This repository has been archived by the owner on Jan 6, 2023. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 48
pfsense_nat_outbound
Frederic Bor edited this page Aug 9, 2020
·
3 revisions
> PFSENSE_NAT_OUTBOUND (/home/fbor/ansible/lib/ansible/modules/network/pfsense/pfsense_nat_outbound.py)
Manage pfSense Outbound NAT Entries
* This module is maintained by The Ansible Community
OPTIONS (= is mandatory):
- address
The translated to address, in {ALIAS,NETWORK}[:port] format. Leave address part empty to use interface address.
[Default: None]
type: str
- after
Rule to go after, or "top"
[Default: (null)]
type: str
- before
Rule to go before, or "bottom"
[Default: (null)]
type: str
= descr
The name of the nat rule
[Default: None]
type: str
- destination
The matching destination address, in {any,ALIAS,NETWORK}[:port] format.
[Default: None]
type: str
- disabled
Is the rule disabled
[Default: False]
type: bool
- interface
The interface for the rule
[Default: (null)]
type: str
- invert
Invert the sense of the destination match.
[Default: False]
type: bool
- ipprotocol
The Internet Protocol version this rule applies to.
(Choices: inet, inet46, inet6)[Default: inet46]
type: str
- nonat
This option will disable NAT for traffic matching this rule and stop processing Outbound NAT rules
[Default: False]
type: bool
- nosync
Prevents the rule on Master from automatically syncing to other CARP members. This does NOT prevent the rule from being overwritten on Slave.
[Default: False]
type: bool
- poolopts
When an address pool is used, there are several options available that control how NAT translations happen on the pool.
(Choices: , round-robin, round-robin sticky-address, random, random sticky-address, source-hash, bitmask)[Default: ]
type: str
- protocol
Which protocol this rule should match.
(Choices: any, tcp, udp, tcp/udp, icmp, esp, ah, gre, ipv6, igmp, carp, pfsync)[Default: any]
type: str
- source
The matching source address, in {any,(self),ALIAS,NETWORK}[:port] format.
[Default: None]
type: str
- source_hash_key
The key that is fed to the hashing algorithm in hex format, preceeded by "0x", or any string. A non-hex string is hashed using md5 to a hexadecimal key. Defaults to a randomly
generated value.
[Default: ]
type: str
- state
State in which to leave the rule
(Choices: present, absent)[Default: present]
type: str
- staticnatport
Do not randomize source port
[Default: False]
type: bool
AUTHOR: Frederic Bor (@f-bor)
METADATA:
status:
- preview
supported_by: community
EXAMPLES:
- name: "Add NAT outbound traffic rule"
pfsense_nat_outbound:
descr: 'NAT outbound traffic'
interface: wan
source: any
destination: any
state: present
- name: "Delete NAT outbound traffic rule"
pfsense_nat_outbound:
descr: 'NAT outbound traffic'
state: absent
RETURN VALUES:
commands:
description: the set of commands that would be pushed to the remote device (if pfSense had a CLI)
returned: always
type: list
sample: ["create nat_outbound 'NAT outbound traffic', interface='wan', source='any', destination='any'", "delete nat_outbound 'NAT outbound traffic'"]