Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.0
Download PDF
Copy Link

application custom

Configure custom firewall application definitions for greater application control.

config application custom
    edit {tag}
    # Configure custom application signatures.
        set tag {string}   Signature tag. size[63]
        set name {string}   Name of this custom application signature. size[63]
        set id {integer}   Custom application category ID (use ? to view available options). range[0-4294967295]
        set comment {string}   Comment. size[63]
        set signature {string}   The text that makes up the actual custom application signature. size[1023]
        set category {integer}   Custom application category ID (use ? to view available options). range[0-4294967295]
        set protocol {string}   Custom application signature protocol.
        set technology {string}   Custom application signature technology.
        set behavior {string}   Custom application signature behavior.
        set vendor {string}   Custom application signature vendor.
    next
end

Note that name and id are not configurable.

Additional information

The following section is for those options that require additional explanation.

behavior {All | 2 | 3 | 5 | 6}

Set the application behavior filter to apply:

  • All: All behaviors
  • 2: Botnet
  • 3: Evasive
  • 5: Excessive-Bandwidth
  • 6: Tunneling

category <ID>

Set the category ID to specify an application category. Type set category ? to view all available options.

protocol <ID>

Set the protocol IDs that this application uses. Type set protocol ? to view all available options. Separate multiple entries with a space.

signature <string>

Set the application signature. For information about custom application signatures, see IPS Signatures.

technology {All | 0 | 1 | 2 | 4}

Set the technology IDs of those technologies :

  • All: All technologies
  • 0: Network-Protocol
  • 1: Browser-Based
  • 2: Client-Server
  • 4: Peer-to-Peer

Separate each value with a space to add multiple values.

vendor <ID>

Set the vendor IDs of the vendors to include. Type set vendor ? to view all available options. Separate multiple entries with a space.

application custom

Configure custom firewall application definitions for greater application control.

config application custom
    edit {tag}
    # Configure custom application signatures.
        set tag {string}   Signature tag. size[63]
        set name {string}   Name of this custom application signature. size[63]
        set id {integer}   Custom application category ID (use ? to view available options). range[0-4294967295]
        set comment {string}   Comment. size[63]
        set signature {string}   The text that makes up the actual custom application signature. size[1023]
        set category {integer}   Custom application category ID (use ? to view available options). range[0-4294967295]
        set protocol {string}   Custom application signature protocol.
        set technology {string}   Custom application signature technology.
        set behavior {string}   Custom application signature behavior.
        set vendor {string}   Custom application signature vendor.
    next
end

Note that name and id are not configurable.

Additional information

The following section is for those options that require additional explanation.

behavior {All | 2 | 3 | 5 | 6}

Set the application behavior filter to apply:

  • All: All behaviors
  • 2: Botnet
  • 3: Evasive
  • 5: Excessive-Bandwidth
  • 6: Tunneling

category <ID>

Set the category ID to specify an application category. Type set category ? to view all available options.

protocol <ID>

Set the protocol IDs that this application uses. Type set protocol ? to view all available options. Separate multiple entries with a space.

signature <string>

Set the application signature. For information about custom application signatures, see IPS Signatures.

technology {All | 0 | 1 | 2 | 4}

Set the technology IDs of those technologies :

  • All: All technologies
  • 0: Network-Protocol
  • 1: Browser-Based
  • 2: Client-Server
  • 4: Peer-to-Peer

Separate each value with a space to add multiple values.

vendor <ID>

Set the vendor IDs of the vendors to include. Type set vendor ? to view all available options. Separate multiple entries with a space.