Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config ips rule

Configure IPS rules.

config ips rule

Description: Configure IPS rules.

edit <name>

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set group {string}

set severity {user}

set location {user}

set os {user}

set application {user}

set service {user}

set rule-id {integer}

set rev {integer}

set date {integer}

config metadata

Description: Meta data.

edit <id>

set metaid {integer}

set valueid {integer}

next

end

next

end

config ips rule

Parameter name

Description

Type

Size

status

Enable/disable status.

option

-

 

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

 

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

 

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Action.

option

-

 

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

group

Group.

string

Maximum length: 63

severity

Severity.

user

Not Specified

location

Vulnerable location.

user

Not Specified

os

Vulnerable operation systems.

user

Not Specified

application

Vulnerable applications.

user

Not Specified

service

Vulnerable service.

user

Not Specified

rule-id

Rule ID.

integer

Minimum value: 0 Maximum value: 4294967295

rev

Revision.

integer

Minimum value: 0 Maximum value: 4294967295

date

Date.

integer

Minimum value: 0 Maximum value: 4294967295

config metadata

Parameter name

Description

Type

Size

metaid

Meta ID.

integer

Minimum value: 0 Maximum value: 4294967295

valueid

Value ID.

integer

Minimum value: 0 Maximum value: 4294967295

config ips rule

Configure IPS rules.

config ips rule

Description: Configure IPS rules.

edit <name>

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set group {string}

set severity {user}

set location {user}

set os {user}

set application {user}

set service {user}

set rule-id {integer}

set rev {integer}

set date {integer}

config metadata

Description: Meta data.

edit <id>

set metaid {integer}

set valueid {integer}

next

end

next

end

config ips rule

Parameter name

Description

Type

Size

status

Enable/disable status.

option

-

 

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

 

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

 

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Action.

option

-

 

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

group

Group.

string

Maximum length: 63

severity

Severity.

user

Not Specified

location

Vulnerable location.

user

Not Specified

os

Vulnerable operation systems.

user

Not Specified

application

Vulnerable applications.

user

Not Specified

service

Vulnerable service.

user

Not Specified

rule-id

Rule ID.

integer

Minimum value: 0 Maximum value: 4294967295

rev

Revision.

integer

Minimum value: 0 Maximum value: 4294967295

date

Date.

integer

Minimum value: 0 Maximum value: 4294967295

config metadata

Parameter name

Description

Type

Size

metaid

Meta ID.

integer

Minimum value: 0 Maximum value: 4294967295

valueid

Value ID.

integer

Minimum value: 0 Maximum value: 4294967295