Unsupported parameters for (fortios_firewall_policy) module: inspection_mode found in firewall_policy about ansible-galaxy-fortios-collection HOT 7 CLOSED

FYI, ansible-fortios-generic is a possible workaround while this issue is not fixed.

# tasks/config_firewall_policy_generic_dict.yml
---
- name: config firewall policy
  fortios_json_generic:
    vdom: '{{ vdom }}'
    json_generic:
      method: 'POST'
      path: '/api/v2/cmdb/firewall/policy'
      dictbody:
        policyid: 100
        name: INET
        srcintf: 
          - name: port3
        dstintf: 
          - name: WAN_Zone
        srcaddr: 
          - name: all
        dstaddr: 
          - name: all
        service: 
          - name: ALL
        action: accept
        schedule: always
        nat: enable
        ssl-ssh-profile: certificate-inspection
        inspection-mode: proxy
        http-policy-redirect: enable
  register: info

- name: display vars
  debug: msg='{{ info }}'

from ansible-galaxy-fortios-collection.

Hi @mbdraks,

I cannot reproduce the error as shown above. Can you please check if the module in galaxy collection is called? I guess the old ansible module is called instead of the one in collection. Because parameters like inspection_mode and http_policy_redirect are supported only in galaxy collection.

Here's a tip to look up the runtime module.

from ansible-galaxy-fortios-collection.

@JieX19

Thanks for the tip!

I was indeed hitting

/usr/local/lib/python3.7/dist-packages/ansible/modules/network/fortios/fortios_firewall_policy.py

instead of the expected /root/.ansible/collections/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy.py and the root cause is that using the collections upon calling a role is not supported (as mentioned here: ansible/ansible#66667 and here: ansible/ansible#68198) however I was not getting a namespace error because of the legacy module.

from ansible-galaxy-fortios-collection.

Hello, got roughly what you said but cannot find whats going on, havin the same problem with venv Python 3 and Ansible 2.9; collection has been installed with pip

from ansible-galaxy-fortios-collection.

(Ansible3) shell@srvdeb:~/code/automation path/automation/Automation/ansible-fortinet$ ansible --version
ansible 2.10.7
config file = /etc/ansible/ansible.cfg
configured module search path = ['/home/shell/.ansible/plugins/modules', '/usr/share/ansible/plugins/modules']
ansible python module location = /opt/my-envs/custom-venv/Ansible3/lib/python3.7/site-packages/ansible

redirecting (type: connection) ansible.builtin.httpapi to ansible.netcommon.httpapi
<fortitest.test.local> ESTABLISH LOCAL CONNECTION FOR USER: shell
<fortitest.test.local> EXEC /bin/sh -c '( umask 77 && mkdir -p "echo /home/shell/.ansible/tmp/ansible-local-13294gf8gk16k"&& mkdir "echo /home/shell/.ansible/tmp/ansible-local-13294gf8gk16k/ansible-tmp-1616773037.5515132-13362-115384893709348" && echo ansible-tmp-1616773037.5515132-13362-115384893709348="echo /home/shell/.ansible/tmp/ansible-local-13294gf8gk16k/ansible-tmp-1616773037.5515132-13362-115384893709348" ) && sleep 0'
Using module file /home/shell/.ansible/collections/ansible_collections/fortinet/fortios/plugins/modules/fortios_firewall_policy.py

from ansible-galaxy-fortios-collection.

Hi @rdzielicki,

It seems module fortios)firewall_policy in fortios galaxy collection is called and everything is fine. Can you please provide me more detail on the issue, like the playbook you are using.

Thanks.

from ansible-galaxy-fortios-collection.

i'll work on the subject this Friday, i'll provide my Playbook but they are roughly the same as mbdrack user above

from ansible-galaxy-fortios-collection.