From bce0f2152c9fd52f607ef75dac87bd8e94290db7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Miguel=20Angel=20Mu=C3=B1oz=20Gonz=C3=A1lez?= Date: Thu, 21 Feb 2019 20:47:06 +0100 Subject: [PATCH] Fortinet's FortiOS router bgp (#52397) --- .../network/fortios/fortios_router_bgp.py | 2038 +++++++++++++++++ 1 file changed, 2038 insertions(+) create mode 100644 lib/ansible/modules/network/fortios/fortios_router_bgp.py diff --git a/lib/ansible/modules/network/fortios/fortios_router_bgp.py b/lib/ansible/modules/network/fortios/fortios_router_bgp.py new file mode 100644 index 0000000000..7e94911136 --- /dev/null +++ b/lib/ansible/modules/network/fortios/fortios_router_bgp.py @@ -0,0 +1,2038 @@ +#!/usr/bin/python +from __future__ import (absolute_import, division, print_function) +# Copyright 2019 Fortinet, Inc. +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . +# +# the lib use python logging can get it if the following is set in your +# Ansible config. + +__metaclass__ = type + +ANSIBLE_METADATA = {'status': ['preview'], + 'supported_by': 'community', + 'metadata_version': '1.1'} + +DOCUMENTATION = ''' +--- +module: fortios_router_bgp +short_description: Configure BGP in Fortinet's FortiOS and FortiGate. +description: + - This module is able to configure a FortiGate or FortiOS by allowing the + user to set and modify router feature and bgp category. + Examples include all parameters and values need to be adjusted to datasources before usage. + Tested with FOS v6.0.2 +version_added: "2.8" +author: + - Miguel Angel Munoz (@mamunozgonzalez) + - Nicolas Thomas (@thomnico) +notes: + - Requires fortiosapi library developed by Fortinet + - Run as a local_action in your playbook +requirements: + - fortiosapi>=0.9.8 +options: + host: + description: + - FortiOS or FortiGate ip address. + required: true + username: + description: + - FortiOS or FortiGate username. + required: true + password: + description: + - FortiOS or FortiGate password. + default: "" + vdom: + description: + - Virtual domain, among those defined previously. A vdom is a + virtual instance of the FortiGate that can be configured and + used as a different unit. + default: root + https: + description: + - Indicates if the requests towards FortiGate must use HTTPS + protocol + type: bool + default: true + router_bgp: + description: + - Configure BGP. + default: null + suboptions: + admin-distance: + description: + - Administrative distance modifications. + suboptions: + distance: + description: + - Administrative distance to apply (1 - 255). + id: + description: + - ID. + required: true + neighbour-prefix: + description: + - Neighbor address prefix. + route-list: + description: + - Access list of routes to apply new distance to. Source router.access-list.name. + aggregate-address: + description: + - BGP aggregate address table. + suboptions: + as-set: + description: + - Enable/disable generate AS set path information. + choices: + - enable + - disable + id: + description: + - ID. + required: true + prefix: + description: + - Aggregate prefix. + summary-only: + description: + - Enable/disable filter more specific routes from updates. + choices: + - enable + - disable + aggregate-address6: + description: + - BGP IPv6 aggregate address table. + suboptions: + as-set: + description: + - Enable/disable generate AS set path information. + choices: + - enable + - disable + id: + description: + - ID. + required: true + prefix6: + description: + - Aggregate IPv6 prefix. + summary-only: + description: + - Enable/disable filter more specific routes from updates. + choices: + - enable + - disable + always-compare-med: + description: + - Enable/disable always compare MED. + choices: + - enable + - disable + as: + description: + - Router AS number, valid from 1 to 4294967295, 0 to disable BGP. + bestpath-as-path-ignore: + description: + - Enable/disable ignore AS path. + choices: + - enable + - disable + bestpath-cmp-confed-aspath: + description: + - Enable/disable compare federation AS path length. + choices: + - enable + - disable + bestpath-cmp-routerid: + description: + - Enable/disable compare router ID for identical EBGP paths. + choices: + - enable + - disable + bestpath-med-confed: + description: + - Enable/disable compare MED among confederation paths. + choices: + - enable + - disable + bestpath-med-missing-as-worst: + description: + - Enable/disable treat missing MED as least preferred. + choices: + - enable + - disable + client-to-client-reflection: + description: + - Enable/disable client-to-client route reflection. + choices: + - enable + - disable + cluster-id: + description: + - Route reflector cluster ID. + confederation-identifier: + description: + - Confederation identifier. + confederation-peers: + description: + - Confederation peers. + suboptions: + peer: + description: + - Peer ID. + required: true + dampening: + description: + - Enable/disable route-flap dampening. + choices: + - enable + - disable + dampening-max-suppress-time: + description: + - Maximum minutes a route can be suppressed. + dampening-reachability-half-life: + description: + - Reachability half-life time for penalty (min). + dampening-reuse: + description: + - Threshold to reuse routes. + dampening-route-map: + description: + - Criteria for dampening. Source router.route-map.name. + dampening-suppress: + description: + - Threshold to suppress routes. + dampening-unreachability-half-life: + description: + - Unreachability half-life time for penalty (min). + default-local-preference: + description: + - Default local preference. + deterministic-med: + description: + - Enable/disable enforce deterministic comparison of MED. + choices: + - enable + - disable + distance-external: + description: + - Distance for routes external to the AS. + distance-internal: + description: + - Distance for routes internal to the AS. + distance-local: + description: + - Distance for routes local to the AS. + ebgp-multipath: + description: + - Enable/disable EBGP multi-path. + choices: + - enable + - disable + enforce-first-as: + description: + - Enable/disable enforce first AS for EBGP routes. + choices: + - enable + - disable + fast-external-failover: + description: + - Enable/disable reset peer BGP session if link goes down. + choices: + - enable + - disable + graceful-end-on-timer: + description: + - Enable/disable to exit graceful restart on timer only. + choices: + - enable + - disable + graceful-restart: + description: + - Enable/disable BGP graceful restart capabilities. + choices: + - enable + - disable + graceful-restart-time: + description: + - Time needed for neighbors to restart (sec). + graceful-stalepath-time: + description: + - Time to hold stale paths of restarting neighbor (sec). + graceful-update-delay: + description: + - Route advertisement/selection delay after restart (sec). + holdtime-timer: + description: + - Number of seconds to mark peer as dead. + ibgp-multipath: + description: + - Enable/disable IBGP multi-path. + choices: + - enable + - disable + ignore-optional-capability: + description: + - Don't send unknown optional capability notification message + choices: + - enable + - disable + keepalive-timer: + description: + - Frequency to send keep alive requests. + log-neighbour-changes: + description: + - Enable logging of BGP neighbour's changes + choices: + - enable + - disable + neighbor: + description: + - BGP neighbor table. + suboptions: + activate: + description: + - Enable/disable address family IPv4 for this neighbor. + choices: + - enable + - disable + activate6: + description: + - Enable/disable address family IPv6 for this neighbor. + choices: + - enable + - disable + advertisement-interval: + description: + - Minimum interval (sec) between sending updates. + allowas-in: + description: + - IPv4 The maximum number of occurrence of my AS number allowed. + allowas-in-enable: + description: + - Enable/disable IPv4 Enable to allow my AS in AS path. + choices: + - enable + - disable + allowas-in-enable6: + description: + - Enable/disable IPv6 Enable to allow my AS in AS path. + choices: + - enable + - disable + allowas-in6: + description: + - IPv6 The maximum number of occurrence of my AS number allowed. + as-override: + description: + - Enable/disable replace peer AS with own AS for IPv4. + choices: + - enable + - disable + as-override6: + description: + - Enable/disable replace peer AS with own AS for IPv6. + choices: + - enable + - disable + attribute-unchanged: + description: + - IPv4 List of attributes that should be unchanged. + choices: + - as-path + - med + - next-hop + attribute-unchanged6: + description: + - IPv6 List of attributes that should be unchanged. + choices: + - as-path + - med + - next-hop + bfd: + description: + - Enable/disable BFD for this neighbor. + choices: + - enable + - disable + capability-default-originate: + description: + - Enable/disable advertise default IPv4 route to this neighbor. + choices: + - enable + - disable + capability-default-originate6: + description: + - Enable/disable advertise default IPv6 route to this neighbor. + choices: + - enable + - disable + capability-dynamic: + description: + - Enable/disable advertise dynamic capability to this neighbor. + choices: + - enable + - disable + capability-graceful-restart: + description: + - Enable/disable advertise IPv4 graceful restart capability to this neighbor. + choices: + - enable + - disable + capability-graceful-restart6: + description: + - Enable/disable advertise IPv6 graceful restart capability to this neighbor. + choices: + - enable + - disable + capability-orf: + description: + - Accept/Send IPv4 ORF lists to/from this neighbor. + choices: + - none + - receive + - send + - both + capability-orf6: + description: + - Accept/Send IPv6 ORF lists to/from this neighbor. + choices: + - none + - receive + - send + - both + capability-route-refresh: + description: + - Enable/disable advertise route refresh capability to this neighbor. + choices: + - enable + - disable + conditional-advertise: + description: + - Conditional advertisement. + suboptions: + advertise-routemap: + description: + - Name of advertising route map. Source router.route-map.name. + required: true + condition-routemap: + description: + - Name of condition route map. Source router.route-map.name. + condition-type: + description: + - Type of condition. + choices: + - exist + - non-exist + connect-timer: + description: + - Interval (sec) for connect timer. + default-originate-routemap: + description: + - Route map to specify criteria to originate IPv4 default. Source router.route-map.name. + default-originate-routemap6: + description: + - Route map to specify criteria to originate IPv6 default. Source router.route-map.name. + description: + description: + - Description. + distribute-list-in: + description: + - Filter for IPv4 updates from this neighbor. Source router.access-list.name. + distribute-list-in6: + description: + - Filter for IPv6 updates from this neighbor. Source router.access-list6.name. + distribute-list-out: + description: + - Filter for IPv4 updates to this neighbor. Source router.access-list.name. + distribute-list-out6: + description: + - Filter for IPv6 updates to this neighbor. Source router.access-list6.name. + dont-capability-negotiate: + description: + - Don't negotiate capabilities with this neighbor + choices: + - enable + - disable + ebgp-enforce-multihop: + description: + - Enable/disable allow multi-hop EBGP neighbors. + choices: + - enable + - disable + ebgp-multihop-ttl: + description: + - EBGP multihop TTL for this peer. + filter-list-in: + description: + - BGP filter for IPv4 inbound routes. Source router.aspath-list.name. + filter-list-in6: + description: + - BGP filter for IPv6 inbound routes. Source router.aspath-list.name. + filter-list-out: + description: + - BGP filter for IPv4 outbound routes. Source router.aspath-list.name. + filter-list-out6: + description: + - BGP filter for IPv6 outbound routes. Source router.aspath-list.name. + holdtime-timer: + description: + - Interval (sec) before peer considered dead. + interface: + description: + - Interface Source system.interface.name. + ip: + description: + - IP/IPv6 address of neighbor. + required: true + keep-alive-timer: + description: + - Keep alive timer interval (sec). + link-down-failover: + description: + - Enable/disable failover upon link down. + choices: + - enable + - disable + local-as: + description: + - Local AS number of neighbor. + local-as-no-prepend: + description: + - Do not prepend local-as to incoming updates. + choices: + - enable + - disable + local-as-replace-as: + description: + - Replace real AS with local-as in outgoing updates. + choices: + - enable + - disable + maximum-prefix: + description: + - Maximum number of IPv4 prefixes to accept from this peer. + maximum-prefix-threshold: + description: + - Maximum IPv4 prefix threshold value (1 - 100 percent). + maximum-prefix-threshold6: + description: + - Maximum IPv6 prefix threshold value (1 - 100 percent). + maximum-prefix-warning-only: + description: + - Enable/disable IPv4 Only give warning message when limit is exceeded. + choices: + - enable + - disable + maximum-prefix-warning-only6: + description: + - Enable/disable IPv6 Only give warning message when limit is exceeded. + choices: + - enable + - disable + maximum-prefix6: + description: + - Maximum number of IPv6 prefixes to accept from this peer. + next-hop-self: + description: + - Enable/disable IPv4 next-hop calculation for this neighbor. + choices: + - enable + - disable + next-hop-self6: + description: + - Enable/disable IPv6 next-hop calculation for this neighbor. + choices: + - enable + - disable + override-capability: + description: + - Enable/disable override result of capability negotiation. + choices: + - enable + - disable + passive: + description: + - Enable/disable sending of open messages to this neighbor. + choices: + - enable + - disable + password: + description: + - Password used in MD5 authentication. + prefix-list-in: + description: + - IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name. + prefix-list-in6: + description: + - IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name. + prefix-list-out: + description: + - IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name. + prefix-list-out6: + description: + - IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name. + remote-as: + description: + - AS number of neighbor. + remove-private-as: + description: + - Enable/disable remove