Finding object dependencies
You may be prevented from deleting a configuration object when other configuration objects depend on it. You can use the GUI or CLI to identify objects which depend on, or make reference to the configuration you are trying to delete. Additionally, if you have a virtual interface with dependent objects, you will need to find and remove those dependencies before deleting the interface.
To remove interface object dependencies in the GUI:
- Go to Network > Interfaces. The Ref. column displays the number of objects that reference this interface.
- Select the number in the Ref . column for the interface. A window listing the dependencies appears.
- Use these detailed entries to locate and remove object references to this interface. The trash can icon is enabled after all the object dependencies are removed.
- Remove the interface by selecting the check box for the interface, and select Delete.
To find object dependencies in the CLI:
When running multiple VDOMs, use the following command in the global configuration only.
diagnose sys checkused <path.object.mkey>
The command searches for the named object in both the most recently used global and VDOM configurations.
To verify which objects a security policy with an ID of 1 refers to:
diagnose sys checkused firewall.policy.policyid 1
To check what is referred to by interface
diagnose sys checkused system.interface.name port1
To show all dependencies for an interface:
diagnose sys checkused system.interface.name <interface name>
In this example , the interface has dependent objects, including four address objects, one VIP, and three security policies.
entry used by table firewall.address:name '10.98.23.23_host’
entry used by table firewall.address:name 'NAS'
entry used by table firewall.address:name 'all'
entry used by table firewall.address:name 'fortinet.com'
entry used by table firewall.vip:name 'TORRENT_10.0.0.70:6883'
entry used by table firewall.policy:policyid '21'
entry used by table firewall.policy:policyid '14'
entry used by table firewall.policy:policyid '19'