.. Document meta :orphan: .. |antsibull-internal-nbsp| unicode:: 0xA0 :trim: .. role:: ansible-attribute-support-label .. role:: ansible-attribute-support-property .. role:: ansible-attribute-support-full .. role:: ansible-attribute-support-partial .. role:: ansible-attribute-support-none .. role:: ansible-attribute-support-na .. role:: ansible-option-type .. role:: ansible-option-elements .. role:: ansible-option-required .. role:: ansible-option-versionadded .. role:: ansible-option-aliases .. role:: ansible-option-choices .. role:: ansible-option-choices-default-mark .. role:: ansible-option-default-bold .. role:: ansible-option-configuration .. role:: ansible-option-returned-bold .. role:: ansible-option-sample-bold .. Anchors .. _ansible_collections.amnesh.soodar.soodar_acls_module: .. Anchors: short name for ansible.builtin .. Anchors: aliases .. Title amnesh.soodar.soodar_acls module -- Manages ACLs on Soodar devices. +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ .. Collection note .. note:: This module is part of the `amnesh.soodar collection `_ (version 1.0.0). To install it, use: :code:`ansible-galaxy collection install https://soodar.ir/ansible/amnesh.soodar.tar.gz`. To use it in a playbook, specify: :code:`amnesh.soodar.soodar_acls`. .. version_added .. rst-class:: ansible-version-added New in amnesh.soodar 1.0 .. contents:: :local: :depth: 1 .. Deprecated Synopsis -------- .. Description - This module configures and manages ACLs on Soodar platforms. .. note:: This module has a corresponding :ref:`action plugin `. .. Aliases .. Requirements .. Options Parameters ---------- .. rst-class:: ansible-option-table .. list-table:: :width: 100% :widths: auto :header-rows: 1 * - Parameter - Comments * - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config: .. rst-class:: ansible-option-title **config** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html

- .. raw:: html

A dictionary of ACL options. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls: .. rst-class:: ansible-option-title **acls** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html

- .. raw:: html

A list of Access Control Lists (ACL). .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces: .. rst-class:: ansible-option-title **aces** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=dictionary` .. raw:: html

- .. raw:: html

The entries within the ACL. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination: .. rst-class:: ansible-option-title **destination** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Specify the packet destination. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/address: .. rst-class:: ansible-option-title **address** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Host prefix to match. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/any: .. rst-class:: ansible-option-title **any** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match any destination address. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/port_protocol: .. rst-class:: ansible-option-title **port_protocol** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Specify the destination port along with protocol. Note, Valid with TCP/UDP protocol\_options .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/port_protocol/eq: .. rst-class:: ansible-option-title **eq** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Match only packets on a given port number. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/port_protocol/gt: .. rst-class:: ansible-option-title **gt** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Match only packets with a greater port number. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/port_protocol/lt: .. rst-class:: ansible-option-title **lt** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Match only packets with a lower port number. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/port_protocol/range: .. rst-class:: ansible-option-title **range** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Port group. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/port_protocol/range/end: .. rst-class:: ansible-option-title **end** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Specify the end of the port range. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/destination/port_protocol/range/start: .. rst-class:: ansible-option-title **start** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Specify the start of the port range. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/grant: .. rst-class:: ansible-option-title **grant** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Specify the action. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"permit"` - :ansible-option-choices-entry:`"deny"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol: .. rst-class:: ansible-option-title **protocol** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Specify the protocol to match. Refer to vendor documentation for valid values. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options: .. rst-class:: ansible-option-title **protocol_options** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

