Tree-5.6.1: Unterschied zwischen den Versionen
Zur Navigation springen
Zur Suche springen
(Die Seite wurde neu angelegt: „Zurück zu : FortiGate-5.4-5.6:FAQ __TOC__ <nowiki> --------------- output Tree-5.6.1 --------------- -- -- system -- [vdom] --*name (12)…“) |
Keine Bearbeitungszusammenfassung |
||
Zeile 5: | Zeile 5: | ||
<nowiki> | <nowiki> | ||
--------------- output Tree-5.6.1 --------------- | --------------- output Tree-5.6.1 --------------- | ||
-- -- system -- [vdom] --*name ( | -- -- system |- [datasource] --*name (36) | ||
+- type (0,4294967295) | |||
|- <global> -- language | |||
|- gui-ipv6 | |||
|- gui-certificates | |||
|- gui-custom-language | |||
|- gui-wireless-opensecurity | |||
|- gui-display-hostname | |||
|- gui-lines-per-page (20,1000) | |||
|- admin-https-ssl-versions | |||
|- admintimeout (1,480) | |||
|- admin-console-timeout (15,300) | |||
|- ssd-trim-freq | |||
|- ssd-trim-hour (0,23) | |||
|- ssd-trim-min (0,60) | |||
|- ssd-trim-weekday | |||
|- ssd-trim-date (1,31) | |||
|- admin-concurrent | |||
|- admin-lockout-threshold (1,10) | |||
|- admin-lockout-duration (1,2147483647) | |||
|- refresh (0,4294967295) | |||
|- interval (0,4294967295) | |||
|- failtime (0,4294967295) | |||
|- daily-restart | |||
|- restart-time | |||
|- radius-port (1,65535) | |||
|- admin-login-max (1,100) | |||
|- remoteauthtimeout (1,300) | |||
|- ldapconntimeout (0,4294967295) | |||
|- batch-cmdb | |||
|- dst | |||
|- timezone | |||
|- ntpserver (64) | |||
|- ntpsync | |||
|- syncinterval (1,1440) | |||
|- traffic-priority | |||
|- traffic-priority-level | |||
|- anti-replay | |||
|- send-pmtu-icmp | |||
|- honor-df | |||
|- revision-image-auto-backup | |||
|- revision-backup-on-logout | |||
|- management-vdom (32) | |||
|- hostname (36) | |||
|- alias (36) | |||
|- strong-crypto | |||
|- ssh-cbc-cipher | |||
|- ssh-hmac-md5 | |||
|- ssl-static-key-ciphers | |||
|- snat-route-change | |||
|- cli-audit-log | |||
|- dh-params | |||
|- fds-statistics | |||
|- fds-statistics-period (1,1440) | |||
|- multicast-forward | |||
|- mc-ttl-notchange | |||
|- asymroute | |||
|- tcp-option | |||
|- lldp-transmission | |||
|- proxy-auth-timeout (1,600) | |||
|- sys-perf-log-interval (0,15) | |||
|- check-protocol-header | |||
|- vip-arp-range | |||
|- reset-sessionless-tcp | |||
|- allow-traffic-redirect | |||
|- strict-dirty-session-check | |||
|- tcp-halfclose-timer (1,86400) | |||
|- tcp-halfopen-timer (1,86400) | |||
|- tcp-timewait-timer (0,300) | |||
|- udp-idle-timer (1,86400) | |||
|- block-session-timer (1,300) | |||
|- ip-src-port-range | |||
|- pre-login-banner | |||
|- post-login-banner | |||
|- tftp | |||
|- av-failopen | |||
|- av-failopen-session | |||
|- memory-use-threshold-extreme (70,97) | |||
|- memory-use-threshold-red (70,97) | |||
|- memory-use-threshold-green (70,97) | |||
|- check-reset-range | |||
|- vdom-admin | |||
|- long-vdom-name | |||
|- admin-port (1,65535) | |||
|- admin-sport (1,65535) | |||
|- admin-https-redirect | |||
|- admin-ssh-password | |||
|- admin-ssh-port (1,65535) | |||
|- admin-ssh-grace-time (10,3600) | |||
|- admin-ssh-v1 | |||
|- admin-telnet-port (1,65535) | |||
|- admin-maintainer | |||
|- admin-reset-button | |||
|- admin-server-cert (36) | |||
|- user-server-cert (36) | |||
|- admin-https-pki-required | |||
|- wifi-certificate (36) | |||
|- wifi-ca-certificate (36) | |||
|- auth-http-port (1,65535) | |||
|- auth-https-port (1,65535) | |||
|- auth-keepalive | |||
|- policy-auth-concurrent (0,100) | |||
|- auth-session-limit | |||
|- auth-cert (36) | |||
|- clt-cert-req | |||
|- fortiservice-port (1,65535) | |||
|- endpoint-control-portal-port (1,65535) | |||
|- endpoint-control-fds-access | |||
|- tp-mc-skip-policy | |||
|- cfg-save | |||
|- cfg-revert-timeout (10,4294967295) | |||
|- reboot-upon-config-restore | |||
|- admin-scp | |||
|- wireless-controller | |||
|- wireless-controller-port (1024,49150) | |||
|- fortiextender-data-port (1024,49150) | |||
|- fortiextender | |||
|- fortiextender-vlan-mode | |||
|- switch-controller | |||
|- switch-controller-reserved-network | |||
|- proxy-worker-count (1,4) | |||
|- scanunit-count (2,4) | |||
|- proxy-kxp-hardware-acceleration | |||
|- proxy-cipher-hardware-acceleration | |||
|- fgd-alert-subscription | |||
|- ipsec-hmac-offload | |||
|- ipv6-accept-dad (0,2) | |||
|- ipv6-allow-anycast-probe | |||
|- csr-ca-attribute | |||
|- wimax-4g-usb | |||
|- cert-chain-max (1,2147483647) | |||
|- sslvpn-max-worker-count (1,4) | |||
|- sslvpn-kxp-hardware-acceleration | |||
|- sslvpn-cipher-hardware-acceleration | |||
|- sslvpn-plugin-version-check | |||
|- two-factor-ftk-expiry (60,600) | |||
|- two-factor-email-expiry (30,300) | |||
|- two-factor-sms-expiry (30,300) | |||
|- two-factor-fac-expiry (10,3600) | |||
|- two-factor-ftm-expiry (1,168) | |||
|- virtual-server-count (1,4) | |||
|- virtual-server-hardware-acceleration | |||
|- wad-worker-count (1,4) | |||
|- login-timestamp | |||
|- miglogd-children (0,15) | |||
|- special-file-23-support | |||
|- log-uuid | |||
|- log-ssl-connection | |||
|- arp-max-entry (131072,2147483647) | |||
|- ndp-max-entry (65536,2147483647) | |||
|- br-fdb-max-entry (8192,2147483647) | |||
|- max-route-cache-size (0,2147483647) | |||
|- ipsec-asic-offload | |||
|- device-idle-timeout (30,31536000) | |||
|- device-identification-active-scan-delay (20,3600) | |||
|- compliance-check | |||
|- compliance-check-time | |||
|- gui-device-latitude (20) | |||
|- gui-device-longitude (20) | |||
|- private-data-encryption | |||
|- auto-auth-extension-device | |||
|- gui-theme | |||
+- igmp-state-limit (96,128000) | |||
|- [accprofile] --*name (36) | |||
|- scope | |||
|- comments | |||
|- mntgrp | |||
|- admingrp | |||
|- updategrp | |||
|- authgrp | |||
|- sysgrp | |||
|- netgrp | |||
|- loggrp | |||
|- routegrp | |||
|- fwgrp | |||
|- vpngrp | |||
|- utmgrp | |||
|- endpoint-control-grp | |||
|- wifi | |||
|- <fwgrp-permission> -- policy | |||
|- address | |||
|- service | |||
|- schedule | |||
|- packet-capture | |||
+- others | |||
|- <loggrp-permission> -- config | |||
|- data-access | |||
|- report-access | |||
+- threat-weight | |||
|- <utmgrp-permission> -- antivirus | |||
|- ips | |||
|- webfilter | |||
|- spamfilter | |||
|- data-loss-prevention | |||
|- application-control | |||
|- icap | |||
|- voip | |||
|- waf | |||
+- dnsfilter | |||
|- admintimeout-override | |||
+- admintimeout (1,480) | |||
|- <npu> | |||
|- [vdom-link] --*name (12) | |||
|- vcluster | |||
+- type | |||
|- [switch-interface] --*name (16) | |||
|- vdom (32) | |||
|- span-dest-port (16) | |||
|- [span-source-port] --*interface-name (65) | |||
|- [member] --*interface-name (65) | |||
|- type | |||
|- intra-switch-policy | |||
|- span | |||
+- span-direction | |||
|- [object-tag] --*name (64) | |||
|- <lte-modem> -- status | |||
|- extra-init (128 xss) | |||
|- authtype | |||
|- username (64 xss) | |||
|- passwd | |||
|- apn (128 xss) | |||
|- modem-port (0,20) | |||
|- mode | |||
|- holddown-timer (10,60) | |||
+- interface (64) | |||
|- [interface] --*name (16) | |||
|- vdom (32) | |||
|- cli-conn-status (0,4294967295) | |||
|- fortilink | |||
|- mode | |||
|- distance (1,255) | |||
|- priority (0,4294967295) | |||
|- dhcp-relay-service | |||
|- dhcp-relay-ip | |||
|- dhcp-relay-type | |||
|- management-ip | |||
|- ip | |||
|- allowaccess | |||
|- gwdetect | |||
|- ping-serv-status (0,255) | |||
|- detectserver | |||
|- detectprotocol | |||
|- ha-priority (1,50) | |||
|- fail-detect | |||
|- fail-detect-option | |||
|- fail-alert-method | |||
|- fail-action-on-extender | |||
|- [fail-alert-interfaces] --*name (65) | |||
|- dhcp-client-identifier (49) | |||
|- ipunnumbered | |||
|- username (65 xss) | |||
|- pppoe-unnumbered-negotiate | |||
|- password | |||
|- idle-timeout (0,32767) | |||
|- detected-peer-mtu (0,4294967295) | |||
|- disc-retry-timeout (0,4294967295) | |||
|- padt-retry-timeout (0,4294967295) | |||
|- service-name (64) | |||
|- ac-name (64) | |||
|- lcp-echo-interval (0,32767) | |||
|- lcp-max-echo-fails (0,32767) | |||
|- defaultgw | |||
|- dns-server-override | |||
|- auth-type | |||
|- pptp-client | |||
|- pptp-user (65) | |||
|- pptp-password | |||
|- pptp-server-ip | |||
|- pptp-auth-type | |||
|- pptp-timeout (0,65535) | |||
|- arpforward | |||
|- ndiscforward | |||
|- broadcast-forward | |||
|- bfd | |||
|- bfd-desired-min-tx (1,100000) | |||
|- bfd-detect-mult (1,50) | |||
|- bfd-required-min-rx (1,100000) | |||
|- l2forward | |||
|- icmp-redirect | |||
|- vlanforward | |||
|- stpforward | |||
|- stpforward-mode | |||
|- ips-sniffer-mode | |||
|- ident-accept | |||
|- ipmac | |||
|- subst | |||
|- macaddr | |||
|- substitute-dst-mac | |||
|- speed | |||
|- status | |||
|- netbios-forward | |||
|- wins-ip | |||
|- type | |||
|- dedicated-to | |||
|- trust-ip-1 | |||
|- trust-ip-2 | |||
|- trust-ip-3 | |||
|- trust-ip6-1 | |||
|- trust-ip6-2 | |||
|- trust-ip6-3 | |||
|- mtu-override | |||
|- mtu (0,4294967295) | |||
|- wccp | |||
|- netflow-sampler | |||
|- sflow-sampler | |||
|- drop-overlapped-fragment | |||
|- drop-fragment | |||
|- scan-botnet-connections | |||
|- src-check | |||
|- sample-rate (10,99999) | |||
|- polling-interval (1,255) | |||
|- sample-direction | |||
|- explicit-web-proxy | |||
|- explicit-ftp-proxy | |||
|- proxy-captive-portal | |||
|- tcp-mss (0,4294967295) | |||
|- inbandwidth (0,16776000) | |||
|- outbandwidth (0,16776000) | |||
|- spillover-threshold (0,16776000) | |||
|- ingress-spillover-threshold (0,16776000) | |||
|- weight (0,255) | |||
|- interface (16) | |||
|- external | |||
|- vlanid (1,4094) | |||
|- forward-domain (0,2147483647) | |||
|- remote-ip | |||
|- [managed-device] --*name (65) | |||
|- devindex (0,4294967295) | |||
|- vindex (0,65535) | |||
|- switch (16) | |||
|- description | |||
|- alias (26) | |||
|- l2tp-client | |||
|- <l2tp-client-settings> -- user (128) | |||
|- password | |||
|- peer-host (256) | |||
|- peer-mask | |||
|- peer-port (1,65535) | |||
|- auth-type | |||
|- mtu (40,65535) | |||
|- distance (1,255) | |||
|- priority (0,4294967295) | |||
|- defaultgw | |||
+- ip | |||
|- security-mode | |||
|- captive-portal (0,4294967295) | |||
|- security-mac-auth-bypass | |||
|- security-8021x-mode | |||
|- security-8021x-master (16) | |||
|- security-8021x-dynamic-vlan-id (0,4094) | |||
|- security-external-web (128) | |||
|- security-external-logout (128) | |||
|- replacemsg-override-group (36) | |||
|- security-redirect-url (128) | |||
|- security-exempt-list (36) | |||
|- [security-groups] --*name (65) | |||
|- stp | |||
|- stp-ha-slave | |||
|- device-identification | |||
|- device-user-identification | |||
|- device-access-list (36) | |||
|- lldp-transmission | |||
|- fortiheartbeat | |||
|- broadcast-forticlient-discovery | |||
|- endpoint-compliance | |||
|- estimated-upstream-bandwidth (0,4294967295) | |||
|- estimated-downstream-bandwidth (0,4294967295) | |||
|- vrrp-virtual-mac | |||
|- [vrrp] --*vrid (1,255) | |||
|- vrgrp (1,65535) | |||
|- vrip | |||
|- priority (1,255) | |||
|- adv-interval (1,255) | |||
|- start-time (1,255) | |||
|- preempt | |||
|- vrdst | |||
|- vrdst-priority (0,254) | |||
+- status | |||
|- role | |||
|- snmp-index (0,4294967295) | |||
|- secondary-IP | |||
|- [secondaryip] --*id (0,4294967295) | |||
|- ip | |||
|- allowaccess | |||
|- gwdetect | |||
|- ping-serv-status (0,255) | |||
|- detectserver | |||
|- detectprotocol | |||
+- ha-priority (1,50) | |||
|- preserve-session-route | |||
|- auto-auth-extension-device | |||
|- ap-discover | |||
|- fortilink-stacking | |||
|- fortilink-split-interface | |||
|- internal (0,255) | |||
|- fortilink-backup-link (0,255) | |||
|- switch-controller-access-vlan | |||
|- switch-controller-igmp-snooping | |||
|- switch-controller-dhcp-snooping | |||
|- switch-controller-dhcp-snooping-verify-mac | |||
|- switch-controller-dhcp-snooping-option82 | |||
|- switch-controller-auth | |||
|- switch-controller-radius-server (36) | |||
|- color (0,32) | |||
+- <ipv6> -- ip6-mode | |||
|- nd-mode | |||
|- nd-cert (36) | |||
|- nd-security-level (0,7) | |||
|- nd-timestamp-delta (1,3600) | |||
|- nd-timestamp-fuzz (1,60) | |||
|- nd-cga-modifier | |||
|- ip6-dns-server-override | |||
|- ip6-address | |||
|- [ip6-extra-addr] --*prefix | |||
|- ip6-allowaccess | |||
|- ip6-send-adv | |||
|- ip6-manage-flag | |||
|- ip6-other-flag | |||
|- ip6-max-interval (4,1800) | |||
|- ip6-min-interval (3,1350) | |||
|- ip6-link-mtu (0,4294967295) | |||
|- ip6-reachable-time (0,3600000) | |||
|- ip6-retrans-time (0,4294967295) | |||
|- ip6-default-life (0,9000) | |||
|- ip6-hop-limit (0,255) | |||
|- autoconf | |||
|- ip6-upstream-interface (16) | |||
|- ip6-subnet | |||
|- [ip6-prefix-list] --*prefix | |||
|- autonomous-flag | |||
|- onlink-flag | |||
|- valid-life-time (0,4294967295) | |||
|- preferred-life-time (0,4294967295) | |||
|- rdnss | |||
+- [dnssl] --*domain (80) | |||
|- [ip6-delegated-prefix-list] --*prefix-id (0,4294967295) | |||
|- upstream-interface (16) | |||
|- autonomous-flag | |||
|- onlink-flag | |||
|- subnet | |||
|- rdnss-service | |||
+- rdnss | |||
|- dhcp6-relay-service | |||
|- dhcp6-relay-type | |||
|- dhcp6-relay-ip | |||
|- dhcp6-client-options | |||
|- dhcp6-prefix-delegation | |||
|- dhcp6-information-request | |||
|- dhcp6-prefix-hint | |||
|- dhcp6-prefix-hint-plt (0,4294967295) | |||
+- dhcp6-prefix-hint-vlt (0,4294967295) | |||
|- [physical-switch] --*name (16) | |||
|- age-enable | |||
|- age-val (0,4294967295) | |||
+- [port] --*name (16) | |||
|- speed | |||
+- status | |||
|- [virtual-switch] --*name (16) | |||
|- physical-switch (16) | |||
|- [port] --*name (16) | |||
|- speed | |||
|- status | |||
+- alias (26) | |||
|- span | |||
|- span-source-port (16) | |||
|- span-dest-port (16) | |||
+- span-direction | |||
|- <stp> |- switch-priority | |||
|- hello-time (1,10) | |||
|- forward-delay (4,30) | |||
|- max-age (6,40) | |||
+- max-hops (1,40) | |||
|- <password-policy> -- status | |||
|- apply-to | |||
|- minimum-length (8,128) | |||
|- min-lower-case-letter (0,128) | |||
|- min-upper-case-letter (0,128) | |||
|- min-non-alphanumeric (0,128) | |||
|- min-number (0,128) | |||
|- change-4-characters | |||
|- expire-status | |||
|- expire-day (1,999) | |||
+- reuse-password | |||
|- <password-policy-guest-admin> -- status | |||
|- apply-to | |||
|- minimum-length (8,128) | |||
|- min-lower-case-letter (0,128) | |||
|- min-upper-case-letter (0,128) | |||
|- min-non-alphanumeric (0,128) | |||
|- min-number (0,128) | |||
|- change-4-characters | |||
|- expire-status | |||
|- expire-day (1,999) | |||
+- reuse-password | |||
|- [sms-server] --*name (36) | |||
+- mail-server (64 xss) | |||
|- [custom-language] --*name (36) | |||
|- filename (64) | |||
+- comments | |||
|- [admin] --*name (36) | |||
|- wildcard | |||
|- remote-auth | |||
|- remote-group (36) | |||
|- password | |||
|- peer-auth | |||
|- peer-group (36) | |||
|- trusthost1 | |||
|- trusthost2 | |||
|- trusthost3 | |||
|- trusthost4 | |||
|- trusthost5 | |||
|- trusthost6 | |||
|- trusthost7 | |||
|- trusthost8 | |||
|- trusthost9 | |||
|- trusthost10 | |||
|- ip6-trusthost1 | |||
|- ip6-trusthost2 | |||
|- ip6-trusthost3 | |||
|- ip6-trusthost4 | |||
|- ip6-trusthost5 | |||
|- ip6-trusthost6 | |||
|- ip6-trusthost7 | |||
|- ip6-trusthost8 | |||
|- ip6-trusthost9 | |||
|- ip6-trusthost10 | |||
|- accprofile (36) | |||
|- allow-remove-admin-session | |||
|- comments | |||
|- hidden (0,255) | |||
|- [vdom] --*name (65) | |||
|- ssh-public-key1 | |||
|- ssh-public-key2 | |||
|- ssh-public-key3 | |||
|- ssh-certificate (36) | |||
|- schedule (36) | |||
|- accprofile-override | |||
|- radius-vdom-override | |||
|- password-expire | |||
|- force-password-change | |||
|- [gui-dashboard] --*id (0,4294967295) | |||
|- name (36 xss) | |||
|- scope | |||
|- layout-type | |||
|- columns (5,20) | |||
+- [widget] --*id (0,4294967295) | |||
|- type | |||
|- x-pos (0,1000) | |||
|- y-pos (0,1000) | |||
|- width (1,50) | |||
|- height (1,50) | |||
|- interface (16) | |||
|- report-by | |||
|- timeframe | |||
|- sort-by (128) | |||
|- visualization | |||
+- [filters] --*id (0,4294967295) | |||
|- key (128) | |||
+- value (128) | |||
|- two-factor | |||
|- fortitoken (17) | |||
|- email-to (64) | |||
|- sms-server | |||
|- sms-custom-server (36) | |||
|- sms-phone (16) | |||
|- guest-auth | |||
|- [guest-usergroups] --*name (65 xss) | |||
|- guest-lang (36) | |||
|- history0 | |||
|- history1 | |||
|- [login-time] --*usr-name (36) | |||
|- last-login | |||
+- last-failed-login | |||
|- [gui-global-menu-favorites] --*id (65 xss) | |||
+- [gui-vdom-menu-favorites] --*id (65 xss) | |||
|- [api-user] --*name (36) | |||
|- comments | |||
|- api-key | |||
|- accprofile (36) | |||
|- [vdom] --*name (65) | |||
|- schedule (36) | |||
|- cors-allow-origin (270) | |||
|- peer-auth | |||
|- peer-group (36) | |||
+- [trusthost] --*id (0,4294967295) | |||
|- type | |||
|- ipv4-trusthost | |||
+- ipv6-trusthost | |||
|- <settings> -- comments | |||
|- opmode | |||
|- inspection-mode | |||
|- ngfw-mode | |||
|- ssl-ssh-profile (36) | |||
|- http-external-dest | |||
|- firewall-session-dirty | |||
|- manageip | |||
|- gateway | |||
|- ip | |||
|- manageip6 | |||
|- gateway6 | |||
|- ip6 | |||
|- device (36) | |||
|- bfd | |||
|- bfd-desired-min-tx (1,100000) | |||
|- bfd-required-min-rx (1,100000) | |||
|- bfd-detect-mult (1,50) | |||
|- bfd-dont-enforce-src-port | |||
|- utf8-spam-tagging | |||
|- wccp-cache-engine | |||
|- vpn-stats-log | |||
|- vpn-stats-period (60,86400) | |||
|- v4-ecmp-mode | |||
|- mac-ttl (300,8640000) | |||
|- fw-session-hairpin | |||
|- snat-hairpin-traffic | |||
|- dhcp-proxy | |||
|- dhcp-server-ip | |||
|- dhcp6-server-ip | |||
|- central-nat | |||
|- [gui-default-policy-columns] --*name (65 xss) | |||
|- lldp-transmission | |||
|- asymroute | |||
|- asymroute-icmp | |||
|- tcp-session-without-syn | |||
|- ses-denied-traffic | |||
|- strict-src-check | |||
|- asymroute6 | |||
|- asymroute6-icmp | |||
|- sip-helper | |||
|- sip-nat-trace | |||
|- status | |||
|- sip-tcp-port (1,65535) | |||
|- sip-udp-port (1,65535) | |||
|- sip-ssl-port (0,65535) | |||
|- sccp-port (0,65535) | |||
|- multicast-forward | |||
|- multicast-ttl-notchange | |||
|- multicast-skip-policy | |||
|- allow-subnet-overlap | |||
|- deny-tcp-with-icmp | |||
|- ecmp-max-paths (1,100) | |||
|- discovered-device-timeout (1,365) | |||
|- email-portal-check-dns | |||
|- default-voip-alg-mode | |||
|- gui-icap | |||
|- gui-nat46-64 | |||
|- gui-implicit-policy | |||
|- gui-dns-database | |||
|- gui-load-balance | |||
|- gui-multicast-policy | |||
|- gui-dos-policy | |||
|- gui-object-colors | |||
|- gui-replacement-message-groups | |||
|- gui-voip-profile | |||
|- gui-ap-profile | |||
|- gui-dynamic-profile-display | |||
|- gui-local-in-policy | |||
|- gui-explicit-proxy | |||
|- gui-dynamic-routing | |||
|- gui-dlp | |||
|- gui-sslvpn-personal-bookmarks | |||
|- gui-sslvpn-realms | |||
|- gui-policy-based-ipsec | |||
|- gui-threat-weight | |||
|- gui-multiple-utm-profiles | |||
|- gui-spamfilter | |||
|- gui-application-control | |||
|- gui-ips | |||
|- gui-endpoint-control | |||
|- gui-endpoint-control-advanced | |||
|- gui-dhcp-advanced | |||
|- gui-vpn | |||
|- gui-wireless-controller | |||
|- gui-switch-controller | |||
|- gui-fortiap-split-tunneling | |||
|- gui-webfilter-advanced | |||
|- gui-traffic-shaping | |||
|- gui-wan-load-balancing | |||
|- gui-antivirus | |||
|- gui-webfilter | |||
|- gui-dnsfilter | |||
|- gui-waf-profile | |||
|- gui-fortiextender-controller | |||
|- gui-advanced-policy | |||
|- gui-allow-unnamed-policy | |||
|- gui-email-collection | |||
|- gui-domain-ip-reputation | |||
|- gui-multiple-interface-policy | |||
|- gui-policy-learning | |||
|- compliance-check | |||
|- ike-session-resume | |||
|- ike-quick-crash-detect | |||
+- ike-dn-format | |||
|- [sit-tunnel] --*name (16) | |||
|- source | |||
|- destination | |||
|- ip6 | |||
|- interface (16) | |||
+- auto-asic-offload | |||
|- <fsso-polling> -- status | |||
|- listening-port (1,65535) | |||
|- authentication | |||
+- auth-password | |||
|- <ha> -- group-id (0,255) | |||
|- group-name (33) | |||
|- mode | |||
|- sync-packet-balance | |||
|- password | |||
|- key | |||
|- hbdev | |||
|- session-sync-dev | |||
|- route-ttl (5,3600) | |||
|- route-wait (0,3600) | |||
|- route-hold (0,3600) | |||
|- multicast-ttl (5,3600) | |||
|- load-balance-all | |||
|- sync-config | |||
|- encryption | |||
|- authentication | |||
|- hb-interval (1,20) | |||
|- hb-lost-threshold (1,60) | |||
|- hello-holddown (5,300) | |||
|- gratuitous-arps | |||
|- arps (1,60) | |||
|- arps-interval (1,20) | |||
|- session-pickup | |||
|- session-pickup-connectionless | |||
|- session-pickup-expectation | |||
|- session-pickup-nat | |||
|- session-pickup-delay | |||
|- session-sync-daemon-number (1,15) | |||
|- link-failed-signal | |||
|- uninterruptible-upgrade | |||
|- standalone-mgmt-vdom | |||
|- ha-mgmt-status | |||
|- [ha-mgmt-interfaces] --*id (0,4294967295) | |||
|- interface (16) | |||
|- dst | |||
|- gateway | |||
+- gateway6 | |||
|- ha-eth-type (5) | |||
|- hc-eth-type (5) | |||
|- l2ep-eth-type (5) | |||
|- ha-uptime-diff-margin (1,65535) | |||
|- standalone-config-sync | |||
|- vcluster2 | |||
|- vcluster-id (0,255) | |||
|- override | |||
|- priority (0,255) | |||
|- override-wait-time (0,3600) | |||
|- schedule | |||
|- weight | |||
|- cpu-threshold | |||
|- memory-threshold | |||
|- http-proxy-threshold | |||
|- ftp-proxy-threshold | |||
|- imap-proxy-threshold | |||
|- nntp-proxy-threshold | |||
|- pop3-proxy-threshold | |||
|- smtp-proxy-threshold | |||
|- monitor | |||
|- pingserver-monitor-interface | |||
|- pingserver-failover-threshold (0,50) | |||
|- pingserver-slave-force-reset | |||
|- pingserver-flip-timeout (6,2147483647) | |||
|- vdom | |||
|- <secondary-vcluster> -- vcluster-id (0,255) | |||
|- override | |||
|- priority (0,255) | |||
|- override-wait-time (0,3600) | |||
|- monitor | |||
|- pingserver-monitor-interface | |||
|- pingserver-failover-threshold (0,50) | |||
|- pingserver-slave-force-reset | |||
+- vdom | |||
+- ha-direct | |||
|- <ha-monitor> -- monitor-vlan | |||
|- vlan-hb-interval (1,30) | |||
+- vlan-hb-lost-threshold (1,60) | |||
|- [storage] --*name (36) | |||
|- partition (17) | |||
|- media-type (5) | |||
|- device (13) | |||
+- size (0,4294967295) | |||
|- <dedicated-mgmt> -- status | |||
|- interface (16) | |||
|- default-gateway | |||
|- dhcp-server | |||
|- dhcp-netmask | |||
|- dhcp-start-ip | |||
+- dhcp-end-ip | |||
|- [arp-table] --*id (0,4294967295) | |||
|- interface (16) | |||
|- ip | |||
+- mac | |||
|- [ipv6-neighbor-cache] --*id (0,4294967295) | |||
|- interface (16) | |||
|- ipv6 | |||
+- mac | |||
|- <dns> -- primary | |||
|- secondary | |||
|- domain (128) | |||
|- ip6-primary | |||
|- ip6-secondary | |||
|- dns-cache-limit (0,4294967295) | |||
|- dns-cache-ttl (60,86400) | |||
|- cache-notfound-responses | |||
+- source-ip | |||
|- [ddns] --*ddnsid (0,4294967295) | |||
|- ddns-server | |||
|- ddns-server-ip | |||
|- ddns-zone (65) | |||
|- ddns-ttl (60,86400) | |||
|- ddns-auth | |||
|- ddns-keyname (65) | |||
|- ddns-key | |||
|- ddns-domain (65) | |||
|- ddns-username (65) | |||
|- ddns-sn (65) | |||
|- ddns-password | |||
|- use-public-ip | |||
|- update-interval (60,2592000) | |||
|- clear-text | |||
|- ssl-certificate (36) | |||
|- bound-ip | |||
+- [monitor-interface] --*interface-name (65) | |||
|- <sflow> -- collector-ip | |||
|- collector-port (0,65535) | |||
+- source-ip | |||
|- <vdom-sflow> -- vdom-sflow | |||
|- collector-ip | |||
|- collector-port (0,65535) | |||
+- source-ip | |||
|- <netflow> -- collector-ip | |||
|- collector-port (0,65535) | |||
|- source-ip | |||
|- active-flow-timeout (1,60) | |||
|- inactive-flow-timeout (10,600) | |||
|- template-tx-timeout (1,1440) | |||
+- template-tx-counter (10,6000) | |||
|- <vdom-netflow> -- vdom-netflow | |||
|- collector-ip | |||
|- collector-port (0,65535) | |||
+- source-ip | |||
|- <vdom-dns> -- vdom-dns | |||
|- primary | |||
|- secondary | |||
|- ip6-primary | |||
|- ip6-secondary | |||
+- source-ip | |||
|- [replacemsg-image] --*name (24) | |||
|- image-type | |||
+- image-base64 | |||
|- replacemsg -- [mail] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [http] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [webproxy] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [ftp] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [nntp] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [fortiguard-wf] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [spam] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [alertmail] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [admin] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [auth] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [sslvpn] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [ec] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [device-detection-portal] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [nac-quar] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [traffic-quota] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
+- [utm] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [replacemsg-group] --*name (36) | |||
|- comment | |||
|- group-type | |||
|- [mail] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [http] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [webproxy] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [ftp] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [nntp] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [fortiguard-wf] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [spam] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [alertmail] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [admin] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [auth] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [sslvpn] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [ec] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [device-detection-portal] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [nac-quar] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [traffic-quota] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- [utm] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
+- [custom-message] --*msg-type (29) | |||
|- buffer | |||
|- header | |||
+- format | |||
|- snmp -- <sysinfo> -- status | |||
|- engine-id (25) | |||
|- description | |||
|- contact-info | |||
|- location | |||
|- trap-high-cpu-threshold (1,100) | |||
|- trap-low-memory-threshold (1,100) | |||
+- trap-log-full-threshold (1,100) | |||
|- [community] --*id (0,4294967295) | |||
|- name (36) | |||
|- status | |||
|- [hosts] --*id (0,4294967295) | |||
|- source-ip | |||
|- ip | |||
|- ha-direct | |||
+- host-type | |||
|- [hosts6] --*id (0,4294967295) | |||
|- source-ipv6 | |||
|- ipv6 | |||
|- ha-direct | |||
+- host-type | |||
|- query-v1-status | |||
|- query-v1-port (1,65535) | |||
|- query-v2c-status | |||
|- query-v2c-port (0,65535) | |||
|- trap-v1-status | |||
|- trap-v1-lport (1,65535) | |||
|- trap-v1-rport (1,65535) | |||
|- trap-v2c-status | |||
|- trap-v2c-lport (1,65535) | |||
|- trap-v2c-rport (1,65535) | |||
+- events | |||
+- [user] --*name (33) | |||
|- status | |||
|- trap-status | |||
|- trap-lport (0,65535) | |||
|- trap-rport (0,65535) | |||
|- queries | |||
|- query-port (0,65535) | |||
|- notify-hosts | |||
|- notify-hosts6 | |||
|- source-ip | |||
|- source-ipv6 | |||
|- ha-direct | |||
|- events | |||
|- security-level | |||
|- auth-proto | |||
|- auth-pwd | |||
|- priv-proto | |||
+- priv-pwd | |||
|- autoupdate -- <push-update> -- status | |||
|- override | |||
|- address | |||
+- port (0,65535) | |||
|- <schedule> -- status | |||
|- frequency | |||
|- time | |||
+- day | |||
+- <tunneling> -- status | |||
|- address (64) | |||
|- port (0,65535) | |||
|- username (50) | |||
+- password | |||
|- <session-ttl> -- default | |||
+- [port] --*id (0,65535) | |||
|- protocol (0,255) | |||
|- start-port (0,65535) | |||
|- end-port (0,65535) | |||
+- timeout | |||
|- dhcp -- [server] --*id (0,4294967295) | |||
|- status | |||
|- lease-time (300,8640000) | |||
|- mac-acl-default-action | |||
|- forticlient-on-net-status | |||
|- dns-service | |||
|- dns-server1 | |||
|- dns-server2 | |||
|- dns-server3 | |||
|- wifi-ac1 | |||
|- wifi-ac2 | |||
|- wifi-ac3 | |||
|- ntp-service | |||
|- ntp-server1 | |||
|- ntp-server2 | |||
|- ntp-server3 | |||
|- domain (36) | |||
|- wins-server1 | |||
|- wins-server2 | |||
|- default-gateway | |||
|- next-server | |||
|- netmask | |||
|- interface (16) | |||
|- [ip-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
|- timezone-option | |||
|- timezone | |||
|- tftp-server (64) | |||
|- filename (128) | |||
|- [options] --*id (0,4294967295) | |||
|- code (0,255) | |||
|- type | |||
|- value (313) | |||
+- ip | |||
|- server-type | |||
|- ip-mode | |||
|- conflicted-ip-timeout (60,8640000) | |||
|- ipsec-lease-hold (0,8640000) | |||
|- auto-configuration | |||
|- ddns-update | |||
|- ddns-update-override | |||
|- ddns-server-ip | |||
|- ddns-zone (65) | |||
|- ddns-auth | |||
|- ddns-keyname (65) | |||
|- ddns-key | |||
|- ddns-ttl (60,86400) | |||
|- vci-match | |||
|- [vci-string] --*vci-string (256) | |||
|- [exclude-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
+- [reserved-address] --*id (0,4294967295) | |||
|- ip | |||
|- mac | |||
|- action | |||
+- description | |||
|- dhcp6 -- [server] --*id (0,4294967295) | |||
|- status | |||
|- rapid-commit | |||
|- lease-time (300,8640000) | |||
|- dns-service | |||
|- dns-search-list | |||
|- dns-server1 | |||
|- dns-server2 | |||
|- dns-server3 | |||
|- domain (36) | |||
|- subnet | |||
|- interface (16) | |||
|- option1 | |||
|- option2 | |||
|- option3 | |||
|- upstream-interface (16) | |||
|- ip-mode | |||
+- [ip-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
|- [virtual-wire-pair] --*name (36) | |||
|- [member] --*interface-name (65) | |||
+- wildcard-vlan | |||
|- <modem> -- status | |||
|- pin-init (128 xss) | |||
|- network-init (128 xss) | |||
|- lockdown-lac (128 xss) | |||
|- mode | |||
|- auto-dial | |||
|- dial-on-demand | |||
|- idle-timer (1,9999) | |||
|- redial | |||
|- reset (0,10) | |||
|- holddown-timer (1,60) | |||
|- connect-timeout (30,255) | |||
|- interface (64) | |||
|- wireless-port (0,4294967295) | |||
