fmgr_firewall_gtp – Configure GTP.¶
New in version 2.10.
Synopsis¶
- This module is able to configure a FortiManager device.
- Examples include all parameters and values need to be adjusted to data sources before usage.
- Tested with FortiManager v6.0.0.
Requirements¶
The below requirements are needed on the host that executes this module.
- ansible>=2.9.0
FortiManager Version Compatibility¶
6.0.0 |
6.2.1 |
6.2.3 |
6.2.5 |
6.4.0 |
6.4.2 |
6.4.5 |
7.0.0 |
|
| firewall_gtp | yes | yes | yes | yes | yes | yes | yes | yes |
Parameters¶
- enable_log - Enable/Disable logging for task type: bool required: false default: False
- proposed_method - The overridden method for the underlying Json RPC request type: str required: false choices: set, update, add
- bypass_validation - Only set to True when module schema diffs with FortiManager API structure, module continues to execute without validating parameters type: bool required: false default: False
- workspace_locking_adom - Acquire the workspace lock if FortiManager is running in workspace mode type: str required: false choices: global, custom adom including root
- workspace_locking_timeout - The maximum time in seconds to wait for other users to release workspace lock type: integer required: false default: 300
- rc_succeeded - The rc codes list with which the conditions to succeed will be overriden type: list required: false
- rc_failed - The rc codes list with which the conditions to fail will be overriden type: list required: false
- state - The directive to create, update or delete an object type: str required: true choices: present, absent
- adom - The parameter in requested url type: str required: true
- firewall_gtp - Configure GTP. type: dict
- addr-notify - overbilling notify address type: str more...
- apn - No description for the parameter type: array more...
- apn-filter - apn filter type: str choices: [disable, enable] more...
- authorized-ggsns - Authorized GGSN group type: str more...
- authorized-sgsns - Authorized SGSN group type: str more...
- comment - Comment. type: str more...
- context-id - Overbilling context. type: int more...
- control-plane-message-rate-limit - control plane message rate limit type: int more...
- default-apn-action - default apn action type: str choices: [allow, deny] more...
- default-imsi-action - default imsi action type: str choices: [allow, deny] more...
- default-ip-action - default action for encapsulated IP traffic type: str choices: [allow, deny] more...
- default-noip-action - default action for encapsulated non-IP traffic type: str choices: [allow, deny] more...
- default-policy-action - default advanced policy action type: str choices: [allow, deny] more...
- denied-log - log denied type: str choices: [disable, enable] more...
- echo-request-interval - echo request interval (in seconds) type: int more...
- extension-log - log in extension format type: str choices: [disable, enable] more...
- forwarded-log - log forwarded type: str choices: [disable, enable] more...
- global-tunnel-limit - Global tunnel limit. type: str more...
- gtp-in-gtp - gtp in gtp type: str choices: [allow, deny] more...
- gtpu-denied-log - Enable/disable logging of denied GTP-U packets. type: str choices: [disable, enable] more...
- gtpu-forwarded-log - Enable/disable logging of forwarded GTP-U packets. type: str choices: [disable, enable] more...
- gtpu-log-freq - Logging of frequency of GTP-U packets. type: int more...
- half-close-timeout - Half-close tunnel timeout (in seconds). type: int more...
- half-open-timeout - Half-open tunnel timeout (in seconds). type: int more...
- handover-group - Handover SGSN group type: str more...
- ie-remove-policy - No description for the parameter type: array more...
- ie-remover - IE removal policy. type: str choices: [disable, enable] more...
- ie-white-list-v0v1 - IE white list. type: str more...
- ie-white-list-v2 - IE white list. type: str more...
- imsi - No description for the parameter type: array
more...
- action - Action. type: str choices: [allow, deny] more...
- apnmember - APN member. type: str more...
- id - ID. type: int more...
- mcc-mnc - MCC MNC. type: str more...
- msisdn-prefix - MSISDN prefix. type: str more...
- selection-mode - No description for the parameter type: array choices: [ms, net, vrf] more...
