Fortinet black logo

CLI Reference

dlp filepattern

dlp filepattern

Use this command to add, edit or delete the file patterns used for DLP file blocking and to set which protocols to check for files to block.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.2.

Command Description

set filetype prc

The prc file type has been removed.

set filetype {mach-o | dmg | .net | xar | chm | iso | crx}

New mach-o, dmg, .net, xar, chm, iso, and crx file types added.

config dlp filepattern
    edit {id}
    # Configure file patterns used by DLP blocking.
        set id {integer}   ID. range[0-4294967295]
        set name {string}   Name of table containing the file pattern list. size[35]
        set comment {string}   Optional comments. size[255]
        config entries
            edit {pattern}
            # Configure file patterns used by DLP blocking.
                set filter-type {pattern | type}   Filter by file name pattern or by file type.
                        pattern  Filter by file name pattern.
                        type     Filter by file type.
                set pattern {string}   Add a file name pattern. size[79]
                set file-type {option}   Select a file type.
                        7z          Match 7-zip files.
                        arj         Match arj compressed files.
                        cab         Match Windows cab files.
                        lzh         Match lzh compressed files.
                        rar         Match rar archives.
                        tar         Match tar files.
                        zip         Match zip files.
                        bzip        Match bzip files.
                        gzip        Match gzip files.
                        bzip2       Match bzip2 files.
                        xz          Match xz files.
                        bat         Match Windows batch files.
                        msc         Match msc files.
                        uue         Match uue files.
                        mime        Match mime files.
                        base64      Match base64 files.
                        binhex      Match binhex files.
                        elf         Match elf files.
                        exe         Match Windows executable files.
                        hta         Match hta files.
                        html        Match html files.
                        jad         Match jad files.
                        class       Match class files.
                        cod         Match cod files.
                        javascript  Match javascript files.
                        msoffice    Match MS-Office files. For example, doc, xls, ppt, and so on.
                        msofficex   Match MS-Office XML files. For example, docx, xlsx, pptx, and so on.
                        fsg         Match fsg files.
                        upx         Match upx files.
                        petite      Match petite files.
                        aspack      Match aspack files.
                        sis         Match sis files.
                        hlp         Match Windows help files.
                        activemime  Match activemime files.
                        jpeg        Match jpeg files.
                        gif         Match gif files.
                        tiff        Match tiff files.
                        png         Match png files.
                        bmp         Match bmp files.
                        ignored     Match ignored files.
                        unknown     Match unknown files.
                        mpeg        Match mpeg files.
                        mov         Match mov files.
                        mp3         Match mp3 files.
                        wma         Match wma files.
                        wav         Match wav files.
                        pdf         Match Acrobat pdf files.
                        avi         Match avi files.
                        rm          Match rm files.
                        torrent     Match torrent files.
                        hibun       Match hibun files.
                        msi         Match Windows Installer msi files.
                        mach-o      Match Mach object files.
                        dmg         Match Apple disk image files.
                        .net        Match .NET files.
                        xar         Match xar archive files.
                        chm         Match Windows compiled HTML help files.
                        iso         Match ISO archive files.
                        crx         Match Chrome extension files.
            next
    next
end

Additional information

The following section is for those options that require additional explanation.

config entries

Configure file patterns used by DLP blocking.

file-type <string>

Note: This entry is only available when filter-type is set to type.

This file type filter examines the file contents to determine the type of file and look for a match to the file-type specified. Enter set file-type ? to display all available options.

The file name and file extension are ignored. Because of the way the file type filter works, renaming files to make them appear to be of a different type will not allow them past the FortiGate unit without detection.

Two of the available options are not file types:

  • unknown: To configure a rule affecting every file format the file type filter unit does not recognize. Unknown includes every file format not available in the file-type command.
  • ignored: To configure a rule affecting traffic the FortiGate unit typically does not scan. This includes primarily streaming audio and video.

filter-type {pattern | type}

Filter by file pattern name (set by default) or by file type:

  • pattern: Filter based on the file name. The pattern may include wildcards (*). For example, blocking *.scr will stop all files with a .scr file extension.
  • type: Filter based on examination of the file contents, regardless of the file name. If you block the file type Archive (zip), all zip archives are blocked even if named with a different file extension.

dlp filepattern

Use this command to add, edit or delete the file patterns used for DLP file blocking and to set which protocols to check for files to block.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.2.