protocol type. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/ahp: .. rst-class:: ansible-option-title **ahp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Authentication Header Protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/eigrp: .. rst-class:: ansible-option-title **eigrp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Cisco's EIGRP routing protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/esp: .. rst-class:: ansible-option-title **esp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Encapsulation Security Payload. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/gre: .. rst-class:: ansible-option-title **gre** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Cisco's GRE tunneling. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/hbh: .. rst-class:: ansible-option-title **hbh** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Hop by Hop options header. Valid for IPV6 .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp: .. rst-class:: ansible-option-title **icmp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Internet Control Message Protocol. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/administratively_prohibited: .. rst-class:: ansible-option-title **administratively_prohibited** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Administratively prohibited .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/alternate_address: .. rst-class:: ansible-option-title **alternate_address** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Alternate address .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/conversion_error: .. rst-class:: ansible-option-title **conversion_error** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Datagram conversion .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/dod_host_prohibited: .. rst-class:: ansible-option-title **dod_host_prohibited** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host prohibited .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/dod_net_prohibited: .. rst-class:: ansible-option-title **dod_net_prohibited** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Net prohibited .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/echo: .. rst-class:: ansible-option-title **echo** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Echo (ping) .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/echo_reply: .. rst-class:: ansible-option-title **echo_reply** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Echo reply .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/general_parameter_problem: .. rst-class:: ansible-option-title **general_parameter_problem** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Parameter problem .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/host_isolated: .. rst-class:: ansible-option-title **host_isolated** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host isolated .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/host_precedence_unreachable: .. rst-class:: ansible-option-title **host_precedence_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host unreachable for precedence .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/host_redirect: .. rst-class:: ansible-option-title **host_redirect** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host redirect .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/host_tos_redirect: .. rst-class:: ansible-option-title **host_tos_redirect** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host redirect for TOS .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/host_tos_unreachable: .. rst-class:: ansible-option-title **host_tos_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host unreachable for TOS .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/host_unknown: .. rst-class:: ansible-option-title **host_unknown** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host unknown .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/host_unreachable: .. rst-class:: ansible-option-title **host_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Host unreachable .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/information_reply: .. rst-class:: ansible-option-title **information_reply** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Information replies .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/information_request: .. rst-class:: ansible-option-title **information_request** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Information requests .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/mask_reply: .. rst-class:: ansible-option-title **mask_reply** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Mask replies .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/mask_request: .. rst-class:: ansible-option-title **mask_request** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

mask\_request .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/mobile_redirect: .. rst-class:: ansible-option-title **mobile_redirect** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Mobile host redirect .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/net_redirect: .. rst-class:: ansible-option-title **net_redirect** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Network redirect .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/net_tos_redirect: .. rst-class:: ansible-option-title **net_tos_redirect** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Net redirect for TOS .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/net_tos_unreachable: .. rst-class:: ansible-option-title **net_tos_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Network unreachable for TOS .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/net_unreachable: .. rst-class:: ansible-option-title **net_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Net unreachable .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/network_unknown: .. rst-class:: ansible-option-title **network_unknown** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Network unknown .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/no_room_for_option: .. rst-class:: ansible-option-title **no_room_for_option** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Parameter required but no room .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/option_missing: .. rst-class:: ansible-option-title **option_missing** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Parameter required but not present .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/packet_too_big: .. rst-class:: ansible-option-title **packet_too_big** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Fragmentation needed and DF set .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/parameter_problem: .. rst-class:: ansible-option-title **parameter_problem** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

All parameter problems .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/port_unreachable: .. rst-class:: ansible-option-title **port_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Port unreachable .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/precedence_unreachable: .. rst-class:: ansible-option-title **precedence_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Precedence cutoff .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/protocol_unreachable: .. rst-class:: ansible-option-title **protocol_unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Protocol unreachable .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/reassembly_timeout: .. rst-class:: ansible-option-title **reassembly_timeout** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Reassembly timeout .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/redirect: .. rst-class:: ansible-option-title **redirect** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

All redirects .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/router_advertisement: .. rst-class:: ansible-option-title **router_advertisement** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Router discovery advertisements .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/router_solicitation: .. rst-class:: ansible-option-title **router_solicitation** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Router discovery solicitations .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/source_quench: .. rst-class:: ansible-option-title **source_quench** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Source quenches .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/source_route_failed: .. rst-class:: ansible-option-title **source_route_failed** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Source route failed .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/time_exceeded: .. rst-class:: ansible-option-title **time_exceeded** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

All time exceededs .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/timestamp_reply: .. rst-class:: ansible-option-title **timestamp_reply** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Timestamp replies .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/timestamp_request: .. rst-class:: ansible-option-title **timestamp_request** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Timestamp requests .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/traceroute: .. rst-class:: ansible-option-title **traceroute** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Traceroute .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/ttl_exceeded: .. rst-class:: ansible-option-title **ttl_exceeded** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

TTL exceeded .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/icmp/unreachable: .. rst-class:: ansible-option-title **unreachable** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

All unreachables .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/igmp: .. rst-class:: ansible-option-title **igmp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Internet Gateway Message Protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/ip: .. rst-class:: ansible-option-title **ip** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Any Internet Protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/ipinip: .. rst-class:: ansible-option-title **ipinip** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

