fmgr_pkg_firewall_policy parameters type correction

[babakb22]

A lot of parameters like dstaddr, service, srcaddr, are of type 'list', but in the module fmgr_pkg_firewall_policy are created as 'str'. This can be easily fixed so that engineers can add a list of source/destination objects, services, etc.

I already tested this myself and works perfectly fine.

Please investigate.

[lix-fortinet]

Hi @babakb22,

Thank you for raising this issue. Team is working on this issue. We will get back to you once it's resolved.

Thanks,
Xing

[matejzero]

Any update on this issue. It seems like it's still not fixed and we are just deploying a new firewall with fortimanager and want to do whole deployment with ansible. This is a big showstopper at the moment. Any option to push this forward?

[akerkau]

Any update on this issue. It seems like it's still not fixed and we are just deploying a new firewall with fortimanager and want to do whole deployment with ansible. This is a big showstopper at the moment. Any option to push this forward?

While I'm totally with you that this should be fixed: You can use the following parameter to allow the correct datastructures and bypass the wrong str types in the module.

bypass_validation: true

[matejzero]

Thanks, I went that way and so far it works.

[dux-fortinet]

Apologies for the inconvenience. Currently, we can't change the type of parameters such as dstaddr, service, srcaddr to 'list', because they are 'str' type in FortiManager v6.x. And Ansible doesn't support declaring a parameter as str and list type at the same time.

You can use bypass_validation: true to avoid this error.

We will change the type of those parameters to 'list' once those old versions of FortiManager are no longer supported.