Fortinet white logo
Fortinet white logo

CLI Reference

fds-setting

fds-setting

Use this command to set FDS settings.

Syntax

config fmupdate fds-settings

set fds-clt-ssl-protocol {sslv3 | tlsv1.0 | tlsv1.1 | tlsv1.2}

set fds-ssl-protocol

set fmtr-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

set linkd-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

set max-av-ips-version <integer>

set max-work <integer>

set send_report {enable | disable}

set send_setup {enable | disable}

set system-support-fct {5.4 5.6 6.0 6.2 | disable | emergency}

set system-support-fgt {5.4 5.6 6.0 6.2}

set system-support-fml {4.x 5.x 6.x}

set system-support-fsa {1.x 2.x 3.x}

set system-support-fsw {5.4 5.6 6.0 6.2}

set umsvc-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

set unreg-dev-option {add-service | ignore | svc-only}

set User-Agent <text>

set wanip-query-mode {disable | ipify}

end

Variables

Description

fds-clt-ssl-protocol {sslv3 | tlsv1.0 | tlsv1.1 | tlsv1.2}

Set the SSL protocols version for connecting FDS server (default = tlsv1.2).

fds-ssl-protocol {sslv3 | tlsv1.0 | tlsv1.1 | tlsv1.2}

Set the SSL protocols version for FDS service (default = tlsv1.0).

fmtr-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

The fmtr log level. Set to disable to disable the log (default = info).

linkd-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

The linkd log level (default = info).

max-av-ips-version <integer>

The maximum number of AV/IPS full version downloadable packages (default = 20).

max-work <integer>

The maximum number of worker processing downlink requests (default = 1).

send_report {enable | disable}

Enable/disable sending reports to the FDS server (default = disable).

send_setup {enable | disable}

Enable/disable sending setup to the FDS server (default = disable).

system-support-fct {5.4 5.6 6.0 6.2 | disable | emergency}

Set the FortiClient support version, disable the linkd log, or set the log level to emergency (default = emergency).

system-support-fgt {5.4 5.6 6.0 6.2}

Set the FortiGate support version.

system-support-fml {4.x 5.x 6.x}

Set the FortiMail support version.

system-support-fsa {1.x 2.x 3.x}

Set the FortiSandbox support version.

system-support-fsw {5.4 5.6 6.0 6.2}

Set the FortiSwitch support version.

umsvc-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

The um_service log level (default = info).

unreg-dev-option {add-service | ignore | svc-only}

Set the option for unregistered devices:

  • add-service: Add unregistered devices and allow update request (default).
  • ignore: Ignore all unregistered devices.
  • svc-only: Allow update request without add unregistered device.

User-Agent <text>

Configure the User-Agent string.

wanip-query-mode {disable | ipify}

Set the public IP query mode.

  • disable: Do not query public IP (default)
  • ipify: Get public IP through https://api.ipify.org

fds-setting push-override

Use this command to enable or disable push updates, and to override the default IP address and port to which the FDS sends FortiGuard antivirus and IPS push messages.

This is useful if push notifications must be sent to an IP address and/or port other than the FortiAnalyzer unit, such as the external or virtual IP address of a NAT device that forwards traffic to the FortiAnalyzer unit.

Syntax

config fmupdate fds-setting

config push-override

set ip <ipv_address>

set port <integer>

set status {enable | disable}

end

end

Variable Description
ip <ipv_address>

Enter the external or virtual IP address of the NAT device that will forward push messages to the FortiAnalyzer unit.

port <integer>

Enter the receiving port number on the NAT device (1 - 65535, default = 9443).

status {enable | disable}

Enable/disable the push updates (default = disable).

Example

You could enable the FortiAnalyzer unit’s built-in FDS to receive push messages.

If there is a NAT device or firewall between the FortiAnalyzer unit and the FDS, you could also notify the FDS to send push messages to the external IP address of the NAT device, instead of the FortiAnalyzer unit’s private network IP address.

config fmupdate fds-setting

config push-override

set status enable

set ip 172.16.124.135

set port 9000

end

end

You would then configure port forwarding on the NAT device, forwarding push messages received on User Datagram Protocol (UDP) port 9000 to the FortiAnalyzer unit on UDP port 9443.

fds-setting push-override-to-client

Use this command to define which FortiAnalyzer IP addresses/ports are announced to devices for which the FortiAnalyzer provides FDS services. By default, FortiAnalyzer will announce all its interfaces using the port 8890.

