Fortinet black logo

CLI Reference

cifs profile

Configure CIFS profile.

  config cifs profile
      Description: Configure CIFS profile.
      edit <name>
          config file-filter
              Description: File filter.
              set status [enable|disable]
              set log [enable|disable]
              config entries
                  Description: File filter entries.
                  edit <filter>
                      set comment {var-string}
                      set action [log|block]
                      set direction [incoming|outgoing|...]
                      set file-type <name1>, <name2>, ...
                  next
              end
          end
          set domain-controller {string}
          set server-credential-type [none|credential-replication|...]
          config server-keytab
              Description: Server keytab.
              edit <principal>
                  set keytab {string}
              next
          end
      next
  end

config cifs profile

Parameter Name Description Type Size
domain-controller Domain for which to decrypt CIFS traffic. string Maximum length: 255
server-credential-type CIFS server credential type.
none: Credential derivation not set.
credential-replication: Credential derived using Replication account on Domain Controller.
credential-keytab: Credential derived using server keytab.
option -

config file-filter

Parameter Name Description Type Size
status Enable/disable file filter.
enable: Enable file filter.
disable: Disable file filter.
option -
log Enable/disable file filter logging.
enable: Enable file filter logging.
disable: Disable file filter logging.
option -

config entries

Parameter Name Description Type Size
comment Comment. var-string Maximum length: 255
action Action taken for matched file.
log: Allow the content and write a log message.
block: Block the content and write a log message.
option -
direction Match files transmitted in the session's originating or reply direction.
incoming: Match files transmitted in the session's originating direction.
outgoing: Match files transmitted in the session's reply direction.
any: Match files transmitted in the session's originating and reply direction.
option -
file-type <name> Select file type.
File type name.
string Maximum length: 39

config server-keytab

Parameter Name Description Type Size
keytab Base64 encoded keytab file containing credential of the server. string Maximum length: 8191

Configure CIFS profile.

  config cifs profile
      Description: Configure CIFS profile.
      edit <name>
          config file-filter
              Description: File filter.
              set status [enable|disable]
              set log [enable|disable]
              config entries
                  Description: File filter entries.
                  edit <filter>
                      set comment {var-string}
                      set action [log|block]
                      set direction [incoming|outgoing|...]
                      set file-type <name1>, <name2>, ...
                  next
              end
          end
          set domain-controller {string}
          set server-credential-type [none|credential-replication|...]
          config server-keytab
              Description: Server keytab.
              edit <principal>
                  set keytab {string}
              next
          end
      next
  end

config cifs profile

Parameter Name Description Type Size
domain-controller Domain for which to decrypt CIFS traffic. string Maximum length: 255
server-credential-type CIFS server credential type.
none: Credential derivation not set.
credential-replication: Credential derived using Replication account on Domain Controller.
credential-keytab: Credential derived using server keytab.
option -

config file-filter

Parameter Name Description Type Size
status Enable/disable file filter.
enable: Enable file filter.
disable: Disable file filter.
option -
log Enable/disable file filter logging.
enable: Enable file filter logging.
disable: Disable file filter logging.
option -

config entries

Parameter Name Description Type Size
comment Comment. var-string Maximum length: 255
action Action taken for matched file.
log: Allow the content and write a log message.
block: Block the content and write a log message.
option -
direction Match files transmitted in the session's originating or reply direction.
incoming: Match files transmitted in the session's originating direction.
outgoing: Match files transmitted in the session's reply direction.
any: Match files transmitted in the session's originating and reply direction.
option -
file-type <name> Select file type.
File type name.
string Maximum length: 39

config server-keytab

Parameter Name Description Type Size
keytab Base64 encoded keytab file containing credential of the server. string Maximum length: 8191