DHGroups failing on new-formtunnel with error InvalidOperation: You cannot call a method on a null-valued expression.

This didn't happen previously....

I am impressed with the quality of your modules - are you willing to share your build pipeline?

Environment

• PowerShell host version: varies
• Module Name: Admintoolbox.Filemanagment
• Function Name: Remove-DisabledADProfiles
• Parameters used: domaincontroller

Describe the bug
The delete method invocation used by this function doesn't work in the greater majority of environments.

Expected behavior
This function should work where PowerShell 5+ is installed and remove local accounts when run if those domain accounts are disabled.

Error Message
If applicable, add error messages to help explain your problem.

Additional context
Consider alternative methods to handle this process. Perhaps use Try/catch or if/else to invoke different methods dependents on the environment.

Topic Reason
Added PSScriptAnalyzer code scanning workflow and it opened multiple alerts.

Topic Details
Going to review the alerts and address them.

Environment

• PowerShell host version: 7.2.5
• Module Name: AdminToolbox.FileManagement
• Function Name: Get-FolderSize
• Parameters used:

Describe the bug
The name of the function Get-FolderSize is the same as the name of the function in the module PSFolderSize

get-command Get-FolderSize

CommandType     Name                                               Version    Source
-----------     ----                                               -------    ------
Function        Get-FolderSize                                     1.7.1      PSFolderSize

Expected behavior
Can you please rename your function? Alternatively, after renaming you could also check during the import if a function with the name Get-FolderSize already exists locally and if not set an alias to Get-FolderSize.
This allows existing users of AdminToolbox.FileManagement to simply continue using the feature.

Error Message
Install-Package: The following commands are already available on this system:'Get-FolderSize'. This module 'AdminToolbox.FileManagement' may override the existing commands. If you still want to install this module 'AdminToolbox.FileManagement', use -AllowClobber parameter.

Additional context
None

Thanks,
René

New-P2Ptunnel is calling the private function New-FirewallPolicyTunnel, but when New-P2PTunnel is run, the private function New-FirewallPolicyTunnelNAT is running instead. New to look for why and fix this.

Feature Target Details

• Module Name: AdminToolbox.Networking
• Existing Function Name: Multiple Functions

Describe the solution you'd like
Need to add TTL settings for both p1 and p2. These often differ. Will probably want to modify the form rows so that these parameters are adjacent.

Feature Target Details

• Module Name: EndpointManagement
• New Function Name: Get-LocalLogonhistory

Describe the solution you'd like
Provide a method for auditing local logons.

Code Sample

<#
.DESCRIPTION
Get logon/logoff history from single PC's either locally or remotely.

.NOTES
Copied this and then modified this function from https://github.com/junecastillote/Windows-Logon-History-Script/blob/main/LICENSE

Original License
MIT License

Copyright (c) 2023 June Castillote

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.
#>

Function Get-LogOnHistory {

    [CmdletBinding()]
    param (
        [Parameter()][String]$Username,
        [Parameter()][datetime]$StartTime,
        [Parameter()][datetime]$EndTime,
        [Parameter()][switch]$IncludeLogOff,
        [Parameter()][string]$ComputerName = $env:COMPUTERNAME
    )

    # Base filter
    $filter = @{
        LogName      = 'Security'
        ID           = @('4624')
        ProviderName = 'Microsoft-Windows-Security-Auditing'
    }

    # If IncludeLogOff is specified, add event 4634 to the filter
    if ($IncludeLogOff) {
        $filter['ID'] += '4634'
    }

    # If StartDate is specified
    if ($StartTime) {
        $filter.Add('StartTime', $StartTime)
    }

    # If EndDate is specified
    if ($EndTime) {
        $filter.Add('EndTime', $EndTime)
    }

    # Add username filter
    if ($Username) {
        ## If PowerShell Core
        if ($PSVersionTable.PSEdition -eq 'Core') {
            $filter.Add('TargetUserName', $Username)
        }
        ## If Windows PowerShell
        else {
            $filter.Add('Data', $Username)
        }
    }