|- dont-send-CR1 | |||
|- phone1 (64 xss) | |||
|- dial-cmd1 (64) | |||
|- username1 (64 xss) | |||
|- passwd1 | |||
|- extra-init1 (128 xss) | |||
|- peer-modem1 | |||
|- ppp-echo-request1 | |||
|- authtype1 | |||
|- dont-send-CR2 | |||
|- phone2 (64 xss) | |||
|- dial-cmd2 (64) | |||
|- username2 (64 xss) | |||
|- passwd2 | |||
|- extra-init2 (128 xss) | |||
|- peer-modem2 | |||
|- ppp-echo-request2 | |||
|- authtype2 | |||
|- dont-send-CR3 | |||
|- phone3 (64 xss) | |||
|- dial-cmd3 (64) | |||
|- username3 (64 xss) | |||
|- passwd3 | |||
|- extra-init3 (128 xss) | |||
|- peer-modem3 | |||
|- ppp-echo-request3 | |||
|- altmode | |||
|- authtype3 | |||
|- traffic-check | |||
|- action | |||
|- distance (1,255) | |||
+- priority (0,4294967295) | |||
|- 3g-modem -- [custom] --*id (0,4294967295) | |||
|- vendor (36) | |||
|- model (36) | |||
|- vendor-id | |||
|- product-id | |||
|- class-id | |||
+- init-string (128) | |||
|- <dialinsvr> -- status | |||
|- server-ip | |||
|- client-ip | |||
|- usrgrp (36) | |||
+- allowaccess | |||
|- <status> | |||
|- performance -- <status> | |||
|- <top> -- <delay> -- <lines> (0) | |||
+- firewall -- <packet-distribution> | |||
+- <statistics> | |||
|- <session> | |||
|- <cmdb> | |||
|- <fortiguard-service> | |||
|- <fortianalyzer-connectivity> | |||
|- checksum -- <status> | |||
|- <mgmt-csum> | |||
|- <ha-nonsync-csum> | |||
|- <fortiguard-log-service> | |||
|- <central-mgmt> | |||
|- [alias] --*name (36) | |||
+- command | |||
|- [auto-script] --*name (36) | |||
|- interval (0,31557600) | |||
|- repeat (0,65535) | |||
|- start | |||
|- script | |||
+- output-size (10,1024) | |||
|- info -- admin -- <status> | |||
+- <ssh> | |||
|- <management-tunnel> -- status | |||
|- allow-config-restore | |||
|- allow-push-configuration | |||
|- allow-push-firmware | |||
|- allow-collect-statistics | |||
|- authorized-manager-only | |||
+- serial-number | |||
|- <fortimanager> -- ip | |||
|- vdom (32) | |||
|- ipsec | |||
|- central-management | |||
|- central-mgmt-auto-backup | |||
|- central-mgmt-schedule-config-restore | |||
+- central-mgmt-schedule-script-restore | |||
|- <fm> -- status | |||
|- id (36) | |||
|- ip | |||
|- vdom (32) | |||
|- auto-backup | |||
|- scheduled-config-restore | |||
+- ipsec | |||
|- <central-management> -- mode | |||
|- type | |||
|- schedule-config-restore | |||
|- schedule-script-restore | |||
|- allow-push-configuration | |||
|- allow-pushd-firmware | |||
|- allow-remote-firmware-upgrade | |||
|- allow-monitor | |||
|- serial-number | |||
|- fmg | |||
|- fmg-source-ip | |||
|- fmg-source-ip6 | |||
|- vdom (32) | |||
|- [server-list] --*id (0,4294967295) | |||
|- server-type | |||
|- addr-type | |||
|- server-address | |||
|- server-address6 | |||
+- fqdn (256) | |||
|- include-default-servers | |||
+- enc-algorithm | |||
|- [zone] --*name (36) | |||
|- intrazone | |||
+- [interface] --*interface-name (65) | |||
|- [geoip-country] --*id (3) | |||
+- name (64) | |||
|- [ipv6-tunnel] --*name (16) | |||
|- source | |||
|- destination | |||
|- interface (16) | |||
+- auto-asic-offload | |||
|- [ips-urlfilter-dns] --*address | |||
+- status | |||
|- <network-visibility> -- destination-visibility | |||
|- source-location | |||
|- destination-hostname-visibility | |||
|- hostname-ttl (60,86400) | |||
|- hostname-limit (0,50000) | |||
+- destination-location | |||
|- [gre-tunnel] --*name (16) | |||
|- interface (16) | |||
|- remote-gw | |||
|- local-gw | |||
|- dscp-copying | |||
|- keepalive-interval (0,32767) | |||
+- keepalive-failtimes (1,255) | |||
|- [ipip-tunnel] --*name (16) | |||
|- interface (16) | |||
|- remote-gw | |||
|- local-gw | |||
+- auto-asic-offload | |||
|- [mobile-tunnel] --*name (16) | |||
|- status | |||
|- roaming-interface (16) | |||
|- home-agent | |||
|- home-address | |||
|- renew-interval (5,60) | |||
|- lifetime (180,65535) | |||
|- reg-interval (5,300) | |||
|- reg-retry (1,30) | |||
|- n-mhae-spi (0,4294967295) | |||
|- n-mhae-key-type | |||
|- n-mhae-key | |||
|- hash-algorithm | |||
|- tunnel-mode | |||
+- [network] --*id (0,4294967295) | |||
|- interface (16) | |||
+- prefix | |||
|- [pppoe-interface] --*name (16) | |||
|- dial-on-demand | |||
|- ipv6 | |||
|- device (16) | |||
|- username (65 xss) | |||
|- password | |||
|- auth-type | |||
|- ipunnumbered | |||
|- pppoe-unnumbered-negotiate | |||
|- idle-timeout (0,4294967295) | |||
|- disc-retry-timeout (0,4294967295) | |||
|- padt-retry-timeout (0,4294967295) | |||
|- service-name (64) | |||
|- ac-name (64) | |||
|- lcp-echo-interval (0,4294967295) | |||
+- lcp-max-echo-fails (0,4294967295) | |||
|- [vxlan] --*name (16) | |||
|- interface (16) | |||
|- vni (1,16777215) | |||
|- ip-version | |||
|- [remote-ip] --*ip (16) | |||
|- [remote-ip6] --*ip6 (46) | |||
|- dstport (1,65535) | |||
+- multicast-ttl (1,255) | |||
|- [dns-database] --*name (36) | |||
|- status | |||
|- domain (256) | |||
|- allow-transfer | |||
|- type | |||
|- view | |||
|- ip-master | |||
|- primary-name (256) | |||
|- contact (256) | |||
|- ttl (0,2147483647) | |||
|- authoritative | |||
|- forwarder | |||
|- source-ip | |||
+- [dns-entry] --*id (0,4294967295) | |||
|- status | |||
|- type | |||
|- ttl (0,2147483647) | |||
|- preference (0,65535) | |||
|- ip | |||
|- ipv6 | |||
|- hostname (256) | |||
+- canonical-name (256) | |||
|- [dns-server] --*name (16) | |||
|- mode | |||
+- dnsfilter-profile (36) | |||
|- <resource-limits> -- session (0,4294967295) | |||
|- ipsec-phase1 (0,4294967295) | |||
|- ipsec-phase2 (0,4294967295) | |||
|- dialup-tunnel (0,4294967295) | |||
|- firewall-policy (0,4294967295) | |||
|- firewall-address (0,4294967295) | |||
|- firewall-addrgrp (0,4294967295) | |||
|- custom-service (0,4294967295) | |||
|- service-group (0,4294967295) | |||
|- onetime-schedule (0,4294967295) | |||
|- recurring-schedule (0,4294967295) | |||
|- user (0,4294967295) | |||
|- user-group (0,4294967295) | |||
|- sslvpn (0,4294967295) | |||
|- proxy (0,4294967295) | |||
+- log-disk-quota (0,4294967295) | |||
|- [vdom-property] --*name (32) | |||
|- description (128) | |||
|- snmp-index (0,4294967295) | |||
|- session | |||
|- ipsec-phase1 | |||
|- ipsec-phase2 | |||
|- dialup-tunnel | |||
|- firewall-policy | |||
|- firewall-address | |||
|- firewall-addrgrp | |||
|- custom-service | |||
|- service-group | |||
|- onetime-schedule | |||
|- recurring-schedule | |||
|- user | |||
|- user-group | |||
|- sslvpn | |||
|- proxy | |||
+- log-disk-quota | |||
|- <virtual-wan-link> -- status | |||
|- load-balance-mode | |||
|- fail-detect | |||
|- [fail-alert-interfaces] --*name (65) | |||
|- [members] --*seq-num (0,255) | |||
|- interface (16) | |||
|- gateway | |||
|- weight (0,255) | |||
|- priority (0,4294967295) | |||
|- spillover-threshold (0,16776000) | |||
|- ingress-spillover-threshold (0,16776000) | |||
|- volume-ratio (0,255) | |||
+- status | |||
|- [health-check] --*name (36) | |||
|- server (64) | |||
|- protocol | |||
|- port (1,65535) | |||
|- security-mode | |||
|- password | |||
|- packet-size (64,1024) | |||
|- http-get (1025) | |||
|- http-match (1025) | |||
|- interval (1,3600) | |||
|- timeout (1,255) | |||
|- failtime (1,10) | |||
|- recoverytime (1,10) | |||
|- update-cascade-interface | |||
|- update-static-route | |||
|- threshold-warning-packetloss (0,100) | |||
|- threshold-alert-packetloss (0,100) | |||
|- threshold-warning-latency (0,4294967295) | |||
|- threshold-alert-latency (0,4294967295) | |||
|- threshold-warning-jitter (0,4294967295) | |||
+- threshold-alert-jitter (0,4294967295) | |||
+- [service] --*id (0,255) | |||
|- name (36) | |||
|- mode | |||
|- quality-link (0,255) | |||
|- member (0,255) | |||
|- tos | |||
|- tos-mask | |||
|- protocol (0,255) | |||
|- start-port (0,65535) | |||
|- end-port (0,65535) | |||
|- [dst] --*name (65) | |||
|- [src] --*name (65) | |||
|- [users] --*name (65) | |||
|- [groups] --*name (65) | |||
|- internet-service | |||
|- [internet-service-custom] --*name (65) | |||
|- [internet-service-id] --*id (0,4294967295) | |||
|- health-check (36) | |||
|- link-cost-factor | |||
|- link-cost-threshold (0,10000000) | |||
|- [priority-members] --*seq-num (0,4294967295) | |||
+- status | |||
|- <csf> -- status | |||
|- upstream-ip | |||
|- upstream-port (1,65535) | |||
|- group-name (36) | |||
|- group-password | |||
|- logging-mode | |||
+- management-ip | |||
|- [cluster-sync] --*sync-id (0,255) | |||
|- peervd (32) | |||
|- peerip | |||
|- [syncvd] --*name (65) | |||
|- [down-intfs-before-sess-sync] --*name (65) | |||
|- hb-interval (1,10) | |||
|- hb-lost-threshold (1,10) | |||
|- slave-add-ike-routes | |||
+- <session-sync-filter> -- srcintf (16) | |||
|- dstintf (16) | |||
|- srcaddr | |||
|- dstaddr | |||
|- srcaddr6 | |||
|- dstaddr6 | |||
+- [custom-service] --*id (0,4294967295) | |||
|- src-port-range | |||
+- dst-port-range | |||
|- <fortiguard> -- port | |||
|- service-account-id (51 xss) | |||
|- load-balance-servers (1,266) | |||
|- auto-join-forticloud | |||
|- antispam-force-off | |||
|- antispam-cache | |||
|- antispam-cache-ttl (0,4294967295) | |||
|- antispam-cache-mpercent (1,15) | |||
|- antispam-license (0,4294967295) | |||
|- antispam-expiration (0,4294967295) | |||
|- antispam-timeout (1,30) | |||
|- webfilter-force-off | |||
|- webfilter-cache | |||
|- webfilter-cache-ttl (300,86400) | |||
|- webfilter-license (0,4294967295) | |||
|- webfilter-expiration (0,4294967295) | |||
|- webfilter-timeout (1,30) | |||
|- sdns-server-ip | |||
|- sdns-server-port (1,65535) | |||
|- source-ip | |||
|- source-ip6 | |||
|- ddns-server-ip | |||
+- ddns-server-port (1,65535) | |||
|- <arp> | |||
|- <email-server> -- type | |||
|- reply-to (64) | |||
|- server (64) | |||
|- port (1,65535) | |||
|- source-ip | |||
|- source-ip6 | |||
|- authenticate | |||
|- validate-server | |||
|- username (36) | |||
|- password | |||
+- security | |||
|- <alarm> -- status | |||
|- audible | |||
+- [groups] --*id (0,4294967295) | |||
|- period (0,4294967295) | |||
|- admin-auth-failure-threshold (0,1024) | |||
|- admin-auth-lockout-threshold (0,1024) | |||
|- user-auth-failure-threshold (0,1024) | |||
|- user-auth-lockout-threshold (0,1024) | |||
|- replay-attempt-threshold (0,1024) | |||
|- self-test-failure-threshold (0,1) | |||
|- log-full-warning-threshold (0,1024) | |||
|- encryption-failure-threshold (0,1024) | |||
|- decryption-failure-threshold (0,1024) | |||
|- [fw-policy-violations] --*id (0,4294967295) | |||
|- threshold (0,1024) | |||
|- src-ip | |||
|- dst-ip | |||
|- src-port (0,65535) | |||
+- dst-port (0,65535) | |||
|- fw-policy-id (0,4294967295) | |||
+- fw-policy-id-threshold (0,1024) | |||
|- [mac-address-table] --*mac | |||
|- interface (36) | |||
+- reply-substitute | |||
|- [session-helper] --*id (0,4294967295) | |||
|- name | |||
|- protocol (0,255) | |||
+- port (1,65535) | |||
|- [proxy-arp] --*id (0,4294967295) | |||
|- interface (16) | |||
|- ip | |||
+- end-ip | |||
|- <fips-cc> -- status | |||
|- entropy-token | |||
|- self-test-period (1,1440) | |||
+- key-generation-self-test | |||
|- [tos-based-priority] --*id (0,4294967295) | |||
|- tos (0,15) | |||
+- priority | |||
|- [dscp-based-priority] --*id (0,4294967295) | |||
|- ds (0,63) | |||
+- priority | |||
|- <probe-response> -- port (1,65535) | |||
|- http-probe-value (1025) | |||
|- ttl-mode | |||
|- mode | |||
|- security-mode | |||
|- password | |||
+- timeout (10,3600) | |||
|- [link-monitor] --*name (36 xss) | |||
|- srcintf (16) | |||
|- [server] --*address (65) | |||
|- protocol | |||
|- port (1,65535) | |||
|- gateway-ip | |||
|- source-ip | |||
|- http-get (1025) | |||
|- http-match (1025) | |||
|- interval (1,3600) | |||
|- timeout (1,255) | |||
|- failtime (1,10) | |||
|- recoverytime (1,10) | |||
|- security-mode | |||
|- password | |||
|- packet-size (64,1024) | |||
|- ha-priority (1,50) | |||
|- update-cascade-interface | |||
|- update-static-route | |||
+- status | |||
|- <auto-install> -- auto-install-config | |||
|- auto-install-image | |||
|- default-config-file (128) | |||
+- default-image-file (128) | |||
|- <console> -- mode | |||
|- baudrate | |||
|- output | |||
|- login | |||
+- fortiexplorer | |||
|- <ntp> -- ntpsync | |||
|- type | |||
|- syncinterval (1,1440) | |||
|- [ntpserver] --*id (0,4294967295) | |||
|- server (64) | |||
|- ntpv3 | |||
|- authentication | |||
|- key | |||
+- key-id (0,4294967295) | |||
|- source-ip | |||
|- server-mode | |||
+- [interface] --*interface-name (65) | |||
|- [wccp] --*service-id (4) | |||
|- router-id | |||
|- cache-id | |||
|- group-address | |||
|- server-list | |||
|- router-list | |||
|- ports-defined | |||
|- ports | |||
|- authentication | |||
|- password | |||
|- forward-method | |||
|- cache-engine-method | |||
|- service-type | |||
|- primary-hash | |||
|- priority (0,255) | |||
|- protocol (0,255) | |||
|- assignment-weight (0,255) | |||
|- assignment-bucket-format | |||
|- return-method | |||
+- assignment-method | |||
|- <nat64> -- status | |||
|- nat64-prefix | |||
|- always-synthesize-aaaa-record | |||
+- generate-ipv6-fragment-header | |||
|- [vdom-radius-server] --*name (32) | |||
|- status | |||
+- radius-server-vdom (32) | |||
|- <startup-error-log> | |||
|- source-ip -- <status> | |||
|- auto-update -- <status> | |||
+- <versions> | |||
|- session-info -- <list> | |||
|- <expectation> | |||
|- <full-stat> | |||
|- <statistics> | |||
+- <ttl> | |||
|- session-helper-info -- <list> | |||
|- ip-conflict -- <status> | |||
|- <ftm-push> -- server-port (1,65535) | |||
|- server-ip | |||
+- status | |||
|- [geoip-override] --*name (64) | |||
|- description (128) | |||
|- country-id (3) | |||
+- [ip-range] --*id (0,65535) | |||
|- start-ip | |||
+- end-ip | |||
+- <fortisandbox> -- status | |||
|- server | |||
|- source-ip | |||
|- enc-algorithm | |||
+- email (64) | |||
|- wireless-controller -- <inter-controller> -- inter-controller-mode | |||
|- inter-controller-key | |||
|- inter-controller-pri | |||
|- fast-failover-max (3,64) | |||
|- fast-failover-wait (10,86400) | |||
+- [inter-controller-peer] --*id (0,4294967295) | |||
|- peer-ip | |||
|- peer-port (1024,49150) | |||
+- peer-priority | |||
|- <global> -- name (36) | |||
|- location (36) | |||
|- max-retransmit (0,64) | |||
|- data-ethernet-II | |||
|- link-aggregation | |||
|- mesh-eth-type (0,65535) | |||
|- fiapp-eth-type (0,65535) | |||
|- discovery-mc-addr | |||
|- max-clients (0,4294967295) | |||
|- rogue-scan-mac-adjacency (0,31) | |||
|- ipsec-base-ip | |||
|- ap-log-server | |||
|- ap-log-server-ip | |||
+- ap-log-server-port (0,65535) | |||
|- [vap] --*name (16) | |||
|- vdom (32) | |||
|- fast-roaming | |||
|- external-fast-roaming | |||
|- mesh-backhaul | |||
|- max-clients (0,4294967295) | |||
|- max-clients-ap (0,4294967295) | |||
|- ssid (33 xss) | |||
|- broadcast-ssid | |||
|- security-obsolete-option | |||
|- security | |||
|- pmf | |||
|- pmf-assoc-comeback-timeout (1,20) | |||
|- pmf-sa-query-retry-timeout (1,5) | |||
|- okc | |||
|- voice-enterprise | |||
|- fast-bss-transition | |||
|- ft-mobility-domain (1,65535) | |||
|- ft-r0-key-lifetime (1,65535) | |||
|- ft-over-ds | |||
|- tkip-counter-measure | |||
|- external-web (128) | |||
|- external-logout (128) | |||
|- radius-mac-auth | |||
|- radius-mac-auth-server (36) | |||
|- auth | |||
|- encrypt | |||
|- keyindex (1,4) | |||
|- key | |||
|- passphrase | |||
|- radius-server (36) | |||
|- acct-interim-interval (60,86400) | |||
|- [usergroup] --*name (65) | |||
|- portal-message-override-group (36) | |||
|- <portal-message-overrides> -- auth-disclaimer-page (36) | |||
|- auth-reject-page (36) | |||
|- auth-login-page (36) | |||
+- auth-login-failed-page (36) | |||
|- portal-type | |||
|- [selected-usergroups] --*name (65) | |||
|- security-exempt-list (36) | |||
|- security-redirect-url (128) | |||
|- intra-vap-privacy | |||
|- schedule (36) | |||
|- ldpc | |||
|- mpsk | |||
|- mpsk-concurrent-clients (0,65535) | |||
|- [mpsk-key] --*key-name (36) | |||
|- passphrase | |||
|- concurrent-clients (16) | |||
+- comment | |||
|- local-standalone | |||
|- local-standalone-nat | |||
|- ip | |||
|- dhcp-lease-time (300,8640000) | |||
|- local-bridging | |||
|- split-tunneling | |||
|- local-authentication | |||
|- vlanid (0,4094) | |||
|- vlan-auto | |||
|- dynamic-vlan | |||
|- captive-portal-radius-server (64) | |||
|- captive-portal-radius-secret | |||
|- captive-portal-ac-name (36) | |||
|- alias (26) | |||
|- multicast-rate | |||
|- multicast-enhance | |||
|- broadcast-suppression | |||
|- me-disable-thresh (2,256) | |||
|- probe-resp-suppression | |||
|- probe-resp-threshold (8) | |||
|- vlan-pooling | |||
|- [vlan-pool] --*id (0,4094) | |||
+- wtp-group (36) | |||
|- ptk-rekey | |||
|- ptk-rekey-intv (1800,864000) | |||
|- gtk-rekey | |||
|- gtk-rekey-intv (1800,864000) | |||
|- eap-reauth | |||
|- eap-reauth-intv (1800,864000) | |||
|- qos-profile (36) | |||
|- rates-11a | |||
|- rates-11bg | |||
|- rates-11n-ss12 | |||
|- rates-11n-ss34 | |||
|- rates-11ac-ss12 | |||
|- rates-11ac-ss34 | |||
|- mac-filter | |||
|- mac-filter-policy-other | |||
+- [mac-filter-list] --*id (0,4294967295) | |||
|- mac | |||
+- mac-filter-policy | |||
|- <timers> -- echo-interval (1,255) | |||
|- discovery-interval (2,180) | |||
|- client-idle-timeout (20,3600) | |||
|- rogue-ap-log (0,1440) | |||
|- fake-ap-log (1,1440) | |||
|- darrp-optimize (0,86400) | |||
|- darrp-day | |||
|- [darrp-time] --*time (6) | |||
|- sta-stats-interval (1,255) | |||
|- vap-stats-interval (1,255) | |||
|- radio-stats-interval (1,255) | |||
|- sta-capability-interval (1,255) | |||
|- sta-locate-timer (0,86400) | |||
|- ipsec-intf-cleanup (30,3600) | |||
+- ble-scan-report-intv (10,3600) | |||
|- <setting> -- account-id (64) | |||
|- country | |||
|- duplicate-ssid | |||
+- fapc-compatibility | |||
|- [bonjour-profile] --*name (36) | |||
|- comment (64) | |||
+- [policy-list] --*policy-id (1,65535) | |||
|- description (64) | |||
|- from-vlan (64) | |||
|- to-vlan (64) | |||
+- services | |||
|- [vap-group] --*name (36) | |||
|- comment | |||
+- [vaps] --*name (36) | |||
|- [wids-profile] --*name (36) | |||
|- comment (64) | |||
|- sensor-mode | |||
|- ap-scan | |||
|- ap-bgscan-period (60,3600) | |||
|- ap-bgscan-intv (1,600) | |||
|- ap-bgscan-duration (10,1000) | |||
|- ap-bgscan-idle (0,1000) | |||
|- ap-bgscan-report-intv (15,600) | |||
|- ap-bgscan-disable-day | |||
|- ap-bgscan-disable-start | |||
|- ap-bgscan-disable-end | |||
|- ap-fgscan-report-intv (15,600) | |||
|- ap-scan-passive | |||
|- ap-auto-suppress | |||
|- wireless-bridge | |||
|- deauth-broadcast | |||
|- null-ssid-probe-resp | |||
|- long-duration-attack | |||
|- long-duration-thresh (1000,32767) | |||
|- invalid-mac-oui | |||
|- weak-wep-iv | |||
|- auth-frame-flood | |||
|- auth-flood-time (5,120) | |||
|- auth-flood-thresh (1,100) | |||
|- assoc-frame-flood | |||
|- assoc-flood-time (5,120) | |||
|- assoc-flood-thresh (1,100) | |||
|- spoofed-deauth | |||
|- asleap-attack | |||
|- eapol-start-flood | |||
|- eapol-start-thresh (2,100) | |||
|- eapol-start-intv (1,3600) | |||
|- eapol-logoff-flood | |||
|- eapol-logoff-thresh (2,100) | |||
|- eapol-logoff-intv (1,3600) | |||
|- eapol-succ-flood | |||
|- eapol-succ-thresh (2,100) | |||
|- eapol-succ-intv (1,3600) | |||
|- eapol-fail-flood | |||
|- eapol-fail-thresh (2,100) | |||
|- eapol-fail-intv (1,3600) | |||
|- eapol-pre-succ-flood | |||
|- eapol-pre-succ-thresh (2,100) | |||
|- eapol-pre-succ-intv (1,3600) | |||
|- eapol-pre-fail-flood | |||
|- eapol-pre-fail-thresh (2,100) | |||
|- eapol-pre-fail-intv (1,3600) | |||
+- deauth-unknown-src-thresh (0,65535) | |||
|- [ble-profile] --*name (36) | |||
|- comment (64) | |||
|- advertising | |||
|- ibeacon-uuid (64) | |||
|- major-id (0,65535) | |||
|- minor-id (0,65535) | |||
|- eddystone-namespace (11) | |||
|- eddystone-instance (7) | |||
|- eddystone-url (128) | |||
|- txpower | |||
|- beacon-interval (40,3500) | |||
+- ble-scanning | |||
|- [wtp-profile] --*name (36) | |||
|- comment | |||
|- <platform> -- type | |||
|- ble-profile (36) | |||
|- wan-port-mode | |||
|- <lan> -- port-mode | |||
|- port-ssid (16) | |||
|- port1-mode | |||
|- port1-ssid (16) | |||
|- port2-mode | |||
|- port2-ssid (16) | |||
|- port3-mode | |||
|- port3-ssid (16) | |||
|- port4-mode | |||
|- port4-ssid (16) | |||
|- port5-mode | |||
|- port5-ssid (16) | |||
|- port6-mode | |||
|- port6-ssid (16) | |||
|- port7-mode | |||
|- port7-ssid (16) | |||
|- port8-mode | |||
+- port8-ssid (16) | |||
|- energy-efficient-ethernet | |||
|- led-state | |||
|- dtls-policy | |||
|- dtls-in-kernel | |||
|- max-clients (0,4294967295) | |||
|- handoff-rssi (20,30) | |||
|- handoff-sta-thresh (5,35) | |||
|- handoff-roaming | |||
|- [deny-mac-list] --*id (0,4294967295) | |||
+- mac | |||
|- ap-country | |||
|- ip-fragment-preventing | |||
|- tun-mtu-uplink (576,1500) | |||
|- tun-mtu-downlink (576,1500) | |||
|- split-tunneling-acl-local-ap-subnet | |||
|- [split-tunneling-acl] --*id (0,4294967295) | |||
+- dest-ip | |||
|- allowaccess | |||
|- login-passwd-change | |||
|- login-passwd | |||
|- lldp | |||
|- poe-mode | |||
|- <radio-1> -- radio-id (0,2) | |||
|- mode | |||
|- band | |||
|- protection-mode | |||
|- powersave-optimize | |||
|- transmit-optimize | |||
|- amsdu | |||
|- coexistence | |||
|- short-guard-interval | |||
|- channel-bonding | |||
|- auto-power-level | |||
|- auto-power-high (0,4294967295) | |||
|- auto-power-low (0,4294967295) | |||
|- power-level (0,100) | |||
|- dtim (1,255) | |||
|- beacon-interval (0,65535) | |||
|- rts-threshold (256,2346) | |||
|- frag-threshold (800,2346) | |||
|- ap-sniffer-bufsize (1,32) | |||
|- ap-sniffer-chan (0,4294967295) | |||
|- ap-sniffer-addr | |||
|- ap-sniffer-mgmt-beacon | |||
|- ap-sniffer-mgmt-probe | |||
|- ap-sniffer-mgmt-other | |||
|- ap-sniffer-ctl | |||
|- ap-sniffer-data | |||
|- channel-utilization | |||
|- spectrum-analysis | |||
|- wids-profile (36) | |||
|- darrp | |||
|- max-clients (0,4294967295) | |||
|- max-distance (0,54000) | |||
|- frequency-handoff | |||
|- ap-handoff | |||
|- vap-all | |||
|- [vaps] --*name (36) | |||
|- [channel] --*chan (4) | |||
|- call-admission-control | |||
|- call-capacity (0,60) | |||
|- bandwidth-admission-control | |||
+- bandwidth-capacity (1,600000) | |||
|- <radio-2> -- radio-id (0,2) | |||
|- mode | |||
|- band | |||
|- protection-mode | |||
|- powersave-optimize | |||
|- transmit-optimize | |||
|- amsdu | |||
|- coexistence | |||
|- short-guard-interval | |||
|- channel-bonding | |||
|- auto-power-level | |||
|- auto-power-high (0,4294967295) | |||
|- auto-power-low (0,4294967295) | |||
|- power-level (0,100) | |||
|- dtim (1,255) | |||
|- beacon-interval (0,65535) | |||
|- rts-threshold (256,2346) | |||
|- frag-threshold (800,2346) | |||
|- ap-sniffer-bufsize (1,32) | |||
|- ap-sniffer-chan (0,4294967295) | |||
|- ap-sniffer-addr | |||
|- ap-sniffer-mgmt-beacon | |||
|- ap-sniffer-mgmt-probe | |||
|- ap-sniffer-mgmt-other | |||
|- ap-sniffer-ctl | |||
|- ap-sniffer-data | |||
|- channel-utilization | |||
|- spectrum-analysis | |||
|- wids-profile (36) | |||
|- darrp | |||
|- max-clients (0,4294967295) | |||
|- max-distance (0,54000) | |||
|- frequency-handoff | |||
|- ap-handoff | |||
|- vap-all | |||
|- [vaps] --*name (36) | |||
|- [channel] --*chan (4) | |||
|- call-admission-control | |||
|- call-capacity (0,60) | |||
|- bandwidth-admission-control | |||
+- bandwidth-capacity (1,600000) | |||
+- <lbs> -- ekahau-blink-mode | |||
|- ekahau-tag | |||
|- erc-server-ip | |||
|- erc-server-port (1024,65535) | |||
|- aeroscout | |||
|- aeroscout-server-ip | |||
|- aeroscout-server-port (1024,65535) | |||
|- aeroscout-mu-factor (0,4294967295) | |||
|- aeroscout-mu-timeout (0,65535) | |||
|- fortipresence | |||
|- fortipresence-server | |||
|- fortipresence-port (300,65535) | |||
|- fortipresence-secret | |||
|- fortipresence-project (17) | |||
|- fortipresence-frequency (5,65535) | |||
|- fortipresence-rogue | |||
|- fortipresence-unassoc | |||
+- station-locate | |||
|- [wtp] --*wtp-id (36) | |||
|- index (0,4294967295) | |||
|- admin | |||
|- name (36) | |||
|- location (36) | |||
|- wtp-profile (36) | |||
|- wtp-mode | |||
|- bonjour-profile (36) | |||
|- override-led-state | |||
|- led-state | |||
|- override-wan-port-mode | |||
|- wan-port-mode | |||
|- override-ip-fragment | |||
|- ip-fragment-preventing | |||
|- tun-mtu-uplink (576,1500) | |||
|- tun-mtu-downlink (576,1500) | |||
|- override-split-tunnel | |||
|- split-tunneling-acl-local-ap-subnet | |||
|- [split-tunneling-acl] --*id (0,4294967295) | |||
+- dest-ip | |||
|- override-lan | |||
|- <lan> -- port-mode | |||
|- port-ssid (16) | |||
|- port1-mode | |||
|- port1-ssid (16) | |||
|- port2-mode | |||
|- port2-ssid (16) | |||
|- port3-mode | |||
|- port3-ssid (16) | |||
|- port4-mode | |||
|- port4-ssid (16) | |||
|- port5-mode | |||
|- port5-ssid (16) | |||
|- port6-mode | |||
|- port6-ssid (16) | |||
|- port7-mode | |||
|- port7-ssid (16) | |||
|- port8-mode | |||
+- port8-ssid (16) | |||
|- override-allowaccess | |||
|- allowaccess | |||
|- override-login-passwd-change | |||
|- login-passwd-change | |||
|- login-passwd | |||
|- <radio-1> -- radio-id (0,2) | |||
|- override-band | |||
|- band | |||
|- override-analysis | |||
|- spectrum-analysis | |||
|- override-txpower | |||
|- auto-power-level | |||
|- auto-power-high (0,4294967295) | |||
|- auto-power-low (0,4294967295) | |||
|- power-level (0,100) | |||
|- override-vaps | |||
|- vap-all | |||
|- [vaps] --*name (36) | |||
|- override-channel | |||
+- [channel] --*chan (4) | |||
|- <radio-2> -- radio-id (0,2) | |||
|- override-band | |||
|- band | |||
|- override-analysis | |||
|- spectrum-analysis | |||
|- override-txpower | |||
|- auto-power-level | |||
|- auto-power-high (0,4294967295) | |||
|- auto-power-low (0,4294967295) | |||
|- power-level (0,100) | |||
|- override-vaps | |||
|- vap-all | |||
|- [vaps] --*name (36) | |||
|- override-channel | |||
+- [channel] --*chan (4) | |||
|- image-download | |||
|- mesh-bridge-enable | |||
|- coordinate-enable | |||
|- coordinate-x (16) | |||
+- coordinate-y (16) | |||
|- [wtp-group] --*name (36) | |||
|- platform-type | |||
+- [wtps] --*wtp-id (36) | |||
|- [qos-profile] --*name (36) | |||
|- comment (64) | |||
|- uplink (0,2097152) | |||
|- downlink (0,2097152) | |||
|- uplink-sta (0,2097152) | |||
|- downlink-sta (0,2097152) | |||
|- burst | |||
|- wmm | |||
|- wmm-uapsd | |||
|- call-admission-control | |||
|- call-capacity (0,60) | |||
|- bandwidth-admission-control | |||
|- bandwidth-capacity (1,600000) | |||
|- dscp-wmm-mapping | |||
|- [dscp-wmm-vo] --*id (0,63) | |||
|- [dscp-wmm-vi] --*id (0,63) | |||
|- [dscp-wmm-be] --*id (0,63) | |||
+- [dscp-wmm-bk] --*id (0,63) | |||
|- <scan> | |||
|- [ap-status] --*id (0,4294967295) | |||
|- bssid | |||
|- ssid (33 xss) | |||
+- status | |||
|- <wlchanlistlic> | |||
|- <status> -- [1|2] (0) | |||
|- <wtp-status> -- <wtp-id> (0) | |||
|- <client-info> -- <vfid> -- <intf> -- <ip> (0) | |||
|- <vap-status> -- [1] (0) | |||
|- <rf-analysis> -- <wtp-id> (0) | |||
+- <spectral-info> -- [wtp-id] -- <radio-id> (0) | |||
|- extender-controller -- [extender] --*id (20) | |||
|- admin | |||
|- ifname (16) | |||
|- vdom (0,4294967295) | |||
|- role | |||
|- mode | |||
|- dial-mode | |||
|- redial | |||
|- redundant-intf (16) | |||
|- dial-status (0,4294967295) | |||
|- conn-status (0,4294967295) | |||
|- ext-name (32) | |||
|- description (32) | |||
|- quota-limit-mb (0,10485760) | |||
|- billing-start-day (1,28) | |||
|- at-dial-script (128 xss) | |||
|- modem-passwd | |||
|- initiated-update | |||
|- modem-type | |||
|- ppp-username (32) | |||
|- ppp-password | |||
|- ppp-auth-protocol | |||
|- ppp-echo-request | |||
|- wimax-carrier (32) | |||
|- wimax-realm (32) | |||
|- wimax-auth-protocol | |||
|- sim-pin | |||
|- access-point-name (64) | |||
|- multi-mode | |||
|- roaming | |||
|- cdma-nai (32) | |||
|- aaa-shared-secret | |||
|- ha-shared-secret | |||
|- primary-ha (32) | |||
|- secondary-ha (32) | |||
|- cdma-aaa-spi (32) | |||
+- cdma-ha-spi (32) | |||
|- ipsec -- <tunnel> | |||
|- firewall -- [address] --*name (64) | |||
|- uuid | |||
|- subnet | |||
|- type | |||
|- start-ip | |||
|- end-ip | |||
|- fqdn (256) | |||
|- country (3) | |||
|- wildcard-fqdn (256) | |||
|- cache-ttl (0,86400) | |||
|- wildcard | |||
|- comment | |||
|- visibility | |||
|- associated-interface (36) | |||
|- color (0,32) | |||
|- [tags] --*name (65) | |||
+- allow-routing | |||
|- [multicast-address] --*name (64) | |||
|- type | |||
|- subnet | |||
|- start-ip | |||
|- end-ip | |||
|- comment | |||
|- visibility | |||
|- associated-interface (36) | |||
|- color (0,32) | |||
+- [tags] --*name (65) | |||
|- [address6] --*name (64) | |||
|- uuid | |||
|- type | |||
|- ip6 | |||
|- start-ip | |||
|- end-ip | |||
|- visibility | |||
|- color (0,32) | |||
|- [tags] --*name (65) | |||
+- comment | |||
|- [multicast-address6] --*name (64) | |||
|- ip6 | |||
|- comment | |||
|- visibility | |||
|- color (0,32) | |||
+- [tags] --*name (65) | |||
|- [addrgrp] --*name (64) | |||
|- uuid | |||
|- [member] --*name (65) | |||
|- comment | |||
|- visibility | |||
|- color (0,32) | |||
|- [tags] --*name (65) | |||
+- allow-routing | |||
|- [addrgrp6] --*name (64) | |||
|- uuid | |||
|- visibility | |||
|- color (0,32) | |||
|- comment | |||
|- [member] --*name (65) | |||
+- [tags] --*name (65) | |||
|- service -- [category] --*name (64) | |||
+- comment | |||
|- [custom] --*name (64) | |||
|- proxy | |||
|- category (64) | |||
|- protocol | |||
|- helper | |||
|- iprange | |||
|- fqdn (256) | |||
|- protocol-number (0,254) | |||
|- icmptype (0,4294967295) | |||
|- icmpcode (0,255) | |||
|- tcp-portrange | |||
|- udp-portrange | |||
|- sctp-portrange | |||
|- tcp-halfclose-timer (0,86400) | |||
|- tcp-halfopen-timer (0,86400) | |||
|- tcp-timewait-timer (0,300) | |||
|- udp-idle-timer (0,86400) | |||
|- session-ttl (300,604800) | |||
|- check-reset-range | |||
|- comment | |||
|- color (0,32) | |||
|- visibility | |||
|- app-service-type | |||
|- [app-category] --*id (0,4294967295) | |||
+- [application] --*id (0,4294967295) | |||
+- [group] --*name (36) | |||
|- [member] --*name (65) | |||
|- proxy | |||
|- comment | |||
+- color (0,32) | |||
|- [internet-service] --*id (0,4294967295) | |||
|- name (64 xss) | |||
|- reputation (0,4294967295) | |||
|- icon-id (0,4294967295) | |||
|- offset (0,4294967295) | |||
