netscaler.adc.appfwprofile_xmldosurl_binding module – Binding Resource definition for describing association between appfwprofile and xmldosurl resources

Note

This module is part of the netscaler.adc collection (version 2.6.0).

It is not included in ansible-core. To check whether it is installed, run ansible-galaxy collection list.

To install it, use: ansible-galaxy collection install netscaler.adc.

To use it in a playbook, specify: netscaler.adc.appfwprofile_xmldosurl_binding.

New in netscaler.adc 2.0.0

Synopsis

  • Binding Resource definition for describing association between appfwprofile and xmldosurl resources

Parameters

Parameter

Comments

alertonly

string

Send SNMP alert?

Choices:

  • "ON"

  • "OFF"

api_path

string

Base NITRO API path.

Define only in case of an ADM service proxy call

Default: "nitro/v1/config"

comment

string

Any comments about the purpose of profile, or other useful information about the profile.

isautodeployed

string

Is the rule auto deployed by dynamic profile ?

Choices:

  • "AUTODEPLOYED"

  • "NOTAUTODEPLOYED"

managed_netscaler_instance_id

string

added in netscaler.adc 2.6.0

The ID of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_ip

string

added in netscaler.adc 2.6.0

The IP of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_name

string

added in netscaler.adc 2.6.0

The name of the managed NetScaler instance to which NetScaler Console

has to configure as a proxy server.

Define only in case of an ADM service proxy call

managed_netscaler_instance_password

string

added in netscaler.adc 2.6.0

The password of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

managed_netscaler_instance_username

string

added in netscaler.adc 2.6.0

The username of the managed NetScaler instance.

Define only in case of an ADM service proxy call

In Settings > Administration > System Configurations > Basic Settings,

if you select Prompt Credentials for Instance Login,

ensure to configure username and password of a managed instance.

name

string

Name of the profile to which to bind an exemption or rule.

netscaler_console_as_proxy_server

boolean

added in netscaler.adc 2.6.0

The IP address of the NetScaler ADC appliance acting as a proxy server.

Define only in case of an ADM service proxy call

Choices:

  • false ← (default)

  • true

nitro_auth_token

string

The authentication token provided by a login operation.

nitro_pass

string

The password with which to authenticate to the NetScaler ADC node.

nitro_protocol

string

Which protocol to use when accessing the nitro API objects.

Choices:

  • "http"

  • "https" ← (default)

nitro_user

string

The username with which to authenticate to the NetScaler ADC node.

nsip

string / required

The ip address of the NetScaler ADC appliance where the nitro API calls will be made.

The port can be specified with the colon (:). E.g. 192.168.1.1:555.

resourceid

string

A “id” that identifies the rule.

ruletype

string

Specifies rule type of binding

Choices:

  • "ALLOW"

  • "DENY"

save_config

boolean

If true the module will save the configuration on the NetScaler ADC node if it makes any changes.

The module will not save the configuration on the NetScaler ADC node if it made no changes.

Choices:

  • false ← (default)

  • true

state

string

The state of the resource being configured by the module on the NetScaler ADC node.

When present, the resource will be added/updated configured according to the module’s parameters.

When absent, the resource will be deleted from the NetScaler ADC node.

Choices:

  • "present" ← (default)

  • "absent"

validate_certs

boolean

If false, SSL certificates will not be validated. This should only be used on personally controlled sites using self-signed certificates.

Choices:

  • false

  • true ← (default)

xmlblockdtd

string

State if XML DTD is ON or OFF. Protects against recursive Document Type Declaration (DTD) entity expansion attacks. Also, SOAP messages cannot have DTDs in messages.

Choices:

  • "ON"

  • "OFF"

xmlblockexternalentities

string

State if XML Block External Entities Check is ON or OFF. Protects against XML External Entity (XXE) attacks that force applications to parse untrusted external entities (sources) in XML documents.

Choices:

  • "ON"

  • "OFF"

xmlblockpi

string

State if XML Block PI is ON or OFF. Protects resources from denial of service attacks as SOAP messages cannot have processing instructions (PI) in messages.