private AS number from IPv4 outbound updates. + choices: + - enable + - disable + remove-private-as6: + description: + - Enable/disable remove private AS number from IPv6 outbound updates. + choices: + - enable + - disable + restart-time: + description: + - Graceful restart delay time (sec, 0 = global default). + retain-stale-time: + description: + - Time to retain stale routes. + route-map-in: + description: + - IPv4 Inbound route map filter. Source router.route-map.name. + route-map-in6: + description: + - IPv6 Inbound route map filter. Source router.route-map.name. + route-map-out: + description: + - IPv4 Outbound route map filter. Source router.route-map.name. + route-map-out6: + description: + - IPv6 Outbound route map filter. Source router.route-map.name. + route-reflector-client: + description: + - Enable/disable IPv4 AS route reflector client. + choices: + - enable + - disable + route-reflector-client6: + description: + - Enable/disable IPv6 AS route reflector client. + choices: + - enable + - disable + route-server-client: + description: + - Enable/disable IPv4 AS route server client. + choices: + - enable + - disable + route-server-client6: + description: + - Enable/disable IPv6 AS route server client. + choices: + - enable + - disable + send-community: + description: + - IPv4 Send community attribute to neighbor. + choices: + - standard + - extended + - both + - disable + send-community6: + description: + - IPv6 Send community attribute to neighbor. + choices: + - standard + - extended + - both + - disable + shutdown: + description: + - Enable/disable shutdown this neighbor. + choices: + - enable + - disable + soft-reconfiguration: + description: + - Enable/disable allow IPv4 inbound soft reconfiguration. + choices: + - enable + - disable + soft-reconfiguration6: + description: + - Enable/disable allow IPv6 inbound soft reconfiguration. + choices: + - enable + - disable + stale-route: + description: + - Enable/disable stale route after neighbor down. + choices: + - enable + - disable + strict-capability-match: + description: + - Enable/disable strict capability matching. + choices: + - enable + - disable + unsuppress-map: + description: + - IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. + unsuppress-map6: + description: + - IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. + update-source: + description: + - Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name. + weight: + description: + - Neighbor weight. + neighbor-group: + description: + - BGP neighbor group table. + suboptions: + activate: + description: + - Enable/disable address family IPv4 for this neighbor. + choices: + - enable + - disable + activate6: + description: + - Enable/disable address family IPv6 for this neighbor. + choices: + - enable + - disable + advertisement-interval: + description: + - Minimum interval (sec) between sending updates. + allowas-in: + description: + - IPv4 The maximum number of occurrence of my AS number allowed. + allowas-in-enable: + description: + - Enable/disable IPv4 Enable to allow my AS in AS path. + choices: + - enable + - disable + allowas-in-enable6: + description: + - Enable/disable IPv6 Enable to allow my AS in AS path. + choices: + - enable + - disable + allowas-in6: + description: + - IPv6 The maximum number of occurrence of my AS number allowed. + as-override: + description: + - Enable/disable replace peer AS with own AS for IPv4. + choices: + - enable + - disable + as-override6: + description: + - Enable/disable replace peer AS with own AS for IPv6. + choices: + - enable + - disable + attribute-unchanged: + description: + - IPv4 List of attributes that should be unchanged. + choices: + - as-path + - med + - next-hop + attribute-unchanged6: + description: + - IPv6 List of attributes that should be unchanged. + choices: + - as-path + - med + - next-hop + bfd: + description: + - Enable/disable BFD for this neighbor. + choices: + - enable + - disable + capability-default-originate: + description: + - Enable/disable advertise default IPv4 route to this neighbor. + choices: + - enable + - disable + capability-default-originate6: + description: + - Enable/disable advertise default IPv6 route to this neighbor. + choices: + - enable + - disable + capability-dynamic: + description: + - Enable/disable advertise dynamic capability to this neighbor. + choices: + - enable + - disable + capability-graceful-restart: + description: + - Enable/disable advertise IPv4 graceful restart capability to this neighbor. + choices: + - enable + - disable + capability-graceful-restart6: + description: + - Enable/disable advertise IPv6 graceful restart capability to this neighbor. + choices: + - enable + - disable + capability-orf: + description: + - Accept/Send IPv4 ORF lists to/from this neighbor. + choices: + - none + - receive + - send + - both + capability-orf6: + description: + - Accept/Send IPv6 ORF lists to/from this neighbor. + choices: + - none + - receive + - send + - both + capability-route-refresh: + description: + - Enable/disable advertise route refresh capability to this neighbor. + choices: + - enable + - disable + connect-timer: + description: + - Interval (sec) for connect timer. + default-originate-routemap: + description: + - Route map to specify criteria to originate IPv4 default. Source router.route-map.name. + default-originate-routemap6: + description: + - Route map to specify criteria to originate IPv6 default. Source router.route-map.name. + description: + description: + - Description. + distribute-list-in: + description: + - Filter for IPv4 updates from this neighbor. Source router.access-list.name. + distribute-list-in6: + description: + - Filter for IPv6 updates from this neighbor. Source router.access-list6.name. + distribute-list-out: + description: + - Filter for IPv4 updates to this neighbor. Source router.access-list.name. + distribute-list-out6: + description: + - Filter for IPv6 updates to this neighbor. Source router.access-list6.name. + dont-capability-negotiate: + description: + - Don't negotiate capabilities with this neighbor + choices: + - enable + - disable + ebgp-enforce-multihop: + description: + - Enable/disable allow multi-hop EBGP neighbors. + choices: + - enable + - disable + ebgp-multihop-ttl: + description: + - EBGP multihop TTL for this peer. + filter-list-in: + description: + - BGP filter for IPv4 inbound routes. Source router.aspath-list.name. + filter-list-in6: + description: + - BGP filter for IPv6 inbound routes. Source router.aspath-list.name. + filter-list-out: + description: + - BGP filter for IPv4 outbound routes. Source router.aspath-list.name. + filter-list-out6: + description: + - BGP filter for IPv6 outbound routes. Source router.aspath-list.name. + holdtime-timer: + description: + - Interval (sec) before peer considered dead. + interface: + description: + - Interface Source system.interface.name. + keep-alive-timer: + description: + - Keep alive timer interval (sec). + link-down-failover: + description: + - Enable/disable failover upon link down. + choices: + - enable + - disable + local-as: + description: + - Local AS number of neighbor. + local-as-no-prepend: + description: + - Do not prepend local-as to incoming updates. + choices: + - enable + - disable + local-as-replace-as: + description: + - Replace real AS with local-as in outgoing updates. + choices: + - enable + - disable + maximum-prefix: + description: + - Maximum number of IPv4 prefixes to accept from this peer. + maximum-prefix-threshold: + description: + - Maximum IPv4 prefix threshold value (1 - 100 percent). + maximum-prefix-threshold6: + description: + - Maximum IPv6 prefix threshold value (1 - 100 percent). + maximum-prefix-warning-only: + description: + - Enable/disable IPv4 Only give warning message when limit is exceeded. + choices: + - enable + - disable + maximum-prefix-warning-only6: + description: + - Enable/disable IPv6 Only give warning message when limit is exceeded. + choices: + - enable + - disable + maximum-prefix6: + description: + - Maximum number of IPv6 prefixes to accept from this peer. + name: + description: + - Neighbor group name. + required: true + next-hop-self: + description: + - Enable/disable IPv4 next-hop calculation for this neighbor. + choices: + - enable + - disable + next-hop-self6: + description: + - Enable/disable IPv6 next-hop calculation for this neighbor. + choices: + - enable + - disable + override-capability: + description: + - Enable/disable override result of capability negotiation. + choices: + - enable + - disable + passive: + description: + - Enable/disable sending of open messages to this neighbor. + choices: + - enable + - disable + prefix-list-in: + description: + - IPv4 Inbound filter for updates from this neighbor. Source router.prefix-list.name. + prefix-list-in6: + description: + - IPv6 Inbound filter for updates from this neighbor. Source router.prefix-list6.name. + prefix-list-out: + description: + - IPv4 Outbound filter for updates to this neighbor. Source router.prefix-list.name. + prefix-list-out6: + description: + - IPv6 Outbound filter for updates to this neighbor. Source router.prefix-list6.name. + remote-as: + description: + - AS number of neighbor. + remove-private-as: + description: + - Enable/disable remove private AS number from IPv4 outbound updates. + choices: + - enable + - disable + remove-private-as6: + description: + - Enable/disable remove private AS number from IPv6 outbound updates. + choices: + - enable + - disable + restart-time: + description: + - Graceful restart delay time (sec, 0 = global default). + retain-stale-time: + description: + - Time to retain stale routes. + route-map-in: + description: + - IPv4 Inbound route map filter. Source router.route-map.name. + route-map-in6: + description: + - IPv6 Inbound route map filter. Source router.route-map.name. + route-map-out: + description: + - IPv4 Outbound route map filter. Source router.route-map.name. + route-map-out6: + description: + - IPv6 Outbound route map filter. Source router.route-map.name. + route-reflector-client: + description: + - Enable/disable IPv4 AS route reflector client. + choices: + - enable + - disable + route-reflector-client6: + description: + - Enable/disable IPv6 AS route reflector client. + choices: + - enable + - disable + route-server-client: + description: + - Enable/disable IPv4 AS route server client. + choices: + - enable + - disable + route-server-client6: + description: + - Enable/disable IPv6 AS route server client. + choices: + - enable + - disable + send-community: + description: + - IPv4 Send community attribute to neighbor. + choices: + - standard + - extended + - both + - disable + send-community6: + description: + - IPv6 Send community attribute to neighbor. + choices: + - standard + - extended + - both + - disable + shutdown: + description: + - Enable/disable shutdown this neighbor. + choices: + - enable + - disable + soft-reconfiguration: + description: + - Enable/disable allow IPv4 inbound soft reconfiguration. + choices: + - enable + - disable + soft-reconfiguration6: + description: + - Enable/disable allow IPv6 inbound soft reconfiguration. + choices: + - enable + - disable + stale-route: + description: + - Enable/disable stale route after neighbor down. + choices: + - enable + - disable + strict-capability-match: + description: + - Enable/disable strict capability matching. + choices: + - enable + - disable + unsuppress-map: + description: + - IPv4 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. + unsuppress-map6: + description: + - IPv6 Route map to selectively unsuppress suppressed routes. Source router.route-map.name. + update-source: + description: + - Interface to use as source IP/IPv6 address of TCP connections. Source system.interface.name. + weight: + description: + - Neighbor weight. + neighbor-range: + description: + - BGP neighbor range table. + suboptions: + id: + description: + - Neighbor range ID. + required: true + max-neighbor-num: + description: + - Maximum number of neighbors. + neighbor-group: + description: + - Neighbor group name. Source router.bgp.neighbor-group.name. + prefix: + description: + - Neighbor range prefix. + network: + description: + - BGP network table. + suboptions: + backdoor: + description: + - Enable/disable route as backdoor. + choices: + - enable + - disable + id: + description: + - ID. + required: true + prefix: + description: + - Network prefix. + route-map: + description: + - Route map to modify generated route. Source router.route-map.name. + network-import-check: + description: + - Enable/disable ensure BGP network route exists in IGP. + choices: + - enable + - disable + network6: + description: + - BGP IPv6 network table. + suboptions: + backdoor: + description: + - Enable/disable route as backdoor. + choices: + - enable + - disable + id: + description: + - ID. + required: true + prefix6: + description: + - Network IPv6 prefix. + route-map: + description: + - Route map to modify generated route. Source router.route-map.name. + redistribute: + description: + - BGP IPv4 redistribute table. + suboptions: + name: + description: + - Distribute list entry name. + required: true + route-map: + description: + - Route map name. Source router.route-map.name. + status: + description: + - Status + choices: + - enable + - disable + redistribute6: + description: + - BGP IPv6 redistribute table. + suboptions: + name: + description: + - Distribute list entry name. + required: true + route-map: + description: + - Route map name. Source router.route-map.name. + status: + description: + - Status + choices: + - enable + - disable + router-id: + description: + - Router ID. + scan-time: + description: + - Background scanner interval (sec), 0 to disable it. + synchronization: + description: + - Enable/disable only advertise routes from iBGP if routes present in an IGP. + choices: + - enable + - disable +''' + +EXAMPLES = ''' +- hosts: localhost + vars: + host: "192.168.122.40" + username: "admin" + password: "" + vdom: "root" + tasks: + - name: Configure BGP. + fortios_router_bgp: + host: "{{ host }}" + username: "{{ username }}" + password: "{{ password }}" + vdom: "{{ vdom }}" + https: "False" + router_bgp: + admin-distance: + - + distance: "4" + id: "5" + neighbour-prefix: "" + route-list: " (source router.access-list.name)" + aggregate-address: + - + as-set: "enable" + id: "10" + prefix: "" + summary-only: "enable" + aggregate-address6: + - + as-set: "enable" + id: "15" + prefix6: "" + summary-only: "enable" + always-compare-med: "enable" + as: "19" + bestpath-as-path-ignore: "enable" + bestpath-cmp-confed-aspath: "enable" + bestpath-cmp-routerid: "enable" + bestpath-med-confed: "enable" + bestpath-med-missing-as-worst: "enable" + client-to-client-reflection: "enable" + cluster-id: "" + confederation-identifier: "27" + confederation-peers: + - + peer: "" + dampening: "enable" + dampening-max-suppress-time: "31" + dampening-reachability-half-life: "32" + dampening-reuse: "33" + dampening-route-map: " (source router.route-map.name)" + dampening-suppress: "35" + dampening-unreachability-half-life: "36" + default-local-preference: "37" + deterministic-med: "enable" + distance-external: "39" + distance-internal: "40" + distance-local: "41" + ebgp-multipath: "enable" + enforce-first-as: "enable" + fast-external-failover: "enable" + graceful-end-on-timer: "enable" + graceful-restart: "enable" + graceful-restart-time: "47" + graceful-stalepath-time: "48" + graceful-update-delay: "49" + holdtime-timer: "50" + ibgp-multipath: "enable" + ignore-optional-capability: "enable" + keepalive-timer: "53" + log-neighbour-changes: "enable" + neighbor: + - + activate: "enable" + activate6: "enable" + advertisement-interval: "58" + allowas-in: "59" + allowas-in-enable: "enable" + allowas-in-enable6: "enable" + allowas-in6: "62" + as-override: "enable" + as-override6: "enable" + attribute-unchanged: "as-path" + attribute-unchanged6: "as-path" + bfd: "enable" + capability-default-originate: "enable" + capability-default-originate6: "enable" + capability-dynamic: "enable" + capability-graceful-restart: "enable" + capability-graceful-restart6: "enable" + capability-orf: "none" + capability-orf6: "none" + capability-route-refresh: "enable" + conditional-advertise: + - + advertise-routemap: " (source router.route-map.name)" + condition-routemap: " (source router.route-map.name)" + condition-type: "exist" + connect-timer: "80" + default-originate-routemap: " (source router.route-map.name)" + default-originate-routemap6: " (source router.route-map.name)" + description: "" + distribute-list-in: " (source router.access-list.name)" + distribute-list-in6: " (source router.access-list6.name)" + distribute-list-out: " (source router.access-list.name)" + distribute-list-out6: " (source router.access-list6.name)" + dont-capability-negotiate: "enable" + ebgp-enforce-multihop: "enable" + ebgp-multihop-ttl: "90" + filter-list-in: " (source router.aspath-list.name)" + filter-list-in6: " (source router.aspath-list.name)" + filter-list-out: " (source router.aspath-list.name)" + filter-list-out6: " (source router.aspath-list.name)" + holdtime-timer: "95" + interface: " (source system.interface.name)" + ip: "" + keep-alive-timer: "98" + link-down-failover: "enable" + local-as: "100" + local-as-no-prepend: "enable" + local-as-replace-as: "enable" + maximum-prefix: "103" + maximum-prefix-threshold: "104" + maximum-prefix-threshold6: "105" + maximum-prefix-warning-only: "enable" + maximum-prefix-warning-only6: "enable" + maximum-prefix6: "108" + next-hop-self: "enable" + next-hop-self6: "enable" + override-capability: "enable" + passive: "enable" + password: "" + prefix-list-in: " (source router.prefix-list.name)" + prefix-list-in6: " (source router.prefix-list6.name)" + prefix-list-out: " (source router.prefix-list.name)" + prefix-list-out6: " (source router.prefix-list6.name)" + remote-as: "118" + remove-private-as: "enable" + remove-private-as6: "enable" + restart-time: "121" + retain-stale-time: "122" + route-map-in: " (source router.route-map.name)" + route-map-in6: " (source router.route-map.name)" + route-map-out: " (source router.route-map.name)" + route-map-out6: " (source router.route-map.name)" + route-reflector-client: "enable" + route-reflector-client6: "enable" + route-server-client: "enable" + route-server-client6: "enable" + send-community: "standard" + send-community6: "standard" + shutdown: "enable" + soft-reconfiguration: "enable" + soft-reconfiguration6: "enable" + stale-route: "enable" + strict-capability-match: "enable" + unsuppress-map: " (source router.route-map.name)" + unsuppress-map6: " (source router.route-map.name)" + update-source: " (source system.interface.name)" + weight: "141" + neighbor-group: + - + activate: "enable" + activate6: "enable" + advertisement-interval: "145" + allowas-in: "146" + allowas-in-enable: "enable" + allowas-in-enable6: "enable" + allowas-in6: "149" + as-override: "enable" + as-override6: "enable" + attribute-unchanged: "as-path" + attribute-unchanged6: "as-path" + bfd: "enable" + capability-default-originate: "enable" + capability-default-originate6: "enable" + capability-dynamic: "enable" + capability-graceful-restart: "enable" + capability-graceful-restart6: "enable" + capability-orf: "none" + capability-orf6: "none" + capability-route-refresh: "enable" + connect-timer: "163" + default-originate-routemap: " (source router.route-map.name)" + default-originate-routemap6: " (source router.route-map.name)" + description: "" + distribute-list-in: " (source router.access-list.name)" + distribute-list-in6: " (source router.access-list6.name)" + distribute-list-out: " (source router.access-list.name)" + distribute-list-out6: " (source router.access-list6.name)" + dont-capability-negotiate: "enable" + ebgp-enforce-multihop: "enable" + ebgp-multihop-ttl: "173" + filter-list-in: " (source router.aspath-list.name)" + filter-list-in6: " (source router.aspath-list.name)" + filter-list-out: " (source router.aspath-list.name)" + filter-list-out6: " (source router.aspath-list.name)" + holdtime-timer: "178" + interface: " (source system.interface.name)" + keep-alive-timer: "180" + link-down-failover: "enable" + local-as: "182" + local-as-no-prepend: "enable" + local-as-replace-as: "enable" + maximum-prefix: "185" + maximum-prefix-threshold: "186" + maximum-prefix-threshold6: "187" + maximum-prefix-warning-only: "enable" + maximum-prefix-warning-only6: "enable" + maximum-prefix6: "190" + name: "default_name_191" + next-hop-self: "enable" + next-hop-self6: "enable" + override-capability: "enable" + passive: "enable" + prefix-list-in: " (source router.prefix-list.name)" + prefix-list-in6: " (source router.prefix-list6.name)" + prefix-list-out: " (source router.prefix-list.name)" + prefix-list-out6: " (source router.prefix-list6.name)" + remote-as: "200" + remove-private-as: "enable" + remove-private-as6: "enable" + restart-time: "203" + retain-stale-time: "204" + route-map-in: " (source router.route-map.name)" + route-map-in6: " (source router.route-map.name)" + route-map-out: " (source router.route-map.name)" + route-map-out6: " (source router.route-map.name)" + route-reflector-client: "enable" + route-reflector-client6: "enable" + route-server-client: "enable" + route-server-client6: "enable" + send-community: "standard" + send-community6: "standard" + shutdown: "enable" + soft-reconfiguration: "enable" + soft-reconfiguration6: "enable" + stale-route: "enable" + strict-capability-match: "enable" + unsuppress-map: " (source router.route-map.name)" + unsuppress-map6: " (source router.route-map.name)" + update-source: " (source system.interface.name)" + weight: "223" + neighbor-range: + - + id: "225" + max-neighbor-num: "226" + neighbor-group: " (source router.bgp.neighbor-group.name)" + prefix: "" + network: + - + backdoor: "enable" + id: "231" + prefix: "" + route-map: " (source router.route-map.name)" + network-import-check: "enable" + network6: + - + backdoor: "enable" + id: "237" + prefix6: "" + route-map: " (source router.route-map.name)" + redistribute: + - + name: "default_name_241" + route-map: " (source router.route-map.name)" + status: "enable" + redistribute6: + - + name: "default_name_245" + route-map: " (source router.route-map.name)" + status: "enable" + router-id: "" + scan-time: "249" + synchronization: "enable" +''' + +RETURN = ''' +build: + description: Build number of the fortigate image + returned: always + type: str + sample: '1547' +http_method: + description: Last method used to provision the content into FortiGate + returned: always + type: str + sample: 'PUT' +http_status: + description: Last result given by FortiGate on last operation applied + returned: always + type: str + sample: "200" +mkey: + description: Master key (id) used in the last call to FortiGate + returned: success + type: str + sample: "id" +name: + description: Name of the table used to fulfill the request + returned: always + type: str + sample: "urlfilter" +path: + description: Path of the table used to fulfill the request + returned: always + type: str + sample: "webfilter" +revision: + description: Internal revision number + returned: always + type: str + sample: "17.0.2.10658" +serial: + description: Serial number of the unit + returned: always + type: str + sample: "FGVMEVYYQT3AB5352" +status: + description: Indication of the operation's result + returned: always + type: str + sample: "success" +vdom: + description: Virtual domain used + returned: always + type: str + sample: "root" +version: + description: Version of the FortiGate + returned: always + type: str + sample: "v5.6.3" + +''' + +from ansible.module_utils.basic import AnsibleModule + +fos = None + + +def login(data): + host = data['host'] + username = data['username'] + password = data['password'] + + fos.debug('on') + if 'https' in data and not data['https']: + fos.https('off') + else: + fos.https('on') + + fos.login(host, username, password) + + +def filter_router_bgp_data(json): + option_list = ['admin-distance', 'aggregate-address', 'aggregate-address6', + 'always-compare-med', 'as', 'bestpath-as-path-ignore', + 'bestpath-cmp-confed-aspath', 'bestpath-cmp-routerid', 'bestpath-med-confed', + 'bestpath-med-missing-as-worst', 'client-to-client-reflection', 'cluster-id', + 'confederation-identifier', 'confederation-peers', 'dampening', + 'dampening-max-suppress-time', 'dampening-reachability-half-life', 'dampening-reuse', + 'dampening-route-map', 'dampening-suppress', 'dampening-unreachability-half-life', + 'default-local-preference', 'deterministic-med', 'distance-external', + 'distance-internal', 'distance-local', 'ebgp-multipath', + 'enforce-first-as', 'fast-external-failover', 'graceful-end-on-timer', + 'graceful-restart', 'graceful-restart-time', 'graceful-stalepath-time', + 'graceful-update-delay', 'holdtime-timer', 'ibgp-multipath', + 'ignore-optional-capability', 'keepalive-timer', 'log-neighbour-changes', + 'neighbor', 'neighbor-group', 'neighbor-range', + 'network', 'network-import-check', 'network6', + 'redistribute', 'redistribute6', 'router-id', + 'scan-time', 'synchronization'] + dictionary = {} + + for attribute in option_list: + if attribute in json and json[attribute] is not None: + dictionary[attribute] = json[attribute] + + return dictionary + + +def flatten_multilists_attributes(data): + multilist_attrs = [] + + for attr in multilist_attrs: + try: + path = "data['" + "']['".join(elem for elem in attr) + "']" + current_val = eval(path) + flattened_val = ' '.join(elem for elem in current_val) + exec(path + '= flattened_val') + except BaseException: + pass + + return data + + +def router_bgp(data, fos): + vdom = data['vdom'] + router_bgp_data = data['router_bgp'] + flattened_data = flatten_multilists_attributes(router_bgp_data) + filtered_data = filter_router_bgp_data(flattened_data) + return fos.set('router', + 'bgp', + data=filtered_data, + vdom=vdom) + + +def fortios_router(data, fos): + login(data) + + if data['router_bgp']: + resp = router_bgp(data, fos) + + fos.logout() + return not resp['status'] == "success", resp['status'] == "success", resp + + +def main(): + fields = { + "host": {"required": True, "type": "str"}, + "username": {"required": True, "type": "str"}, + "password": {"required": False, "type": "str", "no_log": True}, + "vdom": {"required": False, "type": "str", "default": "root"}, + "https": {"required": False, "type": "bool", "default": True}, + "router_bgp": { + "required": False, "type": "dict", + "options": { + "admin-distance": {"required": False, "type": "list", + "options": { + "distance": {"required": False, "type": "int"}, + "id": {"required": True, "type": "int"}, + "neighbour-prefix": {"required": False, "type": "str"}, + "route-list": {"required": False, "type": "str"} + }}, + "aggregate-address": {"required": False, "type": "list", + "options": { + "as-set": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "id": {"required": True, "type": "int"}, + "prefix": {"required": False, "type": "str"}, + "summary-only": {"required": False, "type": "str", + "choices": ["enable", "disable"]} + }}, + "aggregate-address6": {"required": False, "type": "list", + "options": { + "as-set": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "id": {"required": True, "type": "int"}, + "prefix6": {"required": False, "type": "str"}, + "summary-only": {"required": False, "type": "str", + "choices": ["enable", "disable"]} + }}, + "always-compare-med": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "as": {"required": False, "type": "int"}, + "bestpath-as-path-ignore": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "bestpath-cmp-confed-aspath": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "bestpath-cmp-routerid": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "bestpath-med-confed": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "bestpath-med-missing-as-worst": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "client-to-client-reflection": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "cluster-id": {"required": False, "type": "str"}, + "confederation-identifier": {"required": False, "type": "int"}, + "confederation-peers": {"required": False, "type": "list", + "options": { + "peer": {"required": True, "type": "str"} + }}, + "dampening": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "dampening-max-suppress-time": {"required": False, "type": "int"}, + "dampening-reachability-half-life": {"required": False, "type": "int"}, + "dampening-reuse": {"required": False, "type": "int"}, + "dampening-route-map": {"required": False, "type": "str"}, + "dampening-suppress": {"required": False, "type": "int"}, + "dampening-unreachability-half-life": {"required": False, "type": "int"}, + "default-local-preference": {"required": False, "type": "int"}, + "deterministic-med": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "distance-external": {"required": False, "type": "int"}, + "distance-internal": {"required": False, "type