Command Description

set filetype prc

The prc file type has been removed.

set filetype {mach-o | dmg | .net | xar | chm | iso | crx}

New mach-o, dmg, .net, xar, chm, iso, and crx file types added.

config dlp filepattern
    edit {id}
    # Configure file patterns used by DLP blocking.
        set id {integer}   ID. range[0-4294967295]
        set name {string}   Name of table containing the file pattern list. size[35]
        set comment {string}   Optional comments. size[255]
        config entries
            edit {pattern}
            # Configure file patterns used by DLP blocking.
                set filter-type {pattern | type}   Filter by file name pattern or by file type.
                        pattern  Filter by file name pattern.
                        type     Filter by file type.
                set pattern {string}   Add a file name pattern. size[79]
                set file-type {option}   Select a file type.
                        7z          Match 7-zip files.
                        arj         Match arj compressed files.
                        cab         Match Windows cab files.
                        lzh         Match lzh compressed files.
                        rar         Match rar archives.
                        tar         Match tar files.
                        zip         Match zip files.
                        bzip        Match bzip files.
                        gzip        Match gzip files.
                        bzip2       Match bzip2 files.
                        xz          Match xz files.
                        bat         Match Windows batch files.
                        msc         Match msc files.
                        uue         Match uue files.
                        mime        Match mime files.
                        base64      Match base64 files.
                        binhex      Match binhex files.
                        elf         Match elf files.
                        exe         Match Windows executable files.
                        hta         Match hta files.
                        html        Match html files.
                        jad         Match jad files.
                        class       Match class files.
                        cod         Match cod files.
                        javascript  Match javascript files.
                        msoffice    Match MS-Office files. For example, doc, xls, ppt, and so on.
                        msofficex   Match MS-Office XML files. For example, docx, xlsx, pptx, and so on.
                        fsg         Match fsg files.
                        upx         Match upx files.
                        petite      Match petite files.
                        aspack      Match aspack files.
                        sis         Match sis files.
                        hlp         Match Windows help files.
                        activemime  Match activemime files.
                        jpeg        Match jpeg files.
                        gif         Match gif files.
                        tiff        Match tiff files.
                        png         Match png files.
                        bmp         Match bmp files.
                        ignored     Match ignored files.
                        unknown     Match unknown files.
                        mpeg        Match mpeg files.
                        mov         Match mov files.
                        mp3         Match mp3 files.
                        wma         Match wma files.
                        wav         Match wav files.
                        pdf         Match Acrobat pdf files.
                        avi         Match avi files.
                        rm          Match rm files.
                        torrent     Match torrent files.
                        hibun       Match hibun files.
                        msi         Match Windows Installer msi files.
                        mach-o      Match Mach object files.
                        dmg         Match Apple disk image files.
                        .net        Match .NET files.
                        xar         Match xar archive files.
                        chm         Match Windows compiled HTML help files.
                        iso         Match ISO archive files.
                        crx         Match Chrome extension files.
            next
    next
end

Additional information

The following section is for those options that require additional explanation.

config entries

Configure file patterns used by DLP blocking.

file-type <string>

Note: This entry is only available when filter-type is set to type.

This file type filter examines the file contents to determine the type of file and look for a match to the file-type specified. Enter set file-type ? to display all available options.

The file name and file extension are ignored. Because of the way the file type filter works, renaming files to make them appear to be of a different type will not allow them past the FortiGate unit without detection.

Two of the available options are not file types:

  • unknown: To configure a rule affecting every file format the file type filter unit does not recognize. Unknown includes every file format not available in the file-type command.
  • ignored: To configure a rule affecting traffic the FortiGate unit typically does not scan. This includes primarily streaming audio and video.

filter-type {pattern | type}

Filter by file pattern name (set by default) or by file type:

  • pattern: Filter based on the file name. The pattern may include wildcards (*). For example, blocking *.scr will stop all files with a .scr file extension.
  • type: Filter based on examination of the file contents, regardless of the file name. If you block the file type Archive (zip), all zip archives are blocked even if named with a different file extension.