    # https://learn.microsoft.com/en-us/windows/security/threat-protection/auditing/basic-audit-logon-events#configure-this-audit-setting
    $logOnTypeTable = @{
        '2'  = 'Interactive'
        '3'  = 'Network'
        '4'  = 'Batch'
        '5'  = 'Service'
        '6'  = 'Unlock'
        '7'  = 'NetworkCleartext'
        '8'  = 'NewCredentials'
        '9'  = 'RemoteInteractive'
        '10' = 'RemoteInteractive'
        '11' = 'CachedInteractive'
    }

    try {
        $events = Get-WinEvent -FilterHashtable $filter -ErrorAction Stop -ComputerName $ComputerName

        foreach ($event in $events) {
            [PSCustomObject]@{
                TimeStamp    = $event.TimeCreated
                EventType    = $(
                    if ($event.Id -eq '4624') {
                        'LogOn'
                    }
                    else {
                        'LogOff'
                    }
                )
                User         = $(
                    if ($Username) {
                        $Username
                    }
                    elseif ($event.Id -eq '4624') {
                        $event.Properties[5].Value
                    }
                    else {
                        $event.Properties[1].Value
                    }
                )
                SourceIP     = $(
                    if ($event.Id -eq '4624') {
                        $event.Properties[18].Value
                    }
                    else {
                        $null
                    }
                )
                ComputerName = $ComputerName
                LogOnType    = $logOnTypeTable["$($event.Properties[8].value)"]
            }
        }
    }
    catch {
        $_.Exception.Message | Out-Default
        return $null
    }
}

Hello, I find these scripts very useful but can't use them in my project without appropriate license.

For example, MIT, ISC or anything similar would be great to reuse the code.

Feature Target Details

• Module Name: Admintoolbox.Fortiwizard
• Existing Function Name:
• New Function Name: Add-SSLVPNSAMLUsersMFAEnforced & Add-SSLVPNSAMLUsersAzureDefaultSecurity & create a third for selectively adding members.

Describe the solution you'd like
I have 2 functions and adding a 3rd that can be used for adding users to the FortiGate Enterprise app registration and security groups. These are used for adding users who can authenticate to the FortiClient VPN using saml auth.

Why is this change needed?
Update help on functions
Add notes linking to articles on the pre-requisite work required for implementation
Add functions to module and publish

• Create a workflow that generates manifest files. (Generate versions variables that pull from changelog.md files.)
• Trigger PS gallery publish off the completion of the above-mentioned work flow.
• Update contributing.md to reflect these changes and consider alternative reworking other items as well in that file.
• Add a workflow badge to ReadMe.md

config firewall address
edit "SSLVPN_Internal_0.0.0.0/0"
set visibility disable
set subnet 0.0.0.0 0.0.0.0
next
end

The set visiblity parameter needs to be removed from the output of this function.

• Add a comments option for Tunnels. Will require updating the vpn form and related functions as well.

Feature Target Details

• Module Name: Networking
• Existing Function Name: Invoke-NetworkScan.ps1
• New Function Name:

Describe the solution you'd like
There are currently 2 groups of ports scanned - either the default or deepscan ports. Could we either replace the default ports with a requirement to enter ports, or add a 3rd option for custom ports where a comma-delimited list of ports can be entered as a parameter?

Why is this change needed?
The need to specify ports that are not in the default list.

Code Sample

**Code Sample**
.Parameter Ports
    Specify the TCP ports to scan in comma-delimited list.
#
 if ($null -ne $ArpRefresh) {
            if ($Ports) {
                $Script:QuickScan = Invoke-PSnmap -ComputerName $CIDR -Port $Ports -ScanOnPingFail -Dns -NoSummary -PortConnectTimeoutMs 500 -ThrottleLimit $Threads
            }
            if ($DeepScan) {
                $Script:SlowScan = Invoke-PSnmap -ComputerName $CIDR -Port 21, 22, 23, 25, 53, 67, 80, 139, 389, 443, 445, 902, 3389, 9100 -ScanOnPingFail -Dns -NoSummary -PortConnectTimeoutMs 500 -ThrottleLimit $Threads
            }
            else {
                $Script:QuickScan = Invoke-PSnmap -ComputerName $CIDR -Port 21, 22, 23, 80, 443, 3389, 9100 -ScanOnPingFail -Dns -NoSummary -PortConnectTimeoutMs 500 -ThrottleLimit $Threads
            }
        }

Additional context
None

Feature Target Details

• Module Name: Networking
• New Function Name: Get-DOHState

Describe the solution you'd like
A command that quickly pulls wether DNS over HTTPS is enabled at the OS level

Why is this change needed?
Some client vpns don't handle split-tunneling well when DNS over HTTPS is enabled. This will allow for a quick lookup of the DNS state.