- imsi-filter - imsi filter type: str choices: [disable, enable] more...
- interface-notify - overbilling interface type: str more...
- invalid-reserved-field - Invalid reserved field in GTP header type: str choices: [allow, deny] more...
- invalid-sgsns-to-log - Invalid SGSN group to be logged type: str more...
- ip-filter - IP filter for encapsulted traffic type: str choices: [disable, enable] more...
- ip-policy - No description for the parameter type: array
more...
- action - Action. type: str choices: [allow, deny] more...
- dstaddr - Destination address name. type: str more...
- id - ID. type: int more...
- srcaddr - Source address name. type: str more...
- dstaddr6 - Destination IPv6 address name. type: str more...
- srcaddr6 - Source IPv6 address name. type: str more...
- log-freq - Logging of frequency of GTP-C packets. type: int more...
- log-gtpu-limit - the user data log limit (0-512 bytes) type: int more...
- log-imsi-prefix - IMSI prefix for selective logging. type: str more...
- log-msisdn-prefix - the msisdn prefix for selective logging type: str more...
- max-message-length - max message length type: int more...
- message-filter-v0v1 - Message filter. type: str more...
- message-filter-v2 - Message filter. type: str more...
- min-message-length - min message length type: int more...
- miss-must-ie - Missing mandatory information element type: str choices: [allow, deny] more...
- monitor-mode - GTP monitor mode type: str choices: [disable, enable, vdom] more...
- name - Profile name. type: str more...
- noip-filter - non-IP filter for encapsulted traffic type: str choices: [disable, enable] more...
- noip-policy - No description for the parameter type: array more...
- out-of-state-ie - Out of state information element. type: str choices: [allow, deny] more...
- out-of-state-message - Out of state GTP message type: str choices: [allow, deny] more...
- per-apn-shaper - No description for the parameter type: array more...
- policy - No description for the parameter type: array
more...
- action - Action. type: str choices: [allow, deny] more...
- apn-sel-mode - No description for the parameter type: array choices: [ms, net, vrf] more...
- apnmember - APN member. type: str more...
- id - ID. type: int more...
- imei - IMEI(SV) pattern. type: str more...
- imsi - IMSI prefix. type: str more...
- max-apn-restriction - Maximum APN restriction value. type: str choices: [all, public-1, public-2, private-1, private-2] more...
- messages - No description for the parameter type: array choices: [create-req, create-res, update-req, update-res] more...
- msisdn - MSISDN prefix. type: str more...
- rai - RAI pattern. type: str more...
- rat-type - No description for the parameter type: array choices: [any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot] more...
- uli - ULI pattern. type: str more...
- imsi-prefix - IMSI prefix. type: str more...
- msisdn-prefix - MSISDN prefix. type: str more...
- policy-filter - Advanced policy filter type: str choices: [disable, enable] more...
- port-notify - overbilling notify port type: int more...
- rate-limit-mode - GTP rate limit mode. type: str choices: [per-profile, per-stream, per-apn] more...
- rate-limited-log - log rate limited type: str choices: [disable, enable] more...
- rate-sampling-interval - rate sampling interval (1-3600 seconds) type: int more...
- remove-if-echo-expires - remove if echo response expires type: str choices: [disable, enable] more...
- remove-if-recovery-differ - remove upon different Recovery IE type: str choices: [disable, enable] more...
- reserved-ie - reserved information element type: str choices: [allow, deny] more...
- send-delete-when-timeout - send DELETE request to path endpoints when GTPv0/v1 tunnel timeout. type: str choices: [disable, enable] more...
- send-delete-when-timeout-v2 - send DELETE request to path endpoints when GTPv2 tunnel timeout. type: str choices: [disable, enable] more...
- spoof-src-addr - Spoofed source address for Mobile Station. type: str choices: [allow, deny] more...
- state-invalid-log - log state invalid type: str choices: [disable, enable] more...
- traffic-count-log - log tunnel traffic counter type: str choices: [disable, enable] more...
- tunnel-limit - tunnel limit type: int more...