+- [entry] --*id (0,4294967295) | |||
|- protocol (0,255) | |||
|- port (0,65535) | |||
|- ip-range-number (0,4294967295) | |||
+- ip-number (0,65535) | |||
|- [internet-service-custom] --*name (64 xss) | |||
|- master-service-id (0,4294967295) | |||
|- comment | |||
|- [entry] --*id (0,255) | |||
|- protocol (0,255) | |||
|- [port-range] --*id (0,4294967295) | |||
|- start-port (1,65535) | |||
+- end-port (1,65535) | |||
+- [dst] --*name (65) | |||
+- [disable-entry] --*id (0,4294967295) | |||
|- protocol (0,255) | |||
|- port (0,65535) | |||
+- [ip-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
|- <internet-service-summary> | |||
|- shaper -- [traffic-shaper] --*name (36) | |||
|- guaranteed-bandwidth (0,16776000) | |||
|- maximum-bandwidth (0,16776000) | |||
|- bandwidth-unit | |||
|- priority | |||
|- per-policy | |||
|- diffserv | |||
+- diffservcode | |||
|- [per-ip-shaper] --*name (36) | |||
|- max-bandwidth (0,16776000) | |||
|- bandwidth-unit | |||
|- max-concurrent-session (0,2097000) | |||
|- diffserv-forward | |||
|- diffserv-reverse | |||
|- diffservcode-forward | |||
+- diffservcode-rev | |||
|- <traffic> | |||
+- <per-ip> | |||
|- schedule -- [onetime] --*name (32) | |||
|- start | |||
|- end | |||
|- color (0,32) | |||
+- expiration-days (0,100) | |||
|- [recurring] --*name (32) | |||
|- start | |||
|- end | |||
|- day | |||
+- color (0,32) | |||
+- [group] --*name (32) | |||
|- [member] --*name (65) | |||
+- color (0,32) | |||
|- [ippool] --*name (36) | |||
|- type | |||
|- startip | |||
|- endip | |||
|- source-startip | |||
|- source-endip | |||
|- block-size (64,4096) | |||
|- num-blocks-per-user (1,128) | |||
|- permit-any-host | |||
|- arp-reply | |||
|- arp-intf (16) | |||
|- associated-interface (16) | |||
+- comments | |||
|- [ippool6] --*name (36) | |||
|- startip | |||
|- endip | |||
+- comments | |||
|- [ldb-monitor] --*name (36) | |||
|- type | |||
|- interval (5,65535) | |||
|- timeout (1,255) | |||
|- retry (1,255) | |||
|- port (0,65535) | |||
|- http-get (256) | |||
|- http-match (256) | |||
+- http-max-redirects (0,5) | |||
|- [vip] --*name (64) | |||
|- id (0,65535) | |||
|- uuid | |||
|- comment | |||
|- type | |||
|- dns-mapping-ttl (0,604800) | |||
|- ldb-method | |||
|- [src-filter] --*range (65) | |||
|- [service] --*name (65) | |||
|- extip | |||
|- [extaddr] --*name (65) | |||
|- [mappedip] --*range (65) | |||
|- mapped-addr (64) | |||
|- extintf (36) | |||
|- arp-reply | |||
|- server-type | |||
|- persistence | |||
|- nat-source-vip | |||
|- portforward | |||
|- protocol | |||
|- extport | |||
|- mappedport | |||
|- gratuitous-arp-interval (5,8640000) | |||
|- [srcintf-filter] --*interface-name (65) | |||
|- portmapping-type | |||
|- [realservers] --*id (0,4294967295) | |||
|- ip | |||
|- port (1,65535) | |||
|- status | |||
|- weight (1,255) | |||
|- holddown-interval (30,65535) | |||
|- healthcheck | |||
|- http-host (64) | |||
|- max-connections (0,2147483647) | |||
|- monitor (65) | |||
+- client-ip | |||
|- http-cookie-domain-from-host | |||
|- http-cookie-domain (36) | |||
|- http-cookie-path (36) | |||
|- http-cookie-generation (0,4294967295) | |||
|- http-cookie-age (0,525600) | |||
|- http-cookie-share | |||
|- https-cookie-secure | |||
|- http-multiplex | |||
|- http-ip-header | |||
|- http-ip-header-name (36) | |||
|- outlook-web-access | |||
|- weblogic-server | |||
|- websphere-server | |||
|- ssl-mode | |||
|- ssl-certificate (36) | |||
|- ssl-dh-bits | |||
|- ssl-algorithm | |||
|- [ssl-cipher-suites] --*priority (0,4294967295) | |||
|- cipher | |||
+- versions | |||
|- ssl-server-algorithm | |||
|- [ssl-server-cipher-suites] --*priority (0,4294967295) | |||
|- cipher | |||
+- versions | |||
|- ssl-pfs | |||
|- ssl-min-version | |||
|- ssl-max-version | |||
|- ssl-server-min-version | |||
|- ssl-server-max-version | |||
|- ssl-send-empty-frags | |||
|- ssl-client-fallback | |||
|- ssl-client-renegotiation | |||
|- ssl-client-session-state-type | |||
|- ssl-client-session-state-timeout (1,14400) | |||
|- ssl-client-session-state-max (1,10000) | |||
|- ssl-server-session-state-type | |||
|- ssl-server-session-state-timeout (1,14400) | |||
|- ssl-server-session-state-max (1,10000) | |||
|- ssl-http-location-conversion | |||
|- ssl-http-match-host | |||
|- ssl-hpkp | |||
|- ssl-hpkp-primary (36) | |||
|- ssl-hpkp-backup (36) | |||
|- ssl-hpkp-age (60,157680000) | |||
|- ssl-hpkp-report-uri | |||
|- ssl-hpkp-include-subdomains | |||
|- ssl-hsts | |||
|- ssl-hsts-age (60,157680000) | |||
|- ssl-hsts-include-subdomains | |||
|- [monitor] --*name (65) | |||
|- max-embryonic-connections (0,100000) | |||
+- color (0,32) | |||
|- [vip46] --*name (64) | |||
|- id (0,65535) | |||
|- uuid | |||
|- comment | |||
|- type | |||
|- [src-filter] --*range (80) | |||
|- extip | |||
|- mappedip | |||
|- arp-reply | |||
|- portforward | |||
|- protocol | |||
|- extport | |||
|- mappedport | |||
|- color (0,32) | |||
|- ldb-method | |||
|- server-type | |||
|- [realservers] --*id (0,4294967295) | |||
|- ip | |||
|- port (1,65535) | |||
|- status | |||
|- weight (1,255) | |||
|- holddown-interval (30,65535) | |||
|- healthcheck | |||
|- max-connections (0,2147483647) | |||
|- monitor (65) | |||
+- client-ip | |||
+- [monitor] --*name (65) | |||
|- [vip6] --*name (64) | |||
|- id (0,65535) | |||
|- uuid | |||
|- comment | |||
|- type | |||
|- [src-filter] --*range (80) | |||
|- extip | |||
|- mappedip | |||
|- arp-reply | |||
|- portforward | |||
|- protocol | |||
|- extport | |||
|- mappedport | |||
|- color (0,32) | |||
|- ldb-method | |||
|- server-type | |||
|- persistence | |||
|- [realservers] --*id (0,4294967295) | |||
|- ip | |||
|- port (1,65535) | |||
|- status | |||
|- weight (1,255) | |||
|- holddown-interval (30,65535) | |||
|- healthcheck | |||
|- http-host (64) | |||
|- max-connections (0,2147483647) | |||
|- monitor (65) | |||
+- client-ip | |||
|- http-cookie-domain-from-host | |||
|- http-cookie-domain (36) | |||
|- http-cookie-path (36) | |||
|- http-cookie-generation (0,4294967295) | |||
|- http-cookie-age (0,525600) | |||
|- http-cookie-share | |||
|- https-cookie-secure | |||
|- http-multiplex | |||
|- http-ip-header | |||
|- http-ip-header-name (36) | |||
|- outlook-web-access | |||
|- weblogic-server | |||
|- websphere-server | |||
|- ssl-mode | |||
|- ssl-certificate (36) | |||
|- ssl-dh-bits | |||
|- ssl-algorithm | |||
|- [ssl-cipher-suites] --*priority (0,4294967295) | |||
|- cipher | |||
+- versions | |||
|- ssl-server-algorithm | |||
|- [ssl-server-cipher-suites] --*priority (0,4294967295) | |||
|- cipher | |||
+- versions | |||
|- ssl-pfs | |||
|- ssl-min-version | |||
|- ssl-max-version | |||
|- ssl-server-min-version | |||
|- ssl-server-max-version | |||
|- ssl-send-empty-frags | |||
|- ssl-client-fallback | |||
|- ssl-client-renegotiation | |||
|- ssl-client-session-state-type | |||
|- ssl-client-session-state-timeout (1,14400) | |||
|- ssl-client-session-state-max (1,10000) | |||
|- ssl-server-session-state-type | |||
|- ssl-server-session-state-timeout (1,14400) | |||
|- ssl-server-session-state-max (1,10000) | |||
|- ssl-http-location-conversion | |||
|- ssl-http-match-host | |||
|- ssl-hpkp | |||
|- ssl-hpkp-primary (36) | |||
|- ssl-hpkp-backup (36) | |||
|- ssl-hpkp-age (60,157680000) | |||
|- ssl-hpkp-report-uri | |||
|- ssl-hpkp-include-subdomains | |||
|- ssl-hsts | |||
|- ssl-hsts-age (60,157680000) | |||
|- ssl-hsts-include-subdomains | |||
|- [monitor] --*name (65) | |||
+- max-embryonic-connections (0,100000) | |||
|- [vip64] --*name (64) | |||
|- id (0,65535) | |||
|- uuid | |||
|- comment | |||
|- type | |||
|- [src-filter] --*range (80) | |||
|- extip | |||
|- mappedip | |||
|- arp-reply | |||
|- portforward | |||
|- protocol | |||
|- extport | |||
|- mappedport | |||
|- color (0,32) | |||
|- ldb-method | |||
|- server-type | |||
|- [realservers] --*id (0,4294967295) | |||
|- ip | |||
|- port (1,65535) | |||
|- status | |||
|- weight (1,255) | |||
|- holddown-interval (30,65535) | |||
|- healthcheck | |||
|- max-connections (0,2147483647) | |||
|- monitor (65) | |||
+- client-ip | |||
+- [monitor] --*name (65) | |||
|- [vipgrp] --*name (64) | |||
|- uuid | |||
|- interface (36) | |||
|- color (0,32) | |||
|- comments | |||
+- [member] --*name (65) | |||
|- [vipgrp46] --*name (64) | |||
|- uuid | |||
|- color (0,32) | |||
|- comments | |||
+- [member] --*name (65) | |||
|- [vipgrp6] --*name (64) | |||
|- uuid | |||
|- color (0,32) | |||
|- comments | |||
+- [member] --*name (65) | |||
|- [vipgrp64] --*name (64) | |||
|- uuid | |||
|- color (0,32) | |||
|- comments | |||
+- [member] --*name (65) | |||
|- ipmacbinding -- <setting> -- bindthroughfw | |||
|- bindtofw | |||
+- undefinedhost | |||
+- [table] --*seq-num (0,4294967295) | |||
|- ip | |||
|- mac | |||
|- name (36) | |||
+- status | |||
|- [profile-protocol-options] --*name (36) | |||
|- comment | |||
|- replacemsg-group (36) | |||
|- oversize-log | |||
|- switching-protocols-log | |||
|- <http> -- ports (1,65535) | |||
|- status | |||
|- inspect-all | |||
|- options | |||
|- comfort-interval (1,900) | |||
|- comfort-amount (1,10240) | |||
|- range-block | |||
|- http-policy | |||
|- post-lang | |||
|- fortinet-bar | |||
|- fortinet-bar-port (1,65535) | |||
|- streaming-content-bypass | |||
|- switching-protocols | |||
|- oversize-limit (1,186) | |||
|- uncompressed-oversize-limit (0,186) | |||
|- uncompressed-nest-limit (2,100) | |||
|- scan-bzip2 | |||
|- block-page-status-code (100,599) | |||
+- retry-count (0,100) | |||
|- <ftp> -- ports (1,65535) | |||
|- status | |||
|- inspect-all | |||
|- options | |||
|- comfort-interval (1,900) | |||
|- comfort-amount (1,10240) | |||
|- oversize-limit (1,186) | |||
|- uncompressed-oversize-limit (0,186) | |||
|- uncompressed-nest-limit (2,100) | |||
+- scan-bzip2 | |||
|- <imap> -- ports (1,65535) | |||
|- status | |||
|- inspect-all | |||
|- options | |||
|- oversize-limit (1,186) | |||
|- uncompressed-oversize-limit (0,186) | |||
|- uncompressed-nest-limit (2,100) | |||
+- scan-bzip2 | |||
|- <mapi> -- ports (1,65535) | |||
|- status | |||
|- options | |||
|- oversize-limit (1,186) | |||
|- uncompressed-oversize-limit (0,186) | |||
|- uncompressed-nest-limit (2,100) | |||
+- scan-bzip2 | |||
|- <pop3> -- ports (1,65535) | |||
|- status | |||
|- inspect-all | |||
|- options | |||
|- oversize-limit (1,186) | |||
|- uncompressed-oversize-limit (0,186) | |||
|- uncompressed-nest-limit (2,100) | |||
+- scan-bzip2 | |||
|- <smtp> -- ports (1,65535) | |||
|- status | |||
|- inspect-all | |||
|- options | |||
|- oversize-limit (1,186) | |||
|- uncompressed-oversize-limit (0,186) | |||
|- uncompressed-nest-limit (2,100) | |||
|- scan-bzip2 | |||
+- server-busy | |||
|- <nntp> -- ports (1,65535) | |||
|- status | |||
|- inspect-all | |||
|- options | |||
|- oversize-limit (1,186) | |||
|- uncompressed-oversize-limit (0,186) | |||
|- uncompressed-nest-limit (2,100) | |||
+- scan-bzip2 | |||
|- <dns> -- ports (1,65535) | |||
+- status | |||
|- <mail-signature> -- status | |||
+- signature (1024 xss) | |||
+- rpc-over-http | |||
|- [ssl-ssh-profile] --*name (36) | |||
|- comment | |||
|- <ssl> -- inspect-all | |||
|- client-cert-request | |||
|- unsupported-ssl | |||
|- allow-invalid-server-cert | |||
+- untrusted-cert | |||
|- <https> -- ports (1,65535) | |||
|- status | |||
|- client-cert-request | |||
|- unsupported-ssl | |||
|- allow-invalid-server-cert | |||
+- untrusted-cert | |||
|- <ftps> -- ports (1,65535) | |||
|- status | |||
|- client-cert-request | |||
|- unsupported-ssl | |||
|- allow-invalid-server-cert | |||
+- untrusted-cert | |||
|- <imaps> -- ports (1,65535) | |||
|- status | |||
|- client-cert-request | |||
|- unsupported-ssl | |||
|- allow-invalid-server-cert | |||
+- untrusted-cert | |||
|- <pop3s> -- ports (1,65535) | |||
|- status | |||
|- client-cert-request | |||
|- unsupported-ssl | |||
|- allow-invalid-server-cert | |||
+- untrusted-cert | |||
|- <smtps> -- ports (1,65535) | |||
|- status | |||
|- client-cert-request | |||
|- unsupported-ssl | |||
|- allow-invalid-server-cert | |||
+- untrusted-cert | |||
|- whitelist | |||
|- [ssl-exempt] --*id (0,255) | |||
|- type | |||
|- fortiguard-category (0,255) | |||
|- address (64) | |||
+- address6 (64) | |||
|- server-cert-mode | |||
|- use-ssl-server | |||
|- caname (36) | |||
|- untrusted-caname (36) | |||
|- server-cert (36) | |||
|- [ssl-server] --*id (0,4294967295) | |||
|- ip | |||
|- https-client-cert-request | |||
|- smtps-client-cert-request | |||
|- pop3s-client-cert-request | |||
|- imaps-client-cert-request | |||
|- ftps-client-cert-request | |||
+- ssl-other-client-cert-request | |||
|- ssl-anomalies-log | |||
|- ssl-exemptions-log | |||
|- rpc-over-https | |||
+- mapi-over-https | |||
|- [profile-group] --*name (36) | |||
|- av-profile (36) | |||
|- webfilter-profile (36) | |||
|- dnsfilter-profile (36) | |||
|- spamfilter-profile (36) | |||
|- dlp-sensor (36) | |||
|- ips-sensor (36) | |||
|- application-list (36) | |||
|- voip-profile (36) | |||
|- icap-profile (36) | |||
|- waf-profile (36) | |||
|- profile-protocol-options (36) | |||
+- ssl-ssh-profile (36) | |||
|- [ssl-server] --*name (36) | |||
|- ip | |||
|- port (1,65535) | |||
|- ssl-mode | |||
|- add-header-x-forwarded-proto | |||
|- mapped-port (1,65535) | |||
|- ssl-cert (36) | |||
|- ssl-dh-bits | |||
|- ssl-algorithm | |||
|- ssl-client-renegotiation | |||
|- ssl-min-version | |||
|- ssl-max-version | |||
|- ssl-send-empty-frags | |||
+- url-rewrite | |||
|- [identity-based-route] --*name (36) | |||
|- comments (128 xss) | |||
+- [rule] --*id (0,4294967295) | |||
|- gateway | |||
|- device (36) | |||
+- [groups] --*name (65) | |||
|- <auth-portal> -- [groups] --*name (65) | |||
|- portal-addr (64) | |||
|- portal-addr6 (64) | |||
+- identity-based-route (36) | |||
|- [policy] --*policyid (0,4294967294) | |||
|- name (36 xss) | |||
|- uuid | |||
|- [srcintf] --*name (65) | |||
|- [dstintf] --*name (65) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- internet-service | |||
|- [internet-service-id] --*id (0,4294967295) | |||
|- [internet-service-custom] --*name (65) | |||
|- rtp-nat | |||
|- [rtp-addr] --*name (65) | |||
|- learning-mode | |||
|- action | |||
|- send-deny-packet | |||
|- firewall-session-dirty | |||
|- status | |||
|- schedule (36) | |||
|- schedule-timeout | |||
|- [service] --*name (65) | |||
|- dscp-match | |||
|- dscp-negate | |||
|- dscp-value | |||
|- tcp-session-without-syn | |||
|- utm-status | |||
|- profile-type | |||
|- profile-group (36) | |||
|- av-profile (36) | |||
|- webfilter-profile (36) | |||
|- dnsfilter-profile (36) | |||
|- spamfilter-profile (36) | |||
|- dlp-sensor (36) | |||
|- ips-sensor (36) | |||
|- application-list (36) | |||
|- voip-profile (36) | |||
|- icap-profile (36) | |||
|- waf-profile (36) | |||
|- profile-protocol-options (36) | |||
|- ssl-ssh-profile (36) | |||
|- logtraffic | |||
|- logtraffic-start | |||
|- auto-asic-offload | |||
|- np-accelation | |||
|- traffic-shaper (36) | |||
|- traffic-shaper-reverse (36) | |||
|- per-ip-shaper (36) | |||
|- [application] --*id (0,4294967295) | |||
|- [app-category] --*id (0,4294967295) | |||
|- [url-category] --*id (0,4294967295) | |||
|- nat | |||
|- permit-any-host | |||
|- permit-stun-host | |||
|- fixedport | |||
|- ippool | |||
|- [poolname] --*name (65) | |||
|- session-ttl (300,604800) | |||
|- vlan-cos-fwd (0,7) | |||
|- vlan-cos-rev (0,7) | |||
|- inbound | |||
|- outbound | |||
|- natinbound | |||
|- natoutbound | |||
|- wccp | |||
|- ntlm | |||
|- ntlm-guest | |||
|- [ntlm-enabled-browsers] --*user-agent-string (65) | |||
|- fsso | |||
|- wsso | |||
|- rsso | |||
|- fsso-agent-for-ntlm (36) | |||
|- [groups] --*name (65) | |||
|- [users] --*name (65) | |||
|- [devices] --*name (36) | |||
|- auth-path | |||
|- disclaimer | |||
|- vpntunnel (36) | |||
|- natip | |||
|- match-vip | |||
|- diffserv-forward | |||
|- diffserv-reverse | |||
|- diffservcode-forward | |||
|- diffservcode-rev | |||
|- tcp-mss-sender (0,65535) | |||
|- tcp-mss-receiver (0,65535) | |||
|- comments | |||
|- label (64 xss) | |||
|- global-label (64 xss) | |||
|- auth-cert (36) | |||
|- auth-redirect-addr (64) | |||
|- redirect-url (256) | |||
|- identity-based-route (36) | |||
|- block-notification | |||
|- [custom-log-fields] --*field-id (36) | |||
|- [tags] --*name (65) | |||
|- replacemsg-override-group (36) | |||
|- srcaddr-negate | |||
|- dstaddr-negate | |||
|- service-negate | |||
|- internet-service-negate | |||
|- timeout-send-rst | |||
|- captive-portal-exempt | |||
|- ssl-mirror | |||
|- [ssl-mirror-intf] --*name (65) | |||
|- scan-botnet-connections | |||
|- dsri | |||
|- radius-mac-auth-bypass | |||
+- delay-tcp-npu-session | |||
|- [shaping-policy] --*id (0,4294967295) | |||
|- status | |||
|- ip-version | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- [srcaddr6] --*name (65) | |||
|- [dstaddr6] --*name (65) | |||
|- [service] --*name (65) | |||
|- [users] --*name (65) | |||
|- [groups] --*name (65) | |||
|- [application] --*id (0,4294967295) | |||
|- [app-category] --*id (0,4294967295) | |||
|- [url-category] --*id (0,4294967295) | |||
|- [dstintf] --*name (65) | |||
|- traffic-shaper (36) | |||
|- traffic-shaper-reverse (36) | |||
+- per-ip-shaper (36) | |||
|- [local-in-policy] --*policyid (0,4294967295) | |||
|- ha-mgmt-intf-only | |||
|- intf (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- action | |||
|- [service] --*name (65) | |||
|- schedule (36) | |||
+- status | |||
|- [policy6] --*policyid (0,4294967294) | |||
|- name (36 xss) | |||
|- uuid | |||
|- [srcintf] --*name (65) | |||
|- [dstintf] --*name (65) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- action | |||
|- firewall-session-dirty | |||
|- status | |||
|- vlan-cos-fwd (0,7) | |||
|- vlan-cos-rev (0,7) | |||
|- schedule (36) | |||
|- [service] --*name (65) | |||
|- dscp-match | |||
|- dscp-negate | |||
|- dscp-value | |||
|- tcp-session-without-syn | |||
|- utm-status | |||
|- profile-type | |||
|- profile-group (36) | |||
|- av-profile (36) | |||
|- webfilter-profile (36) | |||
|- spamfilter-profile (36) | |||
|- dlp-sensor (36) | |||
|- ips-sensor (36) | |||
|- application-list (36) | |||
|- voip-profile (36) | |||
|- icap-profile (36) | |||
|- profile-protocol-options (36) | |||
|- ssl-ssh-profile (36) | |||
|- logtraffic | |||
|- logtraffic-start | |||
|- auto-asic-offload | |||
|- np-accelation | |||
|- traffic-shaper (36) | |||
|- traffic-shaper-reverse (36) | |||
|- per-ip-shaper (36) | |||
|- [application] --*id (0,4294967295) | |||
|- [app-category] --*id (0,4294967295) | |||
|- [url-category] --*id (0,4294967295) | |||
|- nat | |||
|- fixedport | |||
|- ippool | |||
|- [poolname] --*name (65) | |||
|- session-ttl (300,604800) | |||
|- inbound | |||
|- outbound | |||
|- natinbound | |||
|- natoutbound | |||
|- send-deny-packet | |||
|- vpntunnel (36) | |||
|- diffserv-forward | |||
|- diffserv-reverse | |||
|- diffservcode-forward | |||
|- diffservcode-rev | |||
|- tcp-mss-sender (0,65535) | |||
|- tcp-mss-receiver (0,65535) | |||
|- comments | |||
|- label (64 xss) | |||
|- global-label (64 xss) | |||
|- rsso | |||
|- [custom-log-fields] --*field-id (36) | |||
|- [tags] --*name (65) | |||
|- replacemsg-override-group (36) | |||
|- srcaddr-negate | |||
|- dstaddr-negate | |||
|- service-negate | |||
|- [groups] --*name (65) | |||
|- [users] --*name (65) | |||
|- [devices] --*name (36) | |||
|- timeout-send-rst | |||
|- ssl-mirror | |||
|- [ssl-mirror-intf] --*name (65) | |||
+- dsri | |||
|- [local-in-policy6] --*policyid (0,4294967295) | |||
|- intf (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- action | |||
|- [service] --*name (65) | |||
|- schedule (36) | |||
+- status | |||
|- [ttl-policy] --*id (0,4294967295) | |||
|- status | |||
|- action | |||
|- srcintf (36) | |||
|- [srcaddr] --*name (65) | |||
|- [service] --*name (65) | |||
|- schedule (36) | |||
+- ttl | |||
|- [policy64] --*policyid (0,4294967294) | |||
|- uuid | |||
|- srcintf (36) | |||
|- dstintf (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- action | |||
|- status | |||
|- schedule (36) | |||
|- [service] --*name (65) | |||
|- logtraffic | |||
|- permit-any-host | |||
|- traffic-shaper (36) | |||
|- traffic-shaper-reverse (36) | |||
|- per-ip-shaper (36) | |||
|- fixedport | |||
|- ippool | |||
|- [poolname] --*name (65) | |||
|- tcp-mss-sender (0,65535) | |||
|- tcp-mss-receiver (0,65535) | |||
|- comments | |||
+- [tags] --*name (65) | |||
|- [policy46] -- permit-any-host | |||
|-*policyid (0,4294967294) | |||
|- uuid | |||
|- srcintf (36) | |||
|- dstintf (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- action | |||
|- status | |||
|- schedule (36) | |||
|- [service] --*name (65) | |||
|- logtraffic | |||
|- traffic-shaper (36) | |||
|- traffic-shaper-reverse (36) | |||
|- per-ip-shaper (36) | |||
|- fixedport | |||
|- tcp-mss-sender (0,65535) | |||
|- tcp-mss-receiver (0,65535) | |||
|- comments | |||
+- [tags] --*name (65) | |||
|- [proxy-address] --*name (36) | |||
|- uuid | |||
|- type | |||
|- host (64) | |||
|- host-regex (256 xss) | |||
|- path (256 xss) | |||
|- [category] --*id (0,4294967295) | |||
|- method | |||
|- ua | |||
|- header-name (80) | |||
|- header (256 xss) | |||
|- case-sensitivity | |||
|- [header-group] --*id (0,4294967295) | |||
|- header-name (80) | |||
|- header (256 xss) | |||
+- case-sensitivity | |||
|- color (0,32) | |||
|- [tags] --*name (65) | |||
|- comment | |||
+- visibility | |||
|- [proxy-addrgrp] --*name (64) | |||
|- type | |||
|- uuid | |||
|- [member] --*name (65) | |||
|- color (0,32) | |||
|- [tags] --*name (65) | |||
|- comment | |||
+- visibility | |||
|- [proxy-policy] -- uuid | |||
|-*policyid (0,4294967295) | |||
|- proxy | |||
|- [srcintf] --*name (65) | |||
|- [dstintf] --*name (65) | |||
|- [srcaddr] --*name (65) | |||
|- [poolname] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- internet-service | |||
|- internet-service-negate | |||
|- [internet-service-id] --*id (0,4294967295) | |||
|- [internet-service-custom] --*name (65) | |||
|- [service] --*name (65) | |||
|- srcaddr-negate | |||
|- dstaddr-negate | |||
|- service-negate | |||
|- action | |||
|- status | |||
|- schedule (36) | |||
|- logtraffic | |||
|- [srcaddr6] --*name (65) | |||
|- [dstaddr6] --*name (65) | |||
|- [groups] --*name (65) | |||
|- [users] --*name (65) | |||
|- webproxy-forward-server (64) | |||
|- webproxy-profile (64) | |||
|- transparent | |||
|- disclaimer | |||
|- utm-status | |||
|- profile-type | |||
|- profile-group (36) | |||
|- av-profile (36) | |||
|- webfilter-profile (36) | |||
|- spamfilter-profile (36) | |||
|- dlp-sensor (36) | |||
|- ips-sensor (36) | |||
|- application-list (36) | |||
|- icap-profile (36) | |||
|- waf-profile (36) | |||
|- profile-protocol-options (36) | |||
|- ssl-ssh-profile (36) | |||
|- replacemsg-override-group (36) | |||
|- logtraffic-start | |||
|- [tags] --*name (65) | |||
|- label (64 xss) | |||
|- global-label (64 xss) | |||
|- scan-botnet-connections | |||
|- comments | |||
+- redirect-url | |||
|- [dnstranslation] --*id (0,4294967295) | |||
|- src | |||
|- dst | |||
+- netmask | |||
|- [multicast-policy] --*id (0,4294967294) | |||
|- status | |||
|- logtraffic | |||
|- srcintf (36) | |||
|- dstintf (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- snat | |||
|- snat-ip | |||
|- dnat | |||
|- action | |||
|- protocol (0,255) | |||
|- start-port (0,65535) | |||
|- end-port (0,65535) | |||
+- auto-asic-offload | |||
|- [multicast-policy6] --*id (0,4294967294) | |||
|- status | |||
|- logtraffic | |||
|- srcintf (36) | |||
|- dstintf (36) | |||
|- [srcaddr] --*name (80) | |||
|- [dstaddr] --*name (80) | |||
|- action | |||
|- protocol (0,255) | |||
|- start-port (0,65535) | |||
|- end-port (0,65535) | |||
+- auto-asic-offload | |||
|- [interface-policy] --*policyid (0,4294967295) | |||
|- status | |||
|- comments | |||
|- logtraffic | |||
|- address-type | |||
|- interface (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- [service] --*name (65) | |||
|- application-list-status | |||
|- application-list (36) | |||
|- ips-sensor-status | |||
|- ips-sensor (36) | |||
|- dsri | |||
|- av-profile-status | |||
|- av-profile (36) | |||
|- webfilter-profile-status | |||
|- webfilter-profile (36) | |||
|- spamfilter-profile-status | |||
|- spamfilter-profile (36) | |||
|- dlp-sensor-status | |||
|- dlp-sensor (36) | |||
|- scan-botnet-connections | |||
+- label (64 xss) | |||
|- [interface-policy6] --*policyid (0,4294967295) | |||
|- status | |||
|- comments | |||
|- logtraffic | |||
|- address-type | |||
|- interface (36) | |||
|- [srcaddr6] --*name (65) | |||
|- [dstaddr6] --*name (65) | |||
|- [service6] --*name (65) | |||
|- application-list-status | |||
|- application-list (36) | |||
|- ips-sensor-status | |||
|- ips-sensor (36) | |||
|- dsri | |||
|- av-profile-status | |||
|- av-profile (36) | |||
|- webfilter-profile-status | |||
|- webfilter-profile (36) | |||
|- spamfilter-profile-status | |||
|- spamfilter-profile (36) | |||
|- dlp-sensor-status | |||
|- dlp-sensor (36) | |||
|- scan-botnet-connections | |||
+- label (64 xss) | |||
|- [DoS-policy] --*policyid (0,9999) | |||
|- status | |||
|- comments | |||
|- interface (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- [service] --*name (65) | |||
+- [anomaly] --*name (64) | |||
|- status | |||
|- log | |||
|- action | |||
|- quarantine | |||
|- quarantine-expiry | |||
|- quarantine-log | |||
|- threshold (1,2147483647) | |||
+- threshold(default) (0,4294967295) | |||
|- [DoS-policy6] --*policyid (0,9999) | |||
|- status | |||
|- comments | |||
|- interface (36) | |||
|- [srcaddr] --*name (65) | |||
|- [dstaddr] --*name (65) | |||
|- [service] --*name (65) | |||
+- [anomaly] --*name (64) | |||
|- status | |||
|- log | |||
|- action | |||
|- quarantine | |||
|- quarantine-expiry | |||
|- quarantine-log | |||
|- threshold (1,2147483647) | |||
+- threshold(default) (0,4294967295) | |||
|- [sniffer] --*id (0,9999) | |||
|- status | |||
|- logtraffic | |||
|- ipv6 | |||
|- non-ip | |||
|- interface (36) | |||
|- host (64 xss) | |||
|- port (64 xss) | |||
|- protocol (64 xss) | |||
|- vlan (64 xss) | |||
|- application-list-status | |||
|- application-list (36) | |||
|- ips-sensor-status | |||
|- ips-sensor (36) | |||
|- dsri | |||
|- av-profile-status | |||
|- av-profile (36) | |||
|- webfilter-profile-status | |||
|- webfilter-profile (36) | |||
|- spamfilter-profile-status | |||
|- spamfilter-profile (36) | |||
|- dlp-sensor-status | |||
|- dlp-sensor (36) | |||
|- ips-dos-status | |||
|- [anomaly] --*name (64) | |||
|- status | |||
|- log | |||
|- action | |||
|- quarantine | |||
|- quarantine-expiry | |||
|- quarantine-log | |||
|- threshold (1,2147483647) | |||
+- threshold(default) (0,4294967295) | |||
|- scan-botnet-connections | |||
+- max-packet-count (1,10000) | |||
|- [central-snat-map] --*policyid (0,4294967295) | |||
|- status | |||
|- [orig-addr] --*name (65) | |||
|- [srcintf] --*name (65) | |||
|- [dst-addr] --*name (65) | |||
|- [dstintf] --*name (65) | |||
|- [nat-ippool] --*name (65) | |||
|- protocol (0,255) | |||
|- orig-port (0,65535) | |||
|- nat-port | |||
+- nat | |||
|- ssl -- <setting> -- proxy-connect-timeout (1,60) | |||
|- ssl-dh-bits | |||
|- ssl-send-empty-frags | |||
|- no-matching-cipher-action | |||
|- cert-cache-capacity (0,500) | |||
|- cert-cache-timeout (1,120) | |||
|- session-cache-capacity (0,1000) | |||
|- session-cache-timeout (1,60) | |||
|- kxp-queue-threshold (0,512) | |||
|- ssl-queue-threshold (0,512) | |||
+- abbreviate-handshake | |||
|- [ip-translation] --*transid (0,4294967295) | |||
|- type | |||
|- startip | |||
|- endip | |||
+- map-startip | |||
|- <ipv6-eh-filter> -- hop-opt | |||
|- dest-opt | |||
|- hdopt-type (0,255) | |||
|- routing | |||
|- routing-type (0,255) | |||
|- fragment | |||
|- auth | |||
+- no-next | |||
|- iprope -- <list> -- <group_number> (0) | |||
+- appctrl -- <list> | |||
+- <status> | |||
|- <proute> -- <policy route id> (0) | |||
+- <proute6> | |||
|- webfilter -- [ftgd-local-cat] -- id (140,191) | |||
+-*desc (80) | |||
|- [content] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] --*name (128 xss) | |||
|- pattern-type | |||
|- status | |||
|- lang | |||
|- score (0,4294967295) | |||
+- action | |||
|- [content-header] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] --*pattern (32 xss) | |||
|- action | |||
+- category | |||
|- [urlfilter] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
|- one-arm-ips-urlfilter | |||
|- ip-addr-block | |||
+- [entries] --*id (0,4294967295) | |||
|- url (512 xss) | |||
|- type | |||
|- action | |||
|- status | |||
|- exempt | |||
|- web-proxy-profile (64) | |||
+- referrer-host (256) | |||
|- <ips-urlfilter-setting> -- device (36) | |||
|- distance (1,255) | |||
+- gateway | |||
|- <ips-urlfilter-cache-setting> -- dns-retry-interval (0,2147483) | |||
+- extended-ttl (0,2147483) | |||
|- [profile] --*name (36) | |||
|- comment | |||
|- replacemsg-group (36) | |||
|- inspection-mode | |||
|- options | |||
|- https-replacemsg | |||
|- ovrd-perm | |||
|- post-action | |||
|- <override> -- ovrd-cookie | |||
|- ovrd-scope | |||
|- profile-type | |||
|- ovrd-dur-mode | |||
|- ovrd-dur | |||
|- profile-attribute | |||
|- [ovrd-user-group] --*name (65) | |||
+- [profile] --*name (65) | |||
|- <web> -- bword-threshold (0,2147483647) | |||
|- bword-table (0,4294967295) | |||
|- urlfilter-table (0,4294967295) | |||
|- content-header-list (0,4294967295) | |||
|- blacklist | |||
|- whitelist | |||
|- safe-search | |||
|- youtube-restrict | |||
|- log-search | |||
+- [keyword-match] --*pattern (65) | |||
|- <ftgd-wf> -- options | |||
|- category-override | |||
|- exempt-quota | |||
|- ovrd | |||
|- [filters] --*id (0,255) | |||
|- category (0,255) | |||
|- action | |||
|- warn-duration | |||
|- [auth-usr-grp] --*name (65) | |||
|- log | |||
|- override-replacemsg (29) | |||
|- warning-prompt | |||
+- warning-duration-type | |||
|- [quota] --*id (0,4294967295) | |||
|- category | |||
|- type | |||
|- unit | |||
|- value (1,4294967295) | |||
|- duration | |||
+- override-replacemsg (29) | |||
|- max-quota-timeout (1,86400) | |||
|- rate-image-urls | |||
|- rate-javascript-urls | |||
|- rate-css-urls | |||
+- rate-crl-urls | |||
|- wisp | |||
|- [wisp-servers] --*name (65) | |||
|- wisp-algorithm | |||
|- log-all-url | |||
|- web-content-log | |||
|- web-filter-activex-log | |||
