Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.0
Download PDF
Copy Link

tree

The tree command displays FortiOS config CLI commands in a tree structure called the configuration tree. Each configuration command forms a branch of the tree.

Syntax

tree [branch] [sub-branch]

You can enter the tree command from the top of the configuration tree the command displays the complete configuration tree. Commands are displayed in the order that they are processed when the FortiGate unit starts up. For example, the following output shows the first 10 lines of tree command output:

tree

-- -- system -- [vdom] --*name (12)

+- vcluster-id (0,0)

|- <global> -- language

|- gui-ipv6

|- gui-voip-profile

|- gui-lines-per-page (20,1000)

|- admintimeout (0,0)

|- admin-concurrent

|- admin-lockout-threshold (0,0)

|- admin-lockout-duration (1,2147483647)

|- refresh (0,2147483647)

|- interval (0,0)

|- failtime (0,0)

|- daily-restart

|- restart-time

...

You can include a branch name with the tree command to view the commands in that branch:

tree user

-- user -- [radius] --*name (36)

 |- server (64)

 |- secret

 |- secondary-server (64)

 |- secondary-secret

...

 |- [tacacs+] --*name (36)

 |- server (64)

 |- secondary-server (64)

 |- tertiary-server (64)

...

 |- [ldap] --*name (36)

 |- server (64)

 |- secondary-server (64)

 |- tertiary-server (64)

 |- port   (1,65535)

...

You can include a branch and sub branch name with the tree command to view the commands in that sub branch:

tree user local

-- [local] --*name (36)

|- status

|- type

|- passwd

|- ldap-server (36)

|- radius-server (36)

+- tacacs+-server (36)

...

If you enter the tree command from inside the configuration tree the command displays the tree for the current command:

config user ldap

tree

-- [ldap] --*name (36)

|- server (64)

|- cnid (21)

|- dn (512)

|- port (1,65535)

|- type

...

The tree command output includes information about field limits. These apply in both the CLI and the web-based manager. For a numeric field, the two numbers in in parentheses show the lower and upper limits. For example (0,32) indicates that values from 0 to 32 inclusive are accepted. For string values, the number in parentheses is one more than the maximum number of characters permitted.

In the following example, the FQDN can contain up to 255 characters.

config firewall address

tree

-- [address] --*name    (64)

 |- subnet

 |- type

 |- start-ip

 |- end-ip

 |- fqdn   (256)

 |- country       (3)

 |- cache-ttl     (0,86400)

 |- wildcard

 |- comment

 |- visibility

 |- associated-interface   (36)

 |- color   (0,32)

 +- [tags] --*name   (64)

tree

The tree command displays FortiOS config CLI commands in a tree structure called the configuration tree. Each configuration command forms a branch of the tree.

Syntax

tree [branch] [sub-branch]

You can enter the tree command from the top of the configuration tree the command displays the complete configuration tree. Commands are displayed in the order that they are processed when the FortiGate unit starts up. For example, the following output shows the first 10 lines of tree command output:

tree

-- -- system -- [vdom] --*name (12)

+- vcluster-id (0,0)

|- <global> -- language

|- gui-ipv6

|- gui-voip-profile

|- gui-lines-per-page (20,1000)

|- admintimeout (0,0)

|- admin-concurrent

|- admin-lockout-threshold (0,0)

|- admin-lockout-duration (1,2147483647)

|- refresh (0,2147483647)

|- interval (0,0)

|- failtime (0,0)

|- daily-restart

|- restart-time

...

You can include a branch name with the tree command to view the commands in that branch:

tree user

-- user -- [radius] --*name (36)

 |- server (64)

 |- secret

 |- secondary-server (64)

 |- secondary-secret

...

 |- [tacacs+] --*name (36)

 |- server (64)

 |- secondary-server (64)

 |- tertiary-server (64)

...

 |- [ldap] --*name (36)

 |- server (64)

 |- secondary-server (64)

 |- tertiary-server (64)

 |- port   (1,65535)

...

You can include a branch and sub branch name with the tree command to view the commands in that sub branch:

tree user local

-- [local] --*name (36)

|- status

|- type

|- passwd

|- ldap-server (36)

|- radius-server (36)

+- tacacs+-server (36)

...

If you enter the tree command from inside the configuration tree the command displays the tree for the current command:

config user ldap

tree

-- [ldap] --*name (36)

|- server (64)

|- cnid (21)

|- dn (512)

|- port (1,65535)

|- type

...

The tree command output includes information about field limits. These apply in both the CLI and the web-based manager. For a numeric field, the two numbers in in parentheses show the lower and upper limits. For example (0,32) indicates that values from 0 to 32 inclusive are accepted. For string values, the number in parentheses is one more than the maximum number of characters permitted.

In the following example, the FQDN can contain up to 255 characters.

config firewall address

tree

-- [address] --*name    (64)

 |- subnet

 |- type

 |- start-ip

 |- end-ip

 |- fqdn   (256)

 |- country       (3)

 |- cache-ttl     (0,86400)

 |- wildcard

 |- comment

 |- visibility

 |- associated-interface   (36)

 |- color   (0,32)

 +- [tags] --*name   (64)