mirror of
				https://github.com/ansible-collections/community.general.git
				synced 2025-10-24 21:14:00 -07:00 
			
		
		
		
	
		
			
				
	
	
		
			249 lines
		
	
	
	
		
			7.6 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
			
		
		
	
	
			249 lines
		
	
	
	
		
			7.6 KiB
		
	
	
	
		
			Python
		
	
	
	
	
	
| #!/usr/bin/python
 | |
| # -*- coding: utf-8 -*-
 | |
| 
 | |
| # Copyright (c) 2018, Sebastian Schenzel <sebastian.schenzel@mailbox.org>
 | |
| # GNU General Public License v3.0+ (see LICENSES/GPL-3.0-or-later.txt or https://www.gnu.org/licenses/gpl-3.0.txt)
 | |
| # SPDX-License-Identifier: GPL-3.0-or-later
 | |
| 
 | |
| from __future__ import absolute_import, division, print_function
 | |
| 
 | |
| __metaclass__ = type
 | |
| 
 | |
| DOCUMENTATION = '''
 | |
| ---
 | |
| module: utm_proxy_exception
 | |
| 
 | |
| author:
 | |
|     - Sebastian Schenzel (@RickS-C137)
 | |
| 
 | |
| short_description: Create, update or destroy reverse_proxy exception entry in Sophos UTM
 | |
| 
 | |
| description:
 | |
|     - Create, update or destroy a reverse_proxy exception entry in SOPHOS UTM.
 | |
|     - This module needs to have the REST Ability of the UTM to be activated.
 | |
| 
 | |
| attributes:
 | |
|     check_mode:
 | |
|         support: none
 | |
|     diff_mode:
 | |
|         support: none
 | |
| 
 | |
| options:
 | |
|     name:
 | |
|         description:
 | |
|             - The name of the object. Will be used to identify the entry
 | |
|         required: true
 | |
|         type: str
 | |
|     op:
 | |
|         description:
 | |
|             - The operand to be used with the entries of the path parameter
 | |
|         default: 'AND'
 | |
|         choices:
 | |
|             - 'AND'
 | |
|             - 'OR'
 | |
|         required: false
 | |
|         type: str
 | |
|     path:
 | |
|         description:
 | |
|             - The paths the exception in the reverse proxy is defined for
 | |
|         type: list
 | |
|         elements: str
 | |
|         default: []
 | |
|         required: false
 | |
|     skip_custom_threats_filters:
 | |
|         description:
 | |
|             - A list of threats to be skipped
 | |
|         type: list
 | |
|         elements: str
 | |
|         default: []
 | |
|         required: false
 | |
|     skip_threats_filter_categories:
 | |
|         description:
 | |
|             - Define which categories of threats are skipped
 | |
|         type: list
 | |
|         elements: str
 | |
|         default: []
 | |
|         required: false
 | |
|     skipav:
 | |
|         description:
 | |
|             - Skip the Antivirus Scanning
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     skipbadclients:
 | |
|         description:
 | |
|             - Block clients with bad reputation
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     skipcookie:
 | |
|         description:
 | |
|             - Skip the Cookie Signing check
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     skipform:
 | |
|         description:
 | |
|             - Enable form hardening
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     skipform_missingtoken:
 | |
|         description:
 | |
|             - Enable form hardening with missing tokens
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     skiphtmlrewrite:
 | |
|         description:
 | |
|             - Protection against SQL
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     skiptft:
 | |
|         description:
 | |
|             - Enable true file type control
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     skipurl:
 | |
|         description:
 | |
|             - Enable static URL hardening
 | |
|         default: false
 | |
|         type: bool
 | |
|         required: false
 | |
|     source:
 | |
|         description:
 | |
|             - Define which categories of threats are skipped
 | |
|         type: list
 | |
|         elements: str
 | |
|         default: []
 | |
|         required: false
 | |
|     status:
 | |
|         description:
 | |
|             - Status of the exception rule set
 | |
|         default: true
 | |
|         type: bool
 | |
|         required: false
 | |
| 
 | |
| extends_documentation_fragment:
 | |
| - community.general.utm
 | |
| - community.general.attributes
 | |
| 
 | |
| '''
 | |
| 
 | |
| EXAMPLES = """
 | |
| - name: Create UTM proxy_exception
 | |
|   community.general.utm_proxy_exception:
 | |
|     utm_host: sophos.host.name
 | |
|     utm_token: abcdefghijklmno1234
 | |
|     name: TestExceptionEntry
 | |
|     backend: REF_OBJECT_STRING
 | |
|     state: present
 | |
| 
 | |
| - name: Remove UTM proxy_exception
 | |
|   community.general.utm_proxy_exception:
 | |
|     utm_host: sophos.host.name