Code Sample
A packet capture can be used to see if port 53 DNS traffic is being used instead of DOH. Preferably the command would just display if it's enabled. I haven't found any command yet that can actually present that info.

pktmon filter remove
pktmon filter add -p 53
pktmon start --etw -m real-time

Additional context
Maybe consider the command to display additional useful network info or add the output to existing functions.

Create a function that uses example vpn form and import excel to generate the selected tunnel type.

Need to exclaim this only works if cell values maintain their same position, otherwise reference examples.

Use environment variable to surpress disclaimer after first acknowledgement.

• Pull module version and write a comment to output tunnel configs.

This is useful if changes need to be made to a tunnel. The VPN form that was originally used to generate the tunnel config can be updated, and the last known module version that worked with that form can be used to update the tunnel config. As the FortiWizard module evolves and more options are added to the tunnel functions, this can save time by removing the need to migrate the VPN form parameters into a newer form.

Feature Target Details

• Module Name: Fortiwizard
• Existing Function Name: New-AddressObject

Describe the solution you'd like
Add the option to accept multiple cidrs and create multiple objects. Also consider a parameter to prepend the object names with a custom prefix.

Code Sample

• Convert this from the tunnel functions to instead be used in this function.

#Create Remote Address Objects
[int]$max = $RemoteAddressCIDRs.Count
$script:RemoteAddressObjects = for ($i = 0; $i -lt $max; $i++) {
    [PSCustomObject]@{
        Name = "VPN_" + $TunnelName + "_Remote_" + $i
        CIDR = $RemoteAddressCIDRs[$i]
    }
}

Start-Trace already exists. Rename the function

Need to update where ffmpeg installs and add it to path. Installing into existing path $env:systemroot\system32 has resulted in function failures with recent pwsh or Windows 11 security changes. Placing it in a less protected directory and adding to path will resolve this.

Add common cache file locations to increase function effectiveness. Include a warning and include switches for cleaning up certain types of directories so some can be excluded like cache locations.

• Need to add multiple interface support to firewall policy functions.
• Update VPN form data validation with notations that comma delimited interface entries are supported
• Update function examples to indicate multiple interface support
• Need to Add support for interfaces with spaces in the name. How to handle this in formtunnels?
• Add support for multiple proposals in addition to interfaces.
• New-Formtunnel will need conversion try catches for when single entries are provided instead of multiple.

Feature Target Details

• Module Name: Admintoolbox.Office365
• New Function Name: Get-DistributionGroupMembers

Describe the solution you'd like
Had a use case for a function that can be added to the Office 365 module.

Code Sample

function Get-DistributionGroupMembers {
    $groups = Get-DistributionGroup -resultsize unlimited
    foreach ($group in $groups) {
        $members = Get-DistributionGroupMember $group.name
        foreach ($member in $members) {
            [pscustomobject]@{
                Group             = $group.name
                GroupType         = $group.grouptype
                MemberName        = $member.name
                MemberType        = $member.recipienttype
                GroupEmailAddress = $group.PrimarySmtpAddress
            }
        }
    }
}

Get-DistributionGroupMembers | export-excel $env:USERPROFILE\downloads\DistributionMembers.xlsx

Add parameters for Enable-Management that allows specifying trusted hosts. Will require multiple parameter sets with each added trusted host entry being a member of each consecutive trusted host parameter set.

Environment

• PowerShell host version: 7.2
• Module Name: Admintoolbox.filemanagement
• Function Name: remove-disabledadprofiles

Describe the bug
Profile deletes fail due to missing method

Expected behavior
Need to rewrite the function with a different method so it works in powersehll 5 and powershell 7

Error Message
Method invocation failed because [Deserialized.System.Management.ManagementObject#root\cimv2\Win32_UserProfile] does not contain a method named 'delete'.