- tunnel-limit-log - tunnel limit type: str choices: [disable, enable] more...
- tunnel-timeout - Established tunnel timeout (in seconds). type: int more...
- unknown-version-action - action for unknown gtp version type: str choices: [allow, deny] more...
- user-plane-message-rate-limit - user plane message rate limit type: int more...
- warning-threshold - Warning threshold for rate limiting (0 - 99 percent). type: int more...
- policy-v2 - No description for the parameter type: array
more...
- action - Action. type: str choices: [deny, allow] more...
- apn-sel-mode - No description for the parameter type: array choices: [ms, net, vrf] more...
- apnmember - APN member. type: str more...
- id - ID. type: int more...
- imsi-prefix - IMSI prefix. type: str more...
- max-apn-restriction - Maximum APN restriction value. type: str choices: [all, public-1, public-2, private-1, private-2] more...
- mei - MEI pattern. type: str more...
- messages - No description for the parameter type: array choices: [create-ses-req, create-ses-res, modify-bearer-req, modify-bearer-res] more...
- msisdn-prefix - MSISDN prefix. type: str more...
- rat-type - No description for the parameter type: array choices: [any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr, any, utran, geran, wlan, gan, hspa, eutran, virtual, nbiot, ltem, nr] more...
- uli - No description for the parameter type: str more...
- sub-second-interval - Sub-second interval (0. type: str choices: [0.1, 0.25, 0.5] more...
- sub-second-sampling - Enable/disable sub-second sampling. type: str choices: [disable, enable] more...
- authorized-ggsns6 - Authorized GGSN/PGW IPv6 group. type: str more...
- authorized-sgsns6 - Authorized SGSN/SGW IPv6 group. type: str more...
- handover-group6 - Handover SGSN/SGW IPv6 group. type: str more...
- invalid-sgsns6-to-log - Invalid SGSN IPv6 group to be logged. type: str more...
- ie-validation type: dict
- apn-restriction - Validate APN restriction. type: str choices: [disable, enable] more...
- charging-ID - Validate charging ID. type: str choices: [disable, enable] more...
- charging-gateway-addr - Validate charging gateway address. type: str choices: [disable, enable] more...
- end-user-addr - Validate end user address. type: str choices: [disable, enable] more...
- gsn-addr - Validate GSN address. type: str choices: [disable, enable] more...
- imei - Validate IMEI(SV). type: str choices: [disable, enable] more...
- imsi - Validate IMSI. type: str choices: [disable, enable] more...
- mm-context - Validate MM context. type: str choices: [disable, enable] more...
- ms-tzone - Validate MS time zone. type: str choices: [disable, enable] more...
- ms-validated - Validate MS validated. type: str choices: [disable, enable] more...
- msisdn - Validate MSISDN. type: str choices: [disable, enable] more...
- nsapi - Validate NSAPI. type: str choices: [disable, enable] more...
- pdp-context - Validate PDP context. type: str choices: [disable, enable] more...
- qos-profile - Validate Quality of Service(QoS) profile. type: str choices: [disable, enable] more...
- rai - Validate RAI. type: str choices: [disable, enable] more...
- rat-type - Validate RAT type. type: str choices: [disable, enable] more...
- reordering-required - Validate re-ordering required. type: str choices: [disable, enable] more...
- selection-mode - Validate selection mode. type: str choices: [disable, enable] more...
- uli - Validate user location information. type: str choices: [disable, enable] more...
- message-rate-limit type: dict
- create-aa-pdp-request - Rate limit for create AA PDP context request (packets per second). type: int more...
- create-aa-pdp-response - Rate limit for create AA PDP context response (packets per second). type: int more...
- create-mbms-request - Rate limit for create MBMS context request (packets per second). type: int more...
- create-mbms-response - Rate limit for create MBMS context response (packets per second). type: int more...
- create-pdp-request - Rate limit for create PDP context request (packets per second). type: int more...
- create-pdp-response - Rate limit for create PDP context response (packets per second). type: int more...
