:source: fwebos_waf_http_protocol_parameter_restriction.py
:orphan:
.. fwebos_waf_http_protocol_parameter_restriction.py:
fwebos_waf_http_protocol_parameter_restriction.py -- Config FortiWeb Web Protection HTTP Constraints
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.. versionadded:: 1.0.1
.. contents::
:local:
:depth: 1
Synopsis
--------
Config FortiWeb Web Protection HTTP Constraints
Requirements
------------
The below requirements are needed on the host that executes this module.
- ansible>=2.11
FortiWeb Version Compatibility
------------------------------
.. raw:: html
|
v7.0.0 |
v7.0.1 |
v7.0.2 |
v7.0.3 |
| fwebos_waf_http_protocol_parameter_restriction.py |
yes |
yes |
yes |
yes |
Parameters
----------
.. raw:: html
- body Possible parameters to go in the body for the request required: True
- name name type:string
maxLength:63
- max-http-header-length-check check type:string choice:
enable,
disable,
- max-http-header-length max length of header, default value is 8192 type:integer
maximum:12288
minimum:0
- max-http-header-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-header-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-header-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-header-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-header-length-trigger choose Email or syslog policy type:string
- max-http-content-length-check check type:string choice:
enable,
disable,
- max-http-content-length max length (KB) of content, 0 means this value has not limitation type:integer
maximum:65536
minimum:0
- max-http-content-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-content-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-content-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-content-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-content-length-trigger choose Email or syslog policy type:string
- max-http-body-length-check check type:string choice:
enable,
disable,
- max-http-body-length max length (KB) of body, 0 means this value has not limitation type:integer
maximum:65536
minimum:0
- max-http-body-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-body-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-body-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-body-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-body-length-trigger choose Email or syslog policy type:string
- max-http-request-length-check check type:string choice:
enable,
disable,
- max-http-request-length max length of http request, default value is 2048[0,65536] (KB) type:integer
maximum:65536
minimum:0
- max-http-request-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-request-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-request-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-request-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-request-length-trigger choose Email or syslog policy type:string
- max-url-parameter-length-check check type:string choice:
enable,
disable,
- max-url-parameter-length max length of url parameter, default value is 8192 type:integer
maximum:12288
minimum:0
- max-url-parameter-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-url-parameter-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-url-parameter-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-url-parameter-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-url-parameter-length-trigger choose Email or syslog policy type:string
- Illegal-http-version-check type:string choice:
enable,
disable,
- Illegal-http-version-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-http-version-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-http-version-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-http-version-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-http-version-check-trigger choose Email or syslog policy type:string
- max-cookie-in-request-check check type:string choice:
enable,
disable,
- max-cookie-in-request max count of cookie request, default value is 128 [0,1023] type:integer
maximum:1023
minimum:0
- max-cookie-in-request-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-cookie-in-request-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-cookie-in-request-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-cookie-in-request-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-cookie-in-request-trigger choose Email or syslog policy type:string
- max-header-line-request-check check type:string choice:
enable,
disable,
- max-header-line-request max count of header line request, default value is 64 [0,128] type:integer
maximum:128
minimum:0
- max-header-line-request-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-header-line-request-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-header-line-request-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-header-line-request-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-header-line-request-trigger choose Email or syslog policy type:string
- Illegal-http-request-method-check type:string choice:
enable,
disable,
- Illegal-http-request-method-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-http-request-method-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-http-request-method-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-http-request-method-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-http-request-method-trigger choose Email or syslog policy type:string
- max-url-parameter-check check type:string choice:
enable,
disable,
- max-url-parameter max number of url parameter, default value is 128 [0,1023] type:integer
maximum:1023
minimum:0
- max-url-parameter-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-url-parameter-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-url-parameter-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-url-parameter-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-url-parameter-trigger choose Email or syslog policy type:string
- Illegal-host-name-check type:string choice:
enable,
disable,
- Illegal-host-name-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-host-name-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-host-name-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-host-name-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-host-name-check-trigger choose Email or syslog policy type:string
