Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiADC 7.2.2 CLI Reference
    7.2.2
    7.6.1
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.1.4
    7.1.3
    7.1.2
    7.1.1
    7.1.0
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.2.0
    6.1.6
    6.1.5
    6.1.4
    6.1.3
    6.1.2
    6.1.1
    6.1.0
    6.0.2
    6.0.1
    6.0.0
    5.4.5
    5.4.3
    5.4.2
    5.4.1
    5.4.0
    5.3.0
    4.8.1
    4.7.0

    execute waf block-ip

    execute waf block-ip

    Use the following commands to view, filter, or release any client IP address that is currently blocked by WAF modules prior to the block expiry period.

    execute waf block-ip list

    Use this command to generate a list of all the IP addresses that are currently blocked by WAF modules through the Block or Period Block actions.

    Syntax

    execute waf block-ip list

    execute waf block-ip filter

    Use this command to filter through the WAF blocked IPs via the IP address or the name of the virtual server that has blocked the IP address.

    Syntax

    execute waf block-ip filter {clear|ip|show|vs-name} {<ip>|<vs-name>}

    clear

    		 Clears the filters.

    ip

    		 Filter by a single IP or an IP range.

    show

    Show the filters.

    vs-name

    Filter by a virtual server name.

    <ip>

    If ip, specify the IP or an IP range to filter by. For example, 1.1.1.1-2.2.2.2

    <vs-name>

    		 If vs-name, specify the name of the virtual server that has blocked the IP address.

    Example

    FortiADC-VM # execute waf block-ip filter ip 50.1.0.1

FortiADC-VM # execute waf block-ip filter show
ip range: 50.1.0.1 - 50.1.0.1
virtual server: any

FortiADC-VM # execute waf block-ip filter vs-name VS1

FortiADC-VM # execute waf block-ip filter show
ip range: any
virtual server: VS1

    execute waf block-ip release

    Use this command to release one or all WAF blocked IP addresses.

    Syntax

    execute waf block-ip release {all|ip|vs-name} {<ip>|<vs-name>}

    all

    		 Release all the IP addresses currently blocked by the WAF.

    ip

    		 Release a single IP or an IP range.

    vs-name

    Release an IP by their virtual server name.

    <ip>

    If ip, specify the IP or an IP range to release. For example, '1.1.1.1-2.2.2.2'

    <vs-name>

    		 If vs-name, specify the name of the virtual server that has blocked the IP address.

    Example

    FortiADC-VM # execute waf block-ip release ip 50.1.0.1

FortiADC-VM # execute waf block-ip release vs-name VS1

FortiADC-VM # execute waf block-ip release vs-name VS1 ip '1.1.1.1'
    Previous
    Next

    execute waf block-ip

    execute waf block-ip

    Use the following commands to view, filter, or release any client IP address that is currently blocked by WAF modules prior to the block expiry period.

    execute waf block-ip list

    Use this command to generate a list of all the IP addresses that are currently blocked by WAF modules through the Block or Period Block actions.

    Syntax

    execute waf block-ip list

    execute waf block-ip filter

    Use this command to filter through the WAF blocked IPs via the IP address or the name of the virtual server that has blocked the IP address.

    Syntax

    execute waf block-ip filter {clear|ip|show|vs-name} {<ip>|<vs-name>}

    clear

    		 Clears the filters.

    ip

    		 Filter by a single IP or an IP range.

    show

    Show the filters.

    vs-name

    Filter by a virtual server name.

    <ip>

    If ip, specify the IP or an IP range to filter by. For example, 1.1.1.1-2.2.2.2

    <vs-name>

    		 If vs-name, specify the name of the virtual server that has blocked the IP address.

    Example

    FortiADC-VM # execute waf block-ip filter ip 50.1.0.1

FortiADC-VM # execute waf block-ip filter show
ip range: 50.1.0.1 - 50.1.0.1
virtual server: any

FortiADC-VM # execute waf block-ip filter vs-name VS1

FortiADC-VM # execute waf block-ip filter show
ip range: any
virtual server: VS1

    execute waf block-ip release

    Use this command to release one or all WAF blocked IP addresses.

    Syntax

    execute waf block-ip release {all|ip|vs-name} {<ip>|<vs-name>}

    all

    		 Release all the IP addresses currently blocked by the WAF.

    ip

    		 Release a single IP or an IP range.

    vs-name

    Release an IP by their virtual server name.

    <ip>

    If ip, specify the IP or an IP range to release. For example, '1.1.1.1-2.2.2.2'

    <vs-name>

    		 If vs-name, specify the name of the virtual server that has blocked the IP address.

    Example

    FortiADC-VM # execute waf block-ip release ip 50.1.0.1

FortiADC-VM # execute waf block-ip release vs-name VS1

FortiADC-VM # execute waf block-ip release vs-name VS1 ip '1.1.1.1'
    Previous
    Next