config firewall mms-profile
This command is available for model(s): FortiGate 3000D, FortiGate 3100D, FortiGate 3401E, FortiGate 3601E, FortiGate 3960E. It is not available for: FortiGate 1000D, FortiGate 100EF, FortiGate 100E, FortiGate 100F, FortiGate 101E, FortiGate 101F, FortiGate 1100E, FortiGate 1101E, FortiGate 1200D, FortiGate 140D-POE, FortiGate 140D, FortiGate 140E-POE, FortiGate 140E, FortiGate 1500DT, FortiGate 1500D, FortiGate 2000E, FortiGate 200E, FortiGate 201E, FortiGate 2200E, FortiGate 2201E, FortiGate 2500E, FortiGate 300D, FortiGate 300E, FortiGate 301E, FortiGate 30E 3G4G GBL, FortiGate 30E 3G4G INTL, FortiGate 30E 3G4G NAM, FortiGate 30E, FortiGate 3200D, FortiGate 3300E, FortiGate 3301E, FortiGate 3400E, FortiGate 3600E, FortiGate 3700D, FortiGate 3800D, FortiGate 3810D, FortiGate 3815D, FortiGate 3980E, FortiGate 400D, FortiGate 400E Bypass, FortiGate 400E, FortiGate 401E, FortiGate 40F 3G4G, FortiGate 40F, FortiGate 5001D, FortiGate 5001E1, FortiGate 5001E, FortiGate 500D, FortiGate 500E, FortiGate 501E, FortiGate 50E, FortiGate 51E, FortiGate 52E, FortiGate 600D, FortiGate 600E, FortiGate 601E, FortiGate 60E DSLJ, FortiGate 60E-POE, FortiGate 60E, FortiGate 60F, FortiGate 61E, FortiGate 61F, FortiGate 800D, FortiGate 80E-POE, FortiGate 80E, FortiGate 80F Bypass, FortiGate 80F-POE, FortiGate 80F, FortiGate 81E-POE, FortiGate 81E, FortiGate 81F-POE, FortiGate 81F, FortiGate 900D, FortiGate 90E, FortiGate 91E, FortiGate 92D, FortiGate VM64, FortiGateRugged 30D, FortiGateRugged 35D, FortiGateRugged 60F 3G4G, FortiGateRugged 60F, FortiGateRugged 90D, FortiWiFi 30E 3G4G INTL, FortiWiFi 30E 3G4G NAM, FortiWiFi 30E, FortiWiFi 40F 3G4G, FortiWiFi 40F, FortiWiFi 50E 2R, FortiWiFi 50E, FortiWiFi 51E, FortiWiFi 60E DSLJ, FortiWiFi 60E, FortiWiFi 60F, FortiWiFi 61E, FortiWiFi 61F, FortiWiFi 80F 2R, FortiWiFi 81F 2R-POE, FortiWiFi 81F 2R. |
Configure MMS profiles.
config firewall mms-profile Description: Configure MMS profiles. edit <name> set avnotificationtable {integer} set bwordtable {integer} set carrier-endpoint-prefix [enable|disable] set carrier-endpoint-prefix-range-max {integer} set carrier-endpoint-prefix-range-min {integer} set carrier-endpoint-prefix-string {string} set carrierendpointbwltable {integer} set comment {var-string} config dupe Description: Duplicate configuration. edit <protocol> set status1 [enable|disable] set window1 {integer} set limit1 {integer} set action1 {option1}, {option2}, ... set block-time1 {integer} set status2 [enable|disable] set window2 {integer} set limit2 {integer} set action2 {option1}, {option2}, ... set block-time2 {integer} set status3 [enable|disable] set window3 {integer} set limit3 {integer} set action3 {option1}, {option2}, ... set block-time3 {integer} next end set extended-utm-log {option} config flood Description: Flood configuration. edit <protocol> set status1 [enable|disable] set window1 {integer} set limit1 {integer} set action1 {option1}, {option2}, ... set block-time1 {integer} set status2 [enable|disable] set window2 {integer} set limit2 {integer} set action2 {option1}, {option2}, ... set block-time2 {integer} set status3 [enable|disable] set window3 {integer} set limit3 {integer} set action3 {option1}, {option2}, ... set block-time3 {integer} next end set mm1 {option1}, {option2}, ... set mm1-addr-hdr {string} set mm1-addr-source [http-header|cookie] set mm1-convert-hex [enable|disable] set mm1-outbreak-prevention [disabled|files|...] set mm1-retr-dupe [enable|disable] set mm1-retrieve-scan [enable|disable] set mm1comfortamount {integer} set mm1comfortinterval {integer} set mm1oversizelimit {integer} set mm3 {option1}, {option2}, ... set mm3-outbreak-prevention [disabled|files|...] set mm3oversizelimit {integer} set mm4 {option1}, {option2}, ... set mm4-outbreak-prevention [disabled|files|...] set mm4oversizelimit {integer} set mm7 {option1}, {option2}, ... set mm7-addr-hdr {string} set mm7-addr-source [http-header|cookie] set mm7-convert-hex [enable|disable] set mm7-outbreak-prevention [disabled|files|...] set mm7comfortamount {integer} set mm7comfortinterval {integer} set mm7oversizelimit {integer} set mms-antispam-mass-log [enable|disable] set mms-av-block-log [enable|disable] set mms-av-oversize-log [enable|disable] set mms-av-virus-log [enable|disable] set mms-carrier-endpoint-filter-log [enable|disable] set mms-checksum-log [enable|disable] set mms-checksum-table {integer} set mms-notification-log [enable|disable] set mms-web-content-log [enable|disable] set mmsbwordthreshold {integer} config notif-msisdn Description: Notification for MSISDNs. edit <msisdn> set threshold {option1}, {option2}, ... next end config notification Description: Notification configuration. edit <protocol> set msg-protocol [mm1|mm3|...] set msg-type [submit-req|deliver-req] set detect-server [enable|disable] set mmsc-hostname {string} set mmsc-url {string} set mmsc-port {integer} set mmsc-username {string} set mmsc-password {password} set user-domain {string} set vasp-id {string} set vas-id {string} set from-in-header [enable|disable] set rate-limit {integer} set tod-window-start {user} set tod-window-end {user} set tod-window-duration {user} set days-allowed {option1}, {option2}, ... set alert-src-msisdn {string} set bword-int-mode [hours|minutes] set bword-int {integer} set bword-status [enable|disable] set file-block-int-mode [hours|minutes] set file-block-int {integer} set file-block-status [enable|disable] set carrier-endpoint-bwl-int-mode [hours|minutes] set carrier-endpoint-bwl-int {integer} set carrier-endpoint-bwl-status [enable|disable] set flood-int-mode [hours|minutes] set flood-int {integer} set flood-status [enable|disable] set dupe-int-mode [hours|minutes] set dupe-int {integer} set dupe-status [enable|disable] set alert-int-mode [hours|minutes] set alert-int {integer} set alert-status [enable|disable] set mms-checksum-int-mode [hours|minutes] set mms-checksum-int {integer} set mms-checksum-status [enable|disable] set virus-int-mode [hours|minutes] set virus-int {integer} set virus-status [enable|disable] next end config outbreak-prevention Description: Configure Virus Outbreak Prevention settings. set ftgd-service [disable|enable] set external-blocklist [disable|enable] end set remove-blocked-const-length [enable|disable] set replacemsg-group {string} next end
config firewall mms-profile
Parameter |
Description |
Type |
Size |
|||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
avnotificationtable |
AntiVirus notification table ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
bwordtable |
MMS banned word table ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
carrier-endpoint-prefix |
Enable/disable prefixing of end point values. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
carrier-endpoint-prefix-range-max |
Maximum length of end point value that can be prefixed. |
integer |
Minimum value: 1 Maximum value: 48 |
|||||||||||||||||||||||||
carrier-endpoint-prefix-range-min |
Minimum end point length to be prefixed. |
integer |
Minimum value: 1 Maximum value: 48 |
|||||||||||||||||||||||||
carrier-endpoint-prefix-string |
String with which to prefix End point values. |
string |
Maximum length: 7 |
|||||||||||||||||||||||||
carrierendpointbwltable |
Carrier end point filter table ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
comment |
Comment. |
var-string |
Maximum length: 255 |
|||||||||||||||||||||||||
extended-utm-log |
Enable/disable detailed UTM log messages.
