Fortinet black logo

CLI Reference

policy

policy

Use this command to view the process ID, live sessions, and traffic statistics associated with a server policy.

To use this command, your administrator account’s access control profile must have at least r permission to the sysgrp area. For details, see Permissions.

Syntax

diagnose policy pserver [list "<policy_name>"]

diagnose policy session [list "<policy_name>"]

diagnose policy traffic [list "<policy_name>"]

diagnose policy period-blockip [list "<policy_name>"]

diagnose policy period-blockip [delete "<policy_name>"]{ipv4 | ipv6}

diagnose policy "<policy_name>"


Variable Description Default

pserver [list "<policy_name>"]

Displays the status of physical servers covered by the policy. No default.

session [list "<policy_name>"]

Displays IP session information for TCP and UDP connections. No default.

traffic [list "<policy_name>"]

Displays traffic throughput (bandwidth usage) information. No default.

period-blockip [list "<policy_name>"]

Displays client IP addresses whose requests are temporarily blocked because the client violated a rule in the specified policy with an Action value of Period Block. No default.

period-blockip [delete "<policy_name>"]{ipv4 | ipv6}

Unblocks the specified client IP address that FortiWeb has blocked because it violated a rule in the specified policy with an Action value of Period Block. (FortiWeb can still block the address because it violates a rule in a different policy.) No default.

"<policy_name>"

Enter the name of an existing server policy. No default.

Example

This example shows the output of the pserver list command. The alive value indicates the status of the server health check:

Integer Health check status Health Check Status icon in Policy Status dashboard
0 Failed Red
1 Passed Green
2 Disabled Grey

diagnose policy pserver list Policy1

policy(Policy1)

server-pool(FWB_server_pool):

total = 1

server[0]

id: 1

ip: 10.20.1.22

port: 80

alive: 2

session: 0

status: 1

Related topics

policy

Use this command to view the process ID, live sessions, and traffic statistics associated with a server policy.

To use this command, your administrator account’s access control profile must have at least r permission to the sysgrp area. For details, see Permissions.

Syntax

diagnose policy pserver [list "<policy_name>"]

diagnose policy session [list "<policy_name>"]

diagnose policy traffic [list "<policy_name>"]

diagnose policy period-blockip [list "<policy_name>"]

diagnose policy period-blockip [delete "<policy_name>"]{ipv4 | ipv6}

diagnose policy "<policy_name>"


Variable Description Default

pserver [list "<policy_name>"]

Displays the status of physical servers covered by the policy. No default.

session [list "<policy_name>"]

Displays IP session information for TCP and UDP connections. No default.

traffic [list "<policy_name>"]

Displays traffic throughput (bandwidth usage) information. No default.

period-blockip [list "<policy_name>"]

Displays client IP addresses whose requests are temporarily blocked because the client violated a rule in the specified policy with an Action value of Period Block. No default.

period-blockip [delete "<policy_name>"]{ipv4 | ipv6}

Unblocks the specified client IP address that FortiWeb has blocked because it violated a rule in the specified policy with an Action value of Period Block. (FortiWeb can still block the address because it violates a rule in a different policy.) No default.

"<policy_name>"

Enter the name of an existing server policy. No default.

Example

This example shows the output of the pserver list command. The alive value indicates the status of the server health check:

Integer Health check status Health Check Status icon in Policy Status dashboard
0 Failed Red
1 Passed Green
2 Disabled Grey

diagnose policy pserver list Policy1

policy(Policy1)

server-pool(FWB_server_pool):

total = 1

server[0]

id: 1

ip: 10.20.1.22

port: 80

alive: 2

session: 0

status: 1

Related topics