|- web-filter-command-block-log | |||
|- web-filter-cookie-log | |||
|- web-filter-applet-log | |||
|- web-filter-jscript-log | |||
|- web-filter-js-log | |||
|- web-filter-vbs-log | |||
|- web-filter-unknown-log | |||
|- web-filter-referer-log | |||
|- web-filter-cookie-removal-log | |||
|- web-url-log | |||
|- web-invalid-domain-log | |||
|- web-ftgd-err-log | |||
+- web-ftgd-quota-usage | |||
|- <fortiguard> -- cache-mode | |||
|- cache-prefix-match | |||
|- cache-mem-percent (1,15) | |||
|- ovrd-auth-port-http (0,65535) | |||
|- ovrd-auth-port-https (0,65535) | |||
|- ovrd-auth-port-warning (0,65535) | |||
|- ovrd-auth-https | |||
|- warn-auth-https | |||
|- close-ports | |||
|- request-packet-size-limit (576,10000) | |||
|- <categories> | |||
|- [override] --*id (0,4294967295) | |||
|- status | |||
|- scope | |||
|- ip | |||
|- user (65) | |||
|- user-group (64) | |||
|- old-profile (36) | |||
|- new-profile (36) | |||
|- ip6 | |||
|- expires | |||
+- initiator (65) | |||
|- [ftgd-local-rating] --*url (512 xss) | |||
|- status | |||
+- rating | |||
|- [search-engine] --*name (36) | |||
|- hostname (128 xss) | |||
|- url (128 xss) | |||
|- query (16 xss) | |||
|- safesearch | |||
|- charset | |||
+- safesearch-str (80 xss) | |||
|- <cookie-ovrd> -- redir-host (256) | |||
+- redir-port (0,65535) | |||
|- <ftgd-statistics> | |||
|- <status> -- <refresh-rate> (0) | |||
+- <override-usr> | |||
|- ips -- [sensor] --*name (36) | |||
|- comment | |||
|- replacemsg-group (36) | |||
|- block-malicious-url | |||
|- [entries] --*id (0,4294967295) | |||
|- [rule] --*id (0,4294967295) | |||
|- location | |||
|- severity | |||
|- protocol | |||
|- os | |||
|- application | |||
|- [tags] --*name (65) | |||
|- status | |||
|- log | |||
|- log-packet | |||
|- log-attack-context | |||
|- action | |||
|- rate-count (0,65535) | |||
|- rate-duration (1,65535) | |||
|- rate-mode | |||
|- rate-track | |||
|- [exempt-ip] --*id (0,4294967295) | |||
|- src-ip | |||
+- dst-ip | |||
|- quarantine | |||
|- quarantine-expiry | |||
+- quarantine-log | |||
|- [filter] --*name (32) | |||
|- location | |||
|- severity | |||
|- protocol | |||
|- os | |||
|- application | |||
|- status | |||
|- log | |||
|- log-packet | |||
|- action | |||
|- quarantine | |||
|- quarantine-expiry (1,2147483647) | |||
+- quarantine-log | |||
+- [override] --*rule-id (0,4294967295) | |||
|- status | |||
|- log | |||
|- log-packet | |||
|- action | |||
|- quarantine | |||
|- quarantine-expiry (1,2147483647) | |||
|- quarantine-log | |||
+- [exempt-ip] --*id (0,4294967295) | |||
|- src-ip | |||
+- dst-ip | |||
|- [attr-map] --*id (0,4294967295) | |||
|- name (32) | |||
+- [children] --*map-id (0,4294967295) | |||
|- [metadata-map] --*id (0,4294967295) | |||
|- type (0,4294967295) | |||
|- name (32) | |||
+- [values] --*subid (0,4294967295) | |||
+- subname (32) | |||
|- [view-map] --*id (0,4294967295) | |||
|- vdom-id (0,4294967295) | |||
|- policy-id (0,4294967295) | |||
|- id-policy-id (0,4294967295) | |||
+- which | |||
|- [decoder] --*name (64) | |||
+- [parameter] --*name (32) | |||
+- value (200) | |||
|- [rule] --*name (64) | |||
|- status | |||
|- log | |||
|- log-packet | |||
|- action | |||
|- group (64) | |||
|- severity | |||
|- location | |||
|- os | |||
|- application | |||
|- service | |||
|- rule-id (0,4294967295) | |||
|- rev (0,4294967295) | |||
|- date (0,4294967295) | |||
+- [metadata] --*id (0,4294967295) | |||
|- metaid (0,4294967295) | |||
+- valueid (0,4294967295) | |||
|- [rule-settings] --*id (0,4294967295) | |||
+- [tags] --*name (65) | |||
|- [custom] --*tag (64) | |||
|- signature (1024 xss) | |||
|- sig-name (64) | |||
|- rule-id (0,4294967295) | |||
|- severity | |||
|- location | |||
|- os | |||
|- application | |||
|- protocol | |||
|- status | |||
|- log | |||
|- log-packet | |||
|- action | |||
+- comment (64 xss) | |||
|- <global> -- fail-open | |||
|- database | |||
|- traffic-submit | |||
|- anomaly-mode | |||
|- session-limit-mode | |||
|- intelligent-mode | |||
|- socket-size (1,128) | |||
|- engine-count (0,255) | |||
|- algorithm | |||
|- sync-session-ttl | |||
|- np-accel-mode | |||
|- cp-accel-mode | |||
|- skype-client-public-ipaddr | |||
|- deep-app-insp-timeout (0,2147483647) | |||
+- deep-app-insp-db-limit (0,2147483647) | |||
|- <settings> -- packet-log-history (1,255) | |||
|- packet-log-post-attack (0,255) | |||
|- packet-log-memory (64,8192) | |||
+- ips-packet-quota (0,4294967295) | |||
+- <session> | |||
|- web-proxy -- [profile] --*name (64) | |||
|- header-client-ip | |||
|- header-via-request | |||
|- header-via-response | |||
|- header-x-forwarded-for | |||
|- header-front-end-https | |||
|- strip-encoding | |||
+- [headers] --*id (0,4294967295) | |||
|- name (80) | |||
|- action | |||
+- content (256) | |||
|- <global> -- proxy-fqdn (256) | |||
|- max-request-length (2,64) | |||
|- max-message-length (16,256) | |||
|- strict-web-check | |||
|- forward-proxy-auth | |||
|- tunnel-non-http | |||
|- unknown-http-version | |||
|- forward-server-affinity-timeout (6,60) | |||
|- max-waf-body-cache-length (10,1024) | |||
|- webproxy-profile (64) | |||
|- learn-client-ip | |||
|- learn-client-ip-from-header | |||
|- [learn-client-ip-srcaddr] --*name (65) | |||
+- [learn-client-ip-srcaddr6] --*name (65) | |||
|- <explicit> -- status | |||
|- ftp-over-http | |||
|- socks | |||
|- http-incoming-port | |||
|- https-incoming-port | |||
|- ftp-incoming-port | |||
|- socks-incoming-port | |||
|- incoming-ip | |||
|- outgoing-ip | |||
|- ipv6-status | |||
|- incoming-ip6 | |||
|- outgoing-ip6 | |||
|- strict-guest | |||
|- pref-dns-result | |||
|- unknown-http-version | |||
|- realm (64) | |||
|- sec-default-action | |||
|- https-replacement-message | |||
|- message-upon-server-error | |||
|- pac-file-server-status | |||
|- pac-file-server-port | |||
|- pac-file-name (64) | |||
|- pac-file-data | |||
|- pac-file-url | |||
|- ssl-algorithm | |||
+- trace-auth-no-rsp | |||
|- [forward-server] --*name (64) | |||
|- addr-type | |||
|- ip | |||
|- fqdn (256) | |||
|- port (1,65535) | |||
|- healthcheck | |||
|- monitor (256) | |||
|- server-down-option | |||
+- comment (64 xss) | |||
|- [forward-server-group] --*name (64) | |||
|- affinity | |||
|- ldb-method | |||
|- group-down-option | |||
+- [server-list] --*name (64) | |||
+- weight (1,100) | |||
|- [debug-url] --*name (64) | |||
|- url-pattern (512) | |||
|- status | |||
+- exact | |||
|- [wisp] --*name (36) | |||
|- comment | |||
|- outgoing-ip | |||
|- server-ip | |||
|- server-port (1,65535) | |||
|- max-connections (4,4096) | |||
+- timeout (1,15) | |||
+- [url-match] --*name (64) | |||
|- status | |||
|- url-pattern (512) | |||
|- forward-server (36) | |||
|- cache-exemption | |||
+- comment | |||
|- ftp-proxy -- <explicit> -- status | |||
|- incoming-port | |||
|- incoming-ip | |||
|- outgoing-ip | |||
+- sec-default-action | |||
|- application -- [name] --*name (64) | |||
|- id (0,4294967295) | |||
|- category (0,4294967295) | |||
|- sub-category (0,255) | |||
|- popularity (0,255) | |||
|- risk (0,255) | |||
|- weight (0,255) | |||
|- protocol | |||
|- technology | |||
|- behavior | |||
|- vendor | |||
|- parameter (36) | |||
+- [metadata] --*id (0,4294967295) | |||
|- metaid (0,4294967295) | |||
+- valueid (0,4294967295) | |||
|- [custom] --*tag (64) | |||
|- name (64) | |||
|- id (0,4294967295) | |||
|- comment (64 xss) | |||
|- signature (1024 xss) | |||
|- category (0,4294967295) | |||
|- protocol | |||
|- technology | |||
|- behavior | |||
+- vendor | |||
|- [rule-settings] --*id (0,4294967295) | |||
+- [tags] --*name (65) | |||
+- [list] --*name (36) | |||
|- comment | |||
|- replacemsg-group (36) | |||
|- other-application-action | |||
|- app-replacemsg | |||
|- other-application-log | |||
|- unknown-application-action | |||
|- unknown-application-log | |||
|- p2p-black-list | |||
|- deep-app-inspection | |||
|- options | |||
+- [entries] --*id (0,4294967295) | |||
|- [risk] --*level (0,4294967295) | |||
|- [category] --*id (0,4294967295) | |||
|- [sub-category] --*id (0,4294967295) | |||
|- [application] --*id (0,4294967295) | |||
|- protocols | |||
|- vendor | |||
|- technology | |||
|- behavior | |||
|- popularity | |||
|- [tags] --*name (65) | |||
|- [parameters] --*id (0,4294967295) | |||
+- value (64 xss) | |||
|- action | |||
|- log | |||
|- log-packet | |||
|- rate-count (0,65535) | |||
|- rate-duration (1,65535) | |||
|- rate-mode | |||
|- rate-track | |||
|- session-ttl (0,4294967295) | |||
|- shaper (36) | |||
|- shaper-reverse (36) | |||
|- per-ip-shaper (36) | |||
|- quarantine | |||
|- quarantine-expiry | |||
+- quarantine-log | |||
|- dlp -- [filepattern] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] -- filter-type | |||
|-*pattern (80 xss) | |||
+- file-type | |||
|- [fp-sensitivity] --*name (36) | |||
+- [sensor] --*name (36) | |||
|- comment | |||
|- replacemsg-group (36) | |||
|- [filter] --*id (0,4294967295) | |||
|- name (36) | |||
|- severity | |||
|- type | |||
|- proto | |||
|- filter-by | |||
|- file-size (0,4294967295) | |||
|- company-identifier (36) | |||
|- [fp-sensitivity] --*name (36) | |||
|- file-type (0,4294967295) | |||
|- regexp (256 xss) | |||
|- archive | |||
|- action | |||
+- expiry | |||
|- dlp-log | |||
|- nac-quar-log | |||
|- flow-based | |||
|- full-archive-proto | |||
+- summary-proto | |||
|- spamfilter -- [bword] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] -- status | |||
|-*id (0,4294967295) | |||
|- pattern (128 xss) | |||
|- pattern-type | |||
|- action | |||
|- where | |||
|- language | |||
+- score (1,99999) | |||
|- [bwl] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] -- status | |||
|-*id (0,4294967295) | |||
|- type | |||
|- action | |||
|- addr-type | |||
|- ip4-subnet | |||
|- ip6-subnet | |||
|- pattern-type | |||
+- email-pattern (128 xss) | |||
|- [mheader] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] -- status | |||
|-*id (0,4294967295) | |||
|- fieldname (64 xss) | |||
|- fieldbody (128 xss) | |||
|- pattern-type | |||
+- action | |||
|- [dnsbl] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] -- status | |||
|-*id (0,4294967295) | |||
|- server (128) | |||
+- action | |||
|- [iptrust] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] -- status | |||
|-*id (0,4294967295) | |||
|- addr-type | |||
|- ip4-subnet | |||
+- ip6-subnet | |||
|- [profile] --*name (36) | |||
|- comment | |||
|- flow-based | |||
|- replacemsg-group (36) | |||
|- spam-log | |||
|- spam-log-fortiguard-response | |||
|- spam-filtering | |||
|- external | |||
|- options | |||
|- <imap> -- log | |||
|- action | |||
|- tag-type | |||
+- tag-msg (64) | |||
|- <pop3> -- log | |||
|- action | |||
|- tag-type | |||
+- tag-msg (64) | |||
|- <smtp> -- log | |||
|- action | |||
|- tag-type | |||
|- tag-msg (64) | |||
|- hdrip | |||
+- local-override | |||
|- <mapi> -- log | |||
+- action | |||
|- <msn-hotmail> -- log | |||
|- <yahoo-mail> -- log | |||
|- <gmail> -- log | |||
|- spam-bword-threshold (0,2147483647) | |||
|- spam-bword-table (0,4294967295) | |||
|- spam-bwl-table (0,4294967295) | |||
|- spam-mheader-table (0,4294967295) | |||
|- spam-rbl-table (0,4294967295) | |||
+- spam-iptrust-table (0,4294967295) | |||
|- <fortishield> -- spam-submit-srv (64) | |||
|- spam-submit-force | |||
+- spam-submit-txt2htm | |||
+- <options> -- dns-timeout (1,30) | |||
|- log -- <threat-weight> -- status | |||
|- <level> -- low (1,100) | |||
|- medium (1,100) | |||
|- high (1,100) | |||
+- critical (1,100) | |||
|- blocked-connection | |||
|- failed-connection | |||
|- malware-detected | |||
|- url-block-detected | |||
|- botnet-connection-detected | |||
|- <ips> -- info-severity | |||
|- low-severity | |||
|- medium-severity | |||
|- high-severity | |||
+- critical-severity | |||
|- [web] --*id (0,255) | |||
|- category (0,255) | |||
+- level | |||
|- [geolocation] --*id (0,255) | |||
|- country (3) | |||
+- level | |||
+- [application] --*id (0,255) | |||
|- category (0,65535) | |||
+- level | |||
|- [custom-field] --*id (36) | |||
|- name (16) | |||
+- value (16) | |||
|- syslogd -- <setting> -- status | |||
|- server (64) | |||
|- reliable | |||
|- port (0,65535) | |||
|- facility | |||
|- source-ip (64) | |||
|- format | |||
+- [custom-field-name] --*id (0,255) | |||
|- name (36) | |||
+- custom (36) | |||
|- <override-setting> -- override | |||
|- status | |||
|- server (64) | |||
|- reliable | |||
|- port (0,65535) | |||
|- facility | |||
|- source-ip (64) | |||
|- format | |||
+- [custom-field-name] --*id (0,255) | |||
|- name (36) | |||
+- custom (36) | |||
|- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
+- <override-filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- syslogd2 -- <setting> -- status | |||
|- server (64) | |||
|- reliable | |||
|- port (0,65535) | |||
|- facility | |||
|- source-ip (64) | |||
|- format | |||
+- [custom-field-name] --*id (0,255) | |||
|- name (36) | |||
+- custom (36) | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- syslogd3 -- <setting> -- status | |||
|- server (64) | |||
|- reliable | |||
|- port (0,65535) | |||
|- facility | |||
|- source-ip (64) | |||
|- format | |||
+- [custom-field-name] --*id (0,255) | |||
|- name (36) | |||
+- custom (36) | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- syslogd4 -- <setting> -- status | |||
|- server (64) | |||
|- reliable | |||
|- port (0,65535) | |||
|- facility | |||
|- source-ip (64) | |||
|- format | |||
+- [custom-field-name] --*id (0,255) | |||
|- name (36) | |||
+- custom (36) | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- webtrends -- <setting> -- status | |||
+- server (64) | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- memory -- <global-setting> -- max-size (0,4294967295) | |||
|- full-first-warning-threshold (1,98) | |||
|- full-second-warning-threshold (2,99) | |||
+- full-final-warning-threshold (3,100) | |||
|- <setting> -- status | |||
+- diskfull | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- disk -- <setting> -- status | |||
|- ips-archive | |||
|- max-log-file-size (1,100) | |||
|- max-policy-packet-capture-size (0,4294967295) | |||
|- roll-schedule | |||
|- roll-day | |||
|- roll-time | |||
|- diskfull | |||
|- log-quota (0,4294967295) | |||
|- dlp-archive-quota (0,4294967295) | |||
|- maximum-log-age (0,4294967295) | |||
|- upload | |||
|- upload-destination | |||
|- uploadip | |||
|- uploadport (0,65535) | |||
|- source-ip | |||
|- uploaduser (36) | |||
|- uploadpass | |||
|- uploaddir (64) | |||
|- uploadtype | |||
|- uploadsched | |||
|- uploadtime (0,23) | |||
|- upload-delete-files | |||
|- upload-ssl-conn | |||
|- full-first-warning-threshold (1,98) | |||
|- full-second-warning-threshold (2,99) | |||
+- full-final-warning-threshold (3,100) | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- <eventfilter> -- event | |||
|- system | |||
|- vpn | |||
|- user | |||
|- router | |||
|- wireless-activity | |||
|- wan-opt | |||
|- endpoint | |||
|- ha | |||
|- compliance-check | |||
+- security-audit | |||
|- fortiguard -- <setting> -- status | |||
|- upload-option | |||
|- upload-interval | |||
|- upload-day | |||
|- upload-time | |||
|- enc-algorithm | |||
+- source-ip | |||
|- <override-setting> -- override | |||
|- status | |||
|- upload-option | |||
|- upload-interval | |||
|- upload-day | |||
+- upload-time | |||
|- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dlp-archive | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
+- <override-filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dlp-archive | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- null-device -- <setting> -- status | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- <setting> -- resolve-ip | |||
|- resolve-port | |||
|- log-user-in-upper | |||
|- fwpolicy-implicit-log | |||
|- fwpolicy6-implicit-log | |||
|- log-invalid-packet | |||
|- local-in-allow | |||
|- local-in-deny-unicast | |||
|- local-in-deny-broadcast | |||
|- local-out | |||
|- daemon-log | |||
|- neighbor-event | |||
|- brief-traffic-format | |||
|- user-anonymize | |||
|- expolicy-implicit-log | |||
+- log-policy-comment | |||
|- <gui-display> -- resolve-hosts | |||
|- resolve-apps | |||
|- fortiview-unscanned-apps | |||
+- location | |||
|- fortianalyzer -- <setting> -- status | |||
|- ips-archive | |||
|- server (64) | |||
|- hmac-algorithm | |||
|- enc-algorithm | |||
|- conn-timeout (1,3600) | |||
|- monitor-keepalive-period (1,120) | |||
|- monitor-failure-retry-period (1,86400) | |||
|- certificate (36) | |||
|- source-ip (64) | |||
|- __change_ip (0,255) | |||
|- upload-option | |||
|- upload-interval | |||
|- upload-day | |||
|- upload-time | |||
+- reliable | |||
|- <override-setting> -- override | |||
|- use-management-vdom | |||
|- status | |||
|- ips-archive | |||
|- server (64) | |||
|- hmac-algorithm | |||
|- enc-algorithm | |||
|- conn-timeout (1,3600) | |||
|- monitor-keepalive-period (1,120) | |||
|- monitor-failure-retry-period (1,86400) | |||
|- certificate (36) | |||
|- source-ip (64) | |||
|- __change_ip (0,255) | |||
|- upload-option | |||
|- upload-interval | |||
|- upload-day | |||
|- upload-time | |||
+- reliable | |||
|- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dlp-archive | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
+- <override-filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dlp-archive | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- fortianalyzer2 -- <setting> -- status | |||
|- ips-archive | |||
|- server (64) | |||
|- hmac-algorithm | |||
|- enc-algorithm | |||
|- conn-timeout (1,3600) | |||
|- monitor-keepalive-period (1,120) | |||
|- monitor-failure-retry-period (1,86400) | |||
|- certificate (36) | |||
|- source-ip (64) | |||
|- __change_ip (0,255) | |||
|- upload-option | |||
|- upload-interval | |||
|- upload-day | |||
|- upload-time | |||
+- reliable | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dlp-archive | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
+- fortianalyzer3 -- <setting> -- status | |||
|- ips-archive | |||
|- server (64) | |||
|- hmac-algorithm | |||
|- enc-algorithm | |||
|- conn-timeout (1,3600) | |||
|- monitor-keepalive-period (1,120) | |||
|- monitor-failure-retry-period (1,86400) | |||
|- certificate (36) | |||
|- source-ip (64) | |||
|- __change_ip (0,255) | |||
|- upload-option | |||
|- upload-interval | |||
|- upload-day | |||
|- upload-time | |||
+- reliable | |||
+- <filter> -- severity | |||
|- forward-traffic | |||
|- local-traffic | |||
|- multicast-traffic | |||
|- sniffer-traffic | |||
|- anomaly | |||
|- voip | |||
|- dlp-archive | |||
|- dns | |||
|- filter (512 xss) | |||
+- filter-type | |||
|- icap -- [server] --*name (36) | |||
|- ip-version | |||
|- ip-address | |||
|- ip6-address | |||
|- port (1,65535) | |||
+- max-connections (1,65535) | |||
+- [profile] -- replacemsg-group (36) | |||
|-*name (36) | |||
|- request | |||
|- response | |||
|- streaming-content-bypass | |||
|- request-server (36) | |||
|- response-server (36) | |||
|- request-failure | |||
|- response-failure | |||
|- request-path (128) | |||
|- response-path (128) | |||
+- methods | |||
|- vpn -- certificate -- [ca] --*name (80) | |||
|- ca | |||
|- range | |||
|- source | |||
|- trusted | |||
|- scep-url (256 xss) | |||
|- auto-update-days (0,4294967295) | |||
|- auto-update-days-warning (0,4294967295) | |||
|- source-ip | |||
+- last-updated (0,4294967295) | |||
|- [local] --*name (36) | |||
|- password | |||
|- comments (512 xss) | |||
|- private-key | |||
|- certificate | |||
|- csr | |||
|- state | |||
|- scep-url (256 xss) | |||
|- range | |||
|- source | |||
|- auto-regenerate-days (0,4294967295) | |||
|- auto-regenerate-days-warning (0,4294967295) | |||
|- scep-password | |||
|- ca-identifier (256) | |||
|- name-encoding | |||
|- source-ip | |||
|- ike-localid (64) | |||
|- ike-localid-type | |||
+- last-updated (0,4294967295) | |||
|- [crl] --*name (36) | |||
|- crl | |||
|- range | |||
|- source | |||
|- update-vdom (32) | |||
|- ldap-server (36) | |||
|- ldap-username (64) | |||
|- ldap-password | |||
|- http-url (256 xss) | |||
|- scep-url (256 xss) | |||
|- scep-cert (36) | |||
|- update-interval (0,4294967295) | |||
|- source-ip | |||
+- last-updated (0,4294967295) | |||
|- [remote] --*name (36) | |||
|- remote | |||
|- range | |||
+- source | |||
|- [ocsp-server] --*name (36) | |||
|- url (128) | |||
|- cert (128) | |||
|- secondary-url (128) | |||
|- secondary-cert (128) | |||
|- unavail-action | |||
+- source-ip | |||
+- <setting> -- ocsp-status | |||
|- ssl-ocsp-status | |||
|- ssl-ocsp-option | |||
|- ocsp-default-server (36) | |||
|- check-ca-cert | |||
|- strict-crl-check | |||
|- strict-ocsp-check | |||
|- certname-rsa1024 (36) | |||
|- certname-rsa2048 (36) | |||
|- certname-dsa1024 (36) | |||
|- certname-dsa2048 (36) | |||
|- certname-ecdsa256 (36) | |||
+- certname-ecdsa384 (36) | |||
|- ssl -- web -- [realm] --*url-path (36) | |||
|- max-concurrent-user (0,65535) | |||
|- login-page | |||
+- virtual-host | |||
|- [virtual-desktop-app-list] --*name (36) | |||
|- action | |||
+- [apps] --*name (36) | |||
+- [md5s] --*id (33) | |||
|- [host-check-software] --*name (64) | |||
|- type | |||
|- version (36) | |||
|- guid | |||
+- [check-item-list] --*id (0,65535) | |||
|- action | |||
|- type | |||
|- target (256 xss) | |||
|- version (36) | |||
+- [md5s] --*id (33) | |||
|- [portal] --*name (36) | |||
|- tunnel-mode | |||
|- ip-mode | |||
|- auto-connect | |||
|- keep-alive | |||
|- save-password | |||
|- [ip-pools] --*name (65) | |||
|- exclusive-routing | |||
|- service-restriction | |||
|- split-tunneling | |||
|- [split-tunneling-routing-address] --*name (65) | |||
|- dns-server1 | |||
|- dns-server2 | |||
|- dns-suffix | |||
|- wins-server1 | |||
|- wins-server2 | |||
|- ipv6-tunnel-mode | |||
|- [ipv6-pools] --*name (65) | |||
|- ipv6-exclusive-routing | |||
|- ipv6-service-restriction | |||
|- ipv6-split-tunneling | |||
|- [ipv6-split-tunneling-routing-address] --*name (65) | |||
|- ipv6-dns-server1 | |||
|- ipv6-dns-server2 | |||
|- ipv6-wins-server1 | |||
|- ipv6-wins-server2 | |||
|- web-mode | |||
|- display-bookmark | |||
|- user-bookmark | |||
|- allow-user-access | |||
|- user-group-bookmark | |||
|- [bookmark-group] --*name (36) | |||
+- [bookmarks] --*name (36) | |||
|- apptype | |||
|- url | |||
|- host | |||
|- folder | |||
|- additional-params | |||
|- listening-port (0,65535) | |||
|- remote-port (0,65535) | |||
|- show-status-window | |||
|- description | |||
|- server-layout | |||
|- security | |||
|- port (0,65535) | |||
|- logon-user | |||
|- logon-password | |||
|- sso | |||
|- [form-data] --*name (36) | |||
+- value | |||
|- sso-credential | |||
|- sso-username | |||
+- sso-password | |||
|- display-connection-tools | |||
|- display-history | |||
|- display-status | |||
|- heading (32) | |||
|- redir-url | |||
|- theme | |||
|- custom-lang (36) | |||
|- smb-ntlmv1-auth | |||
|- host-check | |||
|- host-check-interval (120,259200) | |||
|- [host-check-policy] --*name (65) | |||
|- limit-user-logins | |||
|- mac-addr-check | |||
|- mac-addr-action | |||
|- [mac-addr-check-rule] --*name (36) | |||
|- mac-addr-mask (1,48) | |||
+- [mac-addr-list] --*addr | |||
|- os-check | |||
|- [os-check-list] --*name (16) | |||
|- action | |||
|- tolerance (0,255) | |||
+- latest-patch-level | |||
|- virtual-desktop | |||
|- virtual-desktop-app-list (36) | |||
|- virtual-desktop-clipboard-share | |||
|- virtual-desktop-desktop-switch | |||
|- virtual-desktop-logout-when-browser-close | |||
|- virtual-desktop-network-share-access | |||
|- virtual-desktop-printing | |||
|- virtual-desktop-removable-media-access | |||
|- forticlient-download | |||
|- forticlient-download-method | |||
|- customize-forticlient-download-url | |||
|- windows-forticlient-download-url | |||
|- macos-forticlient-download-url | |||
|- skip-check-for-unsupported-os | |||
+- skip-check-for-unsupported-browser | |||
|- [user-group-bookmark] --*name (65 xss) | |||
+- [bookmarks] --*name (36) | |||
|- apptype | |||
|- url | |||
|- host | |||
|- folder | |||
|- additional-params | |||
|- listening-port (0,65535) | |||
|- remote-port (0,65535) | |||
|- show-status-window | |||
|- description | |||
|- server-layout | |||
|- security | |||
|- port (0,65535) | |||
|- logon-user | |||
|- logon-password | |||
|- sso | |||
|- [form-data] --*name (36) | |||
+- value | |||
|- sso-credential | |||
|- sso-username | |||
+- sso-password | |||
+- [user-bookmark] --*name (102 xss) | |||
|- custom-lang (36) | |||
+- [bookmarks] --*name (36) | |||
|- apptype | |||
|- url | |||
|- host | |||
|- folder | |||
|- additional-params | |||
|- listening-port (0,65535) | |||
|- remote-port (0,65535) | |||
|- show-status-window | |||
|- description | |||
|- server-layout | |||
|- security | |||
|- port (0,65535) | |||
|- logon-user | |||
|- logon-password | |||
|- sso | |||
|- [form-data] --*name (36) | |||
+- value | |||
|- sso-credential | |||
|- sso-username | |||
+- sso-password | |||
|- <settings> -- reqclientcert | |||
|- sslv3 | |||
|- tlsv1-0 | |||
|- tlsv1-1 | |||
|- tlsv1-2 | |||
|- banned-cipher | |||
|- ssl-big-buffer | |||
|- ssl-insert-empty-fragment | |||
|- https-redirect | |||
|- ssl-client-renegotiation | |||
|- force-two-factor-auth | |||
|- unsafe-legacy-renegotiation | |||
|- servercert (36) | |||
|- algorithm | |||
|- idle-timeout (0,259200) | |||
|- auth-timeout (0,259200) | |||
|- login-attempt-limit (0,4294967295) | |||
|- login-block-time (0,4294967295) | |||
|- login-timeout (10,180) | |||
|- dtls-hello-timeout (10,60) | |||
|- [tunnel-ip-pools] --*name (65) | |||
|- [tunnel-ipv6-pools] --*name (65) | |||
|- dns-suffix | |||
|- dns-server1 | |||
|- dns-server2 | |||
|- wins-server1 | |||
|- wins-server2 | |||
|- ipv6-dns-server1 | |||
|- ipv6-dns-server2 | |||
|- ipv6-wins-server1 | |||
|- ipv6-wins-server2 | |||
|- route-source-interface | |||
|- url-obscuration | |||
|- http-compression | |||
|- http-only-cookie | |||
|- deflate-compression-level (0,9) | |||
|- deflate-min-data-size (200,65535) | |||
|- port (1,65535) | |||
|- port-precedence | |||
|- auto-tunnel-static-route | |||
|- header-x-forwarded-for | |||
|- [source-interface] --*name (36) | |||
|- [source-address] --*name (65) | |||
|- source-address-negate | |||
|- [source-address6] --*name (65) | |||
|- source-address6-negate | |||
|- default-portal (36) | |||
|- [authentication-rule] --*id (0,4294967295) | |||
|- [source-interface] --*name (36) | |||
|- [source-address] --*name (65) | |||
|- source-address-negate | |||
|- [source-address6] --*name (65) | |||
|- source-address6-negate | |||
|- [users] --*name (65) | |||
|- [groups] --*name (65) | |||
|- portal (36) | |||
|- realm (36) | |||
|- client-cert | |||
|- cipher | |||
+- auth | |||
|- dtls-tunnel | |||
|- check-referer | |||
|- http-request-header-timeout (0,4294967295) | |||
+- http-request-body-timeout (0,4294967295) | |||
+- <monitor> | |||
|- ipsec -- [phase1] --*name (36) | |||
|- type | |||
|- interface (36) | |||
|- ike-version | |||
|- remote-gw | |||
|- local-gw | |||
|- remotegw-ddns (64) | |||
|- keylife (120,172800) | |||
|- [certificate] --*name (65) | |||
|- authmethod | |||
|- authmethod-remote | |||
|- mode | |||
|- peertype | |||
|- peerid (256) | |||
|- usrgrp (36) | |||
|- peer (36) | |||
|- peergrp (36) | |||
|- mode-cfg | |||
|- assign-ip | |||
|- assign-ip-from | |||
|- ipv4-start-ip | |||
|- ipv4-end-ip | |||
|- ipv4-netmask | |||
|- dns-mode | |||
|- ipv4-dns-server1 | |||
|- ipv4-dns-server2 | |||
|- ipv4-dns-server3 | |||
|- ipv4-wins-server1 | |||
|- ipv4-wins-server2 | |||
|- [ipv4-exclude-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
|- ipv4-split-include (64) | |||
|- split-include-service (64) | |||
|- ipv4-name (64) | |||
|- ipv6-start-ip | |||
|- ipv6-end-ip | |||
|- ipv6-prefix (1,128) | |||
|- ipv6-dns-server1 | |||
|- ipv6-dns-server2 | |||
|- ipv6-dns-server3 | |||
|- [ipv6-exclude-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
|- ipv6-split-include (64) | |||
|- ipv6-name (64) | |||
|- unity-support | |||
|- domain (64) | |||
|- banner | |||
|- include-local-lan | |||
|- save-password | |||
|- client-auto-negotiate | |||
|- client-keep-alive | |||
|- [backup-gateway] --*address (65) | |||
|- proposal | |||
|- add-route | |||
|- add-gw-route | |||
|- psksecret | |||
|- psksecret-remote | |||
|- keepalive (10,900) | |||
|- distance (1,255) | |||
|- priority (0,4294967295) | |||
|- localid (64) | |||
|- localid-type | |||
|- auto-negotiate | |||
|- negotiate-timeout (1,300) | |||
|- fragmentation | |||
|- dpd | |||
|- dpd-retrycount (0,10) | |||
|- dpd-retryinterval | |||
|- forticlient-enforcement | |||
|- comments | |||
|- npu-offload | |||
|- send-cert-chain | |||
|- dhgrp | |||
|- suite-b | |||
|- eap | |||
|- eap-identity | |||
|- acct-verify | |||
|- wizard-type | |||
|- xauthtype | |||
|- reauth | |||
|- authusr (65) | |||
|- authpasswd | |||
|- authusrgrp (36) | |||
|- mesh-selector-type | |||
|- idle-timeout | |||
|- idle-timeoutinterval (5,43200) | |||
|- ha-sync-esp-seqno | |||
|- nattraversal | |||
|- fragmentation-mtu (500,16000) | |||
|- childless-ike | |||
|- rekey | |||
|- digital-signature-auth | |||
|- signature-hash-alg | |||
|- rsa-signature-format | |||
|- enforce-unique-id | |||
|- group-authentication | |||
+- group-authentication-secret | |||
|- [phase2] --*name (36) | |||
|- phase1name (36) | |||
|- dhcp-ipsec | |||
|- use-natip | |||
|- selector-match | |||
|- proposal | |||
|- pfs | |||
|- dhgrp | |||
|- replay | |||
|- keepalive | |||
|- auto-negotiate | |||
|- add-route | |||
|- keylifeseconds (120,172800) | |||
|- keylifekbs (5120,4294967295) | |||
|- keylife-type | |||
|- single-source | |||
|- route-overlap | |||
|- encapsulation | |||
|- l2tp | |||
|- comments | |||
|- protocol (0,255) | |||
|- src-name (64) | |||
|- src-name6 (64) | |||
|- src-addr-type | |||
|- src-start-ip | |||
|- src-start-ip6 | |||
|- src-end-ip | |||
|- src-end-ip6 | |||
|- src-subnet | |||
|- src-subnet6 | |||
|- src-port (0,65535) | |||
|- dst-name (64) | |||
|- dst-name6 (64) | |||
|- dst-addr-type | |||
|- dst-start-ip | |||
|- dst-start-ip6 | |||
|- dst-end-ip | |||
|- dst-end-ip6 | |||
|- dst-subnet | |||
|- dst-subnet6 | |||
+- dst-port (0,65535) | |||
|- [manualkey] --*name (36) | |||
|- interface (16) | |||
|- remote-gw | |||
|- local-gw | |||
|- authentication | |||
|- encryption | |||
|- authkey | |||
|- enckey | |||
|- localspi | |||
