fortios_web_proxy_profile – Configure web proxy profiles in Fortinet’s FortiOS and FortiGate.¶
New in version 2.0.0.
Synopsis¶
- This module is able to configure a FortiGate or FortiOS (FOS) device by allowing the user to set and modify web_proxy feature and profile category. Examples include all parameters and values need to be adjusted to datasources before usage. Tested with FOS v6.0.0
FortiOS Version Compatibility¶
v6.0.0 |
v6.0.5 |
v6.0.11 |
v6.2.0 |
v6.2.3 |
v6.2.5 |
v6.2.7 |
v6.4.0 |
v6.4.1 |
v6.4.4 |
v7.0.0 |
v7.0.1 |
v7.0.2 |
v7.0.3 |
v7.0.4 |
v7.0.5 |
v7.0.6 |
v7.0.7 |
v7.0.8 |
v7.2.0 |
v7.2.1 |
v7.2.2 |
|
fortios_web_proxy_profile | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters¶
- access_token - Token-based authentication. Generated from GUI of Fortigate. type: str required: false
- enable_log - Enable/Disable logging for task. type: bool required: false default: False
- vdom - Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit. type: str default: root
- member_path - Member attribute path to operate on. type: str
- member_state - Add or delete a member under specified attribute path. type: str choices: present, absent
- state - Indicates whether to create or remove the object. type: str required: true choices: present, absent
- web_proxy_profile - Configure web proxy profiles. type: dict more...
- header_client_ip - Action to take on the HTTP client-IP header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- header_front_end_https - Action to take on the HTTP front-end-HTTPS header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- header_via_request - Action to take on the HTTP via header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- header_via_response - Action to take on the HTTP via header in forwarded responses: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- header_x_authenticated_groups - Action to take on the HTTP x-authenticated-groups header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- header_x_authenticated_user - Action to take on the HTTP x-authenticated-user header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- header_x_forwarded_client_cert - Action to take on the HTTP x-forwarded-client-cert header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- header_x_forwarded_for - Action to take on the HTTP x-forwarded-for header in forwarded requests: forwards (pass), adds, or removes the HTTP header. type: str choices: pass, add, remove more...
- headers - Configure HTTP forwarded requests headers. type: list more...
- action - Action when the HTTP header is forwarded. type: str choices: add-to-request, add-to-response, remove-from-request, remove-from-response more...
- add_option - Configure options to append content to existing HTTP header or add new HTTP header. type: str choices: append, new-on-not-found, new more...
- base64_encoding - Enable/disable use of base64 encoding of HTTP content. type: str choices: disable, enable more...
- content - HTTP header content. type: str more...
- dstaddr - Destination address and address group names. type: list more...
- name - Address name. Source firewall.address.name firewall.addrgrp.name. type: str more...
- dstaddr6 - Destination address and address group names (IPv6). type: list more...
- name - Address name. Source firewall.address6.name firewall.addrgrp6.name. type: str more...
- id - HTTP forwarded header id. type: int more...
- name - HTTP forwarded header name. type: str more...
- protocol - Configure protocol(s) to take add-option action on (HTTP, HTTPS, or both). type: list choices: https, http more...
- log_header_change - Enable/disable logging HTTP header changes. type: str choices: enable, disable more...
- name - Profile name. type: str required: true more...
- strip_encoding - Enable/disable stripping unsupported encoding from the request header. type: str choices: enable, disable more...
Examples¶
- hosts: fortigates
collections:
- fortinet.fortios
connection: httpapi
vars:
vdom: "root"
ansible_httpapi_use_ssl: yes
ansible_httpapi_validate_certs: no
ansible_httpapi_port: 443
tasks:
- name: Configure web proxy profiles.
fortios_web_proxy_profile:
vdom: "{{ vdom }}"
state: "present"
access_token: "<your_own_value>"
web_proxy_profile:
header_client_ip: "pass"
header_front_end_https: "pass"
header_via_request: "pass"
header_via_response: "pass"
header_x_authenticated_groups: "pass"
header_x_authenticated_user: "pass"
header_x_forwarded_client_cert: "pass"
header_x_forwarded_for: "pass"
headers:
-
action: "add-to-request"
add_option: "append"
base64_encoding: "disable"
content: "<your_own_value>"
dstaddr:
-
name: "default_name_17 (source firewall.address.name firewall.addrgrp.name)"
dstaddr6:
-
name: "default_name_19 (source firewall.address6.name firewall.addrgrp6.name)"
id: "20"
name: "default_name_21"
protocol: "https"
log_header_change: "enable"
name: "default_name_24"
strip_encoding: "enable"
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- build - Build number of the fortigate image returned: always type: str sample: 1547
- http_method - Last method used to provision the content into FortiGate returned: always type: str sample: PUT
- http_status - Last result given by FortiGate on last operation applied returned: always type: str sample: 200
- mkey - Master key (id) used in the last call to FortiGate returned: success type: str sample: id
- name - Name of the table used to fulfill the request returned: always type: str sample: urlfilter
- path - Path of the table used to fulfill the request returned: always type: str sample: webfilter
- revision - Internal revision number returned: always type: str sample: 17.0.2.10658
- serial - Serial number of the unit returned: always type: str sample: FGVMEVYYQT3AB5352
- status - Indication of the operation's result returned: always type: str sample: success
- vdom - Virtual domain used returned: always type: str sample: root
- version - Version of the FortiGate returned: always type: str sample: v5.6.3