Fortinet black logo

CLI Reference

show

show

The show command displays parts of your FortiWeb appliance’s configuration in the form of commands that are required to achieve that configuration from the firmware’s default state.

The show commands require at least read (r) permission to applicable administrator profile groups.

Although not explicitly shown in this section, for all config commands, there are related get and show commands which display that part of the configuration. get and show commands use the same syntax as their related config command, unless otherwise mentioned. For syntax examples and descriptions of each configuration object, field, and option, see config .

Unlike get, show does not display settings that are assumed to remain in their default state.

For example, you might show the current DNS settings:

FortiWeb# show system dns

config system dns

set primary 172.16.1.10

set domain "example.com"

end

Notice that the command does not display the setting for the secondary DNS server. This indicates that it has not been configured, or has reverted to its default value.

Like get, depending on whether or not you have specified an object, show may display one of two different outputs, either the configuration:

  • that you have just entered but not yet saved, or
  • as it currently exists on the flash disk, respectively.

For example, immediately after configuring the secondary DNS server setting but before saving it, show displays two different outputs (differences highlighted in bold):

FortiWeb# config system dns

FortiWeb (dns)# set secondary 192.168.1.10

FortiWeb (dns)# show

config system dns

set primary 172.16.1.10

set secondary 192.168.1.10

set domain "example.com"

end

FortiWeb (end)# show system dns

config system dns

set primary 172.16.1.10

set domain "example.com"

end

The first output from show indicates the value that you have configured but not yet saved; the second output from show indicates the value that was last saved to disk.

If you have entered settings but cannot remember how they differ from the existing configuration, the two different forms of show, with and without the object name, can be a useful way to remind yourself.

If you were to now enter end, saving your setting to disk, show output for both syntactical forms would again match. However, if you were to enter abort at this point and discard your recently entered secondary DNS setting instead of saving it to disk, the FortiWeb appliance’s configuration would therefore match the second output, not the first.

When ADOMs are enabled, and if you log in as admin, the top level of the shell changes: the two top level items are show global and show vdom.

  • show global displays settings that only admin or other accounts with the prof_admin access profile can change.
  • show vdom displays each ADOM and its respective settings.

This menu and CLI structure change is not visible to non-global accounts; ADOM administrators’ navigation menus continue to appear similar to when ADOMs are disabled, except that global settings such as network interfaces, HA, and other global settings do not appear.

show

The show command displays parts of your FortiWeb appliance’s configuration in the form of commands that are required to achieve that configuration from the firmware’s default state.

The show commands require at least read (r) permission to applicable administrator profile groups.

Although not explicitly shown in this section, for all config commands, there are related get and show commands which display that part of the configuration. get and show commands use the same syntax as their related config command, unless otherwise mentioned. For syntax examples and descriptions of each configuration object, field, and option, see config .

Unlike get, show does not display settings that are assumed to remain in their default state.

For example, you might show the current DNS settings:

FortiWeb# show system dns

config system dns

set primary 172.16.1.10

set domain "example.com"

end

Notice that the command does not display the setting for the secondary DNS server. This indicates that it has not been configured, or has reverted to its default value.

Like get, depending on whether or not you have specified an object, show may display one of two different outputs, either the configuration:

  • that you have just entered but not yet saved, or
  • as it currently exists on the flash disk, respectively.

For example, immediately after configuring the secondary DNS server setting but before saving it, show displays two different outputs (differences highlighted in bold):

FortiWeb# config system dns

FortiWeb (dns)# set secondary 192.168.1.10

FortiWeb (dns)# show

config system dns

set primary 172.16.1.10

set secondary 192.168.1.10

set domain "example.com"

end

FortiWeb (end)# show system dns

config system dns

set primary 172.16.1.10

set domain "example.com"

end

The first output from show indicates the value that you have configured but not yet saved; the second output from show indicates the value that was last saved to disk.

If you have entered settings but cannot remember how they differ from the existing configuration, the two different forms of show, with and without the object name, can be a useful way to remind yourself.

If you were to now enter end, saving your setting to disk, show output for both syntactical forms would again match. However, if you were to enter abort at this point and discard your recently entered secondary DNS setting instead of saving it to disk, the FortiWeb appliance’s configuration would therefore match the second output, not the first.

When ADOMs are enabled, and if you log in as admin, the top level of the shell changes: the two top level items are show global and show vdom.

  • show global displays settings that only admin or other accounts with the prof_admin access profile can change.
  • show vdom displays each ADOM and its respective settings.

This menu and CLI structure change is not visible to non-global accounts; ADOM administrators’ navigation menus continue to appear similar to when ADOMs are disabled, except that global settings such as network interfaces, HA, and other global settings do not appear.