Fortinet black logo

CLI Reference

web-spam

web-spam

Use the following commands to configure FortiGuard antispam related settings.

web-spam fgd-setting

Use this command to configure FortiGuard run parameters.

Syntax

config fmupdate web-spam fgd-setting

set as-cache <integer>

set as-log {all | disable | nospam}

set as-preload {enable | disable}

set av-cache <integer>

set av-log {all | disable | novirus}

set av-preload {enable | disable}

set av2-cache <integer>

set av2-log {all | disable | noav2}

set av2-preload {enable | disable}

set eventlog-query {enable | disable}

set fgd-pull-interval <integer>

set fq-cache <integer>

set fq-log {all | disable | nofilequery}

set fq-preload {enable | disable}

set linkd-log {enable | disable}

set max-client-worker <integer>

set max-log-quota <integer>

set max-unrated-size <integer>

set restrict-as1-dbver <string>

set restrict-as2-dbver <string>

set restrict-as4-dbver <string>

set restrict-av-dbver <string>

set restrict-av2-dbver <string>

set restrict-fq-dbver <string>

set restrict-wf-dbver <string>

set stat-log-interval <integer>

set stat-sync-interval <integer>

set update-interval <integer>

set update-log {enable | disable}

set wf-cache <integer>

set wf-dn-cache-expire-time <integer>

set wf-dn-cache-max-number <integer>

set wf-log {all | disable | nourl}

set wf-preload {enable | disable}

config server-override

set status {enable | disable}

config servlist

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set port <integer>

set service-type {fgc | fgd | fsa}

end

end

end

Variable

Description

as-cache <integer>

Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0 = no limit, default = 300).

as-log {all | disable | nospam}

Antispam log setting:

  • all: Log all spam lookups.
  • disable: Disable spam log.
  • nospam: Log non-spam events (default)

as-preload {enable | disable}

Enable/disable preloading the antispam database into memory (default = disable).

av-cache <integer>

Antivirus service maximum memory usage, in megabytes (100 - 500, default = 300).

av-log {all | disable | novirus}

Antivirus log setting:

  • all: Log all virus lookups.
  • disable: Disable virus log.
  • novirus: Log non-virus events (default).

av-preload {enable | disable}

Enable/disable preloading antivirus database to memory (default = disable).

av2-cache <integer>

Antispam service maximum memory usage, in megabytes ( physical memory to 1024, 0 = no limit, default = 800).

av2-log {all | disable | novirus}

Outbreak prevention log setting:

  • all: Log all av2 lookups.
  • disable: Disable av2 logs.
  • noav2: Log non-av2 events (default).

av2-preload {enable | disable}

Enable/disable preloading outbreak prevention database to memory (default = disable).

eventlog-query {enable | disable}

Enable/disable record query to event-log besides fgd-log (default = disable).

fgd-pull-interval <integer>

FortiGuard pull interval setting, in minutes (1 - 1440, default = 10).

fq-cache <integer>

File query service maximum memory usage, in megabytes (100 - 500, default = 300).

fq-log {all | disable | nofilequery}

Filequery log setting:

  • all: Log all file query.
  • disable: Disable file query log.
  • nofilequery: Log non-file query events (default).

fq-preload {enable | disable}

Enable/disable preloading the filequery database to memory (default = disable).

linkd-log {enable | disable}

Linkd log setting:

  • alert: Immediate action is required.
  • critical: Functionality is affected.
  • debug: Debug information (default).
  • disable: Linkd logging is disabled.
  • emergency: The unit is unusable.
  • error: Functionality is probably affected.
  • info: General information.
  • notice: Information about normal events.
  • warn: Functionality might be affected.

max-client-worker <integer>

Maximum workers to use for TCP client connections (0 - 16, 0 = use CPU count, default = 0).

max-log-quota <integer>

Maximum log quota setting, in megabytes (100 - 20480, default = 6144).

max-unrated-size <integer>

Maximum number of unrated site in memory, in kilobytes(10 - 5120, default = 500).

restrict-as1-dbver <string>

Restrict system update to indicated antispam(1) database version (character limit = 127).

restrict-as2-dbver <string>

Restrict system update to indicated antispam(2) database version (character limit = 127).

restrict-as4-dbver <string>

Restrict system update to indicated antispam(4) database version (character limit = 127).

restrict-av-dbver <string>

Restrict system update to indicated antivirus database version (character limit = 127).

restrict-av2-dbver <string>

Restrict system update to indicated outbreak prevention database version (character limit = 127).

