fwebos_waf_file_upload_rule.py – Config FortiWeb Input Validation File Security Rule

New in version 1.0.1.

Synopsis

Config FortiWeb Input Validation File Security Rule

Requirements

The below requirements are needed on the host that executes this module.

  • ansible>=2.11

FortiWeb Version Compatibility


v7.0.x v7.2.x v7.4.x v7.6.x
fwebos_waf_file_upload_rule.py yes yes yes yes

Parameters

  • body Possible parameters to go in the body for the request required: True
    • name name type:string maxLength:63
    • host-status enable/disable type:string choice: enable, disable,
    • host host type:string maxLength:255
    • request-type simple string or regular expression type:string choice: plain, regular,
    • request-file URL type:string maxLength:255
    • file-size-limit file upload limit (KiloByte) type:integer
    • type Allow/Block file types type:string choice: Allow, Block,
    • file-uncompress enable/disable type:string choice: enable, disable,
    • uncompress-oversize-limit uncompress size limit (1-102400 KiloByte), if the value is less than av buffer size, av buffer size will be used type:integer
    • uncompress-nest-limit maximum uncompress nest level that can be checked(1-100) type:integer maximum:100 minimum:1
    • json-file-support enable/disable type:string choice: enable, disable,
    • json-key-for-filename enable/disable type:string maxLength:63
    • json-key-field enable/disable type:string maxLength:63
    • enable_base64_decode enable/disable type:string choice: enable, disable,
    • octet-stream-filename-headers Specify HTTP headers to get the file name of octet-stream.e.g.X-Filename;X-Name type:string maxLength:255
    • file-types file types type:array
      • id id
      • file-type-name file-type-name
      • file-type-id file-type-id
    • custom-file-types custom file types type:array
      • id id
      • file-extension file extension name
    • mkey If present, objects will be filtered on property with this name type:string
    • vdom Specify the Virtual Domain(s) from which results are returned or changes are applied to. If this parameter is not provided, the management VDOM will be used. If the admin does not have access to the VDOM, a permission error will be returned. The URL parameter is one of: vdom=root (Single VDOM) vdom=vdom1,vdom2 (Multiple VDOMs) vdom=* (All VDOMs) type:array
    • clone_mkey Use *clone_mkey* to specify the ID for the new resource to be cloned. If *clone_mkey* is set, *mkey* must be provided which is cloned from. type:string

Examples

- name:
  hosts: all
  vars:
  connection: httpapi
  gather_facts: false
  tasks:
    - name: delete
      fwebos_waf_file_upload_rule:
       action: delete
       name: 123
       vdom: root

    - name: Create
      fwebos_waf_file_upload_rule:
       action: add
       json_key_for_filename: key
       name: test4
       host_status: enable
       request_type: regular
       json_key_field: key
       request_file: test
       host: 192.168.1.1
       octet_stream_filename_headers: filename
       file_size_limit: 0
       type: Allow
       json_file_support: enable
       vdom: root

    - name: edit
      fwebos_waf_file_upload_rule:
       action: edit
       json_key_for_filename: key
       name: test4
       host_status: enable
       request_type: regular
       json_key_field: key
       request_file: test
       host: 192.168.1.2
       octet_stream_filename_headers: filename
       file_size_limit: 0
       type: Allow
       json_file_support: enable
       vdom: root

Return Values

Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:

  • 200 : OK: Request returns successful
  • 400 : Bad Request: Request cannot be processed by the API
  • 401 : Not Authorized: Request without successful login session
  • 403 : Forbidden: Request is missing CSRF token or administrator is missing access profile permissions.
  • 404 : Resource Not Found: Unable to find the specified resource.
  • 405 : Method Not Allowed: Specified HTTP method is not allowed for this resource.
  • 413 : Request Entity Too Large: Request cannot be processed due to large entity
  • 424 : Failed Dependency: Fail dependency can be duplicate resource, missing required parameter, missing required attribute, invalid attribute value
  • 429 : Access temporarily blocked: Maximum failed authentications reached. The offended source is temporarily blocked for certain amount of time.
  • 500 : Internal Server Error: Internal error when processing the request

For errorcode please check FortiWeb API errorcode at : https://documenter.getpostman.com/view/11233300/TVetbkaK#887b9eb4-7c13-4338-a8db-16cc117f0119

Status

  • This module is not guaranteed to have a backwards compatible interface.

Authors

  • Jie Li
  • Brad Zhang

Hint

If you notice any issues in this documentation, you can create a pull request to improve it.