Parameter |
Choices/Defaults |
Comments |
firewall_profile_protocol_options
dictionary
|
|
Configure protocol options.
|
|
comment
string
|
|
Optional comments.
|
|
dns
dictionary
|
|
Configure DNS protocol options.
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
ftp
dictionary
|
|
Configure FTP protocol options.
|
|
|
comfort_amount
integer
|
|
Amount of data to send in a transmission for client comforting (1 - 10240 bytes).
|
|
|
comfort_interval
integer
|
|
Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec).
|
|
|
inspect_all
string
|
|
Enable/disable the inspection of all ports for the protocol.
|
|
|
options
string
|
Choices:
- clientcomfort
- oversize
- splice
- bypass-rest-command
- bypass-mode-command
|
One or more options that can be applied to the session.
|
|
|
oversize_limit
integer
|
|
Maximum in-memory file size that can be scanned (1 - 383 MB).
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
scan_bzip2
string
|
|
Enable/disable scanning of BZip2 compressed files.
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
|
uncompressed_nest_limit
integer
|
|
Maximum nested levels of compression that can be uncompressed and scanned (2 - 100).
|
|
|
uncompressed_oversize_limit
integer
|
|
Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited).
|
|
http
dictionary
|
|
Configure HTTP protocol options.
|
|
|
block_page_status_code
integer
|
|
Code number returned for blocked HTTP pages (non-FortiGuard only) (100 - 599).
|
|
|
comfort_amount
integer
|
|
Amount of data to send in a transmission for client comforting (1 - 10240 bytes).
|
|
|
comfort_interval
integer
|
|
Period of time between start, or last transmission, and the next client comfort transmission of data (1 - 900 sec).
|
|
|
fortinet_bar
string
|
|
Enable/disable Fortinet bar on HTML content.
|
|
|
fortinet_bar_port
integer
|
|
Port for use by Fortinet Bar (1 - 65535).
|
|
|
http_policy
string
|
|
Enable/disable HTTP policy check.
|
|
|
inspect_all
string
|
|
Enable/disable the inspection of all ports for the protocol.
|
|
|
options
string
|
Choices:
- clientcomfort
- servercomfort
- oversize
- chunkedbypass
|
One or more options that can be applied to the session.
|
|
|
oversize_limit
integer
|
|
Maximum in-memory file size that can be scanned (1 - 383 MB).
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
post_lang
string
|
Choices:
- jisx0201
- jisx0208
- jisx0212
- gb2312
- ksc5601-ex
- euc-jp
- sjis
- iso2022-jp
- iso2022-jp-1
- iso2022-jp-2
- euc-cn
- ces-gbk
- hz
- ces-big5
- euc-kr
- iso2022-jp-3
- iso8859-1
- tis620
- cp874
- cp1252
- cp1251
|
ID codes for character sets to be used to convert to UTF-8 for banned words and DLP on HTTP posts (maximum of 5 character sets).
|
|
|
range_block
string
|
|
Enable/disable blocking of partial downloads.
|
|
|
retry_count
integer
|
|
Number of attempts to retry HTTP connection (0 - 100).
|
|
|
scan_bzip2
string
|
|
Enable/disable scanning of BZip2 compressed files.
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
|
streaming_content_bypass
string
|
|
Enable/disable bypassing of streaming content from buffering.
|
|
|
strip_x_forwarded_for
string
|
|
Enable/disable stripping of HTTP X-Forwarded-For header.
|
|
|
switching_protocols
string
|
|
Bypass from scanning, or block a connection that attempts to switch protocol.
|
|
|
uncompressed_nest_limit
integer
|
|
Maximum nested levels of compression that can be uncompressed and scanned (2 - 100).
|
|
|
uncompressed_oversize_limit
integer
|
|
Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited).
|
|
imap
dictionary
|
|
Configure IMAP protocol options.
|
|
|
inspect_all
string
|
|
Enable/disable the inspection of all ports for the protocol.
|
|
|
options
string
|
Choices:
- fragmail
- oversize
|
One or more options that can be applied to the session.
|
|
|
oversize_limit
integer
|
|
Maximum in-memory file size that can be scanned (1 - 383 MB).
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
scan_bzip2
string
|
|
Enable/disable scanning of BZip2 compressed files.