restrict-fq-dbver <string>

Restrict system update to indicated file query database version (character limit = 127).

restrict-wf-dbver <string>

Restrict system update to indicated web filter database version (character limit = 127).

stat-log-interval <integer>

Statistic log interval setting, in minutes (1 - 1440, default = 60).

stat-sync-interval <integer>

Synchronization interval for statistic of unrated site in minutes (1 - 60, default = 60).

update-interval <integer>

FortiGuard database update wait time if not enough delta files, in hours (2 - 24, default = 6).

update-log {enable | disable}

Enable/disable update log setting (default = enable).

wf-cache <integer>

Web filter service maximum memory usage, in megabytes (maximum = Physical memory-1024, 0 = no limit, default = 600).

wf-dn-cache-expire-time

Web filter DN cache expire time, in minutes (1 - 1440, 0 = never, default = 30).

wf-dn-cache-max-number

Maximum number of Web filter DN cache (0 = disable, default = 10000).

wf-log {all | disable | nourl}

Web filter log setting:

  • all: Log all URL lookups.
  • disable: Disable URL log.
  • nourl: Log non-URL events (default).

wf-preload {enable | disable}

Enable/disable preloading the web filter database into memory (default = disable).

Variables for config server-override subcommand:

status {enable | disable}

Enable/disable the override (default = disable).

<id>

Override server ID (1 - 10).

ip <ipv4_address>

IPv4 address of the override server.

ip6 <ipv6_address>

IPv6 address of the override server.

port <integer>

Port number to use when contacting FortiGuard (1 - 65535, default = 443).

service-type {fgc | fgd | fsa}

Override service type.

web-spam web-proxy

Use this command to configure the web-spam web-proxy.

Syntax

config fmupdate web-spam web-proxy

set address <string>

set mode {proxy | tunnel}

set password <passwd>

set port <integer>

set status {enable | disable}

end

Variable

Description

address <string>

Enter the web proxy address.

mode {proxy | tunnel}

Enter the web proxy mode (default = tunnel).

password <passwd>

If the web proxy requires authentication, type the password for the user name.

port <integer>

Enter the port number of the web proxy (1- 65535, default = 80).

status {enable | disable}

Enable/disable connections through the web proxy (default = disable).

username <string>

If the web proxy requires authentication, enter the user name.

web-spam

web-spam

Use the following commands to configure FortiGuard antispam related settings.

web-spam fgd-setting

Use this command to configure FortiGuard run parameters.

Syntax

config fmupdate web-spam fgd-setting

set as-cache <integer>

set as-log {all | disable | nospam}

set as-preload {enable | disable}

set av-cache <integer>

set av-log {all | disable | novirus}

set av-preload {enable | disable}

set av2-cache <integer>

set av2-log {all | disable | noav2}

set av2-preload {enable | disable}

set eventlog-query {enable | disable}

set fgd-pull-interval <integer>

set fq-cache <integer>

set fq-log {all | disable | nofilequery}

set fq-preload {enable | disable}

set linkd-log {enable | disable}

set max-client-worker <integer>

set max-log-quota <integer>

set max-unrated-size <integer>

set restrict-as1-dbver <string>

set restrict-as2-dbver <string>

set restrict-as4-dbver <string>

set restrict-av-dbver <string>

set restrict-av2-dbver <string>

set restrict-fq-dbver <string>

set restrict-wf-dbver <string>

set stat-log-interval <integer>

set stat-sync-interval <integer>

set update-interval <integer>

set update-log {enable | disable}

set wf-cache <integer>

set wf-dn-cache-expire-time <integer>

set wf-dn-cache-max-number <integer>

set wf-log {all | disable | nourl}

set wf-preload {enable | disable}

config server-override

set status {enable | disable}

config servlist

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set port <integer>

set service-type {fgc | fgd | fsa}

end

end

end

Variable

Description

as-cache <integer>

Antispam service maximum memory usage in megabytes (Maximum = Physical memory-1024, 0 = no limit, default = 300).

as-log {all | disable | nospam}

Antispam log setting:

  • all: Log all spam lookups.
  • disable: Disable spam log.
  • nospam: Log non-spam events (default)

as-preload {enable | disable}

Enable/disable preloading the antispam database into memory (default = disable).

av-cache <integer>

Antivirus service maximum memory usage, in megabytes (100 - 500, default = 300).

av-log {all | disable | novirus}

Antivirus log setting:

  • all: Log all virus lookups.
  • disable: Disable virus log.
  • novirus: Log non-virus events (default).

av-preload {enable | disable}

Enable/disable preloading antivirus database to memory (default = disable).