|- remotespi | |||
+- npu-offload | |||
|- [concentrator] --*name (36) | |||
|- src-check | |||
+- [member] --*name (65) | |||
|- [phase1-interface] --*name (16) | |||
|- type | |||
|- interface (36) | |||
|- ip-version | |||
|- ike-version | |||
|- local-gw | |||
|- local-gw6 | |||
|- remote-gw | |||
|- remote-gw6 | |||
|- remotegw-ddns (64) | |||
|- keylife (120,172800) | |||
|- [certificate] --*name (65) | |||
|- authmethod | |||
|- authmethod-remote | |||
|- mode | |||
|- peertype | |||
|- peerid (256) | |||
|- default-gw | |||
|- default-gw-priority (0,4294967295) | |||
|- usrgrp (36) | |||
|- peer (36) | |||
|- peergrp (36) | |||
|- monitor (36) | |||
|- monitor-hold-down-type | |||
|- monitor-hold-down-delay (0,31536000) | |||
|- monitor-hold-down-weekday | |||
|- monitor-hold-down-time | |||
|- passive-mode | |||
|- exchange-interface-ip | |||
|- mode-cfg | |||
|- assign-ip | |||
|- assign-ip-from | |||
|- ipv4-start-ip | |||
|- ipv4-end-ip | |||
|- ipv4-netmask | |||
|- dns-mode | |||
|- ipv4-dns-server1 | |||
|- ipv4-dns-server2 | |||
|- ipv4-dns-server3 | |||
|- ipv4-wins-server1 | |||
|- ipv4-wins-server2 | |||
|- [ipv4-exclude-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
|- ipv4-split-include (64) | |||
|- split-include-service (64) | |||
|- ipv4-name (64) | |||
|- ipv6-start-ip | |||
|- ipv6-end-ip | |||
|- ipv6-prefix (1,128) | |||
|- ipv6-dns-server1 | |||
|- ipv6-dns-server2 | |||
|- ipv6-dns-server3 | |||
|- [ipv6-exclude-range] --*id (0,4294967295) | |||
|- start-ip | |||
+- end-ip | |||
|- ipv6-split-include (64) | |||
|- ipv6-name (64) | |||
|- unity-support | |||
|- domain (64) | |||
|- banner | |||
|- include-local-lan | |||
|- save-password | |||
|- client-auto-negotiate | |||
|- client-keep-alive | |||
|- [backup-gateway] --*address (65) | |||
|- proposal | |||
|- add-route | |||
|- add-gw-route | |||
|- psksecret | |||
|- psksecret-remote | |||
|- keepalive (10,900) | |||
|- distance (1,255) | |||
|- priority (0,4294967295) | |||
|- localid (64) | |||
|- localid-type | |||
|- auto-negotiate | |||
|- negotiate-timeout (1,300) | |||
|- fragmentation | |||
|- dpd | |||
|- dpd-retrycount (0,10) | |||
|- dpd-retryinterval | |||
|- forticlient-enforcement | |||
|- comments | |||
|- npu-offload | |||
|- send-cert-chain | |||
|- dhgrp | |||
|- suite-b | |||
|- eap | |||
|- eap-identity | |||
|- acct-verify | |||
|- wizard-type | |||
|- xauthtype | |||
|- reauth | |||
|- authusr (65) | |||
|- authpasswd | |||
|- authusrgrp (36) | |||
|- mesh-selector-type | |||
|- idle-timeout | |||
|- idle-timeoutinterval (5,43200) | |||
|- ha-sync-esp-seqno | |||
|- auto-discovery-sender | |||
|- auto-discovery-receiver | |||
|- auto-discovery-forwarder | |||
|- auto-discovery-psk | |||
|- encapsulation | |||
|- encapsulation-address | |||
|- encap-local-gw4 | |||
|- encap-local-gw6 | |||
|- encap-remote-gw4 | |||
|- encap-remote-gw6 | |||
|- vni (1,16777215) | |||
|- nattraversal | |||
|- fragmentation-mtu (500,16000) | |||
|- childless-ike | |||
|- rekey | |||
|- digital-signature-auth | |||
|- signature-hash-alg | |||
|- rsa-signature-format | |||
|- enforce-unique-id | |||
|- group-authentication | |||
+- group-authentication-secret | |||
|- [phase2-interface] --*name (36) | |||
|- phase1name (16) | |||
|- dhcp-ipsec | |||
|- proposal | |||
|- pfs | |||
|- dhgrp | |||
|- replay | |||
|- keepalive | |||
|- auto-negotiate | |||
|- add-route | |||
|- auto-discovery-sender | |||
|- auto-discovery-forwarder | |||
|- keylifeseconds (120,172800) | |||
|- keylifekbs (5120,4294967295) | |||
|- keylife-type | |||
|- single-source | |||
|- route-overlap | |||
|- encapsulation | |||
|- l2tp | |||
|- comments | |||
|- protocol (0,255) | |||
|- src-name (64) | |||
|- src-name6 (64) | |||
|- src-addr-type | |||
|- src-start-ip | |||
|- src-start-ip6 | |||
|- src-end-ip | |||
|- src-end-ip6 | |||
|- src-subnet | |||
|- src-subnet6 | |||
|- src-port (0,65535) | |||
|- dst-name (64) | |||
|- dst-name6 (64) | |||
|- dst-addr-type | |||
|- dst-start-ip | |||
|- dst-start-ip6 | |||
|- dst-end-ip | |||
|- dst-end-ip6 | |||
|- dst-subnet | |||
|- dst-subnet6 | |||
+- dst-port (0,65535) | |||
|- [manualkey-interface] --*name (16) | |||
|- interface (16) | |||
|- ip-version | |||
|- addr-type | |||
|- remote-gw | |||
|- remote-gw6 | |||
|- local-gw | |||
|- local-gw6 | |||
|- auth-alg | |||
|- enc-alg | |||
|- auth-key | |||
|- enc-key | |||
|- local-spi | |||
|- remote-spi | |||
+- npu-offload | |||
|- [forticlient] --*realm (36) | |||
|- usergroupname (36) | |||
|- phase2name (36) | |||
+- status | |||
|- stats -- <crypto> | |||
+- <tunnel> | |||
+- tunnel -- <details> | |||
|- <summary> | |||
+- <name> | |||
|- <pptp> -- status | |||
|- ip-mode | |||
|- eip | |||
|- sip | |||
|- local-ip | |||
+- usrgrp (36) | |||
|- <l2tp> -- eip | |||
|- sip | |||
|- status | |||
|- usrgrp (36) | |||
+- enforce-ipsec | |||
|- ike -- <gateway> -- <name> (0) | |||
+- status -- <l2tp> | |||
|- <pptp> | |||
+- ssl -- <list> | |||
+- <hw-acceleration-status> | |||
|- certificate -- [ca] --*name (80) | |||
|- ca | |||
|- range | |||
|- source | |||
|- trusted | |||
|- scep-url (256 xss) | |||
|- auto-update-days (0,4294967295) | |||
|- auto-update-days-warning (0,4294967295) | |||
|- source-ip | |||
+- last-updated (0,4294967295) | |||
|- [local] --*name (36) | |||
|- password | |||
|- comments (512 xss) | |||
|- private-key | |||
|- certificate | |||
|- csr | |||
|- state | |||
|- scep-url (256 xss) | |||
|- range | |||
|- source | |||
|- auto-regenerate-days (0,4294967295) | |||
|- auto-regenerate-days-warning (0,4294967295) | |||
|- scep-password | |||
|- ca-identifier (256) | |||
|- name-encoding | |||
|- source-ip | |||
|- ike-localid (64) | |||
|- ike-localid-type | |||
+- last-updated (0,4294967295) | |||
+- [crl] --*name (36) | |||
|- crl | |||
|- range | |||
|- source | |||
|- update-vdom (32) | |||
|- ldap-server (36) | |||
|- ldap-username (64) | |||
|- ldap-password | |||
|- http-url (256 xss) | |||
|- scep-url (256 xss) | |||
|- scep-cert (36) | |||
|- update-interval (0,4294967295) | |||
|- source-ip | |||
+- last-updated (0,4294967295) | |||
|- user -- [radius] --*name (36) | |||
|- server (64) | |||
|- secret | |||
|- secondary-server (64) | |||
|- secondary-secret | |||
|- tertiary-server (64) | |||
|- tertiary-secret | |||
|- timeout (1,300) | |||
|- all-usergroup | |||
|- use-management-vdom | |||
|- nas-ip | |||
|- acct-interim-interval (600,86400) | |||
|- radius-coa | |||
|- radius-port (0,65535) | |||
|- h3c-compatibility | |||
|- auth-type | |||
|- source-ip | |||
|- username-case-sensitive | |||
|- [class] --*name (65) | |||
|- password-renewal | |||
|- password-encoding | |||
|- rsso | |||
|- rsso-radius-server-port (0,65535) | |||
|- rsso-radius-response | |||
|- rsso-validate-request-secret | |||
|- rsso-secret | |||
|- rsso-endpoint-attribute | |||
|- rsso-endpoint-block-attribute | |||
|- sso-attribute | |||
|- sso-attribute-key (36) | |||
|- sso-attribute-value-override | |||
|- rsso-context-timeout (0,4294967295) | |||
|- rsso-log-period (0,4294967295) | |||
|- rsso-log-flags | |||
|- rsso-flush-ip-session | |||
|- rsso-ep-one-ip-only | |||
+- [accounting-server] --*id (0,4294967295) | |||
|- status | |||
|- server (64) | |||
|- secret | |||
|- port (0,65535) | |||
+- source-ip | |||
|- [tacacs+] --*name (36) | |||
|- server (64) | |||
|- secondary-server (64) | |||
|- tertiary-server (64) | |||
|- port (1,65535) | |||
|- key | |||
|- secondary-key | |||
|- tertiary-key | |||
|- authen-type | |||
|- authorization | |||
+- source-ip | |||
|- [ldap] --*name (36) | |||
|- server (64) | |||
|- secondary-server (64) | |||
|- tertiary-server (64) | |||
|- source-ip | |||
|- cnid (21) | |||
|- dn (512 xss) | |||
|- type | |||
|- username (512 xss) | |||
|- password | |||
|- group-member-check | |||
|- group-search-base (512 xss) | |||
|- group-object-filter (2048 xss) | |||
|- group-filter (2048 xss) | |||
|- secure | |||
|- ca-cert (64) | |||
|- port (1,65535) | |||
|- password-expiry-warning | |||
|- password-renewal | |||
|- member-attr (64) | |||
|- account-key-processing | |||
+- account-key-name (21) | |||
|- [krb-keytab] --*name (36) | |||
|- principal (512) | |||
|- ldap-server (36) | |||
+- keytab | |||
|- [pop3] --*name (36) | |||
|- server (64) | |||
|- port (0,65535) | |||
+- secure | |||
|- [fsso] --*name (36) | |||
|- server (64) | |||
|- port (1,65535) | |||
|- password | |||
|- server2 (64) | |||
|- port2 (1,65535) | |||
|- password2 | |||
|- server3 (64) | |||
|- port3 (1,65535) | |||
|- password3 | |||
|- server4 (64) | |||
|- port4 (1,65535) | |||
|- password4 | |||
|- server5 (64) | |||
|- port5 (1,65535) | |||
|- password5 | |||
|- ldap-server (36) | |||
+- source-ip | |||
|- [adgrp] --*name (512 xss) | |||
+- server-name (36) | |||
|- [fsso-polling] --*id (0,4294967295) | |||
|- status | |||
|- server (64) | |||
|- default-domain (36) | |||
|- port (0,65535) | |||
|- user (36) | |||
|- password | |||
|- ldap-server (36) | |||
|- logon-history (0,48) | |||
|- polling-frequency (1,30) | |||
+- [adgrp] --*name (512 xss) | |||
|- [fortitoken] --*serial-number (17) | |||
|- status | |||
|- seed (201 xss) | |||
|- comments | |||
|- license (32) | |||
|- activation-code (33) | |||
|- activation-expire (0,4294967295) | |||
|- reg-id (257) | |||
+- os-ver (16) | |||
|- [password-policy] --*name (36) | |||
|- expire-days (0,999) | |||
+- warn-days (0,30) | |||
|- [local] --*name (65) | |||
|- id (0,4294967295) | |||
|- status | |||
|- type | |||
|- passwd | |||
|- ldap-server (36) | |||
|- radius-server (36) | |||
|- tacacs+-server (36) | |||
|- two-factor | |||
|- fortitoken (17) | |||
|- email-to (64) | |||
|- sms-server | |||
|- sms-custom-server (36) | |||
|- sms-phone (16) | |||
|- passwd-policy (36) | |||
|- passwd-time | |||
|- authtimeout (0,1440) | |||
|- workstation (36) | |||
|- auth-concurrent-override | |||
+- auth-concurrent-value (0,100) | |||
|- <setting> -- auth-type | |||
|- auth-cert (36) | |||
|- auth-ca-cert (36) | |||
|- auth-secure-http | |||
|- auth-http-basic | |||
|- auth-ssl-allow-renegotiation | |||
|- auth-timeout (1,1440) | |||
|- auth-timeout-type | |||
|- auth-portal-timeout (1,30) | |||
|- radius-ses-timeout-act | |||
|- auth-blackout-time (0,3600) | |||
|- auth-invalid-max (1,100) | |||
|- auth-lockout-threshold (1,10) | |||
|- auth-lockout-duration (0,4294967295) | |||
+- [auth-ports] --*id (0,4294967295) | |||
|- type | |||
+- port (1,65535) | |||
|- [peer] --*name (36) | |||
|- mandatory-ca-verify | |||
|- ca (128) | |||
|- subject (256 xss) | |||
|- cn (256) | |||
|- cn-type | |||
|- ldap-server (36) | |||
|- ldap-username (36) | |||
|- ldap-password | |||
|- ldap-mode | |||
|- ocsp-override-server (36) | |||
|- two-factor | |||
+- passwd | |||
|- [peergrp] --*name (36) | |||
+- [member] --*name (36) | |||
|- [group] --*name (36) | |||
|- id (0,4294967295) | |||
|- group-type | |||
|- authtimeout (0,43200) | |||
|- auth-concurrent-override | |||
|- auth-concurrent-value (0,100) | |||
|- http-digest-realm (36) | |||
|- sso-attribute-value (512) | |||
|- [member] --*name (512 xss) | |||
|- [match] --*id (0,4294967295) | |||
|- server-name (36) | |||
+- group-name (512 xss) | |||
|- user-id | |||
|- password | |||
|- user-name | |||
|- sponsor | |||
|- company | |||
|- email | |||
|- mobile-phone | |||
|- sms-server | |||
|- sms-custom-server (36) | |||
|- expire-type | |||
|- expire (1,31536000) | |||
|- max-accounts (0,500) | |||
|- multiple-guest-add | |||
+- [guest] --*user-id (65) | |||
|- name (65) | |||
|- password | |||
|- mobile-phone (36) | |||
|- sponsor (36) | |||
|- company (36) | |||
|- email (65) | |||
|- expiration | |||
+- comment | |||
|- [device-category] --*name (36) | |||
|- desc | |||
+- comment | |||
|- [device] --*alias (36) | |||
|- mac | |||
|- user (65) | |||
|- master-device (36) | |||
|- comment | |||
|- avatar | |||
|- [tags] --*name (65) | |||
+- type | |||
|- [device-group] --*name (36) | |||
|- [member] --*name (36) | |||
+- comment | |||
|- [device-access-list] --*name (36) | |||
|- default-action | |||
+- [device-list] --*id (0,4294967295) | |||
|- device (36) | |||
+- action | |||
+- [security-exempt-list] --*name (36) | |||
|- description (128) | |||
+- [rule] --*id (0,4294967295) | |||
|- [srcaddr] --*name (65) | |||
|- [devices] --*name (36) | |||
|- [dstaddr] --*name (65) | |||
+- [service] --*name (65) | |||
|- voip -- [profile] --*name (36) | |||
|- comment | |||
|- <sip> -- status | |||
|- rtp | |||
|- open-register-pinhole | |||
|- open-contact-pinhole | |||
|- strict-register | |||
|- register-rate (0,4294967295) | |||
|- invite-rate (0,4294967295) | |||
|- max-dialogs (0,4294967295) | |||
|- max-line-length (78,4096) | |||
|- block-long-lines | |||
|- block-unknown | |||
|- call-keepalive (0,10080) | |||
|- block-ack | |||
|- block-bye | |||
|- block-cancel | |||
|- block-info | |||
|- block-invite | |||
|- block-message | |||
|- block-notify | |||
|- block-options | |||
|- block-prack | |||
|- block-publish | |||
|- block-refer | |||
|- block-register | |||
|- block-subscribe | |||
|- block-update | |||
|- register-contact-trace | |||
|- open-via-pinhole | |||
|- open-record-route-pinhole | |||
|- rfc2543-branch | |||
|- log-violations | |||
|- log-call-summary | |||
|- nat-trace | |||
|- subscribe-rate (0,4294967295) | |||
|- message-rate (0,4294967295) | |||
|- notify-rate (0,4294967295) | |||
|- refer-rate (0,4294967295) | |||
|- update-rate (0,4294967295) | |||
|- options-rate (0,4294967295) | |||
|- ack-rate (0,4294967295) | |||
|- prack-rate (0,4294967295) | |||
|- info-rate (0,4294967295) | |||
|- publish-rate (0,4294967295) | |||
|- bye-rate (0,4294967295) | |||
|- cancel-rate (0,4294967295) | |||
|- preserve-override | |||
|- no-sdp-fixup | |||
|- contact-fixup | |||
|- max-idle-dialogs (0,4294967295) | |||
|- block-geo-red-options | |||
|- hosted-nat-traversal | |||
|- hnt-restrict-source-ip | |||
|- max-body-length (0,4294967295) | |||
|- unknown-header | |||
|- malformed-request-line | |||
|- malformed-header-via | |||
|- malformed-header-from | |||
|- malformed-header-to | |||
|- malformed-header-call-id | |||
|- malformed-header-cseq | |||
|- malformed-header-rack | |||
|- malformed-header-rseq | |||
|- malformed-header-contact | |||
|- malformed-header-record-route | |||
|- malformed-header-route | |||
|- malformed-header-expires | |||
|- malformed-header-content-type | |||
|- malformed-header-content-length | |||
|- malformed-header-max-forwards | |||
|- malformed-header-allow | |||
|- malformed-header-p-asserted-identity | |||
|- malformed-header-sdp-v | |||
|- malformed-header-sdp-o | |||
|- malformed-header-sdp-s | |||
|- malformed-header-sdp-i | |||
|- malformed-header-sdp-c | |||
|- malformed-header-sdp-b | |||
|- malformed-header-sdp-z | |||
|- malformed-header-sdp-k | |||
|- malformed-header-sdp-a | |||
|- malformed-header-sdp-t | |||
|- malformed-header-sdp-r | |||
|- malformed-header-sdp-m | |||
|- provisional-invite-expiry-time (10,3600) | |||
|- ips-rtp | |||
|- ssl-mode | |||
|- ssl-send-empty-frags | |||
|- ssl-client-renegotiation | |||
|- ssl-algorithm | |||
|- ssl-pfs | |||
|- ssl-min-version | |||
|- ssl-max-version | |||
|- ssl-client-certificate (36) | |||
|- ssl-server-certificate (36) | |||
|- ssl-auth-client (36) | |||
+- ssl-auth-server (36) | |||
+- <sccp> -- status | |||
|- block-mcast | |||
|- verify-header | |||
|- log-call-summary | |||
|- log-violations | |||
+- max-calls (0,65535) | |||
|- dnsfilter -- [domain-filter] --*id (0,4294967295) | |||
|- name (36) | |||
|- comment | |||
+- [entries] --*id (0,4294967295) | |||
|- domain (512 xss) | |||
|- type | |||
|- action | |||
+- status | |||
+- [profile] --*name (36) | |||
|- comment | |||
|- <domain-filter> -- domain-filter-table (0,4294967295) | |||
|- <ftgd-dns> -- options | |||
+- [filters] --*id (0,255) | |||
|- category (0,255) | |||
|- action | |||
+- log | |||
|- log-all-domain | |||
|- sdns-ftgd-err-log | |||
|- sdns-domain-log | |||
|- block-action | |||
|- redirect-portal | |||
|- block-botnet | |||
|- safe-search | |||
+- youtube-restrict | |||
|- antivirus -- <settings> -- default-db | |||
+- grayware | |||
|- <heuristic> -- mode | |||
|- <quarantine> -- agelimit (0,479) | |||
|- maxfilesize (0,500) | |||
|- quarantine-quota (0,4294967295) | |||
|- drop-infected | |||
|- store-infected | |||
|- drop-blocked | |||
|- store-blocked | |||
|- drop-heuristic | |||
|- store-heuristic | |||
|- lowspace | |||
+- destination | |||
+- [profile] --*name (36) | |||
|- comment | |||
|- replacemsg-group (36) | |||
|- inspection-mode | |||
|- ftgd-analytics | |||
|- analytics-max-upload (1,186) | |||
|- analytics-wl-filetype (0,4294967295) | |||
|- analytics-bl-filetype (0,4294967295) | |||
|- analytics-db | |||
|- mobile-malware-db | |||
|- <http> -- options | |||
|- archive-block | |||
|- archive-log | |||
+- emulator | |||
|- <ftp> -- options | |||
|- archive-block | |||
|- archive-log | |||
+- emulator | |||
|- <imap> -- options | |||
|- archive-block | |||
|- archive-log | |||
|- emulator | |||
+- executables | |||
|- <pop3> -- options | |||
|- archive-block | |||
|- archive-log | |||
|- emulator | |||
+- executables | |||
|- <smtp> -- options | |||
|- archive-block | |||
|- archive-log | |||
|- emulator | |||
+- executables | |||
|- <mapi> -- options | |||
|- archive-block | |||
|- archive-log | |||
|- emulator | |||
+- executables | |||
|- <nntp> -- options | |||
|- archive-block | |||
|- archive-log | |||
+- emulator | |||
|- <smb> -- options | |||
|- archive-block | |||
|- archive-log | |||
+- emulator | |||
|- <nac-quar> -- infected | |||
|- expiry | |||
+- log | |||
|- av-virus-log | |||
|- av-block-log | |||
+- scan-mode | |||
|- waf +- [profile] --*name (36) | |||
|- external | |||
|- <signature> -- [main-class] --*id (0,4294967295) | |||
|- status | |||
|- action | |||
|- log | |||
+- severity | |||
|- [disabled-sub-class] --*id (0,4294967295) | |||
|- [disabled-signature] --*id (0,4294967295) | |||
|- credit-card-detection-threshold (0,128) | |||
+- [custom-signature] --*name (36) | |||
|- status | |||
|- action | |||
|- log | |||
|- severity | |||
|- direction | |||
|- case-sensitivity | |||
|- pattern (512 xss) | |||
+- target | |||
|- <constraint> -- <header-length> -- status | |||
|- length (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <content-length> -- status | |||
|- length (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <param-length> -- status | |||
|- length (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <line-length> -- status | |||
|- length (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <url-param-length> -- status | |||
|- length (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <version> -- status | |||
|- action | |||
|- log | |||
+- severity | |||
|- <method> -- status | |||
|- action | |||
|- log | |||
+- severity | |||
|- <hostname> -- status | |||
|- action | |||
|- log | |||
+- severity | |||
|- <malformed> -- status | |||
|- action | |||
|- log | |||
+- severity | |||
|- <max-cookie> -- status | |||
|- max-cookie (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <max-header-line> -- status | |||
|- max-header-line (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <max-url-param> -- status | |||
|- max-url-param (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
|- <max-range-segment> -- status | |||
|- max-range-segment (0,2147483647) | |||
|- action | |||
|- log | |||
+- severity | |||
+- [exception] --*id (0,4294967295) | |||
|- pattern (512 xss) | |||
|- regex | |||
|- address (64) | |||
|- header-length | |||
|- content-length | |||
|- param-length | |||
|- line-length | |||
|- url-param-length | |||
|- version | |||
|- method | |||
|- hostname | |||
|- malformed | |||
|- max-cookie | |||
|- max-header-line | |||
|- max-url-param | |||
+- max-range-segment | |||
|- <method> -- status | |||
|- log | |||
|- severity | |||
|- default-allowed-methods | |||
+- [method-policy] --*id (0,4294967295) | |||
|- pattern (512 xss) | |||
|- regex | |||
|- address (64) | |||
+- allowed-methods | |||
|- <address-list> -- status | |||
|- blocked-log | |||
|- severity | |||
|- [trusted-address] --*name (65) | |||
+- [blocked-address] --*name (65) | |||
|- [url-access] --*id (0,4294967295) | |||
|- address (64) | |||
|- action | |||
|- log | |||
|- severity | |||
+- [access-pattern] --*id (0,4294967295) | |||
|- srcaddr (64) | |||
|- pattern (512) | |||
|- regex | |||
+- negate | |||
+- comment | |||
|- diagnose__tree__ -- waf -- info | |||
+- dump | |||
|- netlink -- backlog -- get | |||
+- set -- backlog (0) | |||
|- device -- list | |||
|- interface -- list | |||
+- clear | |||
|- qlen -- get -- intf-name (0) | |||
+- set -- intf-name -- <len_integer> (0) | |||
|- brctl -- domain -- <name> -- <id> (0) | |||
|- list | |||
+- name -- <type> -- <name> (0) | |||
+- dstmac -- flush | |||
+- list -- [name] (0) | |||
|- ips -- anomaly -- config | |||
|- status | |||
|- list | |||
|- clear | |||
+- filter -- clear | |||
|- id -- <xx> (0) | |||
|- ip -- xxx.xxx.xxx.xxx -- xxx.xxx.xxx.xxx (0) | |||
|- pps -- <xx> -- <xx> (0) | |||
+- freq -- <xx> -- <xx> (0) | |||
|- raw -- status | |||
+- clear | |||
|- anomaly6 -- config | |||
|- status | |||
|- list | |||
|- clear | |||
+- filter -- clear | |||
|- id -- <xx> (0) | |||
|- ip -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) | |||
|- pps -- <xx> -- <xx> (0) | |||
+- freq -- <xx> -- <xx> (0) | |||
|- global -- rule -- reload | |||
|- memory -- status | |||
|- compact | |||
|- profiling -- <enable/disable/dump> (0) | |||
|- track -- enable/disable/clear (0) | |||
|- track-size -- <min size> -- <max size> (0) | |||
+- track-print -- <record count> (0) | |||
|- session -- status | |||
|- list -- by-mem -- <number> (0) | |||
|- clear -- [vdom] (0) | |||
|- performance | |||
+- content | |||
|- packet -- status | |||
+- clear | |||
|- dissector -- status | |||
+- dump | |||
|- signature -- status -- <severity mask> (0) | |||
|- hit -- <top N> (0) | |||
+- cycle -- <top N> (0) | |||
|- filter -- status | |||
|- clear | |||
|- ip -- <ip> -- <mask> (0) | |||
|- ipv6 -- <ip> -- <prefix size> (0) | |||
|- port -- <port> (0) | |||
|- protocol -- <protocol number> (0) | |||
|- session -- <session id> (0) | |||
|- asm -- <assembled packets> (0) | |||
|- length -- <session length> (0) | |||
+- l7 -- <0:all 1:l7 2:non-l7> (0) | |||
|- config -- enable -- log-verbose | |||
+- disable -- log-verbose | |||
|- debug -- status -- show | |||
|- enable -- init | |||
|- packet | |||
|- packet_detail | |||
|- error | |||
|- warn | |||
|- parse | |||
|- detect | |||
|- session | |||
|- log | |||
|- timeout | |||
|- dissector | |||
|- tcp | |||
|- http | |||
|- mail | |||
|- rpc | |||
|- dns | |||
|- im | |||
|- p2p | |||
|- ssh | |||
|- ssl | |||
|- voip | |||
|- smb | |||
|- content | |||
|- urlfilter | |||
|- av | |||
|- mime | |||
|- content_detail | |||
|- ipsa | |||
|- proxy | |||
|- packet_dump | |||
|- state | |||
|- dac | |||
+- all | |||
+- disable -- init | |||
|- packet | |||
|- packet_detail | |||
|- error | |||
|- warn | |||
|- parse | |||
|- detect | |||
|- session | |||
|- log | |||
|- timeout | |||
|- dissector | |||
|- tcp | |||
|- http | |||
|- mail | |||
|- dns | |||
|- rpc | |||
|- im | |||
|- p2p | |||
|- ssh | |||
|- ssl | |||
|- voip | |||
|- smb | |||
|- content | |||
|- urlfilter | |||
|- av | |||
|- mime | |||
|- content_detail | |||
|- ipsa | |||
|- proxy | |||
|- packet_dump | |||
|- state | |||
|- dac | |||
+- all | |||
|- share -- pool | |||
|- list -- <pool> (0) | |||
+- clear -- <pool> (0) | |||
|- urlfilter -- status | |||
+- clear | |||
|- ssl -- status | |||
|- bypass -- enable | disable (0) | |||
|- resume -- enable | disable (0) | |||
|- noscan -- enable | disable (0) | |||
|- debug -- none|err|warn|info|dbg|noise (0) | |||
|- debug-status | |||
|- clear | |||
+- cc-alg -- bic|cubic (0) | |||
|- av -- cache -- list | |||
|- status | |||
|- clear | |||
|- delete -- <ID> (0) | |||
+- set-age -- <ID> -- <age> (0) | |||
|- timeout -- set -- <Integer> (0) | |||
+- show | |||
+- stats -- show | |||
|- dac -- info | |||
+- clear -- <age> (0) | |||
+- test -- cmd -- cmd1;cmd2;cmd3 (0) | |||
|- test -- application -- http -- <Integer> (0) | |||
|- smtp -- <Integer> (0) | |||
|- ftpd -- <Integer> (0) | |||
|- pop3 -- <Integer> (0) | |||
|- imap -- <Integer> (0) | |||
|- nntp -- <Integer> (0) | |||
|- scanunit -- <Integer> (0) | |||
|- harelay -- <Integer> (0) | |||
|- hasync -- <Integer> (0) | |||
|- hatalk -- <Integer> (0) | |||
|- sessionsync -- <Integer> (0) | |||
|- forticldd -- <Integer> (0) | |||
|- miglogd -- <Integer> -- <Integer> (0) | |||
|- urlfilter -- <Integer> (0) | |||
|- ovrd -- <Integer> (0) | |||
|- ipsmonitor -- <Integer> (0) | |||
|- ipsengine -- <Integer> (0) | |||
|- ipldbd -- <Integer> (0) | |||
|- ddnscd -- <Integer> (0) | |||
|- snmpd -- <Integer> (0) | |||
|- dnsproxy -- <Integer> (0) | |||
|- sflowd -- <Integer> (0) | |||
|- init -- <Integer> (0) | |||
|- l2tpcd -- <Integer> (0) | |||
|- dhcprelay -- <Integer> (0) | |||
|- pptpcd -- <Integer> (0) | |||
|- wccpd -- <Integer> (0) | |||
|- wad -- <Integer> (0) | |||
|- radiusd -- <Integer> (0) | |||
|- wpad -- <Integer> (0) | |||
|- fsd -- <Integer> (0) | |||
|- ipsufd -- <Integer> (0) | |||
|- lted | |||
|- forticron -- <Integer> (0) | |||
|- uploadd -- <Integer> (0) | |||
|- quarantined -- <Integer> -- <Integer> (0) | |||
|- dhcp6c -- <Integer> (0) | |||
|- info-sslvpnd -- <Integer> (0) | |||
|- dsd -- <Integer> (0) | |||
|- lnkmtd -- <Integer> (0) | |||
|- dhcp6r -- <Integer> (0) | |||
|- fnbamd -- <Integer> (0) | |||
|- mrd -- <Integer> (0) | |||
|- zebos_launcher -- <Integer> (0) | |||
|- radius-das -- <Integer> (0) | |||
|- csfd -- <Integer> (0) | |||
|- fsvrd -- <Integer> (0) | |||
|- radvd -- <Integer> (0) | |||
+- fcnacd -- <Integer> (0) | |||
|- authserver -- radius | |||
|- tacacs+ | |||
|- radius-direct | |||
|- ldap-direct | |||
|- tacacs+-direct | |||
|- ldap | |||
|- ldap-digest | |||
|- ldap-search | |||
|- cert | |||
|- pop3 | |||
|- local | |||
+- user | |||
|- guest -- list | |||
|- del | |||
+- add | |||
+- update -- info | |||
+- term | |||
|- vpn -- ike -- gateway -- list -- name -- <name> (0) | |||
|- clear -- name -- <name> (0) | |||
+- flush -- name -- <name> (0) | |||
|- status -- detailed | |||
+- summary | |||
|- log -- terminal -- clear | |||
|- reset | |||
+- stats | |||
+- filter -- list | |||
|- clear | |||
|- name -- <name> (0) | |||
|- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- src-addr6 -- <ipv6-address> -- <ipv4-address> (0) | |||
|- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- src-port -- <port> -- <port> (0) | |||
|- dst-port -- <port> (0) | |||
|- vd -- <index> (0) | |||
|- interface -- <index> (0) | |||
+- negate -- vd | |||
|- src-addr4 | |||
|- dst-addr4 | |||
|- src-addr6 | |||
|- dst-addr6 | |||
|- src-port | |||
|- dst-port | |||
|- name | |||
+- interface | |||
|- log-filter -- list | |||
|- clear | |||
|- name -- <name> (0) | |||
|- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- src-addr6 -- <ipv6-address> -- <ipv4-address> (0) | |||
|- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- src-port -- <port> -- <port> (0) | |||
|- dst-port -- <port> (0) | |||
|- vd -- <index> (0) | |||
|- interface -- <index> (0) | |||
+- negate -- vd | |||
|- src-addr4 | |||
|- dst-addr4 | |||
|- src-addr6 | |||
|- dst-addr6 | |||
|- src-port | |||
|- dst-port | |||
|- name | |||
+- interface | |||
|- routes -- list | |||
|- config -- list -- summary | |||
|- restart | |||
|- errors | |||
|- stats | |||
|- counts | |||
|- crypto -- stats | |||
+- filter -- list | |||
|- clear | |||
|- name -- <name> (0) | |||
|- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- src-addr6 -- <ipv6-address> -- <ipv4-address> (0) | |||
|- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- src-port -- <port> -- <port> (0) | |||
|- dst-port -- <port> (0) | |||
|- vd -- <index> (0) | |||
|- interface -- <index> (0) | |||
+- negate -- vd | |||
|- src-addr4 | |||
|- dst-addr4 | |||
|- src-addr6 | |||
|- dst-addr6 | |||
|- src-port | |||
|- dst-port | |||
|- name | |||
+- interface | |||
|- ipsec -- status | |||
+- debug -- debug (0) | |||
|- tunnel -- down -- phase2 -- phase1 -- serial (0) | |||
|- up -- phase2 -- phase1 -- serial (0) | |||
|- list -- name | |||
+- number -- <begin-index> -- <end-index> (0) | |||
|- dialup-list | |||
|- reset | |||
|- flush | |||
|- delinbsa -- <name> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> (0) | |||
|- deloutbsa -- <name> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> (0) | |||
+- stat -- flush | |||
|- concentrator -- list | |||
|- l2tp -- status | |||
|- pptp -- status | |||
+- ssl -- list | |||
|- mux | |||
|- statistics -- <all|vdom-name|vfid> (0) | |||
|- hw-acceleration-status | |||
|- tunnel-test -- enable (0) | |||
|- web-mode-test -- enable (0) | |||
|- info -- <all|vdom-name|vfid> (0) | |||
+- debug-filter -- clear | |||
|- list | |||
|- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- src-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- vd -- <vdom name> (0) | |||
+- negate -- vd | |||
|- src-addr4 | |||
+- src-addr6 | |||
|- sys -- vdom-property | |||
|- last-modified-files -- [path] -- [number] (0) | |||
|- top -- <value> -- <value> -- <value> (0) | |||
|- mpstat -- <value> -- <value> (0) | |||
|- nmi-watchdog -- enable | |||
+- disable | |||
|- modem -- detect | |||
|- history | |||
|- com | |||
|- cmd -- <at> (0) | |||
|- external-modem | |||
|- query -- <[0|1]> (0) | |||
+- reset | |||
|- lte-modem -- info | |||
|- heap | |||
|- kill -- <signal> -- <pid> (0) | |||
|- csum -- <file> (0) | |||
|- dayst-info -- timezone-index -- [year] (0) | |||
|- ntp -- status | |||
|- process -- dump -- <pid> (0) | |||
|- pstack -- <pid> (0) | |||
|- trace | |||
|- daemon-auto-restart -- <action> -- <daemon> (0) | |||
+- sock-mem | |||
|- top-summary -- <options> (0) | |||
|- vd -- list | |||
|- stats | |||
|- add -- vdname (0) | |||
|- delete -- vdname (0) | |||
+- set -- vdname (0) | |||
|- device -- add -- vdname -- devname (0) | |||
|- delete -- vdname -- devname (0) | |||
+- list -- vdname (0) | |||
|- ha -- stats | |||
|- status | |||
|- mac | |||
|- checksum -- show -- <Enter> or <global/vdom-name> -- <Enter> or <object-fullpath> -- <Enter> or <entry-name> (0) | |||
|- recalculate -- <Enter> or <global/vdom-name> (0) | |||
|- cached -- <global/vdom-name> (0) | |||