- delete-aa-pdp-request - Rate limit for delete AA PDP context request (packets per second). type: int more...
- delete-aa-pdp-response - Rate limit for delete AA PDP context response (packets per second). type: int more...
- delete-mbms-request - Rate limit for delete MBMS context request (packets per second). type: int more...
- delete-mbms-response - Rate limit for delete MBMS context response (packets per second). type: int more...
- delete-pdp-request - Rate limit for delete PDP context request (packets per second). type: int more...
- delete-pdp-response - Rate limit for delete PDP context response (packets per second). type: int more...
- echo-reponse - Rate limit for echo response (packets per second). type: int more...
- echo-request - Rate limit for echo requests (packets per second). type: int more...
- error-indication - Rate limit for error indication (packets per second). type: int more...
- failure-report-request - Rate limit for failure report request (packets per second). type: int more...
- failure-report-response - Rate limit for failure report response (packets per second). type: int more...
- fwd-reloc-complete-ack - Rate limit for forward relocation complete acknowledge (packets per second). type: int more...
- fwd-relocation-complete - Rate limit for forward relocation complete (packets per second). type: int more...
- fwd-relocation-request - Rate limit for forward relocation request (packets per second). type: int more...
- fwd-relocation-response - Rate limit for forward relocation response (packets per second). type: int more...
- fwd-srns-context - Rate limit for forward SRNS context (packets per second). type: int more...
- fwd-srns-context-ack - Rate limit for forward SRNS context acknowledge (packets per second). type: int more...
- g-pdu - Rate limit for G-PDU (packets per second). type: int more...
- identification-request - Rate limit for identification request (packets per second). type: int more...
- identification-response - Rate limit for identification response (packets per second). type: int more...
- mbms-de-reg-request - Rate limit for MBMS de-registration request (packets per second). type: int more...
- mbms-de-reg-response - Rate limit for MBMS de-registration response (packets per second). type: int more...
- mbms-notify-rej-request - Rate limit for MBMS notification reject request (packets per second). type: int more...
- mbms-notify-rej-response - Rate limit for MBMS notification reject response (packets per second). type: int more...
- mbms-notify-request - Rate limit for MBMS notification request (packets per second). type: int more...
- mbms-notify-response - Rate limit for MBMS notification response (packets per second). type: int more...
- mbms-reg-request - Rate limit for MBMS registration request (packets per second). type: int more...
- mbms-reg-response - Rate limit for MBMS registration response (packets per second). type: int more...
- mbms-ses-start-request - Rate limit for MBMS session start request (packets per second). type: int more...
- mbms-ses-start-response - Rate limit for MBMS session start response (packets per second). type: int more...
- mbms-ses-stop-request - Rate limit for MBMS session stop request (packets per second). type: int more...
- mbms-ses-stop-response - Rate limit for MBMS session stop response (packets per second). type: int more...
- note-ms-request - Rate limit for note MS GPRS present request (packets per second). type: int more...
- note-ms-response - Rate limit for note MS GPRS present response (packets per second). type: int more...
- pdu-notify-rej-request - Rate limit for PDU notify reject request (packets per second). type: int more...
- pdu-notify-rej-response - Rate limit for PDU notify reject response (packets per second). type: int more...
- pdu-notify-request - Rate limit for PDU notify request (packets per second). type: int more...
- pdu-notify-response - Rate limit for PDU notify response (packets per second). type: int more...
- ran-info - Rate limit for RAN information relay (packets per second). type: int more...
- relocation-cancel-request - Rate limit for relocation cancel request (packets per second). type: int more...
- relocation-cancel-response - Rate limit for relocation cancel response (packets per second). type: int more...
- send-route-request - Rate limit for send routing information for GPRS request (packets per second). type: int more...
- send-route-response - Rate limit for send routing information for GPRS response (packets per second). type: int more...
- sgsn-context-ack - Rate limit for SGSN context acknowledgement (packets per second). type: int more...
- sgsn-context-request - Rate limit for SGSN context request (packets per second). type: int more...
- sgsn-context-response - Rate limit for SGSN context response (packets per second). type: int more...
