kongou-ae / ansible-fortios-setup Goto Github PK
View Code? Open in Web Editor NEWAnsible plugin which gather facts from FortiOS
License: MIT License
ansible-fortios-setup's Introduction
ansible-fortios-setup's People
Contributors
Stargazers
Watchers
ansible-fortios-setup's Issues
transparent modeの機器でIPアドレスが取得できずにエラーで終了してしまう
issue
transparent mode の機器の場合、get system interface ではIPアドレスは表示されないため、IPアドレスが取得できません。
Playbook
---
## hosts: forti
gather_facts: no
connection: local
tasks:
## name: "set interpreter"
set_fact: ansible_python_interpreter="/opt/rh/python27/root/usr/bin/python"
## name: "gather facts"
fortios_setup:
host: "{{ inventory_hostname }}"
username: "{{ ansible_user }}"
password: "{{ ansible_password }}"
register: gather
## name: "output"
debug: var=gatheroutput
[root@localhost ~]# ansible-playbook forti_s.yml -v
Using /etc/ansible/ansible.cfg as config file
PLAY [forti] **********************************************************************************************
TASK [set interpreter] ************************************************************************************
ok: [192.168.1.81] => {"ansible_facts": {"ansible_python_interpreter": "/opt/rh/python27/root/usr/bin/python"}, "changed": false}
TASK [gather facts] ***************************************************************************************
fatal: [192.168.1.81]: FAILED! => {"changed": false, "failed": true, "module_stderr": "No handlers could be found for logger \"pyFG\"\nTraceback (most recent call last):\n File \"/tmp/ansible_dwi6ya/ansible_module_fortios_setup.py\", line 169, in <module>\n main()\n File \"/tmp/ansible_dwi6ya/ansible_module_fortios_setup.py\", line 82, in main\n defaultInterface = re.match('.*,\\s+(.*)$',f.execute_command('get router info routing-table all | grep 0.0.0.0')[0].lstrip()).group(1)\n File \"/opt/rh/python27/root/usr/lib/python2.7/site-packages/pyFG/fortios.py\", line 165, in execute_command\n raise exceptions.CommandExecutionException(msg)\npyFG.exceptions.CommandExecutionException: Something happened when executing some commands on device 192.168.1.81:\nget router info routing-table all | grep 0.0.0.0\nFGT80C********** # \ncommand parse error before 'info'\nCommand fail. Return code -61\n\nFGT80C**********# \n", "module_stdout": "", "msg": "MODULE FAILURE", "rc": 0}
to retry, use: --limit @/root/forti_s.retry
PLAY RECAP ************************************************************************************************
192.168.1.81 : ok=1 changed=0 unreachable=0 failed=1
get system interface
== [ wan1 ]
name: wan1 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ wan2 ]
name: wan2 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ modem ]
name: modem type: physical sflow-sampler: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ mesh.root ]
name: mesh.root status: up type: vap-switch sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable
== [ internal1 ]
name: internal1 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ internal2 ]
name: internal2 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ internal3 ]
name: internal3 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ internal4 ]
name: internal4 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ internal5 ]
name: internal5 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ internal6 ]
name: internal6 status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
== [ dmz ]
name: dmz status: up type: physical sflow-sampler: disable explicit-web-proxy: disable explicit-ftp-proxy: disable mtu-override: disable wccp: disable drop-overlapped-fragment: disable drop-fragment: disable
get system status
FGT80C**********# get system status
Version: FortiGate-80C v5.0,build0252,131031 (GA Patch 5)
Virus-DB: 16.00560(2012-10-19 08:31)
Extended DB: 1.00000(2012-10-17 15:46)
IPS-DB: 4.00345(2013-05-23 00:39)
IPS-ETDB: 0.00000(2000-00-00 00:00)
Serial-Number: FGT80C**********
Botnet DB: 1.00000(2012-05-28 22:51)
BIOS version: 04000004
Log hard disk: Not available
Internal Switch mode: interface
Hostname: FGT80C**********
Operation Mode: Transparent
Current virtual domain: root
Max number of virtual domains: 10
Virtual domains status: 0 in NAT mode, 1 in TP mode
Virtual domain configuration: disable
FIPS-CC mode: disable
Current HA mode: standalone
Branch point: 252
Release Version Information: GA Patch 5
System time: Mon May 1 06:53:18 2017
get system settings
opmode : transparent
firewall-session-dirty: check-all
manageip : 192.168.1.81/255.255.255.0
manageip6 : ::/0
bfd : disable
utf8-spam-tagging : enable
vpn-stats-log :
vpn-stats-period : 0
mac-ttl : 300
gui-default-policy-columns:
asymroute : disable
ses-denied-traffic : disable
asymroute6 : disable
per-ip-bandwidth : enable
sip-helper : enable
sip-nat-trace : enable
status : enable
sip-tcp-port : 5060
sip-udp-port : 5060
sip-ssl-port : 5061
sccp-port : 2000
multicast-skip-policy: disable
allow-subnet-overlap: disable
deny-tcp-with-icmp : disable
discovered-device-timeout: 28
email-portal-check-dns: enable
show system settings
config system settings
set opmode transparent
set manageip 192.168.1.81/255.255.255.0
set sip-tcp-port 5060
set sip-udp-port 5060
end
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.