Choices:

  • "ON"

  • "OFF"

xmldosurl

string

XML DoS URL regular expression length.

xmlmaxattributenamelength

float

Specify the longest name of any XML attribute. Protects against overflow attacks.

xmlmaxattributenamelengthcheck

string

State if XML Max attribute name length check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxattributes

float

Specify maximum number of attributes per XML element. Protects against overflow attacks.

xmlmaxattributescheck

string

State if XML Max attributes check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxattributevaluelength

float

Specify the longest value of any XML attribute. Protects against overflow attacks.

xmlmaxattributevaluelengthcheck

string

State if XML Max atribute value length is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxchardatalength

float

Specify the maximum size of CDATA. Protects against overflow attacks and large quantities of unparsed data within XML messages.

xmlmaxchardatalengthcheck

string

State if XML Max CDATA length check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxelementchildren

float

Specify the maximum number of children allowed per XML element. Protects against overflow attacks.

xmlmaxelementchildrencheck

string

State if XML Max element children check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxelementdepth

float

Maximum nesting (depth) of XML elements. This check protects against documents that have excessive hierarchy depths.

xmlmaxelementdepthcheck

string

State if XML Max element depth check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxelementnamelength

float

Specify the longest name of any element (including the expanded namespace) to protect against overflow attacks.

xmlmaxelementnamelengthcheck

string

State if XML Max element name length check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxelements

float

Specify the maximum number of XML elements allowed. Protects against overflow attacks.

xmlmaxelementscheck

string

State if XML Max elements check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxentityexpansiondepth

float

Specify maximum entity expansion depth. Protects aganist Entity Expansion Attack.

xmlmaxentityexpansiondepthcheck

string

State if XML Max Entity Expansions Depth Check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxentityexpansions

float

Specify maximum allowed number of entity expansions. Protects aganist Entity Expansion Attack.

xmlmaxentityexpansionscheck

string

State if XML Max Entity Expansions Check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxfilesize

float

Specify the maximum size of XML messages. Protects against overflow attacks.

xmlmaxfilesizecheck

string

State if XML Max file size check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxnamespaces

float

Specify maximum number of active namespaces. Protects against overflow attacks.

xmlmaxnamespacescheck

string

State if XML Max namespaces check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxnamespaceurilength

float

Specify the longest URI of any XML namespace. Protects against overflow attacks.

xmlmaxnamespaceurilengthcheck

string

State if XML Max namespace URI length check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxnodes

float

Specify the maximum number of XML nodes. Protects against overflow attacks.

xmlmaxnodescheck

string

State if XML Max nodes check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlmaxsoaparrayrank

float

XML Max Individual SOAP Array Rank. This is the dimension of the SOAP array.

xmlmaxsoaparraysize

float

XML Max Total SOAP Array Size. Protects against SOAP Array Abuse attack.

xmlminfilesize

float

Enforces minimum message size.

xmlminfilesizecheck

string

State if XML Min file size check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

xmlsoaparraycheck

string

State if XML SOAP Array check is ON or OFF.

Choices:

  • "ON"

  • "OFF"

Notes

Note

Examples

Return Values

Common return values are documented here, the following are the fields unique to this module:

Key

Description

changed

boolean

Indicates if any change is made by the module

Returned: always

Sample: true

diff

dictionary

Dictionary of before and after changes

Returned: always

Sample: {"after": {"key2": "pqr"}, "before": {"key1": "xyz"}, "prepared": "changes done"}

diff_list

list / elements=string

List of differences between the actual configured object and the configuration specified in the module

Returned: when changed

Sample: ["Attribute `key1` differs. Desired: (<class 'str'>) XYZ. Existing: (<class 'str'>) PQR"]

failed

boolean

Indicates if the module failed or not

Returned: always

Sample: false

loglines

list / elements=string

list of logged messages by the module

Returned: always

Sample: ["message 1", "message 2"]

Authors

  • Sumanth Lingappa (@sumanth-lingappa)