Fortinet Document Library

Version:


Table of Contents

CLI Reference

6.0.6
Download PDF
Copy Link

webfilter urlfilter

Use this command to configure URL filter lists.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

config entries

edit <id>

set dns-address-family {ipv4 | ipv6 | both}

next

...

Resolve either IPv4, IPv6, or both kinds of address from DNS server.

config webfilter urlfilter
    edit {id}
    # Configure URL filter lists.
        set id {integer}   ID. range[0-4294967295]
        set name {string}   Name of URL filter list. size[35]
        set comment {string}   Optional comments. size[255]
        set one-arm-ips-urlfilter {enable | disable}   Enable/disable DNS resolver for one-arm IPS URL filter operation.
        set ip-addr-block {enable | disable}   Enable/disable blocking URLs when the hostname appears as an IP address.
        config entries
            edit {id}
            # URL filter entries.
                set id {integer}   Id. range[0-4294967295]
                set url {string}   URL to be filtered. size[511]
                set type {simple | regex | wildcard}   Filter type (simple, regex, or wildcard).
                        simple    Simple URL string.
                        regex     Regular expression URL string.
                        wildcard  Wildcard URL string.
                set action {exempt | block | allow | monitor}   Action to take for URL filter matches.
                        exempt   Exempt matches.
                        block    Block matches.
                        allow    Allow matches (no log).
                        monitor  Allow matches (with log).
                set status {enable | disable}   Enable/disable this URL filter.
                set exempt {option}   If action is set to exempt, select the security profile operations that exempt URLs skip. Separate multiple options with a space.
                        av                   AntiVirus scanning.
                        web-content          Web filter content matching.
                        activex-java-cookie  ActiveX, Java, and cookie filtering.
                        dlp                  DLP scanning.
                        fortiguard           FortiGuard web filtering.
                        range-block          Range block feature.
                        pass                 Pass single connection from all.
                        all                  Exempt from all security profiles.
                set web-proxy-profile {string}   Web proxy profile. size[63] - datasource(s): web-proxy.profile.name
                set referrer-host {string}   Referrer host name. size[255]
                set dns-address-family {ipv4 | ipv6 | both}   Resolve IPv4 address, IPv6 address, or both from DNS server.
                        ipv4  Resolve IPv4 address from DNS server.
                        ipv6  Resolve IPv6 address from DNS server.
                        both  Resolve both IPv4 and IPv6 addresses from DNS server.
            next
    next
end

webfilter urlfilter

Use this command to configure URL filter lists.

History

The following table shows all newly added, changed, or removed entries as of FortiOS 6.0.

Command Description

config entries

edit <id>

set dns-address-family {ipv4 | ipv6 | both}

next

...

Resolve either IPv4, IPv6, or both kinds of address from DNS server.

config webfilter urlfilter
    edit {id}
    # Configure URL filter lists.
        set id {integer}   ID. range[0-4294967295]
        set name {string}   Name of URL filter list. size[35]
        set comment {string}   Optional comments. size[255]
        set one-arm-ips-urlfilter {enable | disable}   Enable/disable DNS resolver for one-arm IPS URL filter operation.
        set ip-addr-block {enable | disable}   Enable/disable blocking URLs when the hostname appears as an IP address.
        config entries
            edit {id}
            # URL filter entries.
                set id {integer}   Id. range[0-4294967295]
                set url {string}   URL to be filtered. size[511]
                set type {simple | regex | wildcard}   Filter type (simple, regex, or wildcard).
                        simple    Simple URL string.
                        regex     Regular expression URL string.
                        wildcard  Wildcard URL string.
                set action {exempt | block | allow | monitor}   Action to take for URL filter matches.
                        exempt   Exempt matches.
                        block    Block matches.
                        allow    Allow matches (no log).
                        monitor  Allow matches (with log).
                set status {enable | disable}   Enable/disable this URL filter.
                set exempt {option}   If action is set to exempt, select the security profile operations that exempt URLs skip. Separate multiple options with a space.
                        av                   AntiVirus scanning.
                        web-content          Web filter content matching.
                        activex-java-cookie  ActiveX, Java, and cookie filtering.
                        dlp                  DLP scanning.
                        fortiguard           FortiGuard web filtering.
                        range-block          Range block feature.
                        pass                 Pass single connection from all.
                        all                  Exempt from all security profiles.
                set web-proxy-profile {string}   Web proxy profile. size[63] - datasource(s): web-proxy.profile.name
                set referrer-host {string}   Referrer host name. size[255]
                set dns-address-family {ipv4 | ipv6 | both}   Resolve IPv4 address, IPv6 address, or both from DNS server.
                        ipv4  Resolve IPv4 address from DNS server.
                        ipv6  Resolve IPv6 address from DNS server.
                        both  Resolve both IPv4 and IPv6 addresses from DNS server.
            next
    next
end