fortios_gtp_message_filter_v2 – Message filter for GTPv2 messages in Fortinet’s FortiOS and FortiGate.¶
New in version 2.0.0.
Synopsis¶
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify gtp feature and message_filter_v2 category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
FortiOS Version Compatibility¶
v6.0.0 |
v6.0.5 |
v6.0.11 |
v6.2.0 |
v6.2.3 |
v6.2.5 |
v6.2.7 |
v6.4.0 |
v6.4.1 |
v6.4.4 |
v7.0.0 |
v7.0.1 |
v7.0.2 |
v7.0.3 |
v7.0.4 |
v7.0.5 |
v7.2.0 |
|
fortios_gtp_message_filter_v2 | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters¶
- access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
- member_path - Member attribute path to operate on. type: str
- member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
- state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
- gtp_message_filter_v2 - Message filter for GTPv2 messages. type: dict more...
- bearer_resource_cmd_fail - Bearer resource (command 68, failure indication 69). type: str choices: allow, deny more...
- change_notification - Change notification (req 38, resp 39). type: str choices: allow, deny more...
- context_req_res_ack - Context request/response/acknowledge (req 130, resp 131, ack 132). type: str choices: allow, deny more...
- create_bearer - Create bearer (req 95, resp 96). type: str choices: allow, deny more...
- create_session - Create session (req 32, resp 33). type: str choices: allow, deny more...
- delete_bearer_cmd_fail - Delete bearer (command 66, failure indication 67). type: str choices: allow, deny more...
- delete_bearer_req_resp - Delete bearer (req 99, resp 100). type: str choices: allow, deny more...
- delete_pdn_connection_set - Delete PDN connection set (req 101, resp 102). type: str choices: allow, deny more...
- delete_session - Delete session (req 36, resp 37). type: str choices: allow, deny more...
- echo - Echo (req 1, resp 2). type: str choices: allow, deny more...
- forward_relocation_cmp_notif_ack - Forward relocation complete notification/acknowledge (notif 135, ack 136). type: str choices: allow, deny more...
- forward_relocation_req_res - Forward relocation request/response (req 133, resp 134). type: str choices: allow, deny more...
- modify_bearer_cmd_fail - Modify bearer (command 64 , failure indication 65). type: str choices: allow, deny more...
- modify_bearer_req_resp - Modify bearer (req 34, resp 35). type: str choices: allow, deny more...
- name - Message filter name. type: str required: true more...
- resume - Resume (notify 164 , ack 165). type: str choices: allow, deny more...
- suspend - Suspend (notify 162, ack 163). type: str choices: allow, deny more...
- trace_session - Trace session (activation 71, deactivation 72). type: str choices: allow, deny more...
- unknown_message - Allow or Deny unknown messages. type: str choices: allow, deny more...
- unknown_message_white_list - White list (to allow) of unknown messages. type: list more...
- id - Message IDs. type: int more...
- update_bearer - Update bearer (req 97, resp 98). type: str choices: allow, deny more...
- update_pdn_connection_set - Update PDN connection set (req 200, resp 201). type: str choices: allow, deny more...
- version_not_support - Version not supported (3). type: str choices: allow, deny more...
Examples¶
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Message filter for GTPv2 messages.
fortios_gtp_message_filter_v2:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
gtp_message_filter_v2:
bearer_resource_cmd_fail: "allow"
change_notification: "allow"
context_req_res_ack: "allow"
create_bearer: "allow"
create_session: "allow"
delete_bearer_cmd_fail: "allow"
delete_bearer_req_resp: "allow"
delete_pdn_connection_set: "allow"
delete_session: "allow"
echo: "allow"
forward_relocation_cmp_notif_ack: "allow"
forward_relocation_req_res: "allow"
modify_bearer_cmd_fail: "allow"
modify_bearer_req_resp: "allow"
name: "default_name_17"
resume: "allow"
suspend: "allow"
trace_session: "allow"
unknown_message: "allow"
unknown_message_white_list:
-
id: "23"
update_bearer: "allow"
update_pdn_connection_set: "allow"
version_not_support: "allow"
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
- http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- revision - Internal revision number returned: always type: str sample: 17.0.2.10658
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- status - Indication of the operation's result returned: always type: str sample: success
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3