|- cluster | |||
|- log -- enable | |||
|- disable | |||
+- clear | |||
+- test | |||
|- heartbeat | |||
|- checksync | |||
|- dump-by -- xdb | |||
|- group | |||
|- vcluster | |||
|- rcache | |||
|- memory | |||
|- debug-zone | |||
|- vdom | |||
|- kernel | |||
|- device | |||
|- stat | |||
|- sesync | |||
+- frup | |||
|- vcinfo | |||
|- syncinfo | |||
|- fib | |||
|- hadiff -- status | |||
|- log -- enable | |||
|- disable | |||
+- clear | |||
|- max-sync-turns -- <integer> (0) | |||
+- max-unsync-wait -- <integer> (0) | |||
|- reset-uptime | |||
|- session-sync-dev -- clear | |||
+- set | |||
|- recalculate-extfile-signature | |||
|- sync-stats | |||
|- extfile-sig | |||
|- set-as-master -- enable | |||
|- disable -- <date> -- <time> (0) | |||
+- status | |||
|- vlan-hb-monitor | |||
|- bypass-pingsvr-flip-timeout -- enable | |||
+- disable | |||
+- history -- read | |||
+- clear | |||
|- profile -- start | |||
|- stop | |||
|- show -- order | |||
+- detail | |||
|- sysmap | |||
|- cpumask | |||
+- module | |||
|- session -- sync -- reset | |||
|- list -- expectation | |||
|- clear | |||
|- stat | |||
|- full-stat | |||
|- exp-stat | |||
|- ttl | |||
|- filter -- vd -- <xxx> (0) | |||
|- sintf -- <xxxx> (0) | |||
|- dintf -- <xxxx> (0) | |||
|- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- nsrc -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- proto -- <xx> -- <xx> (0) | |||
|- sport -- <xxxx> -- <xxxx> (0) | |||
|- nport -- <xxxx> -- <xxxx> (0) | |||
|- dport -- <xxxx> -- <xxxx> (0) | |||
|- policy -- <xxx> -- <xxx> (0) | |||
|- expire -- <xxx> -- <xxx> (0) | |||
|- duration -- <xxx> -- <xxx> (0) | |||
|- proto-state -- <x> -- <x> (0) | |||
|- session-state1 -- <x> -- <x> (0) | |||
|- session-state2 -- <x> -- <x> (0) | |||
|- clear -- vd | |||
|- sintf | |||
|- dintf | |||
|- src | |||
|- nsrc | |||
|- dst | |||
|- proto | |||
|- proto-state | |||
|- sport | |||
|- nport | |||
|- dport | |||
|- policy | |||
|- expire | |||
|- duration | |||
|- session-state1 | |||
+- session-state2 | |||
+- negate -- vd | |||
|- sintf | |||
|- dintf | |||
|- src | |||
|- nsrc | |||
|- dst | |||
|- proto | |||
|- proto-state | |||
|- sport | |||
|- nport | |||
|- dport | |||
|- policy | |||
|- expire | |||
|- duration | |||
|- session-state1 | |||
+- session-state2 | |||
+- help -- list | |||
|- add -- name -- protocol -- port (0) | |||
+- delete -- protocol -- port (0) | |||
|- mcast-session -- list | |||
|- clear | |||
|- stat | |||
+- filter -- vd -- <xxx> (0) | |||
|- sintf -- <xxxx> (0) | |||
|- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- proto -- <xx> -- <xx> (0) | |||
|- sport -- <xxxx> -- <xxxx> (0) | |||
|- dport -- <xxxx> -- <xxxx> (0) | |||
|- clear -- vd | |||
|- sintf | |||
|- src | |||
|- dst | |||
|- proto | |||
|- sport | |||
+- dport | |||
+- negate -- vd | |||
|- sintf | |||
|- src | |||
|- dst | |||
|- proto | |||
|- sport | |||
+- dport | |||
|- session6 -- sync | |||
|- list -- expectation | |||
|- clear | |||
|- stat | |||
|- full-stat | |||
|- exp-stat | |||
|- filter -- vd -- <xxx> (0) | |||
|- sintf -- <xxxxx> (0) | |||
|- dintf -- <xxxxx> (0) | |||
|- src -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) | |||
|- dst -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) | |||
|- proto -- <xx> -- <xx> (0) | |||
|- proto-state -- <xx> -- <xx> (0) | |||
|- sport -- <xxxx> -- <xxxx> (0) | |||
|- dport -- <xxxx> -- <xxxx> (0) | |||
|- policy -- <xxx> -- <xxx> (0) | |||
|- expire -- <xxx> -- <xxx> (0) | |||
|- duration -- <xxx> -- <xxx> (0) | |||
|- session-state1 -- <x> -- <x> (0) | |||
|- session-state2 -- <x> -- <x> (0) | |||
|- clear -- vd | |||
|- sintf | |||
|- dintf | |||
|- src | |||
|- dst | |||
|- proto | |||
|- proto-state | |||
|- sport | |||
|- dport | |||
|- policy | |||
|- expire | |||
|- duration | |||
|- session-state1 | |||
+- session-state2 | |||
+- negate -- vd | |||
|- sintf | |||
|- dintf | |||
|- src | |||
|- dst | |||
|- proto | |||
|- proto-state | |||
|- sport | |||
|- dport | |||
|- policy | |||
|- expire | |||
|- duration | |||
|- session-state1 | |||
+- session-state2 | |||
+- help -- list | |||
|- add -- name -- protocol -- port (0) | |||
+- delete -- protocol -- port (0) | |||
|- mcast-session6 -- list | |||
|- clear | |||
|- stat | |||
+- filter -- vd -- <xxx> (0) | |||
|- sintf -- <xxxxx> (0) | |||
|- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- proto -- <xx> -- <xx> (0) | |||
|- sport -- <xxxx> -- <xxxx> (0) | |||
|- dport -- <xxxx> -- <xxxx> (0) | |||
|- clear -- vd | |||
|- sintf | |||
|- src | |||
|- dst | |||
|- proto | |||
|- sport | |||
+- dport | |||
+- negate -- vd | |||
|- sintf | |||
|- src | |||
|- dst | |||
|- proto | |||
|- sport | |||
+- dport | |||
|- tcp-option -- enable | |||
+- disable | |||
|- tcpsock | |||
|- vlan -- list | |||
|- cmdb -- info | |||
+- refcnt -- show -- <path.object.mkey> -- <tablename> (0) | |||
+- reset -- <path.object.mkey> -- <tablename> (0) | |||
|- slab -- <path or shmid> -- <object> (0) | |||
|- shm -- <address> (0) | |||
|- sem -- <semid> (0) | |||
|- allow-set -- enable | |||
+- disable | |||
|- uuid -- generate | |||
+- allow-manual-set -- enable | |||
+- disable | |||
|- flash -- list -- <file> (0) | |||
+- format | |||
|- h323 -- debug-mask -- mask (0) | |||
|- status | |||
|- peer -- list | |||
+- call -- list | |||
|- logdisk -- status -- monitor | |||
|- usage | |||
|- smart | |||
+- quota | |||
|- sccp-proxy -- stats -- list | |||
|- proto | |||
|- clear | |||
+- mem -- summary | |||
+- full | |||
|- phone -- list | |||
|- redirect -- list | |||
|- debug-console | |||
+- restart | |||
|- sip -- debug-mask -- mask (0) | |||
|- status | |||
|- dialog -- list | |||
+- clear | |||
+- mapping -- list | |||
|- fullcone | |||
|- sip-proxy -- calls -- list | |||
|- idle | |||
|- invite | |||
+- clear | |||
|- config -- list | |||
+- profiles | |||
|- redirect -- list | |||
|- vip -- real-server | |||
|- scheduler-times -- start | |||
|- stop | |||
+- display | |||
|- session -- list | |||
|- stats -- mem -- summary | |||
+- full | |||
|- list | |||
|- call | |||
|- ha | |||
|- proto | |||
|- udp | |||
|- ssl-auth | |||
+- clear | |||
|- restart | |||
|- debug-console | |||
|- ssl -- hardware | |||
+- software | |||
|- filter -- list | |||
|- clear | |||
|- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- vd -- <index> (0) | |||
|- src-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- src-port -- <port> (0) | |||
|- dst-port -- <port> (0) | |||
|- policy -- <policy> (0) | |||
|- policy-type -- ipv4 | |||
+- ipv6 | |||
|- voip-profile -- <voip-profile> (0) | |||
+- negate -- vd | |||
|- policy | |||
|- policy-type | |||
|- src-addr4 | |||
|- dst-addr4 | |||
|- src-addr6 | |||
|- dst-addr6 | |||
|- src-port | |||
|- dst-port | |||
+- voip-profile | |||
|- log-filter -- list | |||
|- clear | |||
|- vd -- <index> (0) | |||
|- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) | |||
|- dst-addr4 -- <ip-address> -- <ip-address> (0) | |||
|- src-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) | |||
|- src-port -- <port> (0) | |||
|- dst-port -- <port> (0) | |||
|- policy -- <policy> (0) | |||
|- policy-type -- ipv4 | |||
+- ipv6 | |||
|- voip-profile -- <voip-profile> (0) | |||
+- negate -- vd | |||
|- policy | |||
|- policy-type | |||
|- src-addr4 | |||
|- dst-addr4 | |||
|- src-addr6 | |||
|- dst-addr6 | |||
|- src-port | |||
|- dst-port | |||
+- voip-profile | |||
|- meters -- list | |||
+- vdom -- list | |||
|- proxy -- bypass -- http -- on|off (0) | |||
|- smtp -- on|off (0) | |||
|- imap -- on|off (0) | |||
|- pop3 -- on|off (0) | |||
|- nntp -- on|off (0) | |||
+- ftp -- on|off (0) | |||
|- debug-filter -- list | |||
|- clear | |||
+- src -- <ip-address> -- <ip-address> (0) | |||
|- stats -- debug | |||
|- list | |||
|- all | |||
|- protocol | |||
|- vdom -- list | |||
|- summary | |||
+- all | |||
|- clear | |||
+- binary -- enable | |||
|- disable | |||
+- clean | |||
|- filter -- list | |||
|- clear | |||
|- negate -- vd | |||
+- worker | |||
|- vd -- <index> (0) | |||
+- worker -- <id> (0) | |||
|- log -- filter -- list | |||
|- clear | |||
|- negate -- vd | |||
+- worker | |||
|- vd -- <index> (0) | |||
+- worker -- <id> (0) | |||
|- log-debug -- <integer> (0) | |||
|- memory -- usage | |||
|- allocator | |||
|- malloc | |||
|- jemalloc | |||
+- conserve -- enter | |||
+- exit | |||
|- ssl -- exempt -- flush | |||
+- list | |||
|- bypass -- flush | |||
+- list | |||
+- session | |||
|- socket-options -- status | |||
|- linger -- enable | |||
+- disable | |||
+- nagle -- enable | |||
+- disable | |||
+- restart | |||
|- fips -- error-mode | |||
|- pair | |||
|- traffic-priority -- list | |||
|- cpuset -- process -- <xxx> -- <xxx> (0) | |||
+- interrupt -- <xxx> -- <xxx> (0) | |||
|- swnet -- list -- <name> (0) | |||
|- wccp -- list | |||
|- flush | |||
+- delete -- <xxx> (0) | |||
|- stp -- bridge -- info | |||
+- filter -- list | |||
|- clear | |||
|- vd -- <name> (0) | |||
|- bridge -- <name> (0) | |||
+- port -- <name> (0) | |||
|- info | |||
|- time -- enable | |||
+- disable | |||
|- log -- terminal -- stats | |||
+- filter -- list | |||
|- clear | |||
|- vd -- <name> (0) | |||
|- bridge -- <name> (0) | |||
+- port -- <name> (0) | |||
+- restart | |||
|- 802-1x -- status | |||
|- vxlan -- fdb -- list -- <string> (0) | |||
|- server-probe -- response | |||
|- link-monitor -- status -- <name | all> (0) | |||
|- gui-summary -- <name> (0) | |||
|- interface -- <name> (0) | |||
+- launch -- <entry name> (0) | |||
|- virtual-wan-link -- member -- <seq-num> (0) | |||
|- service -- <id> (0) | |||
+- health-check -- <name> (0) | |||
|- gre -- list | |||
+- keepalive -- <name | all> (0) | |||
|- scanunit -- stats -- list | |||
|- all | |||
+- clear | |||
|- filter -- list | |||
|- clear | |||
|- negate -- vd | |||
+- worker | |||
|- vd -- <index> (0) | |||
+- worker -- <id> (0) | |||
|- log -- filter -- list | |||
|- clear | |||
|- negate -- vd | |||
+- worker | |||
|- vd -- <index> (0) | |||
+- worker -- <id> (0) | |||
|- auto-restart -- status | |||
|- requests -- <Integer> (0) | |||
|- time -- <Integer> (0) | |||
+- reset | |||
|- reload-avdb | |||
|- reload-fsa-ext | |||
|- reload-aveng | |||
+- restart | |||
|- botnet -- stat | |||
|- list -- <offset> (0) | |||
|- find -- <ip> -- <port> -- <proto> (0) | |||
|- flush | |||
|- reload | |||
+- file -- stat | |||
|- list -- <offset> -- <proto> (0) | |||
+- botnet-name -- <name ID> (0) | |||
|- csf -- downstream | |||
|- query -- <path> (0) | |||
+- neighbor -- list -- [interface] (0) | |||
+- flush -- [interface] (0) | |||
|- waninfo -- ipify -- <ddd.ddd.ddd.ddd> -- <vdom> (0) | |||
+- traffic -- statistics -- show | |||
+- clear | |||
|- endpoint -- record-list -- <ipv4-address> -- <mac-address> -- <forticlient-uid> (0) | |||
|- record-summary | |||
|- record-delete -- <ipv4-address> (0) | |||
|- information | |||
|- ec-feature-list | |||
|- registration -- summary | |||
|- list -- <ipv4-address> -- <mac-address> -- <forticlient-uid> -- <registration-fortigate> (0) | |||
|- registered-forticlients | |||
|- blocked-forticlients | |||
+- quarantined-forticlients | |||
|- cmdb-list -- <ipv4-address> -- <mac-address> -- <forticlient-uid> (0) | |||
|- block -- <id> (0) | |||
|- unblock -- <id> (0) | |||
|- quarantine -- <id> (0) | |||
|- unquarantine -- <id> (0) | |||
|- deregister -- <id> (0) | |||
|- sync-peer-list -- <1/0> (0) | |||
|- force-peer-resync | |||
|- keepalive-timestamp -- <uid> -- <1/0> (0) | |||
|- recalculate-registered-forticlients | |||
|- forticlient-licence-key-expiration-check | |||
|- ssl-session-timeout -- <ssl-session-timeout> (0) | |||
|- skip-forticlient-system-update -- <1/0> (0) | |||
+- generate-ems-xml-conf -- <vdom> -- <profile-name> -- <type> (0) | |||
|- filter -- list | |||
|- clear | |||
|- src-ip -- <ipv4-address> (0) | |||
|- ses-ip -- <ipv4-address> (0) | |||
|- mac -- <mac-address> (0) | |||
+- ftcl-uid -- <uid> (0) | |||
|- avatar -- list -- <number> (0) | |||
|- find -- <ftcl-uid> -- <user-name> (0) | |||
|- delete -- <ftcl-uid> -- <user-name> | <Enter> (0) | |||
|- clean | |||
+- purge | |||
+- ec-shared -- list -- <number> (0) | |||
+- find -- <vdom> -- <ipv4-address> (0) | |||
|- autoupdate -- status | |||
|- versions | |||
+- downgrade -- enable | |||
+- disable | |||
|- debug -- enable | |||
|- disable | |||
|- info | |||
|- reset | |||
|- duration -- <Integer> (0) | |||
|- report -- reset | |||
|- crashlog -- get | |||
|- clear | |||
|- write -- <String> (0) | |||
|- read | |||
|- interval | |||
+- history | |||
|- config-error-log -- clear | |||
+- read | |||
|- application -- http -- <Integer> (0) | |||
|- smtp -- <Integer> (0) | |||
|- ftpd -- <Integer> (0) | |||
|- pop3 -- <Integer> (0) | |||
|- imap -- <Integer> (0) | |||
|- nntp -- <Integer> (0) | |||
|- proxy -- <Integer> (0) | |||
|- radvd -- <Integer> (0) | |||
|- miglogd -- <Integer> (0) | |||
|- kmiglogd -- <Integer> (0) | |||
|- forticldd -- <Integer> (0) | |||
|- alertmail -- <Integer> (0) | |||
|- ppp -- <Integer> (0) | |||
|- l2tp -- <Integer> (0) | |||
|- pptp -- <Integer> (0) | |||
|- pptpc -- <Integer> (0) | |||
|- authd -- <Integer> -- <xxx.xxx.xxx.xxx> (0) | |||
|- foauthd -- <Integer> (0) | |||
|- fcnacd -- <Integer> (0) | |||
|- fssod -- <Integer> (0) | |||
|- dhcps -- <Integer> (0) | |||
|- dhcp6s -- <Integer> (0) | |||
|- update -- <Integer> (0) | |||
|- vpd -- <Integer> (0) | |||
|- fnbamd -- <Integer> (0) | |||
|- eap_proxy -- <Integer> (0) | |||
|- ipsmonitor -- <Integer> (0) | |||
|- ipsengine -- <Integer> (0) | |||
|- urlfilter -- <Integer> (0) | |||
|- ddnscd -- <Integer> (0) | |||
|- dhcprelay -- <Integer> (0) | |||
|- dhcp6r -- <Integer> (0) | |||
|- snmpd -- <Integer> (0) | |||
|- chassis -- <Integer> (0) | |||
|- scanunit -- <Integer> (0) | |||
|- spamfilter -- <Integer> (0) | |||
|- wpad -- <Integer> (0) | |||
|- wpad-dump -- <Integer> (0) | |||
|- wpad-crash-hexdump -- <Integer> (0) | |||
|- wifi -- <Integer> (0) | |||
|- dnsproxy -- <Integer> (0) | |||
|- sflowd -- <Integer> (0) | |||
|- hatalk -- <Integer> (0) | |||
|- hasync -- <Integer> (0) | |||
|- harelay -- <Integer> (0) | |||
|- hamonitord -- <Integer> (0) | |||
|- quarantine -- <Integer> (0) | |||
|- dhcpc -- <Integer> (0) | |||
|- zebos-launcher -- <Integer> (0) | |||
|- zebos -- <Integer> (0) | |||
|- modemd -- <Integer> (0) | |||
|- radiusd -- <Integer> (0) | |||
|- sshd -- <Integer> (0) | |||
|- sslvpn -- <Integer> (0) | |||
|- guacd -- <Integer> (0) | |||
|- info-sslvpn -- <Integer> (0) | |||
|- sessionsync -- <Integer> (0) | |||
|- l2tpcd -- <Integer> (0) | |||
|- ipldbd -- <Integer> (0) | |||
|- crl-update -- <Integer> (0) | |||
|- alarmd -- <Integer> (0) | |||
|- forticron -- <Integer> (0) | |||
|- uploadd -- <Integer> (0) | |||
|- smbcd -- <Integer> (0) | |||
|- vs -- <Integer> (0) | |||
|- sip -- <Integer> (0) | |||
|- sccp -- <Integer> (0) | |||
|- netscan -- <Integer> (0) | |||
|- ike -- <Integer> (0) | |||
|- fgfmd -- <Integer> (0) | |||
|- wccpd -- <Integer> (0) | |||
|- garpd -- <Integer> (0) | |||
|- scep -- <Integer> (0) | |||
|- dialinsvr -- <Integer> (0) | |||
|- ipsufd -- <Integer> (0) | |||
|- cw_acd -- <Integer> (0) | |||
|- cw_acd_wpad -- <Integer> (0) | |||
|- cu_acd -- <Integer> (0) | |||
|- fortilinkd -- <Integer> (0) | |||
|- flcfgd -- <Integer> (0) | |||
|- rsyslogd -- <Integer> (0) | |||
|- dlp -- <Integer> (0) | |||
|- vrrpd -- <Integer> (0) | |||
|- fgd_alert -- <Integer> (0) | |||
|- ntpd -- <Integer> (0) | |||
|- fsd -- <Integer> (0) | |||
|- dlpfingerprint -- <Integer> (0) | |||
|- httpsd -- <Integer> (0) | |||
|- stp -- <Integer> (0) | |||
|- spareblock -- <Integer> (0) | |||
|- lted -- <Integer> (0) | |||
|- lldptx -- <Integer> (0) | |||
|- src-vis -- <Integer> (0) | |||
|- wiredap -- <Integer> (0) | |||
|- dhcp6c -- <Integer> (0) | |||
|- server-probe -- <Integer> (0) | |||
|- link-monitor -- <Integer> (0) | |||
|- pppoed -- <Integer> (0) | |||
|- ovrd -- <Integer> (0) | |||
|- extenderd -- <Integer> (0) | |||
|- init -- <Integer> (0) | |||
|- mrd -- <Integer> (0) | |||
|- dssccd -- <Integer> (0) | |||
|- radius-das -- <Integer> (0) | |||
|- csfd -- <Integer> (0) | |||
|- fsvrd -- <Integer> (0) | |||
|- virtual-wan-link -- <Integer> (0) | |||
+- ftm-push -- <Integer> (0) | |||
|- kernel -- level -- <Integer> (0) | |||
+- ha -- <Integer> (0) | |||
|- remote-extender -- extenderd -- <Integer> (0) | |||
+- modem-manager -- <Integer> (0) | |||
|- console -- send -- <AT command> -- <character> -- <integer> (0) | |||
|- timestamp -- enable | |||
+- disable | |||
|- no-user-log-msg -- enable | |||
+- disable | |||
+- retry-log-msg -- enable | |||
+- disable | |||
|- cli -- <Integer> (0) | |||
|- cmdb-trace -- <Integer> (0) | |||
|- cmdb-walk -- <Integer> (0) | |||
|- rating -- <refresh-rate> (0) | |||
|- authd -- clear | |||
|- memory | |||
+- fsso -- filter -- clear | |||
|- source -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- user -- <name> (0) | |||
|- group -- <name> (0) | |||
+- server -- <name> (0) | |||
|- list | |||
|- refresh-groups | |||
|- summary | |||
|- clear-logons | |||
|- refresh-logons | |||
+- server-status | |||
|- fsso-polling -- summary | |||
|- detail -- <id> (0) | |||
|- client | |||
|- user -- <id> (0) | |||
|- group -- <id> -- <name> (0) | |||
|- refresh-user -- <id> (0) | |||
+- set-log-source -- <id> -- <src> (0) | |||
|- flow -- filter -- clear | |||
|- vd -- <xxx> (0) | |||
|- proto -- <xxx> (0) | |||
|- addr -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> -- <Enter> | or/and (0) | |||
|- saddr -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- daddr -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- port -- <xxx> -- <xxx> (0) | |||
|- sport -- <xxx> -- <xxx> (0) | |||
|- dport -- <xxx> -- <xxx> (0) | |||
+- negate -- vd | |||
|- proto | |||
|- addr | |||
|- saddr | |||
|- daddr | |||
|- port | |||
|- sport | |||
+- dport | |||
|- filter6 -- clear | |||
|- vd -- <xxx> (0) | |||
|- proto -- <xxx> (0) | |||
|- addr -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) | |||
|- saddr -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) | |||
|- daddr -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) | |||
|- port -- <xxx> -- <xxx> (0) | |||
|- sport -- <xxx> -- <xxx> (0) | |||
|- dport -- <xxx> -- <xxx> (0) | |||
+- negate -- vd | |||
|- proto | |||
|- addr | |||
|- saddr | |||
|- daddr | |||
|- port | |||
|- sport | |||
+- dport | |||
|- trace -- start -- <xxx> (0) | |||
|- stop | |||
|- start6 -- <xxx> (0) | |||
+- stop6 | |||
+- show -- function-name -- enable | |||
+- disable | |||
+- iprope -- enable | |||
+- disable | |||
|- urlfilter -- src-addr -- <IP address> (0) | |||
+- test-url -- <url> (0) | |||
+- admin -- error-log | |||
|- settings -- reset | |||
+- info | |||
|- geoip -- ip2country -- ip (0) | |||
+- geoip-query -- ip (0) | |||
|- log -- test | |||
|- wireless-controller | |||
|- show | |||
|- alertmail -- test -- <level> -- <number> (0) | |||
+- authcode -- <recipient> (0) | |||
|- list | |||
|- del | |||
|- read | |||
|- rlist | |||
|- rdel | |||
|- rread | |||
|- rolls | |||
|- display | |||
|- kernel-stats | |||
+- clear-kernel-stats | |||
|- alertconsole -- test | |||
|- list | |||
|- clear | |||
+- fgd-retrieve | |||
|- antivirus -- quarantine -- list -- <value> (0) | |||
|- delete -- <checksum> (0) | |||
+- purge | |||
|- bypass -- on|off (0) | |||
|- database-info | |||
+- test -- <command> (0) | |||
|- wad -- console-log -- enable or disable (0) | |||
|- debug -- enable -- level -- error | |||
|- warn | |||
|- info | |||
+- verbose | |||
+- category -- session | |||
|- packet | |||
|- dispatcher | |||
|- http | |||
|- cifs | |||
|- mapi | |||
|- socks | |||
|- ftp | |||
|- icap | |||
|- ssl | |||
|- webcache | |||
|- bytecache | |||
|- policy | |||
|- auth | |||
|- scan | |||
|- tunnel | |||
|- sys | |||
|- video | |||
|- waf | |||
|- memblk | |||
+- all | |||
|- disable -- category -- session | |||
|- packet | |||
|- dispatcher | |||
|- http | |||
|- cifs | |||
|- mapi | |||
|- socks | |||
|- ftp | |||
|- icap | |||
|- ssl | |||
|- webcache | |||
|- bytecache | |||
|- policy | |||
|- auth | |||
|- scan | |||
|- tunnel | |||
|- sys | |||
|- video | |||
|- waf | |||
+- memblk | |||
|- show | |||
|- clear | |||
|- display -- pid -- enable/disable (0) | |||
+- save-http-req-crash -- enable or disable (0) | |||
|- stats -- list | |||
|- clear | |||
|- summary -- list | |||
+- clear | |||
|- mem -- list | |||
+- clear | |||
|- crypto -- list | |||
+- clear | |||
|- scan -- list | |||
+- clear | |||
|- scripts -- list | |||
+- clear | |||
|- filter -- list | |||
+- clear | |||
|- ips -- list | |||
+- clear | |||
+- policy -- list -- <vdom> (0) | |||
+- clear -- <vdom> -- <pid> (0) | |||
|- filter -- list | |||
|- clear | |||
|- src -- <ip-address> -- <ip-address> (0) | |||
|- dst -- <ip-address> -- <ip-address> (0) | |||
|- sport -- <port> -- <port> (0) | |||
|- dport -- <port> -- <port> (0) | |||
|- vd -- <index> (0) | |||
|- explicit-policy -- <index> (0) | |||
|- firewall-policy -- <index> (0) | |||
|- drop-unknown-session -- Drop unknown sessions (0) | |||
|- negate -- <parm> (0) | |||
+- protocol -- <http> -- <mapi> -- <cifs> -- <ftp> -- <tcp> (0) | |||
|- kxp -- list | |||
+- clear | |||
|- user -- list | |||
+- clear -- id -- ip -- vdom (0) | |||
+- memory -- general | |||
|- bucket | |||
+- ssl | |||
|- webfilter -- fortiguard -- statistics -- list | |||
|- flush | |||
+- dummy | |||
+- bword -- matchfilter -- <filter string> (0) | |||
|- spamfilter -- bword -- matchfilter -- <filter string> (0) | |||
+- fortishield -- servers -- <refresh-rate> (0) | |||
+- statistics -- list | |||
+- flush | |||
|- firewall -- ipmac -- add -- <xxx.xxx.xxx.xxx> -- <xx:xx:xx:xx:xx:xx> -- <drop|accept> (0) | |||
|- delete -- <xxx.xxx.xxx.xxx> -- <xx:xx:xx:xx:xx:xx> (0) | |||
|- flush | |||
|- list | |||
+- status | |||
|- ippool -- list -- pba | |||
|- nat-ip | |||
+- user | |||
|- flush | |||
+- stats | |||
|- ippool-fixed-range -- list -- natip -- <xxx.xxx.xxx.xxx> -- <Enter>|<port> (0) | |||
|- ippool-all -- list | |||
+- stats -- <name> (0) | |||
|- iplist -- list -- optimized | |||
+- flush | |||
|- iplist6 -- list -- optimized | |||
+- flush | |||
|- iprope -- lookup -- <src_ip> -- <src_port> -- <dst_ip> -- <dst_port> -- <protocol> -- <device> (0) | |||
|- list -- <No.> (0) | |||
|- appctrl -- list | |||
|- status | |||
|- stats -- list | |||
+- clear | |||
+- shaper -- list | |||
|- show | |||
|- clear | |||
|- flush -- <No.> (0) | |||
+- state | |||
|- iprope6 -- lookup -- <src_ip> -- <src_port> -- <dst_ip> -- <dst_port> -- <protocol> -- <device> (0) | |||
|- list -- <No.> (0) | |||
|- flush -- <No.> (0) | |||
|- state | |||
|- show | |||
+- clear | |||
|- shaper -- traffic-shaper -- list | |||
|- state | |||
+- stats -- list | |||
+- clear -- <name> (0) | |||
+- per-ip-shaper -- list | |||
|- stats | |||
|- state | |||
+- clear | |||
|- schedule -- list | |||
|- fqdn -- list | |||
|- flush -- name (0) | |||
+- purge | |||
|- ipgeo -- country-list | |||
|- ip-list -- name (0) | |||
|- ip2country -- <xxx.xxx.xxx.xxx> (0) | |||
|- override | |||
+- copyright-notice | |||
|- proute -- list -- <number> (0) | |||
|- proute6 -- list | |||
|- packet -- distribution | |||
|- vip -- realserver -- flush | |||
|- list | |||
|- up -- <name> -- <xxx.xxx.xxx.xxx> (0) | |||
|- down -- <name> -- <xxx.xxx.xxx.xxx> (0) | |||
+- healthcheck -- stats -- show | |||
+- clear | |||
+- virtual-server -- log -- terminal -- clear | |||
|- reset | |||
+- stats | |||
+- filter -- list | |||
|- clear | |||
|- name -- <name> (0) | |||
|- src -- <ip-address> -- <ip-address> (0) | |||
|- dst -- <ip-address> -- <ip-address> (0) | |||
|- src-port -- <port> (0) | |||
|- dst-port -- <port> (0) | |||
|- vd -- <index> (0) | |||
|- worker -- <index> (0) | |||
+- negate -- vd | |||
|- src-addr | |||
|- dst-addr | |||
|- src-port | |||
|- dst-port | |||
|- name | |||
+- worker | |||
|- session -- list | |||
|- clear | |||
|- client -- list | |||
+- clear | |||
+- server -- list | |||
+- clear | |||
|- ssl -- list | |||
|- clear | |||
|- client -- list | |||
+- clear | |||
+- server -- list | |||
+- clear | |||
|- real-server -- list | |||
|- stats -- list | |||
|- clear | |||
|- http -- all | |||
|- list | |||
+- clear | |||
|- ssl -- all | |||
|- list | |||
+- clear | |||
|- crypto-clear | |||
|- operational -- list | |||
+- all | |||
+- summary -- list | |||
|- all | |||
+- clear | |||
|- config -- list | |||
|- session | |||
|- log | |||
+- log-vd | |||
|- filter -- list | |||
|- clear | |||
|- name -- <name> (0) | |||
|- src -- <ip-address> -- <ip-address> (0) | |||
|- dst -- <ip-address> -- <ip-address> (0) | |||
|- src-port -- <port> -- <port> (0) | |||
|- dst-port -- <port> -- <port> (0) | |||
|- vd -- <index> (0) | |||
|- worker -- <index> (0) | |||
+- negate -- vd | |||
|- src-addr | |||
|- dst-addr | |||
|- src-port | |||
|- dst-port | |||
|- name | |||
+- worker | |||
|- test -- ssl -- sync | |||
+- async | |||
|- rsa-blinding -- disable | |||
+- enable | |||
+- key-exchange -- sync | |||
+- async | |||
+- restart | |||
|- auth -- list | |||
|- clear | |||
|- ipv6 -- list | |||
+- clear | |||
+- filter -- clear | |||
|- source -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- source6 -- <xxxx::xxxx> -- <xxxx::xxxx> (0) | |||
|- policy -- <xxx> (0) | |||
|- user -- <name> (0) | |||
|- group -- <name> (0) | |||
+- method -- <method> -- <method> -- <method> -- <method> -- <method> -- <method> (0) | |||
|- blocking -- list -- <xxx.xxx.xxx.xxx> (0) | |||
|- ip-translation -- list | |||
+- flush | |||
|- ipv6-ehf -- list | |||
|- dns-xlate -- mapping -- list | |||
+- flush | |||
+- pool -- list | |||
+- flush | |||
|- uuid -- list -- <type> (0) | |||
|- internet-service -- list -- <number> (0) | |||
|- internet-service-custom -- list -- <name> (0) | |||
+- internet-service-disable -- list -- <name> (0) | |||
|- user -- device -- list | |||
|- get -- <mac> (0) | |||
|- del -- <mac> (0) | |||
|- join -- <mac> -- <master_mac> (0) | |||
|- bind-ip -- <mac> -- <ip> (0) | |||
|- clear | |||
|- os-summary | |||
|- host-type-summary | |||
|- stats | |||
+- filter -- vd -- <index> (0) | |||
|- os-name -- <name> (0) | |||
|- type -- <name> (0) | |||
|- list | |||
|- addr -- <from> -- <to> (0) | |||
|- type-src -- <source> (0) | |||
|- generation -- <from> -- <to> (0) | |||
|- type-generation -- <from> -- <to> (0) | |||
|- joined -- <value> (0) | |||
|- index -- <value> (0) | |||
|- negate -- vd | |||
|- addr | |||
|- os-name | |||
|- type | |||
|- type-src | |||
|- generation | |||
|- type-generation | |||
|- joined | |||
+- index | |||
+- clear -- vd | |||
|- addr | |||
|- os-name | |||
|- type | |||
|- type-src | |||
|- generation | |||
|- type-generation | |||
|- joined | |||
+- index | |||
+- quarantine -- list -- src4 | |||
|- src6 | |||
+- all | |||
|- add -- src4 -- <src-ipv4> -- <expiry> -- <ban-source> (0) | |||
+- src6 -- <src-ipv6> -- <expiry> -- <ban-source> (0) | |||
|- delete -- src4 -- <src-ipv4> (0) | |||
+- src6 -- <src-ipv6> (0) | |||
|- clear | |||
+- stat | |||
|- ip -- router -- command -- show | |||
+- show-vrf | |||
|- rip -- all | |||
|- events | |||
|- packet-send | |||
|- packet-receive | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- ospf -- all | |||
|- events | |||
|- ifsm | |||
|- lsa | |||
|- nfsm | |||
|- nsm | |||
|- packet | |||
|- route | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- bgp -- all | |||
|- dampening | |||
|- events | |||
|- filters | |||
|- fsm | |||
|- keepalives | |||
|- nsm | |||
|- updates | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- isis -- all | |||
|- ifsm | |||
|- nfsm | |||
|- pdu | |||
|- lsp | |||
|- spf | |||
|- events | |||
|- nsm | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- igmp -- all | |||
|- decode | |||
|- encode | |||
|- events | |||
|- fsm | |||
|- tib | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- pim-dm -- all | |||
|- context | |||
|- decode | |||
|- encode | |||
|- fsm | |||
|- mrt | |||
|- nexthop | |||
|- nsm | |||
|- vif | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- pim-sm -- all | |||
|- events | |||
|- mfc | |||
|- mib | |||
|- nexthop | |||
|- nsm | |||
|- state | |||
|- show | |||
|- packet -- all | |||
|- in | |||
+- out | |||
|- timer -- all | |||
|- assert -- all | |||
+- at | |||
|- bsr -- all | |||
|- bst | |||
+- crp | |||
|- hello -- all | |||
|- ht | |||
|- nlt | |||
+- tht | |||
|- joinprune -- all | |||
|- et | |||
|- jt | |||
|- kat | |||
|- ot | |||
+- ppt | |||
+- register -- all | |||
+- rst | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- imi -- vty | |||
+- bfd -- all | |||
|- events | |||
|- packet | |||
|- fsm | |||
|- nsm | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
|- address -- list | |||
|- flush | |||
|- add -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) | |||
+- delete -- intf-name -- XXX.XXX.XXX.XXX (0) | |||
|- arp -- list | |||
|- flush -- intf-name (0) | |||
|- add -- intf-name -- XXX.XXX.XXX.XXX -- XX:XX:XX:XX:XX:XX (0) | |||
+- delete -- intf-name -- XXX.XXX.XXX.XXX (0) | |||
|- route -- list | |||
|- flush | |||
|- add -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- <1-255> -- <0-4294967295> -- verify (0) | |||
|- delete -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- <1-255> -- <0-4294967295> -- verify (0) | |||
+- verify -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- <1-255> -- <0-4294967295> (0) | |||
|- ipip-tunnel -- list | |||
|- add -- <name_str> -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) | |||
+- delete -- <name_str> (0) | |||
|- gre-tunnel -- list | |||
|- add -- <name_str> -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) | |||
+- delete -- <name_str> (0) | |||
|- rtcache -- list | |||
+- flush | |||
|- multicast -- mroute | |||
|- mfc-flush | |||
|- vif | |||
|- group-membership | |||
|- mac | |||
|- status | |||
|- get-igmp-limit | |||
|- mfc-add -- <in-port> -- <src-ip> -- <group-ip> -- <out-ports-map> (0) | |||
+- mfc-del -- <src-ip> -- <group-ip> (0) | |||
|- tcp -- list | |||
+- flush | |||
|- udp -- list | |||
+- flush | |||
+- framed-ip -- list | |||
|- delete -- XXX.XXX.XXX.XXX (0) | |||
+- delete-all -- <service> (0) | |||
|- hardware -- deviceinfo -- disk | |||
|- flash | |||
+- nic | |||
|- ioport -- byte | |||
|- word | |||
+- long | |||
|- pciconfig | |||
|- setpci | |||
|- lspci | |||
|- sysinfo -- cpu | |||
|- memory | |||