Additional context
Add any other context about the problem here.

Feature Target Details

• Module Name: AdminToolbox.Endpointmanagement
• Existing Function Name: Get-RemoteDesktopLogins

Describe the solution you'd like
Add events 24 and 25 to the function output

Why is this change needed?
So that reconnect and disconnect events are also exported to the log

Code Sample

function Get-RemoteDesktopLogins {

    [cmdletbinding()]

    param (
        [Parameter(Position = 0, Mandatory = $true)]$OutputPath
    )

    #Common Variables
    $LogName = 'Microsoft-Windows-TerminalServices-LocalSessionManager/Operational'
    $Results = @()
    $Events21 = Get-WinEvent -LogName $LogName | Where-Object { ($_.Id -like '21*') }
    $Events23 = Get-WinEvent -LogName $LogName | Where-Object { ($_.Id -like '23*') }
    $Events24 = Get-WinEvent -LogName $LogName | Where-Object { ($_.Id -like '24*') }
    $Events25 = Get-WinEvent -LogName $LogName | Where-Object { ($_.Id -like '25*') }

    #Foreach to retrieve event 21
    foreach ($Event in $Events21) {
        $EventXml = [xml]$Event.ToXML()

        $ResultHash = @{
            Time        = $Event.TimeCreated.ToString()
            'Event ID'  = $Event.Id
            'Desc'      = ($Event.Message -split "`n")[0]
            'Username'  = $EventXml.Event.UserData.EventXML.User
            'Source IP' = $EventXml.Event.UserData.EventXML.Address
            'Details'   = $Event.Message
            'Computer'  = $EventXML.Event.System.Computer
        }

        $Results += (New-Object PSObject -Property $ResultHash)

    } #End of Events loop

    #Output results to file
    $Results | Export-Csv $Outputpath -Append -NTI

    #Foreach to retrieve event 23
    foreach ($Event in $Events23) {
        $EventXml = [xml]$Event.ToXML()

        $ResultHash = @{
            Time        = $Event.TimeCreated.ToString()
            'Event ID'  = $Event.Id
            'Desc'      = ($Event.Message -split "`n")[0]
            'Username'  = $EventXml.Event.UserData.EventXML.User
            'Source IP' = $EventXml.Event.UserData.EventXML.Address
            'Details'   = $Event.Message
            'Computer'  = $EventXML.Event.System.Computer
        }

        $Results += (New-Object PSObject -Property $ResultHash)

    } #End of Events loop

    #Output results to file
    $Results | Export-Csv $Outputpath -Append -NTI

    foreach ($Event in $Events24) {
        $EventXml = [xml]$Event.ToXML()

        $ResultHash = @{
            Time        = $Event.TimeCreated.ToString()
            'Event ID'  = $Event.Id
            'Desc'      = ($Event.Message -split "`n")[0]
            'Username'  = $EventXml.Event.UserData.EventXML.User
            'Source IP' = $EventXml.Event.UserData.EventXML.Address
            'Details'   = $Event.Message
            'Computer'  = $EventXML.Event.System.Computer
        }

        $Results += (New-Object PSObject -Property $ResultHash)

    } #End of Events loop

    #Output results to file
    $Results | Export-Csv $Outputpath -Append -NTI

    foreach ($Event in $Events25) {
        $EventXml = [xml]$Event.ToXML()

        $ResultHash = @{
            Time        = $Event.TimeCreated.ToString()
            'Event ID'  = $Event.Id
            'Desc'      = ($Event.Message -split "`n")[0]
            'Username'  = $EventXml.Event.UserData.EventXML.User
            'Source IP' = $EventXml.Event.UserData.EventXML.Address
            'Details'   = $Event.Message
            'Computer'  = $EventXML.Event.System.Computer
        }

        $Results += (New-Object PSObject -Property $ResultHash)

    } #End of Events loop

    #Output results to file
    $Results | Export-Csv $Outputpath -Append -NTI
}

Invoke-Servicerecovery doesn't work in powershell version 7, because for some reason the computername parameter was removed prior to Microsoft.PowerShell.Management version 7.

I need to add in a fix that imports get-service function from PowerShell into pwsh, or I will need to change the invoke service restart method.