av2-cache <integer>

Antispam service maximum memory usage, in megabytes ( physical memory to 1024, 0 = no limit, default = 800).

av2-log {all | disable | novirus}

Outbreak prevention log setting:

  • all: Log all av2 lookups.
  • disable: Disable av2 logs.
  • noav2: Log non-av2 events (default).

av2-preload {enable | disable}

Enable/disable preloading outbreak prevention database to memory (default = disable).

eventlog-query {enable | disable}

Enable/disable record query to event-log besides fgd-log (default = disable).

fgd-pull-interval <integer>

FortiGuard pull interval setting, in minutes (1 - 1440, default = 10).

fq-cache <integer>

File query service maximum memory usage, in megabytes (100 - 500, default = 300).

fq-log {all | disable | nofilequery}

Filequery log setting:

  • all: Log all file query.
  • disable: Disable file query log.
  • nofilequery: Log non-file query events (default).

fq-preload {enable | disable}

Enable/disable preloading the filequery database to memory (default = disable).

linkd-log {enable | disable}

Linkd log setting:

  • alert: Immediate action is required.
  • critical: Functionality is affected.
  • debug: Debug information (default).
  • disable: Linkd logging is disabled.
  • emergency: The unit is unusable.
  • error: Functionality is probably affected.
  • info: General information.
  • notice: Information about normal events.
  • warn: Functionality might be affected.

max-client-worker <integer>

Maximum workers to use for TCP client connections (0 - 16, 0 = use CPU count, default = 0).

max-log-quota <integer>

Maximum log quota setting, in megabytes (100 - 20480, default = 6144).

max-unrated-size <integer>

Maximum number of unrated site in memory, in kilobytes(10 - 5120, default = 500).

restrict-as1-dbver <string>

Restrict system update to indicated antispam(1) database version (character limit = 127).

restrict-as2-dbver <string>

Restrict system update to indicated antispam(2) database version (character limit = 127).

restrict-as4-dbver <string>

Restrict system update to indicated antispam(4) database version (character limit = 127).

restrict-av-dbver <string>

Restrict system update to indicated antivirus database version (character limit = 127).

restrict-av2-dbver <string>

Restrict system update to indicated outbreak prevention database version (character limit = 127).

restrict-fq-dbver <string>

Restrict system update to indicated file query database version (character limit = 127).

restrict-wf-dbver <string>

Restrict system update to indicated web filter database version (character limit = 127).

stat-log-interval <integer>

Statistic log interval setting, in minutes (1 - 1440, default = 60).

stat-sync-interval <integer>

Synchronization interval for statistic of unrated site in minutes (1 - 60, default = 60).

update-interval <integer>

FortiGuard database update wait time if not enough delta files, in hours (2 - 24, default = 6).

update-log {enable | disable}

Enable/disable update log setting (default = enable).

wf-cache <integer>

Web filter service maximum memory usage, in megabytes (maximum = Physical memory-1024, 0 = no limit, default = 600).

wf-dn-cache-expire-time

Web filter DN cache expire time, in minutes (1 - 1440, 0 = never, default = 30).

wf-dn-cache-max-number

Maximum number of Web filter DN cache (0 = disable, default = 10000).

wf-log {all | disable | nourl}

Web filter log setting:

  • all: Log all URL lookups.
  • disable: Disable URL log.
  • nourl: Log non-URL events (default).

wf-preload {enable | disable}

Enable/disable preloading the web filter database into memory (default = disable).

Variables for config server-override subcommand:

status {enable | disable}

Enable/disable the override (default = disable).

<id>

Override server ID (1 - 10).

ip <ipv4_address>

IPv4 address of the override server.

ip6 <ipv6_address>

IPv6 address of the override server.

port <integer>

Port number to use when contacting FortiGuard (1 - 65535, default = 443).

service-type {fgc | fgd | fsa}

Override service type.

web-spam web-proxy

Use this command to configure the web-spam web-proxy.

Syntax

config fmupdate web-spam web-proxy

set address <string>

set mode {proxy | tunnel}

set password <passwd>

set port <integer>

set status {enable | disable}

end

Variable

Description

address <string>

Enter the web proxy address.

mode {proxy | tunnel}

Enter the web proxy mode (default = tunnel).

password <passwd>

If the web proxy requires authentication, type the password for the user name.

port <integer>

Enter the port number of the web proxy (1- 65535, default = 80).

status {enable | disable}

Enable/disable connections through the web proxy (default = disable).

username <string>

If the web proxy requires authentication, enter the user name.