Command syntax
When entering a command, the CLI requires that you use valid syntax and conform to expected input constraints. It will reject invalid commands.
For example, if you do not type the entire object that will receive the action of a command operator such as config
, the CLI will return an error message such as:
Command fail. CLI parsing error
This document uses the following conventions to describe valid command syntax.
Terminology
Each command line consists of a command word followed by words for the configuration data or other specific item that the command uses or affects, for example:
get system admin
This document uses the below terms to describe the function of each word in the command line.
Command syntax terminology
-
Command—A word that begins the command line and indicates an action that FortiWeb should perform on a part of the configuration or host on the network, such as
config
orexecute
. Together with other words, such as fields or values, that you terminate by pressing the Enter key, it forms a command line. Exceptions include multi-line command lines, which can be entered using an escape sequence. For details, see Shortcuts & key commands.Valid command lines must be unambiguous if abbreviated. For details, see Command abbreviation.
Optional words or other command line permutations are indicated by syntax notation. For details, see Notation.
If you do not enter a known command, the CLI will return an error message such as:
Unknown action 0
-
Subcommand—A kind of command that is available only when nested within the scope of another command. After entering a command, its applicable subcommands are available to you until you exit the scope of the command, or until you descend an additional level into another subcommand. Indentation is used to indicate levels of nested commands. For details, see Indentation.
Not all top-level commands have subcommands. Available subcommands vary by their containing scope. For details, see Subcommands.
-
Object—A part of the configuration that contains tables and/or fields. Valid command lines must be specific enough to indicate an individual object.
-
Table—A set of fields that is one of possibly multiple similar sets that each have a name or number, such as an administrator account, policy, or network interface. These named or numbered sets are sometimes referenced by other parts of the configuration that use them. For details, see Notation.
-
Field—The name of a setting, such as
ip
orhostname
. Fields in some tables must be configured with values. Failure to configure a required field will result in an invalid object configuration error message, and the FortiWeb appliance will discard the invalid table. -
Value—A number, letter, IP address, or other type of input that is usually the configuration setting held by a field. Some commands, however, require multiple input values which may not be named but are simply entered in sequential order in the same command line. Valid input types are indicated by constraint notation. For details, see Notation.
-
Option—A kind of value that must be one or more words from a fixed set of options. For details, see Notation.
Indentation
Indentation indicates levels of nested commands, which indicate what other subcommands are available from within the scope.
For example, the edit
subcommand is available only within a command that affects tables, and the next
subcommand is available only from within the edit
subcommand:
config system interface
edit port1
set status up
next
end
For details about available subcommands, see Subcommands.
Notation
Brackets, braces, and pipes are used to denote valid permutations of the syntax. Constraint notations, such as <address_ipv4>
, indicate which data types or string patterns are acceptable value input.
If you do not use the expected data type, the CLI returns an error message such as: object set operator error, -4003 discard the setting The request URL must start with "/" and without domain name.
or: invalid unsigned integer value :-:
value parse error before '-' Input value is invalid.
and may either reject or discard your settings instead of saving them when you type |
Command syntax notation
Square brackets [ ] |
A non-required (optional) word or words. For example: [verbose {1 | 2 | 3}]
indicates that you may either omit or type both the verbose 3 |
|
Curly braces { } |
A word or series of words that is constrained to a set of options delimited by either vertical bars or spaces. You must enter at least one of the options, unless the set of options is surrounded by square brackets [ ]. |
|
Options delimited by vertical bars | |
Mutually exclusive options. For example: {enable | disable} indicates that you must enter either |
|
Options delimited by spaces |
Non-mutually exclusive options. For example: {HTTP HTTPs ping snmp ssh telnet} indicates that you may enter all or a subset of those options, in any order, in a space-delimited list, such as: ping HTTPs ssh Note: To change the options, you must re-type the entire list. For example, to add ping HTTPs snmp ssh If the option adds to or subtracts from the existing list of options, instead of replacing it, or if the list is comma-delimited, the exception will be noted. |
|
Angle brackets < > |
A word constrained by data type. To define acceptable input, the angled brackets contain a descriptive name followed by an underscore ( <retries_int>
indicates that you should enter a number of retries, such as Data types include:
|