- number-of-ranges-in-range-header-check check type:string choice:
enable,
disable,
- number-of-ranges-in-range-header max ranges in Range Header,default value is 5 [0 ,64] type:integer
maximum:64
minimum:0
- number-of-ranges-in-range-header-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- number-of-ranges-in-range-header-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- number-of-ranges-in-range-header-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- number-of-ranges-in-range-header-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- number-of-ranges-in-range-header-trigger choose Email or syslog policy type:string
- http2-max-requests-check check type:string choice:
enable,
disable,
- http2-max-requests max number of requests in HTTP2 connection, default value is 1000 [0 ,65535] type:integer
maximum:65535
minimum:0
- http2-max-requests-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- http2-max-requests-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- http2-max-requests-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- http2-max-requests-trigger choose Email or syslog policy type:string
- http2-max-requests-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- exception_name exception type:string
- block-malformed-request-check block malformed request check type:string choice:
enable,
disable,
- block-malformed-request-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- block-malformed-request-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- block-malformed-request-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- block-malformed-request-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- block-malformed-request-trigger choose Email or syslog policy type:string
- Illegal-content-length-check type:string choice:
enable,
disable,
- Illegal-content-length-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-content-length-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-content-length-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-content-length-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-content-length-check-trigger choose Email or syslog policy type:string
- Illegal-content-type-check type:string choice:
enable,
disable,
- Illegal-content-type-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-content-type-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-content-type-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-content-type-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-content-type-check-trigger choose Email or syslog policy type:string
- Illegal-response-code-check type:string choice:
enable,
disable,
- Illegal-response-code-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-response-code-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-response-code-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-response-code-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-response-code-check-trigger choose Email or syslog policy type:string
- Post-request-ctype-check Post Request -- Missing Content Type Check type:string choice:
enable,
disable,
- Post-request-ctype-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Post-request-ctype-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Post-request-ctype-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Post-request-ctype-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Post-request-ctype-check-trigger choose Email or syslog policy type:string
- max-http-header-name-length-check check type:string choice:
enable,
disable,
- max-http-header-name-length max length of header name, default value is 50 type:integer
maximum:255
minimum:0
- max-http-header-name-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-header-name-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-header-name-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-header-name-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-header-name-length-trigger choose Email or syslog policy type:string
- max-http-header-value-length-check check type:string choice:
enable,
disable,
- max-http-header-value-length max length of header value, default value is 4096 type:integer
maximum:12288
minimum:0
- max-http-header-value-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-header-value-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-header-value-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-header-value-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-header-value-length-trigger choose Email or syslog policy type:string
- parameter-name-check Null Character in Parameter Name type:string choice:
enable,
disable,
- parameter-name-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- parameter-name-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- parameter-name-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- parameter-name-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- parameter-name-check-trigger choose Email or syslog policy type:string
- parameter-value-check Null Character in Parameter Value type:string choice:
enable,
disable,
- parameter-value-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- parameter-value-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- parameter-value-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- parameter-value-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- parameter-value-check-trigger choose Email or syslog policy type:string
- Illegal-header-name-check Illgal Byte Code Character in Header Name Check type:string choice:
enable,
disable,
- Illegal-header-name-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-header-name-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-header-name-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-header-name-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-header-name-check-trigger choose Email or syslog policy type:string
- Illegal-header-value-check Illgal Byte Code Character in Header Value Check type:string choice:
enable,
disable,