": "int"}, + "distance-local": {"required": False, "type": "int"}, + "ebgp-multipath": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "enforce-first-as": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "fast-external-failover": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "graceful-end-on-timer": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "graceful-restart": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "graceful-restart-time": {"required": False, "type": "int"}, + "graceful-stalepath-time": {"required": False, "type": "int"}, + "graceful-update-delay": {"required": False, "type": "int"}, + "holdtime-timer": {"required": False, "type": "int"}, + "ibgp-multipath": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "ignore-optional-capability": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "keepalive-timer": {"required": False, "type": "int"}, + "log-neighbour-changes": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "neighbor": {"required": False, "type": "list", + "options": { + "activate": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "activate6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "advertisement-interval": {"required": False, "type": "int"}, + "allowas-in": {"required": False, "type": "int"}, + "allowas-in-enable": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "allowas-in-enable6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "allowas-in6": {"required": False, "type": "int"}, + "as-override": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "as-override6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "attribute-unchanged": {"required": False, "type": "str", + "choices": ["as-path", "med", "next-hop"]}, + "attribute-unchanged6": {"required": False, "type": "str", + "choices": ["as-path", "med", "next-hop"]}, + "bfd": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-default-originate": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-default-originate6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-dynamic": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-graceful-restart": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-graceful-restart6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-orf": {"required": False, "type": "str", + "choices": ["none", "receive", "send", + "both"]}, + "capability-orf6": {"required": False, "type": "str", + "choices": ["none", "receive", "send", + "both"]}, + "capability-route-refresh": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "conditional-advertise": {"required": False, "type": "list", + "options": { + "advertise-routemap": {"required": True, "type": "str"}, + "condition-routemap": {"required": False, "type": "str"}, + "condition-type": {"required": False, "type": "str", + "choices": ["exist", "non-exist"]} + }}, + "connect-timer": {"required": False, "type": "int"}, + "default-originate-routemap": {"required": False, "type": "str"}, + "default-originate-routemap6": {"required": False, "type": "str"}, + "description": {"required": False, "type": "str"}, + "distribute-list-in": {"required": False, "type": "str"}, + "distribute-list-in6": {"required": False, "type": "str"}, + "distribute-list-out": {"required": False, "type": "str"}, + "distribute-list-out6": {"required": False, "type": "str"}, + "dont-capability-negotiate": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "ebgp-enforce-multihop": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "ebgp-multihop-ttl": {"required": False, "type": "int"}, + "filter-list-in": {"required": False, "type": "str"}, + "filter-list-in6": {"required": False, "type": "str"}, + "filter-list-out": {"required": False, "type": "str"}, + "filter-list-out6": {"required": False, "type": "str"}, + "holdtime-timer": {"required": False, "type": "int"}, + "interface": {"required": False, "type": "str"}, + "ip": {"required": True, "type": "str"}, + "keep-alive-timer": {"required": False, "type": "int"}, + "link-down-failover": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "local-as": {"required": False, "type": "int"}, + "local-as-no-prepend": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "local-as-replace-as": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "maximum-prefix": {"required": False, "type": "int"}, + "maximum-prefix-threshold": {"required": False, "type": "int"}, + "maximum-prefix-threshold6": {"required": False, "type": "int"}, + "maximum-prefix-warning-only": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "maximum-prefix-warning-only6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "maximum-prefix6": {"required": False, "type": "int"}, + "next-hop-self": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "next-hop-self6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "override-capability": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "passive": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "password": {"required": False, "type": "str"}, + "prefix-list-in": {"required": False, "type": "str"}, + "prefix-list-in6": {"required": False, "type": "str"}, + "prefix-list-out": {"required": False, "type": "str"}, + "prefix-list-out6": {"required": False, "type": "str"}, + "remote-as": {"required": False, "type": "int"}, + "remove-private-as": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "remove-private-as6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "restart-time": {"required": False, "type": "int"}, + "retain-stale-time": {"required": False, "type": "int"}, + "route-map-in": {"required": False, "type": "str"}, + "route-map-in6": {"required": False, "type": "str"}, + "route-map-out": {"required": False, "type": "str"}, + "route-map-out6": {"required": False, "type": "str"}, + "route-reflector-client": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "route-reflector-client6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "route-server-client": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "route-server-client6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "send-community": {"required": False, "type": "str", + "choices": ["standard", "extended", "both", + "disable"]}, + "send-community6": {"required": False, "type": "str", + "choices": ["standard", "extended", "both", + "disable"]}, + "shutdown": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "soft-reconfiguration": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "soft-reconfiguration6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "stale-route": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "strict-capability-match": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "unsuppress-map": {"required": False, "type": "str"}, + "unsuppress-map6": {"required": False, "type": "str"}, + "update-source": {"required": False, "type": "str"}, + "weight": {"required": False, "type": "int"} + }}, + "neighbor-group": {"required": False, "type": "list", + "options": { + "activate": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "activate6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "advertisement-interval": {"required": False, "type": "int"}, + "allowas-in": {"required": False, "type": "int"}, + "allowas-in-enable": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "allowas-in-enable6