- support-ext-hdr-notify - Rate limit for support extension headers notification (packets per second). type: int more...
- update-mbms-request - Rate limit for update MBMS context request (packets per second). type: int more...
- update-mbms-response - Rate limit for update MBMS context response (packets per second). type: int more...
- update-pdp-request - Rate limit for update PDP context request (packets per second). type: int more...
- update-pdp-response - Rate limit for update PDP context response (packets per second). type: int more...
- version-not-support - Rate limit for version not supported (packets per second). type: int more...
- message-rate-limit-v0 type: dict
- create-pdp-request - Rate limit (packets/s) for create PDP context request. type: int more...
- delete-pdp-request - Rate limit (packets/s) for delete PDP context request. type: int more...
- echo-request - Rate limit (packets/s) for echo request. type: int more...
- message-rate-limit-v1 type: dict
- create-pdp-request - Rate limit (packets/s) for create PDP context request. type: int more...
- delete-pdp-request - Rate limit (packets/s) for delete PDP context request. type: int more...
- echo-request - Rate limit (packets/s) for echo request. type: int more...
- message-rate-limit-v2 type: dict
- create-session-request - Rate limit (packets/s) for create session request. type: int more...
- delete-session-request - Rate limit (packets/s) for delete session request. type: int more...
- echo-request - Rate limit (packets/s) for echo request. type: int more...
- ie-allow-list-v0v1 - IE allow list. type: str more...
- ie-allow-list-v2 - IE allow list. type: str more...
Notes¶
Note
- Running in workspace locking mode is supported in this FortiManager module, the top level parameters workspace_locking_adom and workspace_locking_timeout help do the work.
- To create or update an object, use state: present directive.
- To delete an object, use state: absent directive
- Normally, running one module can fail when a non-zero rc is returned. you can also override the conditions to fail or succeed with parameters rc_failed and rc_succeeded
Examples¶
- hosts: fortimanager-inventory
collections:
- fortinet.fortimanager
connection: httpapi
vars:
ansible_httpapi_use_ssl: True
ansible_httpapi_validate_certs: False
ansible_httpapi_port: 443
tasks:
- name: Configure GTP.
fmgr_firewall_gtp:
bypass_validation: False
workspace_locking_adom: <value in [global, custom adom including root]>
workspace_locking_timeout: 300
rc_succeeded: [0, -2, -3, ...]
rc_failed: [-2, -3, ...]
adom: <your own value>
state: <value in [present, absent]>
firewall_gtp:
addr-notify: <value of string>
apn:
-
action: <value in [allow, deny]>
apnmember: <value of string>
id: <value of integer>
selection-mode:
- ms
- net
- vrf
apn-filter: <value in [disable, enable]>
authorized-ggsns: <value of string>
authorized-sgsns: <value of string>
comment: <value of string>
context-id: <value of integer>
control-plane-message-rate-limit: <value of integer>
default-apn-action: <value in [allow, deny]>
default-imsi-action: <value in [allow, deny]>
default-ip-action: <value in [allow, deny]>
default-noip-action: <value in [allow, deny]>
default-policy-action: <value in [allow, deny]>
denied-log: <value in [disable, enable]>
echo-request-interval: <value of integer>
extension-log: <value in [disable, enable]>
forwarded-log: <value in [disable, enable]>
global-tunnel-limit: <value of string>
gtp-in-gtp: <value in [allow, deny]>
gtpu-denied-log: <value in [disable, enable]>
gtpu-forwarded-log: <value in [disable, enable]>
gtpu-log-freq: <value of integer>
half-close-timeout: <value of integer>
half-open-timeout: <value of integer>
handover-group: <value of string>
ie-remove-policy:
-
id: <value of integer>
remove-ies:
- apn-restriction
- rat-type
- rai
- uli
- imei
sgsn-addr: <value of string>
sgsn-addr6: <value of string>