- Illegal-header-value-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Illegal-header-value-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Illegal-header-value-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Illegal-header-value-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Illegal-header-value-check-trigger choose Email or syslog policy type:string
- max-http-body-parameter-length-check check type:string choice:
enable,
disable,
- max-http-body-parameter-length max length of body parameter, default value is 8192 type:integer
maximum:16384
minimum:0
- max-http-body-parameter-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-body-parameter-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-body-parameter-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-body-parameter-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-body-parameter-length-trigger choose Email or syslog policy type:string
- max-http-request-filename-length-check check type:string choice:
enable,
disable,
- max-http-request-filename-length max length of request filename, default value is 2048 type:integer
maximum:12288
minimum:0
- max-http-request-filename-length-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-http-request-filename-length-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-http-request-filename-length-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-http-request-filename-length-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-http-request-filename-length-trigger choose Email or syslog policy type:string
- web-socket-protocol-check check type:string choice:
enable,
disable,
- web-socket-protocol-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- web-socket-protocol-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- web-socket-protocol-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- web-socket-protocol-trigger choose Email or syslog policy type:string
- max-setting-header-table-size-check check type:string choice:
enable,
disable,
- max-setting-header-table-size max setting header table size, default value is 4096 type:integer
maximum:16777215
minimum:0
- max-setting-header-table-size-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-setting-header-table-size-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-setting-header-table-size-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-setting-header-table-size-trigger choose Email or syslog policy type:string
- max-setting-current-streams-num-check check type:string choice:
enable,
disable,
- max-setting-current-streams-num max setting current streams number, default value is 256 type:integer
maximum:100000
minimum:0
- max-setting-current-streams-num-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-setting-current-streams-num-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-setting-current-streams-num-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-setting-current-streams-num-trigger choose Email or syslog policy type:string
- max-setting-initial-window-size-check check type:string choice:
enable,
disable,
- max-setting-initial-window-size max setting initial window size, default value is 6291456 type:integer
maximum:2147483647
minimum:0
- max-setting-initial-window-size-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-setting-initial-window-size-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-setting-initial-window-size-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-setting-initial-window-size-trigger choose Email or syslog policy type:string
- max-setting-frame-size-check check type:string choice:
enable,
disable,
- max-setting-frame-size max setting frame size, default value is 16384 type:integer
maximum:16777215
minimum:0
- max-setting-frame-size-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-setting-frame-size-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-setting-frame-size-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-setting-frame-size-trigger choose Email or syslog policy type:string
- max-setting-header-list-size-check check type:string choice:
enable,
disable,
- max-setting-header-list-size max setting header list size, default value is 65536 type:integer
maximum:16777215
minimum:0
- max-setting-header-list-size-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-setting-header-list-size-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-setting-header-list-size-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-setting-header-list-size-trigger choose Email or syslog policy type:string
- max-url-param-name-len-check check type:string choice:
enable,
disable,
- max-url-param-name-len max url parameter name length, default value is 4096 type:integer
maximum:8192
minimum:0
- max-url-param-name-len-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-url-param-name-len-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-url-param-name-len-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-url-param-name-len-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-url-param-name-len-trigger choose Email or syslog policy type:string
- max-url-param-value-len-check check type:string choice:
enable,
disable,
- max-url-param-value-len max url parameter value length, default value is 4096 type:integer
maximum:8192
minimum:0
- max-url-param-value-len-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- max-url-param-value-len-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- max-url-param-value-len-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- max-url-param-value-len-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- max-url-param-value-len-trigger choose Email or syslog policy type:string
- url-param-name-check check type:string choice:
enable,
disable,
- url-param-name-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- url-param-name-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- url-param-name-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- url-param-name-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- url-param-name-check-trigger choose Email or syslog policy type:string
- url-param-value-check check type:string choice:
enable,
disable,
- url-param-value-check-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- url-param-value-check-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- url-param-value-check-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- url-param-value-check-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- url-param-value-check-trigger choose Email or syslog policy type:string
