Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

config ips custom

Configure IPS custom signature.

config ips custom

Description: Configure IPS custom signature.

edit <tag>

set signature {var-string}

set rule-id {integer}

set severity {user}

set location {user}

set os {user}

set application {user}

set protocol {user}

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set comment {string}

next

end

config ips custom

Parameter name

Description

Type

Size

signature

Custom signature enclosed in single quotes.

var-string

Maximum length: 4095

rule-id

Signature ID.

integer

Minimum value: 0 Maximum value: 4294967295

severity

Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.

user

Not Specified

location

Protect client or server traffic.

user

Not Specified

os

Operating system(s) that the signature protects. Blank for all operating systems.

user

Not Specified

application

Applications to be protected. Blank for all applications.

user

Not Specified

protocol

Protocol(s) that the signature scans. Blank for all protocols.

user

Not Specified

status

Enable/disable this signature.

option

-

 

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

 

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

 

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Default action (pass or block) for this signature.

option

-

 

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

comment

Comment.

string

Maximum length: 63

config ips custom

Configure IPS custom signature.

config ips custom

Description: Configure IPS custom signature.

edit <tag>

set signature {var-string}

set rule-id {integer}

set severity {user}

set location {user}

set os {user}

set application {user}

set protocol {user}

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set comment {string}

next

end

config ips custom

Parameter name

Description

Type

Size

signature

Custom signature enclosed in single quotes.

var-string

Maximum length: 4095

rule-id

Signature ID.

integer

Minimum value: 0 Maximum value: 4294967295

severity

Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.

user

Not Specified

location

Protect client or server traffic.

user

Not Specified

os

Operating system(s) that the signature protects. Blank for all operating systems.

user

Not Specified

application

Applications to be protected. Blank for all applications.

user

Not Specified

protocol

Protocol(s) that the signature scans. Blank for all protocols.

user

Not Specified

status

Enable/disable this signature.

option

-

 

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

 

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

 

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Default action (pass or block) for this signature.

option

-

 

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

comment

Comment.

string

Maximum length: 63