Fortinet black logo

CLI Reference

waf custom-protection-group

waf custom-protection-group

Use this command to configure custom protection groups, creating sets of custom protection rules that can be used with attack signatures (“server protection rule”).

Before you can configure this command, you must first define your custom data leak and attack signatures. For details, see waf custom-protection-rule.

To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

Syntax

config waf custom-protection-group

edit "<custom-protection group_name>"

set max-alert-interval <integer>

config type-list

edit <entry_index>

set custom-protection-rule "<rule_name>"

next

end

next

end

Variable Description Default

"<custom-protection group_name>"

Enter the name of a new or existing group. The maximum length is 63 characters.

To display the list of existing group, enter:

edit ?

No default.

max-alert-interval <integer>

Specify the alert interval to avoid attack logs flooding. When signature violations occur continuously, FortiWeb generates the next attack log only when it reaches the alert interval. Setting the value to 0 means there will not be interval limit for the signature traffic logs. This applies at the signature group level. The valid range is 0-300 seconds.

0

<entry_index>

Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999. No default.

custom-protection-rule "<rule_name>"

Enter the name of the custom protection rule to associate with the custom protection group. The maximum length is 63 characters.

To display a list of the existing rules, enter:

set custom-protection-rule ?

No default.

Example

This example groups custom protection rule 1 and custom protection rule 3 together within Custom Protection group 1.

config waf custom-protection-group

edit "Custom Protection group 1"

config type-list

edit 1

set custom-protection-rule "custom protection rule 3"

next

edit 3

set custom-protection-rule "custom protection rule 1"

next

end

next

end

Related topics

waf custom-protection-group

Use this command to configure custom protection groups, creating sets of custom protection rules that can be used with attack signatures (“server protection rule”).

Before you can configure this command, you must first define your custom data leak and attack signatures. For details, see waf custom-protection-rule.

To use this command, your administrator account’s access control profile must have either w or rw permission to the wafgrp area. For details, see Permissions.

Syntax

config waf custom-protection-group

edit "<custom-protection group_name>"

set max-alert-interval <integer>

config type-list

edit <entry_index>

set custom-protection-rule "<rule_name>"

next

end

next

end

Variable Description Default

"<custom-protection group_name>"

Enter the name of a new or existing group. The maximum length is 63 characters.

To display the list of existing group, enter:

edit ?

No default.

max-alert-interval <integer>

Specify the alert interval to avoid attack logs flooding. When signature violations occur continuously, FortiWeb generates the next attack log only when it reaches the alert interval. Setting the value to 0 means there will not be interval limit for the signature traffic logs. This applies at the signature group level. The valid range is 0-300 seconds.

0

<entry_index>

Enter the index number of the individual entry in the table. The valid range is 1–9,999,999,999,999,999,999. No default.

custom-protection-rule "<rule_name>"

Enter the name of the custom protection rule to associate with the custom protection group. The maximum length is 63 characters.

To display a list of the existing rules, enter:

set custom-protection-rule ?

No default.

Example

This example groups custom protection rule 1 and custom protection rule 3 together within Custom Protection group 1.

config waf custom-protection-group

edit "Custom Protection group 1"

config type-list

edit 1

set custom-protection-rule "custom protection rule 3"

next

edit 3

set custom-protection-rule "custom protection rule 1"

next

end

next

end

Related topics