Ansible SNS Collection Documentation

stormshield.sns.sns_object role – Object configuration

Note

This role is part of the stormshield.sns collection (version 1.0.2).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it use: ansible-galaxy collection install stormshield.sns.

To use it in a playbook, specify: stormshield.sns.sns_object.

Entry point `main` – Object configuration 

Synopsis 

This role updates the object base of Stormshield Network Security appliances.

Parameters 

Parameter	Comments
csvfileimport string	CSV file to import, see https://documentation.stormshield.eu/SNS/v4/en/Content/User_Configuration_Manual_SNS_v4/Appendix_B_-_Objects_base_structure/Appendix_B_-_Objects_base_structure.htm for the file format.
fqdnobjects list / elements=dictionary	List of FQDN objects
color string	Object color
comment string	Object comment
ip string	IP address
ipv6 string	IPv6 address
name string	fqdn
geogroups list / elements=dictionary	List of geo group objects
comment string	Object comment
members list / elements=string	Members of the group
mode string	Object add mode Choices: `"add"` `"reset"` ← (default) `"del"`
name string	Geo group name
hosts list / elements=dictionary	List of host objects
color string	Object color
comment string	Object comment
ip string	ip address
ipv6 string	ipv6 address
mac string	Mac address
name string	Host name
resolve string	DNS resolution Choices: `"static"` `"dynamic"` `"manual"`
type string	Object type Choices: `"router"` `"server"` `"host"`
internet dictionary	Configuration of the Internet object
object string	Object (host, network, range, group)
operator string	Operator Choices: `"ne"` `"eq"`
iprepgroups list / elements=dictionary	List of IP reputation objects
comment string	Object comment
members list / elements=string	Members of the group
mode string	Object add mode Choices: `"add"` `"reset"` ← (default) `"del"`
name string	IP reputation group name
netgroups list / elements=dictionary	List of network group objects
comment string	Object comment
members list / elements=string	Members of the group
mode string	Object add mode Choices: `"add"` `"reset"` ← (default) `"del"`
name string	Group name
networks list / elements=dictionary	List of network objects
color string	Object color
comment string	Object comment
ip string	Network IPV4 address
ipv6 string	Network IPv6 address
mask string	Network mask
name string	Network name
prefixlenv6 string	IPv6 prefix length
protocols list / elements=dictionary	List of protocol objects
color string	Object color
comment string	Object comment
name string	Protocol name
protonumber integer	IP protocol number
qos dictionary	QoS configuration
bandwidth integer	Bandwidth in kbps
defaultqueue string	Qid name or bypass
drop integer	Drop algorithm 0 (TailDrop) 1 (Blue) Choices: `0` `1`
interfaces list / elements=dictionary	Interface QoS configuration
defaultackqueue string	Default ack queue: qid name or bypass
defaultqueue string	Default queue: qid name or bypass
name string	Interface name
tbr string	TBR name
qids list / elements=dictionary	List of QOS objects
color string	Object color
comment string	Object comment
length integer	Queue length
lengthrev integer	Reverse queue length
max integer	Maximum bandwidth (CBQ)
max_rev integer	Maximum reverse bandwidth (CBQ)
min integer	Minimum bandwidth (CBQ)
min_rev integer	Minimum reverse bandwidth (CBQ)
name string	Object name
pri integer	Priority (PRIQ)
prioritizeack string	ACK prioritization Choices: `"on"` `"off"`
prioritizelowdelay string	Prioritize low delay Choices: `"on"` `"off"`
type string	Type of QID Choices: `"CBQ"` `"PRIQ"`
tbrs list / elements=dictionary	List of token bucket regulator objects
bandwidth integer	Bandwidth
bandwidthin integer	IN bandwidth
name string	tbr name
ranges list / elements=dictionary	List of range objects
begin string	First IP of the range
beginv6 string	First IPv6 of the range
color string	Object color
comment string	Object comment
end string	Last IP of the range
endv6 string	Last IPv6 of the range
name string	Range name
routers list / elements=dictionary	List of router objects
activateallbackup string	Activate all backups flag Choices: `"True"` `"False"`
comment string	Object comment
frequency integer	Frequency in seconds
gateways list / elements=dictionary
check string	Object (host\|hostgroup)
host string	Host object name,
monitor string	Monitoring type Choices: `"none"` `"icmp"` `"all"`
type string	Type of gateway Choices: `"principalgateway"` `"backupgateway"`
weight integer	Gateway weight
gatewaythreshold integer	Gateway number threshold
loadbalancing string	Load balancing type Choices: `"none"` `"connhash"` `"srchash"`
mode string	Object add mode Choices: `"add"` `"reset"` ← (default) `"del"`
monitor string	Monitoring type Choices: `"ICMP"` `"TCP_PROBE"`
name string	Router name
onfailpolicy string	Choices: `"pass"` `"block"`
tries integer	Number of tries
wait integer	Wait time in seconds
scope string	Use global or local object base Choices: `"global"` `"local"` ← (default)
servicegroups list / elements=dictionary	List of service group objects
comment string	Object comment
members list / elements=string	Members of the group
mode string	Object add mode Choices: `"add"` `"reset"` ← (default) `"del"`
name string	Service group name
services list / elements=dictionary	List of service objects
color string	Object color
comment string	Object comment
name string	Service name
port integer	Port number
proto string	Protocol Choices: `"tcp"` `"udp"` `"any"`
toport integer	High port number
state string	If set to `absent`, delete the objects. The Internet object can’t be deleted and is common to local and global base.
timeobjects list / elements=dictionary	List of time objects
color string	Object color
comment string	Object comment
date string	(\|yyyy:mm:dd[:hh:mm][-yyyy:mm:dd[:hh:mm]])
name string	Time object name
time string	(\|hh:mm-hh:mm[;hh:mm-hh:mm]…)
weekday string	(\|dow[-dow][;dow[-dow]]…)
yearday string	(\|mm:dd[-mm:dd][;mm:dd[-mm:dd]]…)

Collection links