Fortinet black logo

CLI Reference

config firewall DoS-policy

config firewall DoS-policy

Configure IPv4 DoS policies.

config firewall DoS-policy

Description: Configure IPv4 DoS policies.

edit <policyid>

set status [enable|disable]

set comments {var-string}

set interface {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set service <name1>, <name2>, ...

config anomaly

Description: Anomaly name.

edit <name>

set status [disable|enable]

set log [enable|disable]

set action [pass|block|...]

set quarantine [none|attacker]

set quarantine-expiry {user}

set quarantine-log [disable|enable]

set threshold {integer}

set threshold(default) {integer}

next

end

next

end

config firewall DoS-policy

Parameter name

Description

Type

Size

status

Enable/disable this policy.

option

-

Option

Description

enable

Enable this policy.

disable

Disable this policy.

comments

Comment.

var-string

Maximum length: 1023

interface

Incoming interface name from available interfaces.

string

Maximum length: 35

srcaddr <name>

Source address name from available addresses.

Service name.

string

Maximum length: 79

dstaddr <name>

Destination address name from available addresses.

Address name.

string

Maximum length: 79

service <name>

Service object from available options.

Service name.

string

Maximum length: 79

config anomaly

Parameter name

Description

Type

Size

status

Enable/disable this anomaly.

option

-

Option

Description

disable

Disable this status.

enable

Enable this status.

log

Enable/disable anomaly logging.

option

-

Option

Description

enable

Enable anomaly logging.

disable

Disable anomaly logging.

action

Action taken when the threshold is reached.

option

-

Option

Description

pass

Allow traffic but record a log message if logging is enabled.

block

Block traffic if this anomaly is found.

proxy

Use a proxy to control the traffic flow.

quarantine

Quarantine method.

option

-

Option

Description

none

Quarantine is disabled.

attacker

Block all traffic sent from attacker's IP address. The attacker's IP address is also added to the banned user list. The target's address is not affected.

quarantine-expiry

Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.

user

Not Specified

quarantine-log

Enable/disable quarantine logging.

option

-

Option

Description

disable

Disable quarantine logging.

enable

Enable quarantine logging.

threshold

Anomaly threshold. Number of detected instances per minute that triggers the anomaly action.

integer

Minimum value: 1 Maximum value: 2147483647

threshold(default)

Number of detected instances per minute which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

integer

Minimum value: 0 Maximum value: 4294967295

config firewall DoS-policy

Configure IPv4 DoS policies.

config firewall DoS-policy

Description: Configure IPv4 DoS policies.

edit <policyid>

set status [enable|disable]

set comments {var-string}

set interface {string}

set srcaddr <name1>, <name2>, ...

set dstaddr <name1>, <name2>, ...

set service <name1>, <name2>, ...

config anomaly

Description: Anomaly name.

edit <name>

set status [disable|enable]

set log [enable|disable]

set action [pass|block|...]

set quarantine [none|attacker]

set quarantine-expiry {user}

set quarantine-log [disable|enable]

set threshold {integer}

set threshold(default) {integer}

next

end

next

end

config firewall DoS-policy

Parameter name

Description

Type

Size

status

Enable/disable this policy.

option

-

Option

Description

enable

Enable this policy.

disable

Disable this policy.

comments

Comment.

var-string

Maximum length: 1023

interface

Incoming interface name from available interfaces.

string

Maximum length: 35

srcaddr <name>

Source address name from available addresses.

Service name.

string

Maximum length: 79

dstaddr <name>

Destination address name from available addresses.

Address name.

string

Maximum length: 79

service <name>

Service object from available options.

Service name.

string

Maximum length: 79

config anomaly

Parameter name

Description

Type

Size

status

Enable/disable this anomaly.

option

-

Option

Description

disable

Disable this status.

enable

Enable this status.

log

Enable/disable anomaly logging.

option

-

Option

Description

enable

Enable anomaly logging.

disable

Disable anomaly logging.

action

Action taken when the threshold is reached.

option

-

Option

Description

pass

Allow traffic but record a log message if logging is enabled.

block

Block traffic if this anomaly is found.

proxy

Use a proxy to control the traffic flow.

quarantine

Quarantine method.

option

-

Option

Description

none

Quarantine is disabled.

attacker

Block all traffic sent from attacker's IP address. The attacker's IP address is also added to the banned user list. The target's address is not affected.

quarantine-expiry

Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.

user

Not Specified

quarantine-log

Enable/disable quarantine logging.

option

-

Option

Description

disable

Disable quarantine logging.

enable

Enable quarantine logging.

threshold

Anomaly threshold. Number of detected instances per minute that triggers the anomaly action.

integer

Minimum value: 1 Maximum value: 2147483647

threshold(default)

Number of detected instances per minute which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

integer

Minimum value: 0 Maximum value: 4294967295