-
|
Optional comments.
|
|||
dst
-
|
Destination IP and mask (x.x.x.x/x).
|
|||
subnet
-
/ required
|
IP and mask.
|
|||
dst-negate
-
|
|
Enable/disable negating destination address match.
|
||
dstaddr
-
|
Destination address name.
|
|||
name
-
/ required
|
Address/group name. Source firewall.address.name firewall.addrgrp.name.
|
|||
end-port
-
|
End destination port number (0 - 65535).
|
|||
end-source-port
-
|
End source port number (0 - 65535).
|
|||
gateway
-
|
IP address of the gateway.
|
|||
input-device
-
|
Incoming interface name.
|
|||
name
-
/ required
|
Interface name. Source system.interface.name.
|
|||
output-device
-
|
Outgoing interface name. Source system.interface.name.
|
|||
protocol
-
|
Protocol number (0 - 255).
|
|||
seq-num
-
/ required
|
Sequence number.
|
|||
src
-
|
Source IP and mask (x.x.x.x/x).
|
|||
subnet
-
/ required
|
IP and mask.
|
|||
src-negate
-
|
|
Enable/disable negating source address match.
|
||
srcaddr
-
|
Source address name.
|
|||
name
-
/ required
|
Address/group name. Source firewall.address.name firewall.addrgrp.name.
|
|||
start-port
-
|
Start destination port number (0 - 65535).
|
|||
start-source-port
-
|
Start source port number (0 - 65535).
|
|||
state
-
|
|
Indicates whether to create or remove the object
|
||
status
-
|
|
Enable/disable this policy route.
|
||
tos
-
|
Type of service bit pattern.
|
|||
tos-mask
-
|
Type of service evaluated bits.
|
|||
username
-
/ required
|
FortiOS or FortiGate username.
|
|||
vdom
-
|
Default: "root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|
Note
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
tasks:
- name: Configure IPv4 routing policies.
fortios_router_policy:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
router_policy:
state: "present"
action: "deny"
comments: "<your_own_value>"
dst:
-
subnet: "<your_own_value>"
dst-negate: "enable"
dstaddr:
-
name: "default_name_9 (source firewall.address.name firewall.addrgrp.name)"
end-port: "10"
end-source-port: "11"
gateway: "<your_own_value>"
input-device:
-
name: "default_name_14 (source system.interface.name)"
output-device: "<your_own_value> (source system.interface.name)"
protocol: "16"
seq-num: "17"
src:
-
subnet: "<your_own_value>"
src-negate: "enable"
srcaddr:
-
name: "default_name_22 (source firewall.address.name firewall.addrgrp.name)"
start-port: "23"
start-source-port: "24"
status: "enable"
tos: "<your_own_value>"
tos-mask: "<your_own_value>"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build
string
|
always |
Build number of the fortigate image
Sample:
1547
|
http_method
string
|
always |
Last method used to provision the content into FortiGate
Sample:
PUT
|
http_status
string
|
always |
Last result given by FortiGate on last operation applied
Sample:
200
|
mkey
string
|
success |
Master key (id) used in the last call to FortiGate
Sample:
id
|
name
string
|
always |
Name of the table used to fulfill the request
Sample:
urlfilter
|
path
string
|
always |
Path of the table used to fulfill the request
Sample:
webfilter
|
revision
string
|
always |
Internal revision number
Sample:
17.0.2.10658
|
serial
string
|
always |
Serial number of the unit
Sample:
FGVMEVYYQT3AB5352
|
status
string
|
always |
Indication of the operation's result
Sample:
success
|
vdom
string
|
always |
Virtual domain used
Sample:
root
|
version
string
|
always |
Version of the FortiGate
Sample:
v5.6.3
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.