- null-byte-in-url-check check type:string choice:
enable,
disable,
- null-byte-in-url-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- null-byte-in-url-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- null-byte-in-url-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- null-byte-in-url-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- null-byte-in-url-trigger choose Email or syslog policy type:string
- illegal-byte-in-url-check check type:string choice:
enable,
disable,
- illegal-byte-in-url-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- illegal-byte-in-url-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- illegal-byte-in-url-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- illegal-byte-in-url-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- illegal-byte-in-url-trigger choose Email or syslog policy type:string
- malformed-url-check check type:string choice:
enable,
disable,
- malformed-url-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- malformed-url-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- malformed-url-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- malformed-url-trigger choose Email or syslog policy type:string
- malformed-url-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- redundant-header-check check type:string choice:
enable,
disable,
- redundant-header-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- redundant-header-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- redundant-header-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- redundant-header-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- redundant-header-trigger choose Email or syslog policy type:string
- chunk-size-check check type:string choice:
enable,
disable,
- chunk-size-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- chunk-size-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- chunk-size-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- chunk-size-trigger choose Email or syslog policy type:string
- chunk-size-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- Internal-resource-limits-check Internal resource limits check type:string choice:
enable,
disable,
- Internal-resource-limits-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- Internal-resource-limits-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- Internal-resource-limits-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- Internal-resource-limits-trigger choose Email or syslog policy type:string
- Internal-resource-limits-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- rpc-protocol-check rpc protocol check type:string choice:
enable,
disable,
- rpc-protocol-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- rpc-protocol-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- rpc-protocol-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- rpc-protocol-trigger choose Email or syslog policy type:string
- rpc-protocol-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- duplicate-paramname-check check type:string choice:
enable,
disable,
- duplicate-paramname-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- duplicate-paramname-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- duplicate-paramname-threat-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- duplicate-paramname-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- duplicate-paramname-trigger choose Email or syslog policy type:string
- odd-and-even-space-attack-check check type:string choice:
enable,
disable,
- odd-and-even-space-attack-action action type:string choice:
alert,
deny_no_log,
alert_deny,
block-period,
client-id-block-period,
- odd-and-even-space-attack-block-period block period(1-3600) type:integer
maximum:3600
minimum:1
- odd-and-even-space-attack-severity severity:High, Medium, Low or Informative type:string choice:
High,
Medium,
Low,
Info,
- odd-and-even-space-attack-trigger choose Email or syslog policy type:string
- odd-and-even-space-attack-weight threat weight type:string choice:
low,
critical,
informational,
moderate,
substantial,
severe,
- mkey If present, objects will be filtered on property with this name type:string
- vdom Specify the Virtual Domain(s) from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned. The URL parameter is one of: vdom=root (Single VDOM) vdom=vdom1,vdom2 (Multiple VDOMs) vdom=* (All VDOMs) type:array
- clone_mkey Use *clone_mkey* to specify the ID for the new resource to be cloned. If *clone_mkey* is set, *mkey* must be provided which is cloned from. type:string
Examples
--------
.. code-block:: yaml+jinja
- name:
hosts: all
vars:
connection: httpapi
gather_facts: false
tasks:
- name: delete
fwebos_waf_http_protocol_parameter_restriction:
action: delete
name: aaa
vdom: root
- name: Create
fwebos_waf_http_protocol_parameter_restriction:
action: add
vdom: root
exception_name: test4
name: test3
- name: edit
fwebos_waf_http_protocol_parameter_restriction:
action: edit
vdom: root
exception_name: test4
name: test4
Return Values
-------------
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
.. raw:: html
- 200 : OK: Request returns successful
- 400 : Bad Request: Request cannot be processed by the API
- 401 : Not Authorized: Request without successful login session
- 403 : Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
- 404 : Resource Not Found: Unable to find the specified resource.
- 405 : Method Not Allowed: Specified HTTP method is not allowed for this resource.
- 413 : Request Entity Too Large: Request cannot be processed due to large entity
- 424 : Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, invalid attribute value
- 429 : Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
- 500 : Internal Server Error: Internal error when processing the request
For errorcode please check FortiWeb API errorcode at : https://documenter.getpostman.com/view/11233300/TVetbkaK#887b9eb4-7c13-4338-a8db-16cc117f0119
Status
------
- This module is not guaranteed to have a backwards compatible interface.
Authors
-------
- Jie Li
- Brad Zhang
.. hint::
If you notice any issues in this documentation, you can create a pull request to improve it.