Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    6.2.7
    7.6.0
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.2.0
    7.0.16
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    7.0.6
    7.0.5
    7.0.4
    7.0.3
    7.0.2
    7.0.1
    7.0.0
    6.4.15
    6.4.14
    6.4.13
    6.4.12
    6.4.11
    6.4.10
    6.4.9
    6.4.8
    6.4.7
    6.4.6
    6.4.5
    6.4.4
    6.4.3
    6.4.2
    6.4.1
    6.4.0
    6.2.16
    6.2.15
    6.2.14
    6.2.13
    6.2.12
    6.2.11
    6.2.10
    6.2.9
    6.2.8
    6.2.7
    6.2.6
    6.2.5
    6.2.4
    6.2.3
    6.2.2
    6.2.1
    6.0.0
    5.6.0
    5.4.0
    5.2.0
    5.0.0

    config firewall DoS-policy

    config firewall DoS-policy

    Configure IPv4 DoS policies.

    config firewall DoS-policy

    Description: Configure IPv4 DoS policies.

    edit <policyid>

    set status [enable|disable]

    set comments {var-string}

    set interface {string}

    set srcaddr <name1>, <name2>, ...

    set dstaddr <name1>, <name2>, ...

    set service <name1>, <name2>, ...

    config anomaly

    Description: Anomaly name.

    edit <name>

    set status [disable|enable]

    set log [enable|disable]

    set action [pass|block|...]

    set quarantine [none|attacker]

    set quarantine-expiry {user}

    set quarantine-log [disable|enable]

    set threshold {integer}

    set threshold(default) {integer}

    next

    end

    next

    end

    config firewall DoS-policy

    Parameter name

    Description

    Type

    Size

    status

    Enable/disable this policy.

    option

    -

    Option

    Description

    enable

    Enable this policy.

    disable

    Disable this policy.

    comments

    Comment.

    var-string

    Maximum length: 1023

    interface

    Incoming interface name from available interfaces.

    string

    Maximum length: 35

    srcaddr <name>

    Source address name from available addresses.

    Service name.

    string

    Maximum length: 79

    dstaddr <name>

    Destination address name from available addresses.

    Address name.

    string

    Maximum length: 79

    service <name>

    Service object from available options.

    Service name.

    string

    Maximum length: 79

    config anomaly

    Parameter name

    Description

    Type

    Size

    status

    Enable/disable this anomaly.

    option

    -

    Option

    Description

    disable

    Disable this status.

    enable

    Enable this status.

    log

    Enable/disable anomaly logging.

    option

    -

    Option

    Description

    enable

    Enable anomaly logging.

    disable

    Disable anomaly logging.

    action

    Action taken when the threshold is reached.

    option

    -

    Option

    Description

    pass

    Allow traffic but record a log message if logging is enabled.

    block

    Block traffic if this anomaly is found.

    proxy

    Use a proxy to control the traffic flow.

    quarantine

    Quarantine method.

    option

    -

    Option

    Description

    none

    Quarantine is disabled.

    attacker

    Block all traffic sent from attacker's IP address. The attacker's IP address is also added to the banned user list. The target's address is not affected.

    quarantine-expiry

    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.

    user

    Not Specified

    quarantine-log

    Enable/disable quarantine logging.

    option

    -

    Option

    Description

    disable

    Disable quarantine logging.

    enable

    Enable quarantine logging.

    threshold

    Anomaly threshold. Number of detected instances per minute that triggers the anomaly action.

    integer

    Minimum value: 1 Maximum value: 2147483647

    threshold(default)

    Number of detected instances per minute which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

    integer

    Minimum value: 0 Maximum value: 4294967295
    Previous
    Next

    config firewall DoS-policy

    config firewall DoS-policy

    Configure IPv4 DoS policies.

    config firewall DoS-policy

    Description: Configure IPv4 DoS policies.

    edit <policyid>

    set status [enable|disable]

    set comments {var-string}

    set interface {string}

    set srcaddr <name1>, <name2>, ...

    set dstaddr <name1>, <name2>, ...

    set service <name1>, <name2>, ...

    config anomaly

    Description: Anomaly name.

    edit <name>

    set status [disable|enable]

    set log [enable|disable]

    set action [pass|block|...]

    set quarantine [none|attacker]

    set quarantine-expiry {user}

    set quarantine-log [disable|enable]

    set threshold {integer}

    set threshold(default) {integer}

    next

    end

    next

    end

    config firewall DoS-policy

    Parameter name

    Description

    Type

    Size

    status

    Enable/disable this policy.

    option

    -

    Option

    Description

    enable

    Enable this policy.

    disable

    Disable this policy.

    comments

    Comment.

    var-string

    Maximum length: 1023

    interface

    Incoming interface name from available interfaces.

    string

    Maximum length: 35

    srcaddr <name>

    Source address name from available addresses.

    Service name.

    string

    Maximum length: 79

    dstaddr <name>

    Destination address name from available addresses.

    Address name.

    string

    Maximum length: 79

    service <name>

    Service object from available options.

    Service name.

    string

    Maximum length: 79

    config anomaly

    Parameter name

    Description

    Type

    Size

    status

    Enable/disable this anomaly.

    option

    -

    Option

    Description

    disable

    Disable this status.

    enable

    Enable this status.

    log

    Enable/disable anomaly logging.

    option

    -

    Option

    Description

    enable

    Enable anomaly logging.

    disable

    Disable anomaly logging.

    action

    Action taken when the threshold is reached.

    option

    -

    Option

    Description

    pass

    Allow traffic but record a log message if logging is enabled.

    block

    Block traffic if this anomaly is found.

    proxy

    Use a proxy to control the traffic flow.

    quarantine

    Quarantine method.

    option

    -

    Option

    Description

    none

    Quarantine is disabled.

    attacker

    Block all traffic sent from attacker's IP address. The attacker's IP address is also added to the banned user list. The target's address is not affected.

    quarantine-expiry

    Duration of quarantine. (Format ###d##h##m, minimum 1m, maximum 364d23h59m, default = 5m). Requires quarantine set to attacker.

    user

    Not Specified

    quarantine-log

    Enable/disable quarantine logging.

    option

    -

    Option

    Description

    disable

    Disable quarantine logging.

    enable

    Enable quarantine logging.

    threshold

    Anomaly threshold. Number of detected instances per minute that triggers the anomaly action.

    integer

    Minimum value: 1 Maximum value: 2147483647

    threshold(default)

    Number of detected instances per minute which triggers action (1 - 2147483647, default = 1000). Note that each anomaly has a different threshold value assigned to it.

    integer

    Minimum value: 0 Maximum value: 4294967295
    Previous
    Next