Fortinet black logo

CLI Reference

config ips rule

config ips rule

Configure IPS rules.

config ips rule

Description: Configure IPS rules.

edit <name>

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set group {string}

set severity {user}

set location {user}

set os {user}

set application {user}

set service {user}

set rule-id {integer}

set rev {integer}

set date {integer}

config metadata

Description: Meta data.

edit <id>

set metaid {integer}

set valueid {integer}

next

end

next

end

config ips rule

Parameter

Description

Type

Size

Default

status

Enable/disable status.

option

-

enable

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

enable

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

disable

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Action.

option

-

pass

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

group

Group.

string

Maximum length: 63

severity

Severity.

user

Not Specified

location

Vulnerable location.

user

Not Specified

os

Vulnerable operation systems.

user

Not Specified

application

Vulnerable applications.

user

Not Specified

service

Vulnerable service.

user

Not Specified

rule-id

Rule ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

rev

Revision.

integer

Minimum value: 0 Maximum value: 4294967295

0

date

Date.

integer

Minimum value: 0 Maximum value: 4294967295

0

config metadata

Parameter

Description

Type

Size

Default

metaid

Meta ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

valueid

Value ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

config ips rule

Configure IPS rules.

config ips rule

Description: Configure IPS rules.

edit <name>

set status [disable|enable]

set log [disable|enable]

set log-packet [disable|enable]

set action [pass|block]

set group {string}

set severity {user}

set location {user}

set os {user}

set application {user}

set service {user}

set rule-id {integer}

set rev {integer}

set date {integer}

config metadata

Description: Meta data.

edit <id>

set metaid {integer}

set valueid {integer}

next

end

next

end

config ips rule

Parameter

Description

Type

Size

Default

status

Enable/disable status.

option

-

enable

Option

Description

disable

Disable status.

enable

Enable status.

log

Enable/disable logging.

option

-

enable

Option

Description

disable

Disable logging.

enable

Enable logging.

log-packet

Enable/disable packet logging.

option

-

disable

Option

Description

disable

Disable packet logging.

enable

Enable packet logging.

action

Action.

option

-

pass

Option

Description

pass

Pass or allow matching traffic.

block

Block or drop matching traffic.

group

Group.

string

Maximum length: 63

severity

Severity.

user

Not Specified

location

Vulnerable location.

user

Not Specified

os

Vulnerable operation systems.

user

Not Specified

application

Vulnerable applications.

user

Not Specified

service

Vulnerable service.

user

Not Specified

rule-id

Rule ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

rev

Revision.

integer

Minimum value: 0 Maximum value: 4294967295

0

date

Date.

integer

Minimum value: 0 Maximum value: 4294967295

0

config metadata

Parameter

Description

Type

Size

Default

metaid

Meta ID.

integer

Minimum value: 0 Maximum value: 4294967295

0

valueid

Value ID.

integer

Minimum value: 0 Maximum value: 4294967295

0