Fortinet black logo

CLI Reference

local-in-policy

local-in-policy

Use this command to edit the configuration of an IPv4 local-in policy.

Syntax

config system local-in-policy

edit <id>

set action {accept | drop | reject}

set dport <integer>

set dst <ip&netmask>

set intf <string>

set protocol {tcp | tcp_udp | udp}

set src <ip&netmask>

end

end

Variable

Description

<id>

Set the entry number.

action {accept | drop | reject}

Select the action to be performed on the traffic matching this policy:

  • accept: Allow traffic matching this policy.

  • drop: Drop traffic matching this policy (default).

  • reject: Reject traffic matching this policy.

dport <integer>

Enter the destination port number (0 for all, default = 0).

dst <ip&netmask>

Enter the destination IPv4 address and mask (default = 0.0.0.0 0.0.0.0).

intf <string>

Enter a name for the incoming interface. Enter port1, port2, port3....port10.

protocol {tcp | tcp_udp | udp}

Set the traffic protocol:

  • tcp: TCP only.

  • tcp_udp: TCP and UDP (default).

  • udp: UDP only.

src <ip&netmask>

Enter the source IPv6 address and mask (default = 0.0.0.0 0.0.0.0).

local-in-policy

Use this command to edit the configuration of an IPv4 local-in policy.

Syntax

config system local-in-policy

edit <id>

set action {accept | drop | reject}

set dport <integer>

set dst <ip&netmask>

set intf <string>

set protocol {tcp | tcp_udp | udp}

set src <ip&netmask>

end

end

Variable

Description

<id>

Set the entry number.

action {accept | drop | reject}

Select the action to be performed on the traffic matching this policy:

  • accept: Allow traffic matching this policy.

  • drop: Drop traffic matching this policy (default).

  • reject: Reject traffic matching this policy.

dport <integer>

Enter the destination port number (0 for all, default = 0).

dst <ip&netmask>

Enter the destination IPv4 address and mask (default = 0.0.0.0 0.0.0.0).

intf <string>

Enter a name for the incoming interface. Enter port1, port2, port3....port10.

protocol {tcp | tcp_udp | udp}

Set the traffic protocol:

  • tcp: TCP only.

  • tcp_udp: TCP and UDP (default).

  • udp: UDP only.

src <ip&netmask>

Enter the source IPv6 address and mask (default = 0.0.0.0 0.0.0.0).