IP in IP tunneling. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/ipv6: .. rst-class:: ansible-option-title **ipv6** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Any IPv6. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/nos: .. rst-class:: ansible-option-title **nos** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

KA9Q NOS compatible IP over IP tunneling. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/ospf: .. rst-class:: ansible-option-title **ospf** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

OSPF routing protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/pcp: .. rst-class:: ansible-option-title **pcp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Payload Compression Protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/pim: .. rst-class:: ansible-option-title **pim** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Protocol Independent Multicast. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/protocol_number: .. rst-class:: ansible-option-title **protocol_number** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

An IP protocol number .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/sctp: .. rst-class:: ansible-option-title **sctp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Stream Control Transmission Protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp: .. rst-class:: ansible-option-title **tcp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Match TCP packet flags .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp/ack: .. rst-class:: ansible-option-title **ack** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match on the ACK bit .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp/established: .. rst-class:: ansible-option-title **established** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match established connections .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp/fin: .. rst-class:: ansible-option-title **fin** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match on the FIN bit .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp/psh: .. rst-class:: ansible-option-title **psh** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match on the PSH bit .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp/rst: .. rst-class:: ansible-option-title **rst** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match on the RST bit .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp/syn: .. rst-class:: ansible-option-title **syn** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match on the SYN bit .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/tcp/urg: .. rst-class:: ansible-option-title **urg** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match on the URG bit .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/protocol_options/udp: .. rst-class:: ansible-option-title **udp** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

User Datagram Protocol. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/sequence: .. rst-class:: ansible-option-title **sequence** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Sequence Number for the Access Control Entry(ACE). Refer to vendor documentation for valid values. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source: .. rst-class:: ansible-option-title **source** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Specify the packet source. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/address: .. rst-class:: ansible-option-title **address** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Source network prefix. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/any: .. rst-class:: ansible-option-title **any** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`boolean` .. raw:: html

- .. raw:: html

Match any source address. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`false` - :ansible-option-choices-entry:`true` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/port_protocol: .. rst-class:: ansible-option-title **port_protocol** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Specify the source port along with protocol. Note, Valid with TCP/UDP protocol\_options .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/port_protocol/eq: .. rst-class:: ansible-option-title **eq** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Match only packets on a given port number. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/port_protocol/gt: .. rst-class:: ansible-option-title **gt** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Match only packets with a greater port number. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/port_protocol/lt: .. rst-class:: ansible-option-title **lt** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

Match only packets with a lower port number. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/port_protocol/range: .. rst-class:: ansible-option-title **range** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`dictionary` .. raw:: html

- .. raw:: html

Port group. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/port_protocol/range/end: .. rst-class:: ansible-option-title **end** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Specify the end of the port range. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/aces/source/port_protocol/range/start: .. rst-class:: ansible-option-title **start** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`integer` .. raw:: html

- .. raw:: html

Specify the start of the port range. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/acls/name: .. rst-class:: ansible-option-title **name** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` / :ansible-option-required:`required` .. raw:: html

- .. raw:: html

The name or the number of the ACL. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-config/afi: .. rst-class:: ansible-option-title **afi** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` / :ansible-option-required:`required` .. raw:: html

- .. raw:: html

The Address Family Indicator (AFI) for the Access Control Lists (ACL). .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry:`"ipv4"` - :ansible-option-choices-entry:`"ipv6"` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-running_config: .. rst-class:: ansible-option-title **running_config** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

This option is used only with state \ :emphasis:`parsed`\ . The value of this option should be the output received from the Soodar device by executing the command \ :strong:`sh access-list`\ . The state \ :emphasis:`parsed`\ reads the configuration from \ :literal:`running\_config`\ option and transforms it into Ansible structured data as per the resource module's argspec and the value is then returned in the \ :emphasis:`parsed`\ key within the result. .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__parameter-state: .. rst-class:: ansible-option-title **state** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`string` .. raw:: html