Syntax

config fmupdate fds-setting

config push-override-to-client

set status {enable | disable}

config <announce-ip>

edit <id>

set ip <ip_address>

set port <integer>

end

end

end

Variable Description
status {enable | disable}

Enable/disable the push updates (default = disable).

Variables for config announce-ip subcommand:
<id>

Edit the announce IP address ID (1 - 10).

ip <ip_address>

Enter the announce IP address.

port <integer>

Enter the announce IP port (1 - 65535, default = 8890).

fds-setting server-override

Use this command to override the default IP address and port that the built-in FDS contacts when requesting FortiGuard spam updates.

Syntax

config fmupdate fds-setting

config server-override

set status {enable | disable}

config servlist

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set port <integer>

set server-type {fct | fds}

end

end

end

Variable

Description

status {enable | disable}

Enable/disable the override (default = disable).

Variable for config servlist subcommand:

<id>

Enter the override server ID (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the override server address.

ip6 <ipv6_address>

Enter the IPv6 address of the override server address.

port <integer>

Enter the port number to use when contacting the FDS (1 - 65535, default = 443).

server-type {fct| fds}

Set the override server type (default = fds).

fds-setting update-schedule

Use this command to schedule when the built-in FortiGuard retrieves antivirus and IPS updates.

Syntax

config fmupdate fds-setting

config update-schedule

set day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set frequency {every | daily | weekly}

set status {enable | disable}

set time <hh:mm>

end

end

Variable

Description

day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

The day that the update will occur (Sunday - Saturday, default = Monday).

This option is only available if the update frequency is weekly.

frequency {every | daily | weekly}

The update frequency: every given time interval, once a day, or once a week (default = every).

status {enable | disable}

Enable/disable scheduled updates (default = enable).

time <hh:mm>

The time interval between updates, or the hour and minute when the update occurs (hh: 0 - 23, mm: 0 - 59 or 60 = random, default = 00:10).

fds-setting

fds-setting

Use this command to set FDS settings.

Syntax

config fmupdate fds-settings

set fds-clt-ssl-protocol {sslv3 | tlsv1.0 | tlsv1.1 | tlsv1.2}

set fds-ssl-protocol

set fmtr-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

set linkd-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

set max-av-ips-version <integer>

set max-work <integer>

set send_report {enable | disable}

set send_setup {enable | disable}

set system-support-fct {5.4 5.6 6.0 6.2 | disable | emergency}

set system-support-fgt {5.4 5.6 6.0 6.2}

set system-support-fml {4.x 5.x 6.x}

set system-support-fsa {1.x 2.x 3.x}

set system-support-fsw {5.4 5.6 6.0 6.2}

set umsvc-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

set unreg-dev-option {add-service | ignore | svc-only}

set User-Agent <text>

set wanip-query-mode {disable | ipify}

end

Variables

Description

fds-clt-ssl-protocol {sslv3 | tlsv1.0 | tlsv1.1 | tlsv1.2}

Set the SSL protocols version for connecting FDS server (default = tlsv1.2).

fds-ssl-protocol {sslv3 | tlsv1.0 | tlsv1.1 | tlsv1.2}

Set the SSL protocols version for FDS service (default = tlsv1.0).

fmtr-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

The fmtr log level. Set to disable to disable the log (default = info).

linkd-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

The linkd log level (default = info).

max-av-ips-version <integer>

The maximum number of AV/IPS full version downloadable packages (default = 20).

max-work <integer>

The maximum number of worker processing downlink requests (default = 1).

send_report {enable | disable}

Enable/disable sending reports to the FDS server (default = disable).

send_setup {enable | disable}

Enable/disable sending setup to the FDS server (default = disable).

system-support-fct {5.4 5.6 6.0 6.2 | disable | emergency}

Set the FortiClient support version, disable the linkd log, or set the log level to emergency (default = emergency).

system-support-fgt {5.4 5.6 6.0 6.2}

Set the FortiGate support version.

system-support-fml {4.x 5.x 6.x}

Set the FortiMail support version.

system-support-fsa {1.x 2.x 3.x}

Set the FortiSandbox support version.

system-support-fsw {5.4 5.6 6.0 6.2}

Set the FortiSwitch support version.

umsvc-log {alert | critical | debug | disable | emergency | error | info | notice | warn}

The um_service log level (default = info).

unreg-dev-option {add-service | ignore | svc-only}

Set the option for unregistered devices:

  • add-service: Add unregistered devices and allow update request (default).
  • ignore: Ignore all unregistered devices.
  • svc-only: Allow update request without add unregistered device.

