Fortinet black logo

CLI Reference

7.4.3
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.0.0
5.6.0
5.4.0
5.2.0
5.0.0

config diameter-filter profile

config diameter-filter profile

Configure Diameter filter profiles.

config diameter-filter profile
    Description: Configure Diameter filter profiles.
    edit <name>
        set cmd-flags-reserve-set [allow|block|...]
        set command-code-invalid [allow|block|...]
        set command-code-range {user}
        set comment {var-string}
        set log-packet [disable|enable]
        set message-length-invalid [allow|block|...]
        set missing-request-action [allow|block|...]
        set monitor-all-messages [disable|enable]
        set protocol-version-invalid [allow|block|...]
        set request-error-flag-set [allow|block|...]
        set track-requests-answers [disable|enable]
    next
end

config diameter-filter profile

Parameter

Description

Type

Size

Default

cmd-flags-reserve-set

Action to be taken for messages with cmd flag reserve bits set.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

command-code-invalid

Action to be taken for messages with invalid command code.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

command-code-range

Valid range for command codes.

user

Not Specified

comment

Comment.

var-string

Maximum length: 255

log-packet

Enable/disable packet log for triggered diameter settings.

option

-

disable

Option

Description

disable

Disable.

enable

Enable.

message-length-invalid

Action to be taken for invalid message length.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

missing-request-action

Action to be taken for answers without corresponding request.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

monitor-all-messages

Enable/disable logging for all User Name and Result Code AVP messages.

option

-

disable

Option

Description

disable

Disable.

enable

Enable.

name

Profile name.

string

Maximum length: 35

protocol-version-invalid

Action to be taken for invalid protocol version.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

request-error-flag-set

Action to be taken for request messages with error flag set.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

track-requests-answers

Enable/disable validation that each answer has a corresponding request.

option

-

enable

Option

Description

disable

Disable.

enable

Enable.
Previous
Next

config diameter-filter profile

Configure Diameter filter profiles.

config diameter-filter profile
    Description: Configure Diameter filter profiles.
    edit <name>
        set cmd-flags-reserve-set [allow|block|...]
        set command-code-invalid [allow|block|...]
        set command-code-range {user}
        set comment {var-string}
        set log-packet [disable|enable]
        set message-length-invalid [allow|block|...]
        set missing-request-action [allow|block|...]
        set monitor-all-messages [disable|enable]
        set protocol-version-invalid [allow|block|...]
        set request-error-flag-set [allow|block|...]
        set track-requests-answers [disable|enable]
    next
end

config diameter-filter profile

Parameter

Description

Type

Size

Default

cmd-flags-reserve-set

Action to be taken for messages with cmd flag reserve bits set.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

command-code-invalid

Action to be taken for messages with invalid command code.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

command-code-range

Valid range for command codes.

user

Not Specified

comment

Comment.

var-string

Maximum length: 255

log-packet

Enable/disable packet log for triggered diameter settings.

option

-

disable

Option

Description

disable

Disable.

enable

Enable.

message-length-invalid

Action to be taken for invalid message length.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

missing-request-action

Action to be taken for answers without corresponding request.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

monitor-all-messages

Enable/disable logging for all User Name and Result Code AVP messages.

option

-

disable

Option

Description

disable

Disable.

enable

Enable.

name

Profile name.

string

Maximum length: 35

protocol-version-invalid

Action to be taken for invalid protocol version.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

request-error-flag-set

Action to be taken for request messages with error flag set.

option

-

block

Option

Description

allow

Allow or pass matching traffic.

block

Block or drop matching traffic.

reset

Reset sessions for matching traffic.

monitor

Allow and log matching traffic.

track-requests-answers

Enable/disable validation that each answer has a corresponding request.

option

-

enable

Option

Description

disable

Disable.

enable

Enable.
Previous
Next