fwebos_waf_xff.py – Config FortiWeb X-Forward-For policy¶
New in version 1.0.1.
Requirements¶
The below requirements are needed on the host that executes this module.
- ansible>=2.11
Parameters¶
- body Possible parameters to go in the body for the request required: True
- name name type:string maxLength:63
- x-forwarded-for-support x forwarded for support type:string choice: enable, disable,
- add-source-port add source port in X-Forwarded-For type:string choice: enable, disable,
- x-forwarded-port X-Forwarded-Port type:string choice: enable, disable,
- tracing-original-ip tracing original IP type:string choice: enable, disable,
- original-ip-header original IP header type:string maxLength:255
- x-real-ip X-Real_IP type:string choice: enable, disable,
- x-forwarded-proto X-Forwarded-Proto type:string choice: enable, disable,
- ip-list IP list type:array
- id id
- ip IP address
- block-based-on-original-ip block-based-on-original-ip type:string choice: enable, disable,
- ip-location ip-location type:string choice: left, right,
- skip-private-original-ip skip-private-original-ip type:string choice: enable, disable,
- skip-special-original-ip skip-special-original-ip type:string choice: enable, disable,
- block-based-on-full-scan block based on full scan modules type:string choice: ip-reputation,
- mkey If present, objects will be filtered on property with this name type:string
- vdom Specify the Virtual Domain(s) from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned. The URL parameter is one of: vdom=root (Single VDOM) vdom=vdom1,vdom2 (Multiple VDOMs) vdom=* (All VDOMs) type:array
- clone_mkey Use *clone_mkey* to specify the ID for the new resource to be cloned. If *clone_mkey* is set, *mkey* must be provided which is cloned from. type:string
Examples¶
- name:
hosts: all
vars:
connection: httpapi
gather_facts: false
tasks:
- name: delete xff
fwebos_waf_xff:
action: delete
vdom: root
name: test
- name: Create xff
fwebos_waf_xff:
action: add
vdom: root
x_forwarded_for_support: enable
add_source_port: disable
x_forwarded_port: enable
tracing_original_ip: enable
x_real_ip: enable
x_forwarded_proto: enable
block_based_on_original_ip: enable
ip_location: left
original_ip_header: X-FORWARDED-FOR
block_based_on_full_scan: ip-reputation
name: test
- name: edit xff
fwebos_waf_xff:
action: edit
vdom: root
x_forwarded_for_support: enable
add_source_port: enable
x_forwarded_port: enable
tracing_original_ip: enable
x_real_ip: enable
x_forwarded_proto: enable
block_based_on_original_ip: enable
ip_location: left
original_ip_header: X-FORWARDED-FOR
block_based_on_full_scan: ip-reputation
name: test
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- 200 : OK: Request returns successful
- 400 : Bad Request: Request cannot be processed by the API
- 401 : Not Authorized: Request without successful login session
- 403 : Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
- 404 : Resource Not Found: Unable to find the specified resource.
- 405 : Method Not Allowed: Specified HTTP method is not allowed for this resource.
- 413 : Request Entity Too Large: Request cannot be processed due to large entity
- 424 : Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, invalid attribute value
- 429 : Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
- 500 : Internal Server Error: Internal error when processing the request
For errorcode please check FortiWeb API errorcode at : https://documenter.getpostman.com/view/11233300/TVetbkaK#887b9eb4-7c13-4338-a8db-16cc117f0119