User-Agent <text>

Configure the User-Agent string.

wanip-query-mode {disable | ipify}

Set the public IP query mode.

  • disable: Do not query public IP (default)
  • ipify: Get public IP through https://api.ipify.org

fds-setting push-override

Use this command to enable or disable push updates, and to override the default IP address and port to which the FDS sends FortiGuard antivirus and IPS push messages.

This is useful if push notifications must be sent to an IP address and/or port other than the FortiAnalyzer unit, such as the external or virtual IP address of a NAT device that forwards traffic to the FortiAnalyzer unit.

Syntax

config fmupdate fds-setting

config push-override

set ip <ipv_address>

set port <integer>

set status {enable | disable}

end

end

Variable Description
ip <ipv_address>

Enter the external or virtual IP address of the NAT device that will forward push messages to the FortiAnalyzer unit.

port <integer>

Enter the receiving port number on the NAT device (1 - 65535, default = 9443).

status {enable | disable}

Enable/disable the push updates (default = disable).

Example

You could enable the FortiAnalyzer unit’s built-in FDS to receive push messages.

If there is a NAT device or firewall between the FortiAnalyzer unit and the FDS, you could also notify the FDS to send push messages to the external IP address of the NAT device, instead of the FortiAnalyzer unit’s private network IP address.

config fmupdate fds-setting

config push-override

set status enable

set ip 172.16.124.135

set port 9000

end

end

You would then configure port forwarding on the NAT device, forwarding push messages received on User Datagram Protocol (UDP) port 9000 to the FortiAnalyzer unit on UDP port 9443.

fds-setting push-override-to-client

Use this command to define which FortiAnalyzer IP addresses/ports are announced to devices for which the FortiAnalyzer provides FDS services. By default, FortiAnalyzer will announce all its interfaces using the port 8890.

Syntax

config fmupdate fds-setting

config push-override-to-client

set status {enable | disable}

config <announce-ip>

edit <id>

set ip <ip_address>

set port <integer>

end

end

end

Variable Description
status {enable | disable}

Enable/disable the push updates (default = disable).

Variables for config announce-ip subcommand:
<id>

Edit the announce IP address ID (1 - 10).

ip <ip_address>

Enter the announce IP address.

port <integer>

Enter the announce IP port (1 - 65535, default = 8890).

fds-setting server-override

Use this command to override the default IP address and port that the built-in FDS contacts when requesting FortiGuard spam updates.

Syntax

config fmupdate fds-setting

config server-override

set status {enable | disable}

config servlist

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set port <integer>

set server-type {fct | fds}

end

end

end

Variable

Description

status {enable | disable}

Enable/disable the override (default = disable).

Variable for config servlist subcommand:

<id>

Enter the override server ID (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the override server address.

ip6 <ipv6_address>

Enter the IPv6 address of the override server address.

port <integer>

Enter the port number to use when contacting the FDS (1 - 65535, default = 443).

server-type {fct| fds}

Set the override server type (default = fds).

fds-setting update-schedule

Use this command to schedule when the built-in FortiGuard retrieves antivirus and IPS updates.

Syntax

config fmupdate fds-setting

config update-schedule

set day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

set frequency {every | daily | weekly}

set status {enable | disable}

set time <hh:mm>

end

end

Variable

Description

day {Sunday | Monday | Tuesday | Wednesday | Thursday | Friday | Saturday}

The day that the update will occur (Sunday - Saturday, default = Monday).

This option is only available if the update frequency is weekly.

frequency {every | daily | weekly}

The update frequency: every given time interval, once a day, or once a week (default = every).

status {enable | disable}

Enable/disable scheduled updates (default = enable).

time <hh:mm>

The time interval between updates, or the hour and minute when the update occurs (hh: 0 - 23, mm: 0 - 59 or 60 = random, default = 00:10).