- .. raw:: html

The state the configuration should be left in The states \ :emphasis:`merged`\ is the default state which merges the want and have config, but for ACL module as the Soodar platform doesn't allow update of ACE over an pre-existing ACE sequence in ACL, same way ACLs resource module will error out for respective scenario and only addition of new ACE over new sequence will be allowed with merge state. The states \ :emphasis:`rendered`\ , \ :emphasis:`gathered`\ and \ :emphasis:`parsed`\ does not perform any change on the device. The state \ :emphasis:`rendered`\ will transform the configuration in \ :literal:`config`\ option to platform specific CLI commands which will be returned in the \ :emphasis:`rendered`\ key within the result. For state \ :emphasis:`rendered`\ active connection to remote host is not required. The state \ :emphasis:`gathered`\ will fetch the running configuration from device and transform it into structured data in the format as per the resource module argspec and the value is returned in the \ :emphasis:`gathered`\ key within the result. The state \ :emphasis:`parsed`\ reads the configuration from \ :literal:`running\_config`\ option and transforms it into JSON format as per the resource module parameters and the value is returned in the \ :emphasis:`parsed`\ key within the result. The value of \ :literal:`running\_config`\ option should be the same format as the output of command \ :emphasis:`show running-config | include ip route|ipv6 route`\ executed on device. For state \ :emphasis:`parsed`\ active connection to remote host is not required. .. rst-class:: ansible-option-line :ansible-option-choices:`Choices:` - :ansible-option-choices-entry-default:`"merged"` :ansible-option-choices-default-mark:`← (default)` - :ansible-option-choices-entry:`"replaced"` - :ansible-option-choices-entry:`"overridden"` - :ansible-option-choices-entry:`"deleted"` - :ansible-option-choices-entry:`"gathered"` - :ansible-option-choices-entry:`"rendered"` - :ansible-option-choices-entry:`"parsed"` .. raw:: html