|- interrupts | |||
|- iomem | |||
|- ioports | |||
|- mtrr | |||
|- slab | |||
|- shm | |||
+- conserve | |||
|- smartctl | |||
|- certificate | |||
|- ipsec | |||
+- test -- bios -- sysid | |||
|- checksum | |||
+- license | |||
|- system -- cpu-config | |||
|- memory-config | |||
|- storage-config | |||
+- network-config | |||
|- pci -- list | |||
|- usb -- 2.0 | |||
+- 3.0 | |||
|- button -- reset | |||
|- cpu -- model | |||
|- function | |||
|- stress | |||
+- performance | |||
|- memory -- random | |||
|- sequence | |||
|- bit-flip | |||
|- bit-shift | |||
|- solid-bits | |||
+- stress | |||
|- network -- detect | |||
|- loopback | |||
+- stress | |||
|- npu -- np6lite-ddr | |||
|- disk -- file-data | |||
|- file-data2 | |||
+- stress | |||
|- led -- sys-led | |||
+- nic-led | |||
|- suite -- <all|pcba|stress|rack-burn-in> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> (0) | |||
|- setting -- log-level -- <value> (0) | |||
|- show | |||
|- json | |||
|- info | |||
|- skip -- <clear|show|interface> (0) | |||
+- skip -- <clear|show|interface> (0) | |||
|- disktest -- device | |||
|- block -- 1 | |||
|- 4 | |||
|- 16 | |||
|- 64 | |||
+- 256 | |||
|- time -- <Integer> (0) | |||
|- size -- <Integer> (0) | |||
+- run -- <Integer> (0) | |||
|- sniffer -- packet -- <interface> -- <filter> -- <verbose> -- <count> -- <tsformat> (0) | |||
|- npu -- np6lite -- fastpath -- enable -- <dev_id> (0) | |||
+- disable -- <dev_id> (0) | |||
|- dce -- <dev_id> (0) | |||
|- anomaly-drop -- <dev_id> (0) | |||
|- session-stats -- <dev_id> (0) | |||
|- port-list | |||
|- sse-stats -- <dev_id> (0) | |||
|- session -- <dev_id> (0) | |||
|- register -- <dev_id> (0) | |||
+- debug -- <param1> -- <param2> -- <param3> -- <param4> -- <param5> (0) | |||
|- ipv6 -- multicast -- mroute | |||
|- vif | |||
+- status | |||
|- address -- list | |||
|- flush | |||
|- add -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) | |||
|- delete -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) | |||
|- anycast | |||
+- multicast -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) | |||
|- neighbor-cache -- list | |||
|- flush -- intf-name (0) | |||
|- add -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx -- XX:XX:XX:XX:XX:XX (0) | |||
+- delete -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (0) | |||
|- route -- list | |||
+- flush | |||
|- sit-tunnel -- list | |||
|- add -- <name_str> -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) | |||
+- delete -- <name_str> (0) | |||
|- ipv6-tunnel -- list | |||
|- add -- <name_str> -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (0) | |||
+- delete -- <name_str> (0) | |||
|- router -- rip -- all | |||
|- events | |||
|- packet-send | |||
|- packet-receive | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
+- ospf -- all | |||
|- events | |||
|- ifsm | |||
|- lsa | |||
|- nfsm | |||
|- nsm | |||
|- packet | |||
|- route | |||
|- show | |||
+- level -- critical | |||
|- error | |||
|- info | |||
|- none | |||
+- warn | |||
+- devconf -- accept-dad -- 0, 1 or 2 (0) | |||
+- disable_ipv6 -- 0 or 1 (0) | |||
|- rsso -- query -- carrier-endpoint -- <endpoint> -- <ip> (0) | |||
|- ip -- <ip> -- <ip> (0) | |||
+- rsso-key -- <name> -- <ip> (0) | |||
|- radiusd -- test -- <level> (0) | |||
|- snmp -- ip -- frags | |||
+- trap -- send | |||
|- central-mgmt -- script-history -- test | |||
|- list | |||
|- clear | |||
+- del -- <id> (0) | |||
|- forticare -- protocol -- <protocol> (0) | |||
|- server -- <IP> (0) | |||
|- cnreg-code-list | |||
+- direct-registration -- reseller-list -- <cnreg-code> (0) | |||
|- country-data -- <cnreg-code> (0) | |||
|- organization-list | |||
+- product-registration | |||
|- fortiguard -- ipblacklist -- db | |||
|- vr | |||
|- ip -- <ddd.ddd.ddd.ddd> (0) | |||
+- ctx | |||
|- internet-service -- id -- <id> (0) | |||
|- id-summary -- <id> (0) | |||
|- info -- <vdname> -- <proto> -- <port> -- <ip> (0) | |||
+- match -- <vdname> -- <ip> -- <netmask> (0) | |||
|- wireless-controller -- wlac -- <-c|-d|-k|-h> -- <value1> -- <value2> -- <value3> -- <value4> -- <value5> -- <value6> (0) | |||
|- switch-controller -- dump -- mac-hosts | |||
|- mac-hosts-switch-port | |||
|- device-access-list | |||
|- client -- switch (0) | |||
|- lldp -- neighbors-summary -- switch (0) | |||
|- neighbors-detail -- switch -- port (0) | |||
+- stats -- switch -- port (0) | |||
|- mclag -- icl -- switch (0) | |||
+- list -- switch -- mclag-trunk-name (0) | |||
|- network-upgrade -- status | |||
|- trunk-switch-config -- switch (0) | |||
|- port-stats -- switch -- port (0) | |||
|- trunk-state -- switch -- trunk-port (0) | |||
|- mac-addr -- switch -- vlan-id (0) | |||
|- igmp-snooping-interface -- switch (0) | |||
|- igmp-snooping-group -- switch (0) | |||
|- loop-guard-status -- switch (0) | |||
|- dhcp-snooping -- database -- switch (0) | |||
+- status -- switch (0) | |||
+- 802-1X-status -- switch -- port (0) | |||
|- clear-stats -- mclag -- icl -- switch (0) | |||
+- mlags -- switch -- mclag-trunk-name (0) | |||
|- kick -- device-id -- vlanid -- portid -- mac (0) | |||
|- trigger-mac-sync | |||
+- device-filter -- mac -- mac (0) | |||
|- vlan-id -- vlan-id (0) | |||
|- intf-name -- intf-name (0) | |||
+- clear | |||
|- fortitoken -- info -- <id> (0) | |||
|- test -- <id> -- <code> -- <next code> -- <screen size> (0) | |||
+- debug -- enable | |||
+- disable | |||
|- forticlient -- add-connection -- <name> -- <user> -- <id> -- <host os> -- <ip> (0) | |||
|- close-connection -- <handle> (0) | |||
+- close-all-connection | |||
|- web-ui -- debug -- enable | |||
+- disable | |||
|- cache -- enable | |||
+- disable | |||
|- app-icon-info | |||
|- app-icon-update -- timeout (0) | |||
+- cli-schema -- path -- name (0) | |||
|- src-vis -- stats | |||
|- log -- terminal -- clear | |||
|- reset | |||
+- stats | |||
|- analysis-level -- full | |||
|- bypass | |||
|- ignore | |||
|- skip-tcpfp | |||
+- ignore-tcpfp | |||
|- scheduler-times -- start | |||
|- stop | |||
+- display | |||
|- ring -- <start> -- <length> (0) | |||
|- save | |||
|- restore | |||
|- save | |||
+- restart | |||
|- lldptx -- stats -- list | |||
|- objects | |||
+- counts | |||
|- log -- terminal -- clear | |||
|- reset | |||
+- stats | |||
|- scheduler-times -- start | |||
|- stop | |||
+- display | |||
+- restart | |||
|- cp -- soc3 -- register -- <dev_id> -- <block_id> (0) | |||
|- vpn-stats -- <dev_id> (0) | |||
|- ssl-stats | |||
+- pkce-stats -- <dev_id> (0) | |||
|- fdsm -- fds-update | |||
|- log-controller-update | |||
|- account-info | |||
|- message-update | |||
|- forticlient-update | |||
|- forticlient-net-info | |||
|- modem-list | |||
|- contract-controller-update | |||
|- image-list | |||
|- image-upgrade-matrix | |||
|- image-download -- <id> (0) | |||
|- fc-installer-download -- <id> (0) | |||
|- sslvpn-package-download -- <id> (0) | |||
|- sslvpn-man-upgrade-package-download -- <id> (0) | |||
|- report-list -- <vdom> (0) | |||
|- report-download -- <oid> (0) | |||
|- cfg-list -- <type> (0) | |||
|- cfg-upload -- <comments> (0) | |||
|- cfg-download -- <type> -- <revision> (0) | |||
|- cfg-diff -- <revision1> -- <revision2> (0) | |||
|- ftk-activiate | |||
|- fortiap-latest-ver -- <model> (0) | |||
|- fortiap-download -- <id> (0) | |||
|- fortisw-latest-ver -- <model> (0) | |||
|- fortisw-download -- <id> (0) | |||
+- central-mgmt-status | |||
|- extender -- atcmd -- <at-command> -- <mark> -- <sn> (0) | |||
|- cmd -- <Integer> -- <sn> (0) | |||
+- modem-list | |||
+- traffictest -- show | |||
|- run -- [-h/arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] (0) | |||
|- server-intf -- <string> (0) | |||
|- client-intf -- <string> (0) | |||
|- port -- <port> (0) | |||
+- proto -- 0 | |||
+- 1 | |||
|- authentication -- [scheme] --*name (36) | |||
|- method | |||
|- negotiate-ntlm | |||
|- require-tfa | |||
|- fsso-guest | |||
+- [user-database] --*name (65) | |||
|- [rule] --*name (36) | |||
|- status | |||
|- protocol | |||
|- [srcaddr] --*name (65) | |||
|- [srcaddr6] --*name (65) | |||
|- ip-based | |||
|- active-auth-method (36) | |||
|- sso-auth-method (36) | |||
|- web-auth-cookie | |||
|- transaction-based | |||
+- comments | |||
+- <setting> -- active-auth-scheme (36) | |||
|- sso-auth-scheme (36) | |||
|- captive-portal (256) | |||
+- captive-portal-port (1,65535) | |||
|- switch-controller -- [vlan] --*name (16) | |||
|- vdom (33) | |||
|- vlanid (1,4094) | |||
|- comments (64) | |||
|- color (0,32) | |||
|- security | |||
|- auth | |||
|- radius-server (36) | |||
|- usergroup (36) | |||
|- portal-message-override-group (36) | |||
|- <portal-message-overrides> -- auth-disclaimer-page (36) | |||
|- auth-reject-page (36) | |||
|- auth-login-page (36) | |||
+- auth-login-failed-page (36) | |||
+- [selected-usergroups] --*name (65) | |||
|- <802-1X-settings> -- link-down-auth | |||
|- reauth-period (1,1440) | |||
+- max-reauth-attempt (0,15) | |||
|- security-policy -- [802-1X] --*name (32) | |||
|- security-mode | |||
|- [user-group] --*name (65) | |||
|- mac-auth-bypass | |||
|- eap-passthru | |||
|- guest-vlan | |||
|- guest-vlanid (0,65535) | |||
|- guest-vlan-id (16) | |||
|- guest-auth-delay (60,900) | |||
|- auth-fail-vlan | |||
|- auth-fail-vlanid (0,65535) | |||
|- auth-fail-vlan-id (16) | |||
|- radius-timeout-overwrite | |||
+- policy-type | |||
+- [captive-portal] --*name (32) | |||
|- vlan (16) | |||
+- policy-type | |||
|- <lldp-settings> -- status | |||
|- tx-hold (1,16) | |||
|- tx-interval (5,4095) | |||
|- fast-start-interval (0,255) | |||
+- management-interface | |||
|- [lldp-profile] --*name (64) | |||
|- med-tlvs | |||
|- 802.1-tlvs | |||
|- 802.3-tlvs | |||
|- auto-isl | |||
|- auto-isl-hello-timer (1,30) | |||
|- auto-isl-receive-timeout (3,90) | |||
|- auto-isl-port-group (0,9) | |||
|- [med-network-policy] --*name (64) | |||
|- status | |||
|- vlan (0,4094) | |||
|- priority (0,7) | |||
+- dscp (0,63) | |||
+- [custom-tlvs] --*name (64) | |||
|- oui | |||
|- subtype (0,255) | |||
+- information-string | |||
|- qos -- [dot1p-map] --*name (64) | |||
|- description (64) | |||
|- priority-0 | |||
|- priority-1 | |||
|- priority-2 | |||
|- priority-3 | |||
|- priority-4 | |||
|- priority-5 | |||
|- priority-6 | |||
+- priority-7 | |||
|- [ip-dscp-map] --*name (64) | |||
|- description (64) | |||
+- [map] --*name (64) | |||
|- cos-queue (0,7) | |||
|- diffserv | |||
|- ip-precedence | |||
+- value | |||
|- [queue-policy] --*name (64) | |||
|- schedule | |||
+- [cos-queue] --*name (64) | |||
|- description (64) | |||
|- min-rate (0,4294967295) | |||
|- max-rate (0,4294967295) | |||
|- drop-policy | |||
+- weight (0,4294967295) | |||
+- [qos-policy] --*name (64) | |||
|- default-cos (0,7) | |||
|- trust-dot1p-map (64) | |||
|- trust-ip-dscp-map (64) | |||
+- queue-policy (64) | |||
|- [switch-profile] --*name (36) | |||
|- login-passwd-override | |||
+- login-passwd | |||
|- [custom-command] --*command-name (36) | |||
|- description (36) | |||
+- command | |||
|- [managed-switch] --*switch-id (17) | |||
|- name (36) | |||
|- description (64) | |||
|- switch-profile (36) | |||
|- fsw-wan1-peer (36) | |||
|- fsw-wan1-admin | |||
|- fsw-wan2-peer (36) | |||
|- fsw-wan2-admin | |||
|- poe-pre-standard-detection | |||
|- directly-connected (0,1) | |||
|- connected (0,255) | |||
|- version (0,255) | |||
|- max-allowed-trunk-members (0,255) | |||
|- pre-provisioned (0,255) | |||
|- dynamic-capability (0,4294967295) | |||
|- switch-device-tag (33) | |||
|- dynamically-discovered (0,1) | |||
|- staged-image-version (128) | |||
|- delayed-restart-trigger (0,255) | |||
|- [ports] --*port-name (16) | |||
|- port-owner (16) | |||
|- switch-id (17) | |||
|- speed | |||
|- speed-mask (0,4294967295) | |||
|- status | |||
|- poe-status | |||
|- poe-pre-standard-detection | |||
|- port-number (1,64) | |||
|- port-prefix-type (0,1) | |||
|- fortilink-port (0,1) | |||
|- poe-capable (0,1) | |||
|- stacking-port (0,1) | |||
|- fiber-port (0,1) | |||
|- flags (0,4294967295) | |||
|- isl-local-trunk-name (16) | |||
|- isl-peer-port-name (16) | |||
|- isl-peer-device-name (17) | |||
|- fgt-peer-port-name (16) | |||
|- fgt-peer-device-name (17) | |||
|- vlan (16) | |||
|- allowed-vlans-all | |||
|- [allowed-vlans] --*vlan-name (80) | |||
|- [untagged-vlans] --*vlan-name (80) | |||
|- type | |||
|- dhcp-snooping | |||
|- dhcp-snoop-option82-trust | |||
|- igmp-snooping | |||
|- igmps-flood-reports | |||
|- igmps-flood-traffic | |||
|- stp-state | |||
|- edge-port | |||
|- loop-guard | |||
|- loop-guard-timeout (0,120) | |||
|- qos-policy (64) | |||
|- port-security-policy (32) | |||
|- lldp-status | |||
|- lldp-profile (64) | |||
|- port-selection-criteria | |||
|- description (64 xss) | |||
|- lacp-speed | |||
|- mode | |||
|- bundle | |||
|- member-withdrawal-behavior | |||
|- mclag | |||
|- min-bundle (1,24) | |||
|- max-bundle (1,24) | |||
+- [members] --*member-name (65) | |||
|- <stp-settings> -- local-override | |||
|- name (32) | |||
|- status | |||
|- revision (0,65535) | |||
|- hello-time (1,10) | |||
|- forward-time (4,30) | |||
|- max-age (6,40) | |||
|- max-hops (1,40) | |||
+- pending-timer (1,15) | |||
|- <switch-stp-settings> -- status | |||
|- <switch-log> -- local-override | |||
|- status | |||
+- severity | |||
|- <storm-control> -- local-override | |||
|- rate (1,10000000) | |||
|- unknown-unicast | |||
|- unknown-multicast | |||
+- broadcast | |||
|- [custom-command] --*command-entry (36) | |||
+- command-name (36 xss) | |||
|- <igmp-snooping> -- local-override | |||
|- aging-time (15,3600) | |||
+- flood-unknown-multicast | |||
+- <802-1X-settings> -- local-override | |||
|- link-down-auth | |||
|- reauth-period (1,1440) | |||
+- max-reauth-attempt (0,15) | |||
|- [switch-group] --*name (36) | |||
|- description (64) | |||
+- [members] --*name (65) | |||
|- <stp-settings> -- name (32) | |||
|- status | |||
|- revision (0,65535) | |||
|- hello-time (1,10) | |||
|- forward-time (4,30) | |||
|- max-age (6,40) | |||
|- max-hops (1,40) | |||
+- pending-timer (1,15) | |||
|- <storm-control> -- rate (1,10000000) | |||
|- unknown-unicast | |||
|- unknown-multicast | |||
+- broadcast | |||
|- <global> -- mac-aging-interval (10,1000000) | |||
|- allow-multiple-interfaces | |||
+- [disable-discovery] --*name (65) | |||
|- <mac-sync-settings> -- mac-sync-interval (30,600) | |||
|- <poe> -- <fortiswitch-id> -- <port> (0) | |||
|- <switch-log> -- status | |||
+- severity | |||
|- <igmp-snooping> -- aging-time (15,3600) | |||
+- flood-unknown-multicast | |||
+- <quarantine> -- quarantine | |||
+- [targets] --*mac | |||
|- entry-id (0,4294967295) | |||
|- description (64) | |||
+- [tag] --*tags (64) | |||
|- execute__tree__ -- set-next-reboot -- <primary/secondary> (0) | |||
|- ping -- <ip> (0) | |||
|- ping-options -- data-size -- <integer> (0) | |||
|- df-bit -- <string> (0) | |||
|- pattern -- <string> (0) | |||
|- repeat-count -- <string> (0) | |||
|- source -- <string> (0) | |||
|- timeout -- <integer> (0) | |||
|- adaptive-ping -- <string> (0) | |||
|- interval -- <integer> (0) | |||
|- tos -- <string> (0) | |||
|- ttl -- <integer> (0) | |||
|- validate-reply -- <string> (0) | |||
|- view-settings | |||
+- reset | |||
|- ping6 | |||
|- ping6-options -- data-size -- <integer> (0) | |||
|- pattern -- <string> (0) | |||
|- repeat-count -- <string> (0) | |||
|- source -- <string> (0) | |||
|- timeout -- <integer> (0) | |||
|- adaptive-ping -- <string> (0) | |||
|- interval -- <integer> (0) | |||
|- tos -- <string> (0) | |||
|- ttl -- <integer> (0) | |||
|- validate-reply -- <string> (0) | |||
|- view-settings | |||
+- reset | |||
|- update-now | |||
|- update-av | |||
|- update-ips | |||
|- update-src-vis | |||
|- update-geo-ip | |||
|- send-fds-statistics | |||
|- update-list | |||
|- reboot -- comment -- <string> (0) | |||
|- shutdown -- comment -- <string> (0) | |||
|- factoryreset | |||
|- factoryreset2 | |||
|- router -- restart | |||
+- clear -- bgp -- all | |||
|- as | |||
|- ip | |||
|- ipv6 | |||
|- dampening | |||
|- external | |||
+- flap-statistics | |||
|- bfd -- session -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> -- <string> (0) | |||
|- ospf -- process | |||
+- ospf6 -- process | |||
|- mrouter -- clear -- multicast-routes -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- dense-routes -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- sparse-routes -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- statistics -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- sparse-mode-bsr | |||
|- igmp-interface -- <string> (0) | |||
+- igmp-group -- <xxx.xxx.xxx.xxx> -- <string> (0) | |||
|- disconnect-admin-session -- <integer> (0) | |||
|- fsso -- refresh | |||
|- restore -- image -- tftp -- <string> -- <ip> (0) | |||
|- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- usb -- <string> (0) | |||
|- management-station -- <string> (0) | |||
+- flash -- <revision> (0) | |||
|- secondary-image -- tftp -- <string> -- <ip> (0) | |||
|- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
+- usb -- <string> (0) | |||
|- config -- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) | |||
|- flash -- <revision> (0) | |||
|- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) | |||
|- dhcp -- <port> -- <Enter> | <vlanid> (0) | |||
|- usb -- <string> -- <Enter>|<passwd> (0) | |||
|- usb-mode -- <Enter>|<passwd> (0) | |||
+- management-station -- normal -- <revision> (0) | |||
|- template -- <revision> (0) | |||
+- script -- <revision> (0) | |||
|- ipsuserdefsig -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- av -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- ips -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- src-vis -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
+- other-objects -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- revision -- list -- config | |||
+- image | |||
+- delete -- config -- <revision> -- <rev_id> (0) | |||
+- image -- <revision> -- <rev_id> (0) | |||
|- upload -- config -- tftp -- <string> -- <comment> -- <ip> (0) | |||
|- ftp -- <string> -- <comment> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) | |||
+- usb -- <string> -- <comment> (0) | |||
+- image -- tftp -- <string> -- <comment> -- <ip> (0) | |||
|- ftp -- <string> -- <comment> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
+- usb -- <string> -- <comment> (0) | |||
|- backup -- memory -- log -- tftp -- <ip> -- <string> (0) | |||
+- ftp -- <ftp server>[:ftp port] -- <user> -- <passwd> -- <string> (0) | |||
+- alllogs -- tftp -- <ip> (0) | |||
+- ftp -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- disk -- alllogs -- usb | |||
|- log -- usb -- <string> (0) | |||
+- ipsarchives -- usb | |||
|- config -- usb -- <string> -- <Enter>|<passwd> (0) | |||
|- usb-mode -- <Enter>|<passwd> (0) | |||
|- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) | |||
|- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) | |||
|- flash -- <comment> (0) | |||
+- management-station -- <comment> (0) | |||
|- full-config -- usb -- <string> -- <Enter>|<passwd> (0) | |||
|- usb-mode -- <Enter>|<passwd> (0) | |||
|- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) | |||
|- config-with-forticlient-info -- usb -- <string> -- <Enter>|<passwd> (0) | |||
|- usb-mode -- <Enter>|<passwd> (0) | |||
|- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) | |||
+- ipsuserdefsig -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- enter -- <name> (0) | |||
|- formatlogdisk | |||
|- vpn -- certificate -- local -- generate -- rsa -- <string> -- <number> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <ip> -- <string> -- <string> (0) | |||
|- ec -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <ip> -- <string> -- <string> (0) | |||
|- default-ssl-ca | |||
|- default-ssl-serv-key | |||
|- default-ssl-ca-untrusted | |||
+- default-ssl-key-certs | |||
|- verify -- <string> (0) | |||
|- export -- tftp -- <string> -- <string> -- <string> -- <ip> (0) | |||
+- import -- tftp -- <string> -- <ip> -- <string> -- <Enter>|<passwd> (0) | |||
|- crl -- import -- auto -- <string> (0) | |||
|- ca -- export -- tftp -- <string> -- <string> -- <ip> (0) | |||
+- import -- tftp -- <string> -- <ip> (0) | |||
+- auto -- <string> -- <string> -- <ip> (0) | |||
+- remote -- export -- tftp -- <string> -- <string> -- <ip> (0) | |||
+- import -- tftp -- <string> -- <ip> (0) | |||
|- ipsec -- tunnel -- down -- <phase2> -- <phase1> -- <serial> (0) | |||
+- up -- <phase2> -- <phase1> -- <serial> (0) | |||
+- sslvpn -- list -- <web|tunnel> (0) | |||
|- del-all -- <tunnel> (0) | |||
|- del-tunnel -- <index> (0) | |||
|- del-web -- <index> (0) | |||
|- rlist -- <vdom> (0) | |||
|- guirlist -- <vdom> (0) | |||
|- rdel-web -- <vdom> -- <index> (0) | |||
|- rdel-tunnel -- <vdom> -- <index> (0) | |||
|- rdel-all -- <vdom> (0) | |||
+- rdel-all-tunnel -- <vdom> (0) | |||
|- factory-license -- <key> (0) | |||
|- traceroute -- <dest> (0) | |||
|- traceroute-options -- queries -- <integer> (0) | |||
|- source -- <string> (0) | |||
|- device -- <string> (0) | |||
+- view-settings | |||
|- tracert6 | |||
|- telnet -- <dest> -- <port> (0) | |||
|- ssh -- <user@host> -- <port> (0) | |||
|- dhcp -- lease-list -- <interface> (0) | |||
+- lease-clear -- <xxx.xxx.xxx.xxx> (0) | |||
+- all (0) | |||
|- dhcp6 -- lease-list -- <interface> (0) | |||
+- lease-clear -- <xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx> (0) | |||
+- all (0) | |||
|- webfilter -- quota-reset -- wf-profile -- endpoint (0) | |||
|- ha -- synchronize -- <string> (0) | |||
|- manage -- <string> (0) | |||
|- disconnect -- <string> -- <string> -- <ip> -- <netmask> (0) | |||
+- set-priority -- <string> -- <integer> (0) | |||
|- modem -- dial | |||
|- hangup | |||
+- trigger | |||
|- log -- fortianalyzer -- test-connectivity | |||
|- fortiguard -- test-connectivity | |||
|- upload | |||
|- upload-progress | |||
|- list -- <category> (0) | |||
|- display | |||
|- detail -- <category> -- <utmref> (0) | |||
|- filter -- reset -- <enter|all|field> (0) | |||
|- dump | |||
|- category -- <category> (0) | |||
|- device -- <device> (0) | |||
|- start-line -- number (0) | |||
|- view-lines -- number (0) | |||
|- max-checklines -- number (0) | |||
|- ha-member -- sn (0) | |||
|- field -- <name> -- <argument 1> -- <argument 2> -- <argument 3> -- <argument 4> -- <argument 5> -- <argument 6> -- <argument 7> (0) | |||
+- show-utm-ref -- number (0) | |||
|- roll | |||
|- delete | |||
|- delete-all | |||
|- backup -- <path> (0) | |||
|- flush-cache | |||
+- flush-cache-all | |||
|- policy-packet-capture -- delete-all | |||
|- time -- <hh:mm:ss> (0) | |||
|- date -- <yyyy-mm-dd> (0) | |||
|- usb-disk -- list | |||
|- delete -- <filename> (0) | |||
|- format | |||
|- rename -- <old> -- <new> (0) | |||
+- eject | |||
|- usb-device -- list | |||
+- disconnect | |||
|- upd-vd-license -- <license key> (0) | |||
|- batch -- start | |||
|- end | |||
|- status | |||
+- lastlog | |||
|- cfg -- save | |||
+- reload | |||
|- cli -- status-msg-only -- <enable/disable> (0) | |||
+- check-template-status | |||
|- interface -- dhcpclient-renew -- <interface> (0) | |||
|- pppoe-reconnect -- <interface> (0) | |||
+- dhcp6client-renew -- <interface> (0) | |||
|- clear -- system -- arp -- table | |||
|- fortiguard-log -- update | |||
|- create-account -- <id> -- <password> -- <email confirm> (0) | |||
|- login -- <id> -- <password> -- <email confirm> (0) | |||
|- try -- <id> -- <password> -- <email confirm> (0) | |||
|- join | |||
|- agreement | |||
+- certificate-activation -- <code> (0) | |||
|- central-mgmt -- set-mgmt-id -- <management id> (0) | |||
|- register-device -- <fmg-serial-no> -- <fmg-register-password> (0) | |||
+- unregister-device -- <fmg-serial-no> (0) | |||
|- fortiguard-message -- info | |||
|- update | |||
+- add -- <activation code> (0) | |||
|- wireless-controller -- reset-wtp -- <all>|<SN> (0) | |||
|- list-wtp-image | |||
|- delete-wtp-image | |||
|- upload-wtp-image -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
+- restart-acd | |||
|- replace-device -- fortiap -- <fortiap-id> -- <fortiap-id> (0) | |||
+- fortiswitch -- <fortiswitch-id> -- <fortiswitch-id> (0) | |||
|- switch-controller -- push-swtp-image -- <fortiswitch-id> -- <filename> (0) | |||
|- stage-swtp-image -- <fortiswitch-id> -- <filename> (0) | |||
|- stage-tiered-swtp-image -- <fortiswitch-id> -- <filename> (0) | |||
|- upload-swtp-image -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- list-swtp-image | |||
|- delete-swtp-image -- <filename> (0) | |||
|- restart-acd | |||
|- poe-reset -- <fortiswitch-id> -- <port> (0) | |||
|- restart-swtpd -- <fortiswitch-id> (0) | |||
|- restart-swtp -- sn -- <fortiswitch-id> (0) | |||
|- switch-group -- <switch-group ID> (0) | |||
+- all | |||
|- restart-swtp-delayed -- <fortiswitch-id> (0) | |||
|- get-conn-status -- <fortiswitch-id> (0) | |||
|- get-physical-conn -- <FortiSwitch-Stack-ID> (0) | |||
|- clear-igmp-snoop -- <FortiSwitch-id> (0) | |||
|- clear-802-1X-interface -- <FortiSwitch-id> -- <port> (0) | |||
|- factory-reset -- switch (0) | |||
|- set-standalone -- switch (0) | |||
|- loop-guard-reset -- <FortiSwitch-id> -- <port> (0) | |||
+- custom-command -- <cmd-name> -- <target-switch> (0) | |||
|- disk -- list | |||
|- format | |||
+- scan | |||
|- erase-disk | |||
|- tac -- report | |||
|- fortitoken -- activate -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> (0) | |||
|- sync -- <id> -- <code> -- <next code> (0) | |||
|- import -- <file name> (0) | |||
+- import-sn-file -- <FTK_200 Serial Number> (0) | |||
|- fortitoken-mobile -- import -- <code> (0) | |||
|- provision -- <sn> (0) | |||
|- poll | |||
+- renew -- <sn> (0) | |||
|- forticlient -- info | |||
+- list -- <connection type> -- <start line> -- <max result> (0) | |||
|- sync-session | |||
|- system -- fortisandbox -- test-connectivity | |||
+- custom-language -- import -- <string> -- <string> -- <ip> (0) | |||
|- auto-script -- start -- <name> (0) | |||
|- stop -- <name> (0) | |||
|- stopall | |||
|- status | |||
|- result -- <name> (0) | |||
|- delete -- <name> (0) | |||
+- backup -- tftp -- <name> -- <ip> (0) | |||
+- ftp -- <name> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- extender -- push-fortiextender-image -- filename -- sn (0) | |||
|- reset-fortiextender -- <all>|<SN> (0) | |||
|- list-fortiextender-image | |||
|- delete-fortiextender-image | |||
|- upload-fortiextender-image -- tftp -- <string> -- <ip> (0) | |||
+- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) | |||
|- restart-fortiextender-daemon | |||
|- dial -- <SN> (0) | |||
+- hangup -- <SN> (0) | |||
|- dsscc | |||
|- api-user -- generate-key -- <name> (0) | |||
+- set -- system -- session -- filter -- list | |||
|- vd -- <xxx> (0) | |||
|- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) | |||
|- proto -- <xx> -- <xx> (0) | |||
|- sport -- <xxxx> -- <xxxx> (0) | |||
|- dport -- <xxxx> -- <xxxx> (0) | |||
|- policy -- <xxx> -- <xxx> (0) | |||
|- expire -- <xxx> -- <xxx> (0) | |||
|- duration -- <xxx> -- <xxx> (0) | |||
|- clear -- all | |||
|- vd | |||
|- src | |||
|- dst | |||
|- proto | |||
|- sport | |||
|- dport | |||
|- policy | |||
|- expire | |||
+- duration | |||
+- negate -- vd | |||
|- src | |||
|- dst | |||
|- proto | |||
|- sport | |||
|- dport | |||
|- policy | |||
|- expire | |||
+- duration | |||
|- endpoint-control -- <settings> -- forticlient-reg-key-enforce | |||
|- forticlient-reg-key | |||
|- forticlient-reg-timeout (0,180) | |||
|- download-custom-link (128) | |||
|- download-location | |||
|- forticlient-keepalive-interval (20,300) | |||
|- forticlient-sys-update-interval (30,1440) | |||
|- forticlient-avdb-update-interval (0,24) | |||
|- forticlient-warning-interval (0,24) | |||
+- forticlient-user-avatar | |||
|- [profile] --*profile-name (36) | |||
|- <forticlient-winmac-settings> -- forticlient-registration-compliance-action | |||
|- forticlient-security-posture | |||
|- forticlient-security-posture-compliance-action | |||
|- forticlient-av | |||
|- av-realtime-protection | |||
|- av-signature-up-to-date | |||
|- sandbox-analysis | |||
|- sandbox-address (256) | |||
|- os-av-software-installed | |||
|- forticlient-application-firewall | |||
|- forticlient-application-firewall-list (36) | |||
|- forticlient-wf | |||
|- forticlient-wf-profile (36) | |||
|- forticlient-system-compliance | |||
|- forticlient-system-compliance-action | |||
|- forticlient-minimum-software-version | |||
|- forticlient-win-ver (64) | |||
|- forticlient-mac-ver (64) | |||
|- [forticlient-operating-system] --*id (0,4294967295) | |||
|- os-type | |||
+- os-name (128) | |||
|- [forticlient-running-app] --*id (0,4294967295) | |||
|- app-name (128) | |||
|- process-name (128) | |||
|- app-sha256-signature (65) | |||
|- process-name2 (128) | |||
|- app-sha256-signature2 (65) | |||
|- process-name3 (128) | |||
|- app-sha256-signature3 (65) | |||
|- process-name4 (128) | |||
+- app-sha256-signature4 (65) | |||
|- [forticlient-registry-entry] --*id (0,4294967295) | |||
+- registry-entry (128 xss) | |||
|- [forticlient-own-file] --*id (0,4294967295) | |||
+- file (128 xss) | |||
|- forticlient-log-upload | |||
|- forticlient-log-upload-level | |||
|- forticlient-log-upload-server (256) | |||
|- forticlient-vuln-scan | |||
|- forticlient-vuln-scan-compliance-action | |||
|- forticlient-vuln-scan-enforce | |||
|- forticlient-vuln-scan-enforce-grace (0,30) | |||
+- forticlient-vuln-scan-exempt | |||
|- <forticlient-android-settings> -- forticlient-wf | |||
|- forticlient-wf-profile (36) | |||
|- disable-wf-when-protected | |||
|- forticlient-vpn-provisioning | |||
|- forticlient-advanced-vpn | |||
|- forticlient-advanced-vpn-buffer | |||
+- [forticlient-vpn-settings] --*name (36) | |||
|- type | |||
|- remote-gw (256) | |||
|- sslvpn-access-port (1,65535) | |||
|- sslvpn-require-certificate | |||
|- auth-method | |||
+- preshared-key | |||
|- <forticlient-ios-settings> -- forticlient-wf | |||
|- forticlient-wf-profile (36) | |||
|- disable-wf-when-protected | |||
|- client-vpn-provisioning | |||
|- [client-vpn-settings] --*name (36) | |||
|- type | |||
|- vpn-configuration-name (36 xss) | |||
|- vpn-configuration-content | |||
|- remote-gw (256) | |||
|- sslvpn-access-port (1,65535) | |||
|- sslvpn-require-certificate | |||
|- auth-method | |||
+- preshared-key | |||
|- distribute-configuration-profile | |||
|- configuration-name (36 xss) | |||
+- configuration-content | |||
