New in version 2.8.
The below requirements are needed on the host that executes this module.
Parameter | Choices/Defaults | Comments | ||
---|---|---|---|---|
firewall_service_custom
-
|
Default: null
|
Configure custom services.
|
||
app-category
-
|
Application category ID.
|
|||
id
-
/ required
|
Application category id.
|
|||
app-service-type
-
|
|
Application service type.
|
||
application
-
|
Application ID.
|
|||
id
-
/ required
|
Application id.
|
|||
category
-
|
Service category. Source firewall.service.category.name.
|
|||
check-reset-range
-
|
|
Configure the type of ICMP error message verification.
|
||
color
-
|
Color of icon on the GUI.
|
|||
comment
-
|
Comment.
|
|||
fqdn
-
|
Fully qualified domain name.
|
|||
helper
-
|
|
Helper name.
|
||
icmpcode
-
|
ICMP code.
|
|||
icmptype
-
|
ICMP type.
|
|||
iprange
-
|
Start and end of the IP range associated with service.
|
|||
name
-
/ required
|
Custom service name.
|
|||
protocol
-
|
|
Protocol type based on IANA numbers.
|
||
protocol-number
-
|
IP protocol number.
|
|||
proxy
-
|
|
Enable/disable web proxy service.
|
||
sctp-portrange
-
|
Multiple SCTP port ranges.
|
|||
session-ttl
-
|
Session TTL (300 - 604800, 0 = default).
|
|||
state
-
|
|
Indicates whether to create or remove the object
|
||
tcp-halfclose-timer
-
|
Wait time to close a TCP session waiting for an unanswered FIN packet (1 - 86400 sec, 0 = default).
|
|||
tcp-halfopen-timer
-
|
Wait time to close a TCP session waiting for an unanswered open session packet (1 - 86400 sec, 0 = default).
|
|||
tcp-portrange
-
|
Multiple TCP port ranges.
|
|||
tcp-timewait-timer
-
|
Set the length of the TCP TIME-WAIT state in seconds (1 - 300 sec, 0 = default).
|
|||
udp-idle-timer
-
|
UDP half close timeout (0 - 86400 sec, 0 = default).
|
|||
udp-portrange
-
|
Multiple UDP port ranges.
|
|||
visibility
-
|
|
Enable/disable the visibility of the service on the GUI.
|
||
host
-
/ required
|
FortiOS or FortiGate ip adress.
|
|||
https
boolean
|
|
Indicates if the requests towards FortiGate must use HTTPS protocol
|
||
password
-
|
Default: ""
|
FortiOS or FortiGate password.
|
||
username
-
/ required
|
FortiOS or FortiGate username.
|
|||
vdom
-
|
Default: "root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|
Note
- hosts: localhost
vars:
host: "192.168.122.40"
username: "admin"
password: ""
vdom: "root"
tasks:
- name: Configure custom services.
fortios_firewall_service_custom:
host: "{{ host }}"
username: "{{ username }}"
password: "{{ password }}"
vdom: "{{ vdom }}"
https: "False"
firewall_service_custom:
state: "present"
app-category:
-
id: "4"
app-service-type: "disable"
application:
-
id: "7"
category: "<your_own_value> (source firewall.service.category.name)"
check-reset-range: "disable"
color: "10"
comment: "Comment."
fqdn: "<your_own_value>"
helper: "auto"
icmpcode: "14"
icmptype: "15"
iprange: "<your_own_value>"
name: "default_name_17"
protocol: "TCP/UDP/SCTP"
protocol-number: "19"
proxy: "enable"
sctp-portrange: "<your_own_value>"
session-ttl: "22"
tcp-halfclose-timer: "23"
tcp-halfopen-timer: "24"
tcp-portrange: "<your_own_value>"
tcp-timewait-timer: "26"
udp-idle-timer: "27"
udp-portrange: "<your_own_value>"
visibility: "enable"
Common return values are documented here, the following are the fields unique to this module:
Key | Returned | Description |
---|---|---|
build
string
|
always |
Build number of the fortigate image
Sample:
1547
|
http_method
string
|
always |
Last method used to provision the content into FortiGate
Sample:
PUT
|
http_status
string
|
always |
Last result given by FortiGate on last operation applied
Sample:
200
|
mkey
string
|
success |
Master key (id) used in the last call to FortiGate
Sample:
id
|
name
string
|
always |
Name of the table used to fulfill the request
Sample:
urlfilter
|
path
string
|
always |
Path of the table used to fulfill the request
Sample:
webfilter
|
revision
string
|
always |
Internal revision number
Sample:
17.0.2.10658
|
serial
string
|
always |
Serial number of the unit
Sample:
FGVMEVYYQT3AB5352
|
status
string
|
always |
Indication of the operation's result
Sample:
success
|
vdom
string
|
always |
Virtual domain used
Sample:
root
|
version
string
|
always |
Version of the FortiGate
Sample:
v5.6.3
|
Hint
If you notice any issues in this documentation you can edit this document to improve it.