.. Attributes .. Notes Notes ----- .. note:: - Tested against Soodar Version 21.04 .. Seealso .. Examples Examples -------- .. code-block:: yaml+jinja # Using Deleted # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # 20 deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack - name: "Delete ACLs (Note: This won't delete the all configured ACLs)" amnesh.soodar.soodar_acls: config: - afi: ipv4 acls: - name: test acl_type: extended - name: 110 - afi: ipv6 acls: - name: R1_TRAFFIC state: deleted # Commands fired: # --------------- # # - no ip access-list test # - no ip access-list 110 # - no ipv6 access-list R1_TRAFFIC # After state: # ------------- # # soodar# sh ip access-lists # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # 20 deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack - name: "Delete ACLs based on AFI (Note: This won't delete the all configured ACLs)" amnesh.soodar.soodar_acls: config: - afi: ipv4 state: deleted # Commands fired: # --------------- # # - no ip access-list test # - no ip access-list 110 # - no ip access-list 123 # After state: # ------------- # # soodar# sh ip access-lists # IPv6 access list R1_TRAFFIC # deny tcp any eq www any eq telnet ack # Using Deleted without any config passed #"(NOTE: This will delete all of configured ACLs)" # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # 20 deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack - name: 'Delete ALL of configured ACLs (Note: This WILL delete the all configured ACLs)' amnesh.soodar.soodar_acls: state: deleted # Commands fired: # --------------- # # - no ip access-list test # - no ip access-list 110 # - no ip access-list 123 # - no ip access-list test # - no ipv6 access-list R1_TRAFFIC # After state: # ------------- # # soodar# sh ip access-lists # Using merged # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 100 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 echo - name: Merge provided configuration with device configuration amnesh.soodar.soodar_acls: config: - afi: ipv4 acls: - name: 100 aces: - sequence: 10 protocol_options: icmp: traceroute: true state: merged # After state: # ------------ # # Play Execution fails, with error: # Cannot update existing sequence 10 of ACLs 100 with state merged. # Please use state replaced or overridden. # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 echo - name: Merge provided configuration with device configuration amnesh.soodar.soodar_acls: config: - afi: ipv4 acls: - name: 110 aces: - sequence: 10 protocol_options: icmp: traceroute: true - grant: deny protocol_options: tcp: ack: true source: address: 198.51.100.0/24 destination: address: 198.51.110.0/24 port_protocol: eq: telnet - name: test aces: - grant: deny protocol_options: tcp: fin: true source: address: 192.0.2.0/24 destination: address: 192.0.3.0/24 port_protocol: eq: www - name: 123 aces: - grant: deny protocol_options: tcp: ack: true source: address: 198.51.100.0/24 destination: address: 198.51.101.0/24 port_protocol: eq: telnet - grant: deny protocol_options: tcp: ack: true source: address: 192.0.3.0/24 destination: address: 192.0.4.0/24 port_protocol: eq: www - afi: ipv6 acls: - name: R1_TRAFFIC aces: - grant: deny protocol_options: tcp: ack: true source: any: true port_protocol: eq: www destination: any: true port_protocol: eq: telnet state: merged # Commands fired: # --------------- # # - ip access-list 110 # - 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # - deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # - ip access-list test # - deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # - ip access-list 123 # - deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet # - deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # - ipv6 access-list R1_TRAFFIC # - deny tcp any eq www any eq telnet ack # After state: # ------------ # # soodar# sh ip access-lists # IP access list 100 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 echo # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # 20 deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack # Using overridden # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # 20 deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack - name: Override device configuration of all acls with provided configuration amnesh.soodar.soodar_acls: config: - afi: ipv4 acls: - name: 110 aces: - grant: deny sequence: 20 protocol_options: tcp: ack: true source: address: 198.51.100.0/24 port_protocol: eq: telnet destination: address: 198.51.110.0/24 port_protocol: eq: www - name: 150 aces: - grant: deny sequence: 10 protocol_options: tcp: syn: true source: address: 198.51.100.0/24 port_protocol: eq: telnet destination: address: 198.51.110.0/24 port_protocol: eq: telnet state: overridden # Commands fired: # --------------- # # - no ip access-list 110 # - no ip access-list 123 # - no ip access-list 150 # - no ip access-list test # - no ipv6 access-list R1_TRAFFIC # - ip access-list 150 # - 10 deny tcp 198.51.100.0/24 eq telnet 198.51.110.0/24 eq telnet syn # - ip access-list 110 # - 20 deny tcp 198.51.100.0/24 eq telnet 198.51.110.0/24 eq www ack # After state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 20 deny tcp 198.51.100.0/24 eq telnet 198.51.110.0/24 eq www ack # IP access list 150 # 10 deny tcp 198.51.100.0/24 eq telnet 198.51.110.0/24 eq telnet syn # Using replaced # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # 20 deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack - name: Replaces device configuration of listed acls with provided configuration amnesh.soodar.soodar_acls: config: - afi: ipv4 acls: - name: 110 aces: - grant: deny protocol_options: tcp: syn: true source: address: 192.0.2.0/24 destination: address: 192.0.3.0/24 port_protocol: eq: www - name: 150 aces: - grant: deny sequence: 20 protocol_options: tcp: syn: true source: address: 198.51.100.0/24 port_protocol: eq: telnet destination: address: 198.51.110.0/24 port_protocol: eq: telnet state: replaced # Commands fired: # --------------- # # - no ip access-list 110 # - ip access-list 110 # - deny tcp 192.0.2.0/24 192.0.3.0/24 eq www syn # - ip access-list 150 # - 20 deny tcp 198.51.100.0/24 eq telnet 198.51.110.0/24 eq telnet syn # After state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www syn # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list 150 # 20 deny tcp 198.51.100.0/24 eq telnet 198.51.110.0/24 eq telnet syn # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack # Using Gathered # Before state: # ------------- # # soodar# sh ip access-lists # IP access list 110 # 10 deny icmp 192.0.2.0/24 192.0.3.0/24 traceroute # 20 deny tcp host 198.51.100.0 host 198.51.110.0 eq telnet ack # IP access list 123 # 10 deny tcp 198.51.100.0/24 198.51.101.0/24 eq telnet ack # 20 deny tcp 192.0.3.0/24 192.0.4.0/24 eq www ack # IP access list test # 10 deny tcp 192.0.2.0/24 192.0.3.0/24 eq www fin # IPv6 access list R1_TRAFFIC # 10 deny tcp any eq www any eq telnet ack - name: Gather listed acls with provided configurations amnesh.soodar.soodar_acls: config: state: gathered # Module Execution Result: # ------------------------ # # "gathered": [ # { # "acls": [ # { # "aces": [ # { # "destination": { # "address": "192.0.3.0/24" # }, # "dscp": "ef", # "grant": "deny", # "protocol_options": { # "icmp": { # "echo": true # } # }, # "sequence": 10, # "source": { # "address": "192.0.2.0/24" # } # } # ], # "acl_type": "extended", # "name": "110" # }, # { # "aces": [ # { # "destination": { # "address": "198.51.101.0/24", # "port_protocol": { # "eq": "telnet" # } # }, # "grant": "deny", # "protocol_options": { # "tcp": { # "ack": true # } # }, # "sequence": 10, # "source": { # "address": "198.51.100.0/24" # } # }, # { # "destination": { # "address": "192.0.4.0/24", # "port_protocol": { # "eq": "www" # } # }, # "grant": "deny", # "protocol_options": { # "tcp": { # "ack": true # } # }, # "sequence": 20, # "source": { # "address": "192.0.3.0/24" # } # } # ], # "acl_type": "extended", # "name": "123" # }, # { # "aces": [ # { # "destination": { # "address": "192.0.3.0/24", # "port_protocol": { # "eq": "www" # } # }, # "grant": "deny", # "protocol_options": { # "tcp": { # "fin": true # } # }, # "sequence": 10, # "source": { # "address": "192.0.2.0/24" # } # } # ], # "acl_type": "extended", # "name": "test_acl" # } # ], # "afi": "ipv4" # }, # { # "acls": [ # { # "aces": [ # { # "destination": { # "any": true, # "port_protocol": { # "eq": "telnet" # } # }, # "grant": "deny", # "protocol_options": { # "tcp": { # "ack": true # } # }, # "sequence": 10, # "source": { # "any": true, # "port_protocol": { # "eq": "www" # } # } # } # ], # "name": "R1_TRAFFIC" # } # ], # "afi": "ipv6" # } # ] # Using Rendered - name: Rendered the provided configuration with the existing running configuration amnesh.soodar.soodar_acls: config: - afi: ipv4 acls: - name: 110 aces: - grant: deny sequence: 10 protocol_options: tcp: syn: true source: address: 192.0.2.0/24 destination: address: 192.0.3.0/24 port_protocol: eq: www - name: 150 aces: - grant: deny protocol_options: tcp: syn: true source: address: 198.51.100.0/24 port_protocol: eq: telnet destination: address: 198.51.110.0/24 port_protocol: eq: telnet state: rendered # Module Execution Result: # ------------------------ # # "rendered": [ # "ip access-list 110", # "10 deny tcp 192.0.2.0 0.0.0.255 192.0.3.0 0.0.0.255 eq www syn", # "ip access-list 150", # "deny tcp 198.51.100.0 0.0.0.255 eq telnet 198.51.110.0 0.0.0.255 eq telnet" # ] # Using Parsed # File: parsed.cfg # ---------------- # # IPv6 access-list R1_TRAFFIC # deny tcp any eq www any eq telnet ack - name: Parse the commands for provided configuration amnesh.soodar.soodar_acls: running_config: "{{ lookup('file', 'parsed.cfg') }}" state: parsed # Module Execution Result: # ------------------------ # # "parsed": [ # { # "acls": [ # { # "aces": [ # { # "destination": { # "any": true, # "port_protocol": { # "eq": "telnet" # } # }, # "grant": "deny", # "protocol_options": { # "tcp": { # "ack": true # } # }, # "source": { # "any": true, # "port_protocol": { # "eq": "www" # } # } # } # ], # "name": "R1_TRAFFIC" # } # ], # "afi": "ipv6" # } # ] .. Facts .. Return values Return Values ------------- Common return values are documented :ref:`here `, the following are the fields unique to this module: .. rst-class:: ansible-option-table .. list-table:: :width: 100% :widths: auto :header-rows: 1 * - Key - Description * - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__return-after: .. rst-class:: ansible-option-title **after** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=string` .. raw:: html