 | |
|     utm_token: abcdefghijklmno1234
 | |
|     name: TestExceptionEntry
 | |
|     state: absent
 | |
| """
 | |
| 
 | |
| RETURN = """
 | |
| result:
 | |
|     description: The utm object that was created
 | |
|     returned: success
 | |
|     type: complex
 | |
|     contains:
 | |
|         _ref:
 | |
|             description: The reference name of the object
 | |
|             type: str
 | |
|         _locked:
 | |
|             description: Whether or not the object is currently locked
 | |
|             type: bool
 | |
|         _type:
 | |
|             description: The type of the object
 | |
|             type: str
 | |
|         name:
 | |
|             description: The name of the object
 | |
|             type: str
 | |
|         comment:
 | |
|             description: The optional comment string
 | |
|             type: str
 | |
|         op:
 | |
|             description: The operand to be used with the entries of the path parameter
 | |
|             type: str
 | |
|         path:
 | |
|             description: The paths the exception in the reverse proxy is defined for
 | |
|             type: list
 | |
|         skip_custom_threats_filters:
 | |
|             description: A list of threats to be skipped
 | |
|             type: list
 | |
|         skip_threats_filter_categories:
 | |
|             description: Define which categories of threats are skipped
 | |
|             type: list
 | |
|         skipav:
 | |
|             description: Skip the Antivirus Scanning
 | |
|             type: bool
 | |
|         skipbadclients:
 | |
|             description: Block clients with bad reputation
 | |
|             type: bool
 | |
|         skipcookie:
 | |
|             description: Skip the Cookie Signing check
 | |
|             type: bool
 | |
|         skipform:
 | |
|             description: Enable form hardening
 | |
|             type: bool
 | |
|         skipform_missingtoken:
 | |
|             description: Enable form hardening with missing tokens
 | |
|             type: bool
 | |
|         skiphtmlrewrite:
 | |
|             description: Protection against SQL
 | |
|             type: bool
 | |
|         skiptft:
 | |
|             description: Enable true file type control
 | |
|             type: bool
 | |
|         skipurl:
 | |
|             description: Enable static URL hardening
 | |
|             type: bool
 | |
|         source:
 | |
|             description: Define which categories of threats are skipped
 | |
|             type: list
 | |
| """
 | |
| 
 | |
| from ansible_collections.community.general.plugins.module_utils.utm_utils import UTM, UTMModule
 | |
| from ansible.module_utils.common.text.converters import to_native
 | |
| 
 | |
| 
 | |
| def main():
 | |
|     endpoint = "reverse_proxy/exception"
 | |
|     key_to_check_for_changes = ["op", "path", "skip_custom_threats_filters", "skip_threats_filter_categories", "skipav",
 | |
|                                 "comment", "skipbadclients", "skipcookie", "skipform", "status", "skipform_missingtoken",
 | |
|                                 "skiphtmlrewrite", "skiptft", "skipurl", "source"]
 | |
|     module = UTMModule(
 | |
|         argument_spec=dict(
 | |
|             name=dict(type='str', required=True),
 | |
|             op=dict(type='str', required=False, default='AND', choices=['AND', 'OR']),
 | |
|             path=dict(type='list', elements='str', required=False, default=[]),
 | |
|             skip_custom_threats_filters=dict(type='list', elements='str', required=False, default=[]),
 | |
|             skip_threats_filter_categories=dict(type='list', elements='str', required=False, default=[]),
 | |
|             skipav=dict(type='bool', required=False, default=False),
 | |
|             skipbadclients=dict(type='bool', required=False, default=False),
 | |
|             skipcookie=dict(type='bool', required=False, default=False),
 | |
|             skipform=dict(type='bool', required=False, default=False),
 | |
|             skipform_missingtoken=dict(type='bool', required=False, default=False),
 | |
|             skiphtmlrewrite=dict(type='bool', required=False, default=False),
 | |
|             skiptft=dict(type='bool', required=False, default=False),
 | |
|             skipurl=dict(type='bool', required=False, default=False),
 | |
|             source=dict(type='list', elements='str', required=False, default=[]),
 | |
|             status=dict(type='bool', required=False, default=True),
 | |
|         )
 | |
|     )
 | |
|     try:
 | |
|         UTM(module, endpoint, key_to_check_for_changes).execute()
 | |
|     except Exception as e:
 | |
|         module.fail_json(msg=to_native(e))
 | |
| 
 | |
| 
 | |
| if __name__ == '__main__':
 | |
|     main()
 |