ie-remover: <value in [disable, enable]>
ie-white-list-v0v1: <value of string>
ie-white-list-v2: <value of string>
imsi:
-
action: <value in [allow, deny]>
apnmember: <value of string>
id: <value of integer>
mcc-mnc: <value of string>
msisdn-prefix: <value of string>
selection-mode:
- ms
- net
- vrf
imsi-filter: <value in [disable, enable]>
interface-notify: <value of string>
invalid-reserved-field: <value in [allow, deny]>
invalid-sgsns-to-log: <value of string>
ip-filter: <value in [disable, enable]>
ip-policy:
-
action: <value in [allow, deny]>
dstaddr: <value of string>
id: <value of integer>
srcaddr: <value of string>
dstaddr6: <value of string>
srcaddr6: <value of string>
log-freq: <value of integer>
log-gtpu-limit: <value of integer>
log-imsi-prefix: <value of string>
log-msisdn-prefix: <value of string>
max-message-length: <value of integer>
message-filter-v0v1: <value of string>
message-filter-v2: <value of string>
min-message-length: <value of integer>
miss-must-ie: <value in [allow, deny]>
monitor-mode: <value in [disable, enable, vdom]>
name: <value of string>
noip-filter: <value in [disable, enable]>
noip-policy:
-
action: <value in [allow, deny]>
end: <value of integer>
id: <value of integer>
start: <value of integer>
type: <value in [etsi, ietf]>
out-of-state-ie: <value in [allow, deny]>
out-of-state-message: <value in [allow, deny]>
per-apn-shaper:
-
apn: <value of string>
id: <value of integer>
rate-limit: <value of integer>
version: <value of integer>
policy:
-
action: <value in [allow, deny]>
apn-sel-mode:
- ms
- net
- vrf
apnmember: <value of string>
id: <value of integer>
imei: <value of string>
imsi: <value of string>
max-apn-restriction: <value in [all, public-1, public-2, ...]>
messages:
- create-req
- create-res
- update-req
- update-res
msisdn: <value of string>
rai: <value of string>
rat-type:
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
uli: <value of string>
imsi-prefix: <value of string>
msisdn-prefix: <value of string>
policy-filter: <value in [disable, enable]>
port-notify: <value of integer>
rate-limit-mode: <value in [per-profile, per-stream, per-apn]>
rate-limited-log: <value in [disable, enable]>
rate-sampling-interval: <value of integer>
remove-if-echo-expires: <value in [disable, enable]>
remove-if-recovery-differ: <value in [disable, enable]>
reserved-ie: <value in [allow, deny]>
send-delete-when-timeout: <value in [disable, enable]>
send-delete-when-timeout-v2: <value in [disable, enable]>
spoof-src-addr: <value in [allow, deny]>
state-invalid-log: <value in [disable, enable]>
traffic-count-log: <value in [disable, enable]>
tunnel-limit: <value of integer>
tunnel-limit-log: <value in [disable, enable]>
tunnel-timeout: <value of integer>
unknown-version-action: <value in [allow, deny]>
user-plane-message-rate-limit: <value of integer>
warning-threshold: <value of integer>
policy-v2:
-
action: <value in [deny, allow]>
apn-sel-mode:
- ms
- net
- vrf
apnmember: <value of string>
id: <value of integer>
imsi-prefix: <value of string>
max-apn-restriction: <value in [all, public-1, public-2, ...]>
mei: <value of string>
messages:
- create-ses-req
- create-ses-res
- modify-bearer-req
- modify-bearer-res
msisdn-prefix: <value of string>
rat-type:
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
- any
- utran
- geran
- wlan
- gan
- hspa
- eutran
- virtual
- nbiot
- ltem
- nr
uli: <value of string>
sub-second-interval: <value in [0.1, 0.25, 0.5]>
sub-second-sampling: <value in [disable, enable]>
authorized-ggsns6: <value of string>
authorized-sgsns6: <value of string>
handover-group6: <value of string>
invalid-sgsns6-to-log: <value of string>
ie-validation:
apn-restriction: <value in [disable, enable]>
charging-ID: <value in [disable, enable]>
charging-gateway-addr: <value in [disable, enable]>
end-user-addr: <value in [disable, enable]>
gsn-addr: <value in [disable, enable]>
imei: <value in [disable, enable]>
imsi: <value in [disable, enable]>