- .. raw:: html

The configuration as structured data after module completion. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` when changed .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`["The configuration returned will always be in the same format of the parameters above."]` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__return-before: .. rst-class:: ansible-option-title **before** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=string` .. raw:: html

- .. raw:: html

The configuration as structured data prior to module invocation. .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` always .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`["The configuration returned will always be in the same format of the parameters above."]` .. raw:: html

* - .. raw:: html

.. _ansible_collections.amnesh.soodar.soodar_acls_module__return-commands: .. rst-class:: ansible-option-title **commands** .. raw:: html .. rst-class:: ansible-option-type-line :ansible-option-type:`list` / :ansible-option-elements:`elements=string` .. raw:: html

- .. raw:: html

The set of commands pushed to the remote device .. rst-class:: ansible-option-line :ansible-option-returned-bold:`Returned:` always .. rst-class:: ansible-option-line .. rst-class:: ansible-option-sample :ansible-option-sample-bold:`Sample:` :ansible-rv-sample-value:`["ip access-list extended 110", "deny icmp 192.0.2.0/24 192.0.3.0/24 echo"]` .. raw:: html

.. Status (Presently only deprecated) .. Authors Authors ~~~~~~~ - Mahdi Varasteh (@m-varasteh) .. Extra links Collection links ~~~~~~~~~~~~~~~~ .. raw:: html

Issue Tracker Homepage

.. Parsing errors