|
option |
- |
|||||||||||||||||||||||||
mm1 |
MM1 options. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm1-addr-hdr |
HTTP header field (for MM1) containing user address. |
string |
Maximum length: 35 |
|||||||||||||||||||||||||
mm1-addr-source |
Source for MM1 user address. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm1-convert-hex |
Enable/disable converting user address from HEX string for MM1. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm1-outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm1-retr-dupe |
Enable/disable duplicate scanning of MM1 retr. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm1-retrieve-scan |
Enable/disable scanning on MM1 retrieve configuration messages. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm1comfortamount |
MM1 comfort amount. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
mm1comfortinterval |
MM1 comfort interval. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
mm1oversizelimit |
Maximum file size to scan. |
integer |
Minimum value: 1 Maximum value: 819200 |
|||||||||||||||||||||||||
mm3 |
MM3 options. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm3-outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm3oversizelimit |
Maximum file size to scan. |
integer |
Minimum value: 1 Maximum value: 819200 |
|||||||||||||||||||||||||
mm4 |
MM4 options. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm4-outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm4oversizelimit |
Maximum file size to scan. |
integer |
Minimum value: 1 Maximum value: 819200 |
|||||||||||||||||||||||||
mm7 |
MM7 options. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm7-addr-hdr |
HTTP header field (for MM7) containing user address. |
string |
Maximum length: 35 |
|||||||||||||||||||||||||
mm7-addr-source |
Source for MM7 user address. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm7-convert-hex |
Enable/disable conversion of user address from HEX string for MM7. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm7-outbreak-prevention |
Enable Virus Outbreak Prevention service. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mm7comfortamount |
MM7 comfort amount. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
mm7comfortinterval |
MM7 comfort interval. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
mm7oversizelimit |
Maximum file size to scan. |
integer |
Minimum value: 1 Maximum value: 819200 |
|||||||||||||||||||||||||
mms-antispam-mass-log |
Enable/disable logging for MMS antispam mass. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mms-av-block-log |
Enable/disable logging for MMS antivirus file blocking. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mms-av-oversize-log |
Enable/disable logging for MMS antivirus oversize file blocking. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mms-av-virus-log |
Enable/disable logging for MMS antivirus scanning. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mms-carrier-endpoint-filter-log |
Enable/disable logging for MMS end point filter blocking. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mms-checksum-log |
Enable/disable MMS content checksum logging. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mms-checksum-table |
MMS content checksum table ID. |
integer |
Minimum value: 0 Maximum value: 4294967295 |
|||||||||||||||||||||||||
mms-notification-log |
Enable/disable logging for MMS notification messages. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mms-web-content-log |
Enable/disable logging for MMS web content blocking. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
mmsbwordthreshold |
MMS banned word threshold. |
integer |
Minimum value: 0 Maximum value: 2147483647 |
|||||||||||||||||||||||||
name |
Profile name. |
string |
Maximum length: 35 |
|||||||||||||||||||||||||
remove-blocked-const-length |
Enable/disable MMS replacement of blocked file constant length. |
option |
- |
|||||||||||||||||||||||||
|
|
|||||||||||||||||||||||||||
replacemsg-group |
Replacement message group. |
string |
Maximum length: 35 |
config dupe
Parameter |
Description |
Type |
Size |
|||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
protocol |
Protocol. |
string |
Maximum length: 3 |
|||||||||||||
status1 |
Enable/disable status1 detection. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
window1 |
Window to count messages over. |
integer |
Minimum value: 1 Maximum value: 2880 |
|||||||||||||
limit1 |
Maximum number of messages allowed. |
integer |
Minimum value: 1 Maximum value: 2147483647 |
|||||||||||||
action1 |
Action to take when threshold reached. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-time1 |
Duration for which action takes effect. |
integer |
Minimum value: 0 Maximum value: 35791 |
|||||||||||||
status2 |
Enable/disable status2 detection. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
window2 |
Window to count messages over. |
integer |
Minimum value: 1 Maximum value: 2880 |
|||||||||||||
limit2 |
Maximum number of messages allowed. |
integer |
Minimum value: 1 Maximum value: 2147483647 |
|||||||||||||
action2 |
Action to take when threshold reached. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-time2 |
Duration for which action takes effect. |
integer |
Minimum value: 0 Maximum value: 35791 |
|||||||||||||
status3 |
Enable/disable status3 detection. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
window3 |
Window to count messages over. |
integer |
Minimum value: 1 Maximum value: 2880 |
|||||||||||||
limit3 |
Maximum number of messages allowed. |
integer |
Minimum value: 1 Maximum value: 2147483647 |
|||||||||||||
action3 |
Action to take when threshold reached. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-time3 |
Duration action takes effect. |
integer |
Minimum value: 0 Maximum value: 35791 |
config flood
Parameter |
Description |
Type |
Size |
|||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
protocol |
Protocol. |
string |
Maximum length: 3 |
|||||||||||||
status1 |
Enable/disable status1 detection. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
window1 |
Window to count messages over. |
integer |
Minimum value: 1 Maximum value: 2880 |
|||||||||||||
limit1 |
Maximum number of messages allowed. |
integer |
Minimum value: 1 Maximum value: 2147483647 |