mm-context: <value in [disable, enable]>
ms-tzone: <value in [disable, enable]>
ms-validated: <value in [disable, enable]>
msisdn: <value in [disable, enable]>
nsapi: <value in [disable, enable]>
pdp-context: <value in [disable, enable]>
qos-profile: <value in [disable, enable]>
rai: <value in [disable, enable]>
rat-type: <value in [disable, enable]>
reordering-required: <value in [disable, enable]>
selection-mode: <value in [disable, enable]>
uli: <value in [disable, enable]>
message-rate-limit:
create-aa-pdp-request: <value of integer>
create-aa-pdp-response: <value of integer>
create-mbms-request: <value of integer>
create-mbms-response: <value of integer>
create-pdp-request: <value of integer>
create-pdp-response: <value of integer>
delete-aa-pdp-request: <value of integer>
delete-aa-pdp-response: <value of integer>
delete-mbms-request: <value of integer>
delete-mbms-response: <value of integer>
delete-pdp-request: <value of integer>
delete-pdp-response: <value of integer>
echo-reponse: <value of integer>
echo-request: <value of integer>
error-indication: <value of integer>
failure-report-request: <value of integer>
failure-report-response: <value of integer>
fwd-reloc-complete-ack: <value of integer>
fwd-relocation-complete: <value of integer>
fwd-relocation-request: <value of integer>
fwd-relocation-response: <value of integer>
fwd-srns-context: <value of integer>
fwd-srns-context-ack: <value of integer>
g-pdu: <value of integer>
identification-request: <value of integer>
identification-response: <value of integer>
mbms-de-reg-request: <value of integer>
mbms-de-reg-response: <value of integer>
mbms-notify-rej-request: <value of integer>
mbms-notify-rej-response: <value of integer>
mbms-notify-request: <value of integer>
mbms-notify-response: <value of integer>
mbms-reg-request: <value of integer>
mbms-reg-response: <value of integer>
mbms-ses-start-request: <value of integer>
mbms-ses-start-response: <value of integer>
mbms-ses-stop-request: <value of integer>
mbms-ses-stop-response: <value of integer>
note-ms-request: <value of integer>
note-ms-response: <value of integer>
pdu-notify-rej-request: <value of integer>
pdu-notify-rej-response: <value of integer>
pdu-notify-request: <value of integer>
pdu-notify-response: <value of integer>
ran-info: <value of integer>
relocation-cancel-request: <value of integer>
relocation-cancel-response: <value of integer>
send-route-request: <value of integer>
send-route-response: <value of integer>
sgsn-context-ack: <value of integer>
sgsn-context-request: <value of integer>
sgsn-context-response: <value of integer>
support-ext-hdr-notify: <value of integer>
update-mbms-request: <value of integer>
update-mbms-response: <value of integer>
update-pdp-request: <value of integer>
update-pdp-response: <value of integer>
version-not-support: <value of integer>
message-rate-limit-v0:
create-pdp-request: <value of integer>
delete-pdp-request: <value of integer>
echo-request: <value of integer>
message-rate-limit-v1:
create-pdp-request: <value of integer>
delete-pdp-request: <value of integer>
echo-request: <value of integer>
message-rate-limit-v2:
create-session-request: <value of integer>
delete-session-request: <value of integer>
echo-request: <value of integer>
ie-allow-list-v0v1: <value of string>
ie-allow-list-v2: <value of string>
Return Values¶
Common return values are documented: https://docs.ansible.com/ansible/latest/reference_appendices/common_return_values.html#common-return-values, the following are the fields unique to this module:
- request_url - The full url requested returned: always type: str sample: /sys/login/user
- response_code - The status of api request returned: always type: int sample: 0
- response_message - The descriptive message of the api response returned: always type: str sample: OK
- response_data - The data body of the api response returned: optional type: list or dict