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "allowas-in6": {"required": False, "type": "int"}, + "as-override": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "as-override6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "attribute-unchanged": {"required": False, "type": "str", + "choices": ["as-path", "med", "next-hop"]}, + "attribute-unchanged6": {"required": False, "type": "str", + "choices": ["as-path", "med", "next-hop"]}, + "bfd": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-default-originate": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-default-originate6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-dynamic": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-graceful-restart": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-graceful-restart6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "capability-orf": {"required": False, "type": "str", + "choices": ["none", "receive", "send", + "both"]}, + "capability-orf6": {"required": False, "type": "str", + "choices": ["none", "receive", "send", + "both"]}, + "capability-route-refresh": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "connect-timer": {"required": False, "type": "int"}, + "default-originate-routemap": {"required": False, "type": "str"}, + "default-originate-routemap6": {"required": False, "type": "str"}, + "description": {"required": False, "type": "str"}, + "distribute-list-in": {"required": False, "type": "str"}, + "distribute-list-in6": {"required": False, "type": "str"}, + "distribute-list-out": {"required": False, "type": "str"}, + "distribute-list-out6": {"required": False, "type": "str"}, + "dont-capability-negotiate": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "ebgp-enforce-multihop": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "ebgp-multihop-ttl": {"required": False, "type": "int"}, + "filter-list-in": {"required": False, "type": "str"}, + "filter-list-in6": {"required": False, "type": "str"}, + "filter-list-out": {"required": False, "type": "str"}, + "filter-list-out6": {"required": False, "type": "str"}, + "holdtime-timer": {"required": False, "type": "int"}, + "interface": {"required": False, "type": "str"}, + "keep-alive-timer": {"required": False, "type": "int"}, + "link-down-failover": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "local-as": {"required": False, "type": "int"}, + "local-as-no-prepend": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "local-as-replace-as": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "maximum-prefix": {"required": False, "type": "int"}, + "maximum-prefix-threshold": {"required": False, "type": "int"}, + "maximum-prefix-threshold6": {"required": False, "type": "int"}, + "maximum-prefix-warning-only": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "maximum-prefix-warning-only6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "maximum-prefix6": {"required": False, "type": "int"}, + "name": {"required": True, "type": "str"}, + "next-hop-self": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "next-hop-self6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "override-capability": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "passive": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "prefix-list-in": {"required": False, "type": "str"}, + "prefix-list-in6": {"required": False, "type": "str"}, + "prefix-list-out": {"required": False, "type": "str"}, + "prefix-list-out6": {"required": False, "type": "str"}, + "remote-as": {"required": False, "type": "int"}, + "remove-private-as": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "remove-private-as6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "restart-time": {"required": False, "type": "int"}, + "retain-stale-time": {"required": False, "type": "int"}, + "route-map-in": {"required": False, "type": "str"}, + "route-map-in6": {"required": False, "type": "str"}, + "route-map-out": {"required": False, "type": "str"}, + "route-map-out6": {"required": False, "type": "str"}, + "route-reflector-client": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "route-reflector-client6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "route-server-client": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "route-server-client6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "send-community": {"required": False, "type": "str", + "choices": ["standard", "extended", "both", + "disable"]}, + "send-community6": {"required": False, "type": "str", + "choices": ["standard", "extended", "both", + "disable"]}, + "shutdown": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "soft-reconfiguration": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "soft-reconfiguration6": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "stale-route": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "strict-capability-match": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "unsuppress-map": {"required": False, "type": "str"}, + "unsuppress-map6": {"required": False, "type": "str"}, + "update-source": {"required": False, "type": "str"}, + "weight": {"required": False, "type": "int"} + }}, + "neighbor-range": {"required": False, "type": "list", + "options": { + "id": {"required": True, "type": "int"}, + "max-neighbor-num": {"required": False, "type": "int"}, + "neighbor-group": {"required": False, "type": "str"}, + "prefix": {"required": False, "type": "str"} + }}, + "network": {"required": False, "type": "list", + "options": { + "backdoor": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "id": {"required": True, "type": "int"}, + "prefix": {"required": False, "type": "str"}, + "route-map": {"required": False, "type": "str"} + }}, + "network-import-check": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "network6": {"required": False, "type": "list", + "options": { + "backdoor": {"required": False, "type": "str", + "choices": ["enable", "disable"]}, + "id": {"required": True, "type": "int"}, + "prefix6": {"required": False, "type": "str"}, + "route-map": {"required": False, "type": "str"} + }}, + "redistribute": {"required": False, "type": "list", + "options": { + "name": {"required": True, "type": "str"}, + "route-map": {"required": False, "type": "str"}, + "status": {"required": False, "type": "str", + "choices": ["enable", "disable"]} + }}, + "redistribute6": {"required": False, "type": "list", + "options": { + "name": {"required": True, "type": "str"}, + "route-map": {"required": False, "type": "str"}, + "status": {"required": False, "type": "str", + "choices": ["enable", "disable"]} + }}, + "router-id": {"required": False, "type": "str"}, + "scan-time": {"required": False, "type": "int"}, + "synchronization": {"required": False, "type": "str", + "choices": ["enable", "disable"]} + + } + } + } + + module = AnsibleModule(argument_spec=fields, + supports_check_mode=False) + try: + from fortiosapi import FortiOSAPI + except ImportError: + module.fail_json(msg="fortiosapi module is required") + + global fos + fos = FortiOSAPI() + + is_error, has_changed, result = fortios_router(module.params, fos) + + if not is_error: + module.exit_json(changed=has_changed, meta=result) + else: + module.fail_json(msg="Error in repo", meta=result) + + +if __name__ == '__main__': + main()