|||||||||||||
action1 |
Action to take when threshold reached. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-time1 |
Duration for which action takes effect. |
integer |
Minimum value: 0 Maximum value: 35791 |
|||||||||||||
status2 |
Enable/disable status2 detection. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
window2 |
Window to count messages over. |
integer |
Minimum value: 1 Maximum value: 2880 |
|||||||||||||
limit2 |
Maximum number of messages allowed. |
integer |
Minimum value: 1 Maximum value: 2147483647 |
|||||||||||||
action2 |
Action to take when threshold reached. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-time2 |
Duration for which action takes effect. |
integer |
Minimum value: 0 Maximum value: 35791 |
|||||||||||||
status3 |
Enable/disable status3 detection. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
window3 |
Window to count messages over. |
integer |
Minimum value: 1 Maximum value: 2880 |
|||||||||||||
limit3 |
Maximum number of messages allowed. |
integer |
Minimum value: 1 Maximum value: 2147483647 |
|||||||||||||
action3 |
Action to take when threshold reached. |
option |
- |
|||||||||||||
|
|
|||||||||||||||
block-time3 |
Duration action takes effect. |
integer |
Minimum value: 0 Maximum value: 35791 |
config notif-msisdn
Parameter |
Description |
Type |
Size |
|||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
msisdn |
Recipient MSISDN. |
string |
Maximum length: 124 |
|||||||||||||||
threshold |
Thresholds on which this MSISDN will receive an alert. |
option |
- |
|||||||||||||||
|
|
config notification
Parameter |
Description |
Type |
Size |
|||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
protocol |
Protocol. |
string |
Maximum length: 13 |
|||||||||||||||||
msg-protocol |
Protocol to use for sending notification messages. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
msg-type |
MM7 message type. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
detect-server |
Enable/disable automatic server address determination. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
mmsc-hostname |
Host name or IP address of the MMSC. |
string |
Maximum length: 63 |
|||||||||||||||||
mmsc-url |
URL used on the MMSC for sending MMS messages. |
string |
Maximum length: 63 |
|||||||||||||||||
mmsc-port |
Port used on the MMSC for sending MMS messages. |
integer |
Minimum value: 1 Maximum value: 65535 |
|||||||||||||||||
mmsc-username |
User name required for authentication with the MMSC. |
string |
Maximum length: 31 |
|||||||||||||||||
mmsc-password |
Password required for authentication with the MMSC. |
password |
Not Specified |
|||||||||||||||||
user-domain |
Domain name to which the user addresses belong. |
string |
Maximum length: 63 |
|||||||||||||||||
vasp-id |
VASP identifier. |
string |
Maximum length: 31 |
|||||||||||||||||
vas-id |
VAS identifier. |
string |
Maximum length: 31 |
|||||||||||||||||
from-in-header |
Enable/disable insertion of from address in HTTP header. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
rate-limit |
Rate limit for sending notification messages. |
integer |
Minimum value: 0 Maximum value: 250 |
|||||||||||||||||
tod-window-start |
Time of day window start. |
user |
Not Specified |
|||||||||||||||||
tod-window-end |
Obsolete. |
user |
Not Specified |
|||||||||||||||||
tod-window-duration |
Time of day window duration. |
user |
Not Specified |
|||||||||||||||||
days-allowed |
Weekdays on which notification messages may be sent. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
alert-src-msisdn |
Specify from address for alert messages. |
string |
Maximum length: 124 |
|||||||||||||||||
bword-int-mode |
Banned word notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
bword-int |
Banned word notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
bword-status |
Banned word notification status. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
file-block-int-mode |
File block notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
file-block-int |
File block notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
file-block-status |
File block notification status. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
carrier-endpoint-bwl-int-mode |
Carrier end point black/white list notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
carrier-endpoint-bwl-int |
Carrier end point black/white list notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
carrier-endpoint-bwl-status |
Carrier end point black/white list notification status. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
flood-int-mode |
Flood notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
flood-int |
Flood notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
flood-status |
Flood notification status. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
dupe-int-mode |
Duplicate notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
dupe-int |
Duplicate notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
dupe-status |
Duplicate notification status. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
alert-int-mode |
Alert notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
alert-int |
Alert notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
alert-status |
Alert notification status. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
mms-checksum-int-mode |
MMS checksum notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
mms-checksum-int |
MMS checksum notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
mms-checksum-status |
MMS checksum notification status. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
virus-int-mode |
Virus notification interval mode. |
option |
- |
|||||||||||||||||
|
|
|||||||||||||||||||
virus-int |
Virus notification send interval. |
integer |
Minimum value: 1 Maximum value: 1440 |
|||||||||||||||||
virus-status |
Virus notification status. |
option |
- |
|||||||||||||||||
|
|
config outbreak-prevention
Parameter |
Description |
Type |
Size |
|||||||
---|---|---|---|---|---|---|---|---|---|---|
ftgd-service |
Enable/disable FortiGuard Virus outbreak prevention service. |
option |
- |
|||||||
|
|
|||||||||
external-blocklist |
Enable/disable external malware blocklist. |
option |
- |
|||||||
|
|