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
|
uncompressed_nest_limit
integer
|
|
Maximum nested levels of compression that can be uncompressed and scanned (2 - 100).
|
|
|
uncompressed_oversize_limit
integer
|
|
Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited).
|
|
mail_signature
dictionary
|
|
Configure Mail signature.
|
|
|
signature
string
|
|
Email signature to be added to outgoing email (if the signature contains spaces, enclose with quotation marks).
|
|
|
status
string
|
|
Enable/disable adding an email signature to SMTP email messages as they pass through the FortiGate.
|
|
mapi
dictionary
|
|
Configure MAPI protocol options.
|
|
|
options
string
|
Choices:
- fragmail
- oversize
|
One or more options that can be applied to the session.
|
|
|
oversize_limit
integer
|
|
Maximum in-memory file size that can be scanned (1 - 383 MB).
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
scan_bzip2
string
|
|
Enable/disable scanning of BZip2 compressed files.
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
|
uncompressed_nest_limit
integer
|
|
Maximum nested levels of compression that can be uncompressed and scanned (2 - 100).
|
|
|
uncompressed_oversize_limit
integer
|
|
Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited).
|
|
name
string
/ required
|
|
Name.
|
|
nntp
dictionary
|
|
Configure NNTP protocol options.
|
|
|
inspect_all
string
|
|
Enable/disable the inspection of all ports for the protocol.
|
|
|
options
string
|
|
One or more options that can be applied to the session.
|
|
|
oversize_limit
integer
|
|
Maximum in-memory file size that can be scanned (1 - 383 MB).
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
scan_bzip2
string
|
|
Enable/disable scanning of BZip2 compressed files.
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
|
uncompressed_nest_limit
integer
|
|
Maximum nested levels of compression that can be uncompressed and scanned (2 - 100).
|
|
|
uncompressed_oversize_limit
integer
|
|
Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited).
|
|
oversize_log
string
|
|
Enable/disable logging for antivirus oversize file blocking.
|
|
pop3
dictionary
|
|
Configure POP3 protocol options.
|
|
|
inspect_all
string
|
|
Enable/disable the inspection of all ports for the protocol.
|
|
|
options
string
|
Choices:
- fragmail
- oversize
|
One or more options that can be applied to the session.
|
|
|
oversize_limit
integer
|
|
Maximum in-memory file size that can be scanned (1 - 383 MB).
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
scan_bzip2
string
|
|
Enable/disable scanning of BZip2 compressed files.
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
|
uncompressed_nest_limit
integer
|
|
Maximum nested levels of compression that can be uncompressed and scanned (2 - 100).
|
|
|
uncompressed_oversize_limit
integer
|
|
Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited).
|
|
replacemsg_group
string
|
|
Name of the replacement message group to be used Source system.replacemsg-group.name.
|
|
rpc_over_http
string
|
|
Enable/disable inspection of RPC over HTTP.
|
|
smtp
dictionary
|
|
Configure SMTP protocol options.
|
|
|
inspect_all
string
|
|
Enable/disable the inspection of all ports for the protocol.
|
|
|
options
string
|
Choices:
- fragmail
- oversize
- splice
|
One or more options that can be applied to the session.
|
|
|
oversize_limit
integer
|
|
Maximum in-memory file size that can be scanned (1 - 383 MB).
|
|
|
ports
integer
|
|
Ports to scan for content (1 - 65535).
|
|
|
scan_bzip2
string
|
|
Enable/disable scanning of BZip2 compressed files.
|
|
|
server_busy
string
|
|
Enable/disable SMTP server busy when server not available.
|
|
|
status
string
|
|
Enable/disable the active status of scanning for this protocol.
|
|
|
uncompressed_nest_limit
integer
|
|
Maximum nested levels of compression that can be uncompressed and scanned (2 - 100).
|
|
|
uncompressed_oversize_limit
integer
|
|
Maximum in-memory uncompressed file size that can be scanned (0 - 383 MB, 0 = unlimited).
|
|
state
string
|
|
Deprecated
Starting with Ansible 2.9 we recommend using the top-level 'state' parameter.
Indicates whether to create or remove the object.
|
|
switching_protocols_log
string
|
|
Enable/disable logging for HTTP/HTTPS switching protocols.
|
host
string
|
|
FortiOS or FortiGate IP address.
|
https
boolean
|
|
Indicates if the requests towards FortiGate must use HTTPS protocol.
|
password
string
|
Default:
""
|
FortiOS or FortiGate password.
|
ssl_verify
boolean
added in 2.9 |
|
Ensures FortiGate certificate must be verified by a proper CA.
|
state
string
added in 2.9 |
|
Indicates whether to create or remove the object. This attribute was present already in previous version in a deeper level. It has been moved out to this outer level.
|
username
string
|
|
FortiOS or FortiGate username.
|
vdom
string
|
Default:
"root"
|
Virtual domain, among those defined previously. A vdom is a virtual instance of the FortiGate that can be configured and used as a different unit.
|