Going to drop the Build number in future versions. I am not tracking builds numbers.

MAJOR.MINOR.REVISION.BUILDNUMBER

MAJOR is a major release (usually many new features or changes to the UI or underlying OS).
MINOR is a minor release (perhaps some new features) on a previous major release.
REVISION is usually a fix for a previous minor release (no new functionality).
BUILDNUMBER is incremented for each latest build of a revision.

Topic Reason
Added Admintoolbox.MSGraph Module

Topic Details
Need to add badges for Admintoolbox.MSGraph. Consider replacing current badge layout for a table

Discussed in #141

Invoke-Iperf client switch parameter was incorrectly created as a string parameter. This needs to be resolved.

Feature Target Details

• Module Name: Admintoolbox.Office365
• Existing Function Names: Connect-Office365, Get-Office365
• New Function Names: Unkown

Describe the solution you'd like
Need to update the Office365 module to support and leverage MSGraph.

Why is this change needed?
Some existing modules will be deprecated this year and need to prep for this change. Some existing functions will need updating or replaced.

Additional context
https://github.com/microsoftgraph/msgraph-sdk-powershell
https://docs.microsoft.com/en-us/graph/permissions-reference
https://www.powershellgallery.com/packages/Microsoft.Graph/1.9.2
https://docs.microsoft.com/en-us/graph/overview
https://docs.microsoft.com/en-us/powershell/microsoftgraph/azuread-msoline-cmdlet-map?view=graph-powershell-1.0

Add an ethr test.
https://github.com/microsoft/ethr

When there is only a single remote and local CIDR, the phase 2 interface is incorrectly improperly handling the source and remote address names for the phase 2 interface. need to fix this.

Feature Target Details

• Module Name: Admintoolbox.Fortiwizard
• Existing Function: New-Formtunnel
• New Function Name: New-SDWANP2PTunnel, New-SDWANP2PNATTunnel, New-SDWANDialUPTunnelBehindNAT, New-SDWANDialUPTunnelRemoteNAT

Describe the solution you'd like
Expand FortWizard to support tunnels built with SD-WAN interfaces. Consider redundant tunnels, dialup tunnels, and standard ipsec tunnels.

Why is this change needed?
So that this module can be used for building new tunnels even when working with FortiGates that are setup in an SD-WAN configuration.

Additional context
Must test with real world configuration prior to being able to write these functions. Hopefully soon! Extra functions will be required for managing zone membership and more.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configure-IPsec-VPN-with-SD-WAN/ta-p/209840

New-Formtunnel private functions are using importexcel to populate parameters that are then passed onto other functions. Some of those parameters are optional and sometimes null. To handle this, I have built if/else statements with different splat tables to handle null values. This is not sustainable and generates lengthy code. Use the below found method of populating non-mandatory parameters into the splat hash table, if not $null.

Example was Found here

I'd use splatting, first identify which of your Send-MailMessage parameters will always be provided as arguments and create a new hashtable with them defined:

$params = @{
    From = $From
    To = $To
    SMTPServer = $SMTPServer
    Subject = $Subject
    Body = $Body
}
Then do your checks for any arguments that may be null and if they aren't null add them in to the hashtable:

if ($null -ne $Attachments) {
    $params['Attachments'] = $Attachments
}
Finally perform the splatting of the parameters in Send-MailMessage:

Send-MailMessage @params
Splatting comes in handy pretty often, you can read about it here: https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_splatting?view=powershell-6

Take private function Read-Host prompts and convert them to parameters. This will allow input parameters from public functions. This also will make it possible to use VPN forms along with import-excel to generate tunnels.

Consider adding an example VPN form and code that can be used in this way when complete.

Topic Reason
Hello, I have installed Admintoolbox in Windows powershell 5.1 but it is not working.
It looks other modules are working but Admintoolbox is not working wheres it is working under Powershell 7.x

Topic Details
Get-Info: The term 'Get-Info' is not recognized as a name of a cmdlet, function, script file, or executable program.
Check the spelling of the name, or if a path was included, verify that the path is correct and try again.

Code Sample

#Add any code Samples here
Get-Info

**Additional context**
I would like to know if Admintoolbox functions can be installed in only powershell v 7. Because As I see the module path, Admintoolbox folder is not existed even if installation was completed.

