Fortinet black logo

CLI Reference

config ips custom

config ips custom

Configure IPS custom signature.

config ips custom

Description: Configure IPS custom signature.

edit <tag>

set signature {var-string}

set rule-id {integer}

set severity {user}

set location {user}

set os {user}

set application {user}

set protocol {user}

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set comment {string}

next

end

config ips custom

Parameter

Description

Type

Size

Default

signature

Custom signature enclosed in single quotes.

var-string

Maximum length: 4095

rule-id

Signature ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

severity

Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.

user

Not Specified

location

Protect client or server traffic.

user

Not Specified

os

Operating system(s) that the signature protects. Blank for all operating systems.

user

Not Specified

application

Applications to be protected. Blank for all applications.

user

Not Specified

protocol

Protocol(s) that the signature scans. Blank for all protocols.

user

Not Specified

status

Enable/disable this signature.

option

-

enable

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

enable

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

disable

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Default action (pass or block) for this signature.

option

-

pass

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

comment

Comment.

string

Maximum length: 63

config ips custom

Configure IPS custom signature.

config ips custom

Description: Configure IPS custom signature.

edit <tag>

set signature {var-string}

set rule-id {integer}

set severity {user}

set location {user}

set os {user}

set application {user}

set protocol {user}

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set comment {string}

next

end

config ips custom

Parameter

Description

Type

Size

Default

signature

Custom signature enclosed in single quotes.

var-string

Maximum length: 4095

rule-id

Signature ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

severity

Relative severity of the signature, from info to critical. Log messages generated by the signature include the severity.

user

Not Specified

location

Protect client or server traffic.

user

Not Specified

os

Operating system(s) that the signature protects. Blank for all operating systems.

user

Not Specified

application

Applications to be protected. Blank for all applications.

user

Not Specified

protocol

Protocol(s) that the signature scans. Blank for all protocols.

user

Not Specified

status

Enable/disable this signature.

option

-

enable

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

enable

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

disable

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Default action (pass or block) for this signature.

option

-

pass

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

comment

Comment.

string

Maximum length: 63