config file-filter profile
Configure file-filter profiles.
config file-filter profile
Description: Configure file-filter profiles.
edit <name>
set comment {var-string}
set extended-log [disable|enable]
set fabric-force-sync [enable|disable]
set fabric-object [enable|disable]
set fabric-object-source [member|local|...]
set feature-set [flow|proxy]
set log [disable|enable]
set replacemsg-group {string}
config rules
Description: File filter rules.
edit <name>
set action [log-only|block|...]
set comment {var-string}
set direction [incoming|outgoing|...]
set file-type <name1>, <name2>, ...
set password-protected [yes|any]
set protocol {option1}, {option2}, ...
next
end
set scan-archive-contents [disable|enable]
set uuid {uuid}
next
end
config file-filter profile
|
Parameter |
Description |
Type |
Size |
Default |
||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
comment |
Comment. |
var-string |
Maximum length: 255 |
|
||||||||
|
extended-log |
Enable/disable file-filter extended logging. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
fabric-force-sync * |
Enable/disable forced synchronization of configuration objects from the root FortiGate unit to the downstream devices. Configuration conflict check is skipped. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
fabric-object * |
Security Fabric global object setting. |
option |
- |
disable |
||||||||
|
|
|
|||||||||||
|
fabric-object-source * |
Source of truth for fabric object. |
option |
- |
root |
||||||||
|
|
|
|||||||||||
|
feature-set |
Flow/proxy feature set. |
option |
- |
flow |
||||||||
|
|
|
|||||||||||
|
log |
Enable/disable file-filter logging. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
name |
Profile name. |
string |
Maximum length: 47 |
|
||||||||
|
replacemsg-group |
Replacement message group. |
string |
Maximum length: 35 |
|
||||||||
|
scan-archive-contents |
Enable/disable archive contents scan. |
option |
- |
enable |
||||||||
|
|
|
|||||||||||
|
uuid * |
Universally Unique Identifier (UUID; automatically assigned but can be manually reset). |
uuid |
Not Specified |
00000000-0000-0000-0000-000000000000 |
||||||||
* This parameter may not exist in some models.
config rules
|
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
action |
Action taken for matched file. |
option |
- |
log-only |
||||||||||||||||||||
|
|
|
|||||||||||||||||||||||
|
comment |
Comment. |
var-string |
Maximum length: 255 |
|
||||||||||||||||||||
|
direction |
Traffic direction (HTTP, FTP, SSH, WEBSOCKET, CIFS, and MAPI only). |
option |
- |
any |
||||||||||||||||||||
|
|
|
|||||||||||||||||||||||
|
file-type |
Select file type. File type name. |
string |
Maximum length: 39 |
|
||||||||||||||||||||
|
name |
File-filter rule name. |
string |
Maximum length: 35 |
|
||||||||||||||||||||
|
password-protected |
Match password-protected files. |
option |
- |
any |
||||||||||||||||||||
|
|
|
|||||||||||||||||||||||
|
protocol |
Protocols to apply rule to. |
option |
- |
http ftp smtp imap pop3 mapi cifs ssh websocket ** |
||||||||||||||||||||
|
|
|
|||||||||||||||||||||||
** Values may differ between models.