Consider building out PSNmap functionality into the AdminToolbox.Networking module to remove reliance on it for Invoke-NetworkScan.

Functions that would need importing into AdminToolbox.Networking

Invoke-psIpcalc
Invoke-psnmap
Any related private functions

Feature Target Details

• Module Name: Admintoolbox.Fortiwizard
• Existing Function Name: New-Tunnel

Describe the solution you'd like
Add parameters to the tunnel functions for including protocols in the services section of the firewall policies. The New-Formtunnel will need a way to include these protocols as well. I think adding the protocol services as a separate service item and not part of the service group will be the easiest solution.

Generate contribution guidelines.

1. Files not to modify
2. Guidelines for including help
3. Guidelines for generating platyps markdown help
4. Create an issue for the pull request and reference it. What to include in the issue?
5. etc

Work on adding some variable options for the tunnel functions.

• Ikev1 vs v2
• pfs enabled vs pfs disabled

Might want to nest switches parameters under the applicable variable so it builds the config section. This would be preferrable to many if else scenarios above the section variables.

Hi,
just found this and trying in out.
Is there a way to add my own API?
`Invoke-NetworkScan xxx.xx.xx.xx/xx -deepscan

WARNING: , {"errors":{"detail":"Not Found"}}
WARNING: , {"errors":{"detail":"Too Many Requests","message":"Please slow down your requests or upgrade your plan at https://macvendors.com"}}`

Thanks

Feature Target Details

• Module Name: AdminToolbox.Filemanagement
• New Function Name: Get-StaleDirectories # Name is a work in progress

Describe the solution you'd like
This is a function to find inactive folders. It does this be looking for last written to files for each subfolder of a top-level directory. It then returns datetimes for the last time any file in those subfolders was edited. This can be used for cleaning up certain file shares like user files shares.

Code Sample

$path="d:\user"
$NoOfDirs=Get-ChildItem $path | Where-Object {$_.PSIsContainer -eq $True} 
$results = ForEach($dir in $NoOfDirs ) {
	Get-ChildItem  "$path\$($dir.name)" -Recurse | 
	Where-Object { ($_.PSIsContainer -eq $False) } | 
	Select-Object @{l='Folder';e={$dir.Name}},Name,LastWriteTime | 
	Sort-Object  -pro LastWriteTime -Descending |
	Select-Object -First 1
}
$results | export-csv $env:USERPROFILE\downloads

PS C:\Users\cogito-ergo-sum> update-help -UICulture en-US Update-Help: Failed to update Help for the module(s) 'AdminToolbox.Remoting' with UI culture(s) {en-US} : The value of the HelpInfoUri key in the module manifest must resolve to a container or root URL on a website where the help files are stored. The HelpInfoUri 'https://github.com/TheTaylorLee/AdminToolbox/issues' does not resolve to a container.

Add parallel and other necessary switches to get more accurate bandwidth results.

• Create function for handling local policy in with all parameter (services, src, dst, accept/deny, comments, etc)

Feature Target Details

• Module Name: Admintoolbox.Fortiwizard
• Existing Function Name: VPN functions

Describe the solution you'd like
Consider adding a switch parameter for using 0.0.0.0/0 in a single p2 selector and call it "WildcardP2".

It's going to be best practice to also ensure when doing this that the configuration disables "add route" on the p1 selector. Otherwise default routes with a value over 15 will be disrupted by the tunnel negotiated route.

Why is this change needed?
It will make it less disruptive and cleaner to add subnets to VPN tunnels. It will also reduce CPU usage on tunnels with many included subnets. Especially if auto-negotiate is enabled.

Additional context
The functions will still need to add address objects, groups, and routes. Only the p1 and p2 configs will change.

Work on a private function that can convert CIDR values to Subnet masks and Vice Versa. Leverage that function to allow either value to be provided for subnet masks, and then within public functions call that function to convert to the required format for the script config. CIDR vs subnetmask will vary depending on the FortiOS command being entered.

Function help is not all in a supported format for platyps. This results in markdown help files being generated improperly. Primary issue seen is examples with bad formatting and misplaced codeblocks. Review the proper format for platyps to avoid this issue and then update help for functions.