|- description | |||
|- [src-addr] --*name (65) | |||
|- [device-groups] --*name (65) | |||
|- [users] --*name (65) | |||
|- [user-groups] --*name (65) | |||
|- [on-net-addr] --*name (65) | |||
+- replacemsg-override-group (36) | |||
|- [forticlient-registration-sync] --*peer-name (36) | |||
+- peer-ip | |||
|- alertemail -- <setting> -- username (36) | |||
|- mailto1 (64) | |||
|- mailto2 (64) | |||
|- mailto3 (64) | |||
|- filter-mode | |||
|- email-interval (1,99999) | |||
|- IPS-logs | |||
|- firewall-authentication-failure-logs | |||
|- HA-logs | |||
|- IPsec-errors-logs | |||
|- FDS-update-logs | |||
|- PPP-errors-logs | |||
|- sslvpn-authentication-errors-logs | |||
|- antivirus-logs | |||
|- webfilter-logs | |||
|- configuration-changes-logs | |||
|- violation-traffic-logs | |||
|- admin-login-logs | |||
|- FDS-license-expiring-warning | |||
|- log-disk-usage-warning | |||
|- fortiguard-log-quota-warning | |||
|- amc-interface-bypass-mode | |||
|- FIPS-CC-errors | |||
|- FDS-license-expiring-days (1,100) | |||
|- local-disk-usage (1,99) | |||
|- emergency-interval (1,99999) | |||
|- alert-interval (1,99999) | |||
|- critical-interval (1,99999) | |||
|- error-interval (1,99999) | |||
|- warning-interval (1,99999) | |||
|- notification-interval (1,99999) | |||
|- information-interval (1,99999) | |||
|- debug-interval (1,99999) | |||
+- severity | |||
|- router -- [access-list] --*name (36) | |||
|- comments (128 xss) | |||
+- [rule] --*id (0,4294967295) | |||
|- action | |||
|- prefix | |||
|- wildcard | |||
|- exact-match | |||
+- flags (0,4294967295) | |||
|- [access-list6] --*name (36) | |||
|- comments (128 xss) | |||
+- [rule] --*id (0,4294967295) | |||
|- action | |||
|- prefix6 | |||
|- exact-match | |||
+- flags (0,4294967295) | |||
|- [aspath-list] --*name (36) | |||
+- [rule] --*id (0,4294967295) | |||
|- action | |||
+- regexp (64 xss) | |||
|- [prefix-list] --*name (36) | |||
|- comments (128 xss) | |||
+- [rule] --*id (0,4294967295) | |||
|- action | |||
|- prefix | |||
|- ge (0,32) | |||
|- le (0,32) | |||
+- flags (0,4294967295) | |||
|- [prefix-list6] --*name (36) | |||
|- comments (128 xss) | |||
+- [rule] --*id (0,4294967295) | |||
|- action | |||
|- prefix6 | |||
|- ge (0,128) | |||
|- le (0,128) | |||
+- flags (0,4294967295) | |||
|- [key-chain] --*name (36) | |||
+- [key] --*id (0,2147483647) | |||
|- accept-lifetime | |||
|- send-lifetime | |||
+- key-string (36) | |||
|- [community-list] --*name (36) | |||
|- type | |||
+- [rule] --*id (0,4294967295) | |||
|- action | |||
|- regexp (256 xss) | |||
+- match (256) | |||
|- [route-map] --*name (36) | |||
|- comments (128 xss) | |||
+- [rule] --*id (0,4294967295) | |||
|- action | |||
|- match-as-path (36) | |||
|- match-community (36) | |||
|- match-community-exact | |||
|- match-origin | |||
|- match-interface (16) | |||
|- match-ip-address (36) | |||
|- match-ip6-address (36) | |||
|- match-ip-nexthop (36) | |||
|- match-ip6-nexthop (36) | |||
|- match-metric (0,4294967295) | |||
|- match-route-type | |||
|- match-tag (0,4294967295) | |||
|- set-aggregator-as (1,4294967295) | |||
|- set-aggregator-ip | |||
|- set-aspath-action | |||
|- [set-aspath] --*as (65) | |||
|- set-atomic-aggregate | |||
|- set-community-delete (36) | |||
|- [set-community] --*community (65) | |||
|- set-community-additive | |||
|- set-dampening-reachability-half-life (1,45) | |||
|- set-dampening-reuse (1,20000) | |||
|- set-dampening-suppress (1,20000) | |||
|- set-dampening-max-suppress (1,255) | |||
|- set-dampening-unreachability-half-life (1,45) | |||
|- [set-extcommunity-rt] --*community (65) | |||
|- [set-extcommunity-soo] --*community (65) | |||
|- set-ip-nexthop | |||
|- set-ip6-nexthop | |||
|- set-ip6-nexthop-local | |||
|- set-local-preference (0,4294967295) | |||
|- set-metric (0,4294967295) | |||
|- set-metric-type | |||
|- set-originator-id | |||
|- set-origin | |||
|- set-tag (0,4294967295) | |||
|- set-weight (0,4294967295) | |||
|- set-flags (0,65535) | |||
+- match-flags (0,65535) | |||
|- <rip> -- default-information-originate | |||
|- default-metric (1,16) | |||
|- max-out-metric (0,15) | |||
|- recv-buffer-size (8129,2147483647) | |||
|- [distance] --*id (0,4294967295) | |||
|- prefix | |||
|- distance (1,255) | |||
+- access-list (36) | |||
|- [distribute-list] --*id (0,4294967295) | |||
|- status | |||
|- direction | |||
|- listname (36) | |||
+- interface (16) | |||
|- [neighbor] --*id (0,4294967295) | |||
+- ip | |||
|- [network] --*id (0,4294967295) | |||
+- prefix | |||
|- [offset-list] --*id (0,4294967295) | |||
|- status | |||
|- direction | |||
|- access-list (36) | |||
|- offset (1,16) | |||
+- interface (16) | |||
|- [passive-interface] --*name (65) | |||
|- [redistribute] --*name (36) | |||
|- status | |||
|- metric (0,16777214) | |||
|- routemap (36) | |||
+- flags (0,255) | |||
|- update-timer (5,2147483647) | |||
|- timeout-timer (5,2147483647) | |||
|- garbage-timer (5,2147483647) | |||
|- version | |||
+- [interface] --*name (36) | |||
|- auth-keychain (36) | |||
|- auth-mode | |||
|- auth-string | |||
|- receive-version | |||
|- send-version | |||
|- send-version2-broadcast | |||
|- split-horizon-status | |||
|- split-horizon | |||
+- flags (0,255) | |||
|- <ripng> -- default-information-originate | |||
|- default-metric (1,16) | |||
|- max-out-metric (0,15) | |||
|- [distance] --*id (0,4294967295) | |||
|- distance (1,255) | |||
|- prefix6 | |||
+- access-list6 (36) | |||
|- [distribute-list] --*id (0,4294967295) | |||
|- status | |||
|- direction | |||
|- listname (36) | |||
+- interface (16) | |||
|- [neighbor] --*id (0,4294967295) | |||
|- ip6 | |||
+- interface (16) | |||
|- [network] --*id (0,4294967295) | |||
+- prefix | |||
|- [aggregate-address] --*id (0,4294967295) | |||
+- prefix6 | |||
|- [offset-list] --*id (0,4294967295) | |||
|- status | |||
|- direction | |||
|- access-list6 (36) | |||
|- offset (1,16) | |||
+- interface (16) | |||
|- [passive-interface] --*name (65) | |||
|- [redistribute] --*name (36) | |||
|- status | |||
|- metric (0,16777214) | |||
|- routemap (36) | |||
+- flags (0,255) | |||
|- update-timer (5,2147483647) | |||
|- timeout-timer (5,2147483647) | |||
|- garbage-timer (5,2147483647) | |||
+- [interface] --*name (36) | |||
|- split-horizon-status | |||
|- split-horizon | |||
+- flags (0,255) | |||
|- [static] --*seq-num (0,4294967295) | |||
|- status | |||
|- dst | |||
|- gateway | |||
|- distance (1,255) | |||
|- weight (0,255) | |||
|- priority (0,4294967295) | |||
|- device (36) | |||
|- comment | |||
|- blackhole | |||
|- dynamic-gateway | |||
|- virtual-wan-link | |||
|- dstaddr (64) | |||
|- internet-service (0,4294967295) | |||
|- internet-service-custom (65) | |||
+- link-monitor-exempt | |||
|- [policy] --*seq-num (0,4294967295) | |||
|- [input-device] --*name (65) | |||
|- [src] --*subnet (65) | |||
|- [srcaddr] --*name (65) | |||
|- src-negate | |||
|- [dst] --*subnet (65) | |||
|- [dstaddr] --*name (65) | |||
|- dst-negate | |||
|- action | |||
|- protocol (0,255) | |||
|- start-port (0,65535) | |||
|- end-port (0,65535) | |||
|- start-source-port (0,65535) | |||
|- end-source-port (0,65535) | |||
|- gateway | |||
|- output-device (36) | |||
|- tos | |||
|- tos-mask | |||
|- status | |||
+- comments | |||
|- [policy6] --*seq-num (0,4294967295) | |||
|- input-device (36) | |||
|- src | |||
|- dst | |||
|- protocol (0,255) | |||
|- start-port (1,65535) | |||
|- end-port (1,65535) | |||
|- gateway | |||
|- output-device (36) | |||
|- tos | |||
|- tos-mask | |||
|- status | |||
+- comments | |||
|- [static6] --*seq-num (0,4294967295) | |||
|- status | |||
|- dst | |||
|- gateway | |||
|- device (36) | |||
|- devindex (0,4294967295) | |||
|- distance (1,255) | |||
|- priority (0,4294967295) | |||
|- comment | |||
+- blackhole | |||
|- <ospf> -- abr-type | |||
|- auto-cost-ref-bandwidth (1,1000000) | |||
|- distance-external (1,255) | |||
|- distance-inter-area (1,255) | |||
|- distance-intra-area (1,255) | |||
|- database-overflow | |||
|- database-overflow-max-lsas (0,4294967295) | |||
|- database-overflow-time-to-recover (0,65535) | |||
|- default-information-originate | |||
|- default-information-metric (1,16777214) | |||
|- default-information-metric-type | |||
|- default-information-route-map (36) | |||
|- default-metric (1,16777214) | |||
|- distance (1,255) | |||
|- rfc1583-compatible | |||
|- router-id | |||
|- spf-timers | |||
|- bfd | |||
|- log-neighbour-changes | |||
|- distribute-list-in (36) | |||
|- distribute-route-map-in (36) | |||
|- restart-mode | |||
|- restart-period (1,3600) | |||
|- [area] --*id | |||
|- shortcut | |||
|- authentication | |||
|- default-cost (0,4294967295) | |||
|- nssa-translator-role | |||
|- stub-type | |||
|- type | |||
|- nssa-default-information-originate | |||
|- nssa-default-information-originate-metric (0,16777214) | |||
|- nssa-default-information-originate-metric-type | |||
|- nssa-redistribution | |||
|- [range] --*id (0,4294967295) | |||
|- prefix | |||
|- advertise | |||
|- substitute | |||
+- substitute-status | |||
|- [virtual-link] --*name (36) | |||
|- authentication | |||
|- authentication-key | |||
|- md5-key | |||
|- dead-interval (1,65535) | |||
|- hello-interval (1,65535) | |||
|- retransmit-interval (1,65535) | |||
|- transmit-delay (1,65535) | |||
+- peer | |||
+- [filter-list] --*id (0,4294967295) | |||
|- list (36) | |||
+- direction | |||
|- [ospf-interface] --*name (36) | |||
|- interface (16) | |||
|- ip | |||
|- authentication | |||
|- authentication-key | |||
|- md5-key | |||
|- prefix-length (0,32) | |||
|- retransmit-interval (1,65535) | |||
|- transmit-delay (1,65535) | |||
|- cost (0,65535) | |||
|- priority (0,255) | |||
|- dead-interval (0,65535) | |||
|- hello-interval (0,65535) | |||
|- hello-multiplier (3,10) | |||
|- database-filter-out | |||
|- mtu (576,65535) | |||
|- mtu-ignore | |||
|- network-type | |||
|- bfd | |||
|- status | |||
+- resync-timeout (1,3600) | |||
|- [network] --*id (0,4294967295) | |||
|- prefix | |||
+- area | |||
|- [neighbor] --*id (0,4294967295) | |||
|- ip | |||
|- poll-interval (1,65535) | |||
|- cost (0,65535) | |||
+- priority (0,255) | |||
|- [passive-interface] --*name (65) | |||
|- [summary-address] --*id (0,4294967295) | |||
|- prefix | |||
|- tag (0,4294967295) | |||
+- advertise | |||
|- [distribute-list] --*id (0,4294967295) | |||
|- access-list (36) | |||
+- protocol | |||
+- [redistribute] --*name (36) | |||
|- status | |||
|- metric (1,16777214) | |||
|- routemap (36) | |||
|- metric-type | |||
+- tag (0,4294967295) | |||
|- <ospf6> -- abr-type | |||
|- auto-cost-ref-bandwidth (1,1000000) | |||
|- default-information-originate | |||
|- log-neighbour-changes | |||
|- default-information-metric (1,16777214) | |||
|- default-information-metric-type | |||
|- default-information-route-map (36) | |||
|- default-metric (1,16777214) | |||
|- router-id | |||
|- spf-timers | |||
|- [area] --*id | |||
|- default-cost (0,16777215) | |||
|- nssa-translator-role | |||
|- stub-type | |||
|- type | |||
|- nssa-default-information-originate | |||
|- nssa-default-information-originate-metric (0,16777214) | |||
|- nssa-default-information-originate-metric-type | |||
|- nssa-redistribution | |||
|- [range] --*id (0,4294967295) | |||
|- prefix6 | |||
+- advertise | |||
+- [virtual-link] --*name (36) | |||
|- dead-interval (1,65535) | |||
|- hello-interval (1,65535) | |||
|- retransmit-interval (1,65535) | |||
|- transmit-delay (1,65535) | |||
+- peer | |||
|- [ospf6-interface] --*name (36) | |||
|- area-id | |||
|- interface (16) | |||
|- retransmit-interval (1,65535) | |||
|- transmit-delay (1,65535) | |||
|- cost (0,65535) | |||
|- priority (0,255) | |||
|- dead-interval (1,65535) | |||
|- hello-interval (1,65535) | |||
|- status | |||
|- network-type | |||
+- [neighbor] --*ip6 | |||
|- poll-interval (1,65535) | |||
|- cost (0,65535) | |||
+- priority (0,255) | |||
|- [passive-interface] --*name (65) | |||
|- [redistribute] --*name (36) | |||
|- status | |||
|- metric (1,16777214) | |||
|- routemap (36) | |||
+- metric-type | |||
+- [summary-address] --*id (0,4294967295) | |||
|- prefix6 | |||
|- advertise | |||
+- tag (0,4294967295) | |||
|- <bgp> -- as (0,4294967295) | |||
|- router-id | |||
|- keepalive-timer (0,65535) | |||
|- holdtime-timer (3,65535) | |||
|- always-compare-med | |||
|- bestpath-as-path-ignore | |||
|- bestpath-cmp-confed-aspath | |||
|- bestpath-cmp-routerid | |||
|- bestpath-med-confed | |||
|- bestpath-med-missing-as-worst | |||
|- client-to-client-reflection | |||
|- dampening | |||
|- deterministic-med | |||
|- ebgp-multipath | |||
|- ibgp-multipath | |||
|- enforce-first-as | |||
|- fast-external-failover | |||
|- log-neighbour-changes | |||
|- network-import-check | |||
|- ignore-optional-capability | |||
|- cluster-id | |||
|- confederation-identifier (1,4294967295) | |||
|- [confederation-peers] --*peer (65) | |||
|- dampening-route-map (36) | |||
|- dampening-reachability-half-life (1,45) | |||
|- dampening-reuse (1,20000) | |||
|- dampening-suppress (1,20000) | |||
|- dampening-max-suppress-time (1,255) | |||
|- dampening-unreachability-half-life (1,45) | |||
|- default-local-preference (0,4294967295) | |||
|- scan-time (5,60) | |||
|- distance-external (1,255) | |||
|- distance-internal (1,255) | |||
|- distance-local (1,255) | |||
|- synchronization | |||
|- graceful-restart | |||
|- graceful-restart-time (1,3600) | |||
|- graceful-stalepath-time (1,3600) | |||
|- graceful-update-delay (1,3600) | |||
|- graceful-end-on-timer | |||
|- [aggregate-address] --*id (0,4294967295) | |||
|- prefix | |||
|- as-set | |||
+- summary-only | |||
|- [aggregate-address6] --*id (0,4294967295) | |||
|- prefix6 | |||
|- as-set | |||
+- summary-only | |||
|- [neighbor] --*ip (46) | |||
|- advertisement-interval (1,600) | |||
|- allowas-in-enable | |||
|- allowas-in-enable6 | |||
|- allowas-in (1,10) | |||
|- allowas-in6 (1,10) | |||
|- attribute-unchanged | |||
|- attribute-unchanged6 | |||
|- activate | |||
|- activate6 | |||
|- bfd | |||
|- capability-dynamic | |||
|- capability-orf | |||
|- capability-orf6 | |||
|- capability-graceful-restart | |||
|- capability-graceful-restart6 | |||
|- capability-route-refresh | |||
|- capability-default-originate | |||
|- capability-default-originate6 | |||
|- dont-capability-negotiate | |||
|- ebgp-enforce-multihop | |||
|- link-down-failover | |||
|- stale-route | |||
|- next-hop-self | |||
|- next-hop-self6 | |||
|- override-capability | |||
|- passive | |||
|- remove-private-as | |||
|- remove-private-as6 | |||
|- route-reflector-client | |||
|- route-reflector-client6 | |||
|- route-server-client | |||
|- route-server-client6 | |||
|- shutdown | |||
|- soft-reconfiguration | |||
|- soft-reconfiguration6 | |||
|- as-override | |||
|- as-override6 | |||
|- strict-capability-match | |||
|- default-originate-routemap (36) | |||
|- default-originate-routemap6 (36) | |||
|- description (64) | |||
|- distribute-list-in (36) | |||
|- distribute-list-in6 (36) | |||
|- distribute-list-out (36) | |||
|- distribute-list-out6 (36) | |||
|- ebgp-multihop-ttl (1,255) | |||
|- filter-list-in (36) | |||
|- filter-list-in6 (36) | |||
|- filter-list-out (36) | |||
|- filter-list-out6 (36) | |||
|- interface (16) | |||
|- maximum-prefix (1,4294967295) | |||
|- maximum-prefix6 (1,4294967295) | |||
|- maximum-prefix-threshold (1,100) | |||
|- maximum-prefix-threshold6 (1,100) | |||
|- maximum-prefix-warning-only | |||
|- maximum-prefix-warning-only6 | |||
|- prefix-list-in (36) | |||
|- prefix-list-in6 (36) | |||
|- prefix-list-out (36) | |||
|- prefix-list-out6 (36) | |||
|- remote-as (1,4294967295) | |||
|- local-as (0,4294967295) | |||
|- local-as-no-prepend | |||
|- local-as-replace-as | |||
|- retain-stale-time (0,65535) | |||
|- route-map-in (36) | |||
|- route-map-in6 (36) | |||
|- route-map-out (36) | |||
|- route-map-out6 (36) | |||
|- send-community | |||
|- send-community6 | |||
|- keep-alive-timer (0,65535) | |||
|- holdtime-timer (3,65535) | |||
|- connect-timer (0,65535) | |||
|- unsuppress-map (36) | |||
|- unsuppress-map6 (36) | |||
|- update-source (16) | |||
|- weight (0,65535) | |||
|- restart-time (0,3600) | |||
|- password | |||
+- [conditional-advertise] --*advertise-routemap (36) | |||
|- condition-routemap (36) | |||
+- condition-type | |||
|- [neighbor-group] --*name (46) | |||
|- advertisement-interval (1,600) | |||
|- allowas-in-enable | |||
|- allowas-in-enable6 | |||
|- allowas-in (1,10) | |||
|- allowas-in6 (1,10) | |||
|- attribute-unchanged | |||
|- attribute-unchanged6 | |||
|- activate | |||
|- activate6 | |||
|- bfd | |||
|- capability-dynamic | |||
|- capability-orf | |||
|- capability-orf6 | |||
|- capability-graceful-restart | |||
|- capability-graceful-restart6 | |||
|- capability-route-refresh | |||
|- capability-default-originate | |||
|- capability-default-originate6 | |||
|- dont-capability-negotiate | |||
|- ebgp-enforce-multihop | |||
|- link-down-failover | |||
|- stale-route | |||
|- next-hop-self | |||
|- next-hop-self6 | |||
|- override-capability | |||
|- passive | |||
|- remove-private-as | |||
|- remove-private-as6 | |||
|- route-reflector-client | |||
|- route-reflector-client6 | |||
|- route-server-client | |||
|- route-server-client6 | |||
|- shutdown | |||
|- soft-reconfiguration | |||
|- soft-reconfiguration6 | |||
|- as-override | |||
|- as-override6 | |||
|- strict-capability-match | |||
|- default-originate-routemap (36) | |||
|- default-originate-routemap6 (36) | |||
|- description (64) | |||
|- distribute-list-in (36) | |||
|- distribute-list-in6 (36) | |||
|- distribute-list-out (36) | |||
|- distribute-list-out6 (36) | |||
|- ebgp-multihop-ttl (1,255) | |||
|- filter-list-in (36) | |||
|- filter-list-in6 (36) | |||
|- filter-list-out (36) | |||
|- filter-list-out6 (36) | |||
|- interface (16) | |||
|- maximum-prefix (1,4294967295) | |||
|- maximum-prefix6 (1,4294967295) | |||
|- maximum-prefix-threshold (1,100) | |||
|- maximum-prefix-threshold6 (1,100) | |||
|- maximum-prefix-warning-only | |||
|- maximum-prefix-warning-only6 | |||
|- prefix-list-in (36) | |||
|- prefix-list-in6 (36) | |||
|- prefix-list-out (36) | |||
|- prefix-list-out6 (36) | |||
|- remote-as (1,4294967295) | |||
|- local-as (0,4294967295) | |||
|- local-as-no-prepend | |||
|- local-as-replace-as | |||
|- retain-stale-time (0,65535) | |||
|- route-map-in (36) | |||
|- route-map-in6 (36) | |||
|- route-map-out (36) | |||
|- route-map-out6 (36) | |||
|- send-community | |||
|- send-community6 | |||
|- keep-alive-timer (0,65535) | |||
|- holdtime-timer (3,65535) | |||
|- connect-timer (0,65535) | |||
|- unsuppress-map (36) | |||
|- unsuppress-map6 (36) | |||
|- update-source (16) | |||
|- weight (0,65535) | |||
+- restart-time (0,3600) | |||
|- [neighbor-range] --*id (0,4294967295) | |||
|- prefix | |||
|- max-neighbor-num (1,1000) | |||
+- neighbor-group (64) | |||
|- [network] --*id (0,4294967295) | |||
|- prefix | |||
|- backdoor | |||
+- route-map (36) | |||
|- [network6] --*id (0,4294967295) | |||
|- prefix6 | |||
|- backdoor | |||
+- route-map (36) | |||
|- [redistribute] --*name (36) | |||
|- status | |||
+- route-map (36) | |||
|- [redistribute6] --*name (36) | |||
|- status | |||
+- route-map (36) | |||
+- [admin-distance] --*id (0,4294967295) | |||
|- neighbour-prefix | |||
|- route-list (36) | |||
+- distance (1,255) | |||
|- <isis> -- is-type | |||
|- auth-mode-l1 | |||
|- auth-mode-l2 | |||
|- auth-password-l1 | |||
|- auth-password-l2 | |||
|- auth-keychain-l1 (36) | |||
|- auth-keychain-l2 (36) | |||
|- auth-sendonly-l1 | |||
|- auth-sendonly-l2 | |||
|- ignore-lsp-errors | |||
|- lsp-gen-interval-l1 (1,120) | |||
|- lsp-gen-interval-l2 (1,120) | |||
|- lsp-refresh-interval (1,65535) | |||
|- max-lsp-lifetime (350,65535) | |||
|- spf-interval-exp-l1 | |||
|- spf-interval-exp-l2 | |||
|- dynamic-hostname | |||
|- adjacency-check | |||
|- overload-bit | |||
|- overload-bit-suppress | |||
|- overload-bit-on-startup (5,86400) | |||
|- default-originate | |||
|- metric-style | |||
|- redistribute-l1 | |||
|- redistribute-l1-list (36) | |||
|- redistribute-l2 | |||
|- redistribute-l2-list (36) | |||
|- [isis-net] --*id (0,4294967295) | |||
+- net | |||
|- [isis-interface] --*name (16) | |||
|- status | |||
|- network-type | |||
|- circuit-type | |||
|- csnp-interval-l1 (1,65535) | |||
|- csnp-interval-l2 (1,65535) | |||
|- hello-interval-l1 (0,65535) | |||
|- hello-interval-l2 (0,65535) | |||
|- hello-multiplier-l1 (2,100) | |||
|- hello-multiplier-l2 (2,100) | |||
|- hello-padding | |||
|- lsp-interval (1,4294967295) | |||
|- lsp-retransmit-interval (1,65535) | |||
|- metric-l1 (1,63) | |||
|- metric-l2 (1,63) | |||
|- wide-metric-l1 (1,16777214) | |||
|- wide-metric-l2 (1,16777214) | |||
|- auth-password-l1 | |||
|- auth-password-l2 | |||
|- auth-keychain-l1 (36) | |||
|- auth-keychain-l2 (36) | |||
|- auth-send-only-l1 | |||
|- auth-send-only-l2 | |||
|- auth-mode-l1 | |||
|- auth-mode-l2 | |||
|- priority-l1 (0,127) | |||
|- priority-l2 (0,127) | |||
|- mesh-group | |||
+- mesh-group-id (0,4294967295) | |||
|- [summary-address] --*id (0,4294967295) | |||
|- prefix | |||
+- level | |||
+- [redistribute] --*protocol (36) | |||
|- status | |||
|- metric (0,4261412864) | |||
|- metric-type | |||
|- level | |||
+- routemap (36) | |||
|- [multicast-flow] --*name (36) | |||
|- comments (128 xss) | |||
+- [flows] --*id (0,4294967295) | |||
|- group-addr | |||
+- source-addr | |||
|- <multicast> -- route-threshold (1,2147483647) | |||
|- route-limit (1,2147483647) | |||
|- multicast-routing | |||
|- <pim-sm-global> -- message-interval (1,65535) | |||
|- join-prune-holdtime (1,65535) | |||
|- accept-register-list (36) | |||
|- accept-source-list (36) | |||
|- bsr-candidate | |||
|- bsr-interface (16) | |||
|- bsr-priority (0,255) | |||
|- bsr-hash (0,32) | |||
|- bsr-allow-quick-refresh | |||
|- cisco-register-checksum | |||
|- cisco-register-checksum-group (36) | |||
|- cisco-crp-prefix | |||
|- cisco-ignore-rp-set-priority | |||
|- register-rp-reachability | |||
|- register-source | |||
|- register-source-interface (16) | |||
|- register-source-ip | |||
|- register-supression (1,65535) | |||
|- null-register-retries (1,20) | |||
|- rp-register-keepalive (1,65535) | |||
|- spt-threshold | |||
|- spt-threshold-group (36) | |||
|- ssm | |||
|- ssm-range (36) | |||
|- register-rate-limit (0,65535) | |||
+- [rp-address] --*id (0,4294967295) | |||
|- ip-address | |||
+- group (36) | |||
+- [interface] --*name (16) | |||
|- ttl-threshold (1,255) | |||
|- pim-mode | |||
|- passive | |||
|- bfd | |||
|- neighbour-filter (36) | |||
|- hello-interval (1,65535) | |||
|- hello-holdtime (1,65535) | |||
|- cisco-exclude-genid | |||
|- dr-priority (1,4294967295) | |||
|- propagation-delay (100,5000) | |||
|- state-refresh-interval (1,100) | |||
|- rp-candidate | |||
|- rp-candidate-group (36) | |||
|- rp-candidate-priority (0,255) | |||
|- rp-candidate-interval (1,16383) | |||
|- multicast-flow (36) | |||
|- static-group (36) | |||
|- [join-group] --*address | |||
+- <igmp> -- access-group (36) | |||
|- version | |||
|- immediate-leave-group (36) | |||
|- last-member-query-interval (1,65535) | |||
|- last-member-query-count (2,7) | |||
|- query-max-response-time (1,25) | |||
|- query-interval (1,65535) | |||
|- query-timeout (60,900) | |||
+- router-alert-check | |||
|- <multicast6> -- multicast-routing | |||
|- multicast-pmtu | |||
|- [interface] --*name (16) | |||
|- hello-interval (1,65535) | |||
+- hello-holdtime (1,65535) | |||
+- <pim-sm-global> -- register-rate-limit (0,65535) | |||
+- [rp-address] --*id (0,4294967295) | |||
+- ip6-address | |||
|- <info> | |||
|- <info6> | |||
|- [auth-path] --*name (16) | |||
|- device (36) | |||
+- gateway | |||
|- <setting> -- show-filter (36) | |||
+- hostname (15) | |||
+- <bfd> -- [neighbor] --*ip | |||
+- interface (16) | |||
|- hardware -- <status> | |||
|- <cpu> | |||
|- <memory> | |||
+- <nic> -- <nic> (0) | |||
|- mgmt-data -- <status> | |||
|- test -- <http> -- <Integer> (0) | |||
|- <smtp> -- <Integer> (0) | |||
|- <ftpd> -- <Integer> (0) | |||
|- <pop3> -- <Integer> (0) | |||
|- <imap> -- <Integer> (0) | |||
|- <nntp> -- <Integer> (0) | |||
|- <scanunit> -- <Integer> (0) | |||
|- <harelay> -- <Integer> (0) | |||
|- <hasync> -- <Integer> (0) | |||
|- <hatalk> -- <Integer> (0) | |||
|- <sessionsync> -- <Integer> (0) | |||
|- <forticldd> -- <Integer> (0) | |||
|- <miglogd> -- <Integer> (0) | |||
|- <urlfilter> -- <Integer> (0) | |||
|- <ovrd> -- <Integer> (0) | |||
|- <ipsmonitor> -- <Integer> (0) | |||
|- <ipsengine> -- <Integer> (0) | |||
|- <ipldbd> -- <Integer> (0) | |||
|- <ddnscd> -- <Integer> (0) | |||
|- <snmpd> -- <Integer> (0) | |||
|- <dnsproxy> -- <Integer> (0) | |||
|- <sflowd> -- <Integer> (0) | |||
|- <init> -- <Integer> (0) | |||
|- <l2tpcd> -- <Integer> (0) | |||
|- <dhcprelay> -- <Integer> (0) | |||
|- <pptpcd> -- <Integer> (0) | |||
|- <wccpd> -- <Integer> (0) | |||
|- <wad> -- <Integer> (0) | |||
|- <radiusd> -- <Integer> (0) | |||
|- <wpad> -- <Integer> (0) | |||
|- <fsd> -- <Integer> -- <Integer> -- <Integer> (0) | |||
|- <ipsufd> -- <Integer> (0) | |||
|- <lted> -- <Integer> -- <Integer> -- <Integer> (0) | |||
|- <forticron> -- <Integer> (0) | |||
|- <uploadd> -- <Integer> (0) | |||
|- <quarantined> -- <Integer> (0) | |||
|- <dhcp6c> -- <Integer> (0) | |||
|- <info-sslvpnd> -- <Integer> (0) | |||
|- <dsd> -- <Integer> (0) | |||
|- <lnkmtd> -- <Integer> (0) | |||
|- <dhcp6r> -- <Integer> (0) | |||
|- <fnbamd> -- <Integer> (0) | |||
|- <mrd> -- <Integer> (0) | |||
|- <zebos_launcher> -- <Integer> (0) | |||
|- <radius-das> -- <Integer> (0) | |||
|- <csfd> -- <Integer> (0) | |||
|- <fsvrd> -- <Integer> (0) | |||
|- <radvd> -- <Integer> (0) | |||
+- <fcnacd> -- <Integer> (0) | |||
+- extender -- <sys-info> -- <sn> (0) | |||
+- <modem-status> -- <sn> (0) | |||
Aktuelle Version vom 11. Dezember 2017, 11:51 Uhr
Zurück zu : FortiGate-5.4-5.6:FAQ
--------------- output Tree-5.6.1 --------------- -- -- system |- [datasource] --*name (36) +- type (0,4294967295) |- <global> -- language |- gui-ipv6 |- gui-certificates |- gui-custom-language |- gui-wireless-opensecurity |- gui-display-hostname |- gui-lines-per-page (20,1000) |- admin-https-ssl-versions |- admintimeout (1,480) |- admin-console-timeout (15,300) |- ssd-trim-freq |- ssd-trim-hour (0,23) |- ssd-trim-min (0,60) |- ssd-trim-weekday |- ssd-trim-date (1,31) |- admin-concurrent |- admin-lockout-threshold (1,10) |- admin-lockout-duration (1,2147483647) |- refresh (0,4294967295) |- interval (0,4294967295) |- failtime (0,4294967295) |- daily-restart |- restart-time |- radius-port (1,65535) |- admin-login-max (1,100) |- remoteauthtimeout (1,300) |- ldapconntimeout (0,4294967295) |- batch-cmdb |- dst |- timezone |- ntpserver (64) |- ntpsync |- syncinterval (1,1440) |- traffic-priority |- traffic-priority-level |- anti-replay |- send-pmtu-icmp |- honor-df |- revision-image-auto-backup |- revision-backup-on-logout |- management-vdom (32) |- hostname (36) |- alias (36) |- strong-crypto |- ssh-cbc-cipher |- ssh-hmac-md5 |- ssl-static-key-ciphers |- snat-route-change |- cli-audit-log |- dh-params |- fds-statistics |- fds-statistics-period (1,1440) |- multicast-forward |- mc-ttl-notchange |- asymroute |- tcp-option |- lldp-transmission |- proxy-auth-timeout (1,600) |- sys-perf-log-interval (0,15) |- check-protocol-header |- vip-arp-range |- reset-sessionless-tcp |- allow-traffic-redirect |- strict-dirty-session-check |- tcp-halfclose-timer (1,86400) |- tcp-halfopen-timer (1,86400) |- tcp-timewait-timer (0,300) |- udp-idle-timer (1,86400) |- block-session-timer (1,300) |- ip-src-port-range |- pre-login-banner |- post-login-banner |- tftp |- av-failopen |- av-failopen-session |- memory-use-threshold-extreme (70,97) |- memory-use-threshold-red (70,97) |- memory-use-threshold-green (70,97) |- check-reset-range |- vdom-admin |- long-vdom-name |- admin-port (1,65535) |- admin-sport (1,65535) |- admin-https-redirect |- admin-ssh-password |- admin-ssh-port (1,65535) |- admin-ssh-grace-time (10,3600) |- admin-ssh-v1 |- admin-telnet-port (1,65535) |- admin-maintainer |- admin-reset-button |- admin-server-cert (36) |- user-server-cert (36) |- admin-https-pki-required |- wifi-certificate (36) |- wifi-ca-certificate (36) |- auth-http-port (1,65535) |- auth-https-port (1,65535) |- auth-keepalive |- policy-auth-concurrent (0,100) |- auth-session-limit |- auth-cert (36) |- clt-cert-req |- fortiservice-port (1,65535) |- endpoint-control-portal-port (1,65535) |- endpoint-control-fds-access |- tp-mc-skip-policy |- cfg-save |- cfg-revert-timeout (10,4294967295) |- reboot-upon-config-restore |- admin-scp |- wireless-controller |- wireless-controller-port (1024,49150) |- fortiextender-data-port (1024,49150) |- fortiextender |- fortiextender-vlan-mode |- switch-controller |- switch-controller-reserved-network |- proxy-worker-count (1,4) |- scanunit-count (2,4) |- proxy-kxp-hardware-acceleration |- proxy-cipher-hardware-acceleration |- fgd-alert-subscription |- ipsec-hmac-offload |- ipv6-accept-dad (0,2) |- ipv6-allow-anycast-probe |- csr-ca-attribute |- wimax-4g-usb |- cert-chain-max (1,2147483647) |- sslvpn-max-worker-count (1,4) |- sslvpn-kxp-hardware-acceleration |- sslvpn-cipher-hardware-acceleration |- sslvpn-plugin-version-check |- two-factor-ftk-expiry (60,600) |- two-factor-email-expiry (30,300) |- two-factor-sms-expiry (30,300) |- two-factor-fac-expiry (10,3600) |- two-factor-ftm-expiry (1,168) |- virtual-server-count (1,4) |- virtual-server-hardware-acceleration |- wad-worker-count (1,4) |- login-timestamp |- miglogd-children (0,15) |- special-file-23-support |- log-uuid |- log-ssl-connection |- arp-max-entry (131072,2147483647) |- ndp-max-entry (65536,2147483647) |- br-fdb-max-entry (8192,2147483647) |- max-route-cache-size (0,2147483647) |- ipsec-asic-offload |- device-idle-timeout (30,31536000) |- device-identification-active-scan-delay (20,3600) |- compliance-check |- compliance-check-time |- gui-device-latitude (20) |- gui-device-longitude (20) |- private-data-encryption |- auto-auth-extension-device |- gui-theme +- igmp-state-limit (96,128000) |- [accprofile] --*name (36) |- scope |- comments |- mntgrp |- admingrp |- updategrp |- authgrp |- sysgrp |- netgrp |- loggrp |- routegrp |- fwgrp |- vpngrp |- utmgrp |- endpoint-control-grp |- wifi |- <fwgrp-permission> -- policy |- address |- service |- schedule |- packet-capture +- others |- <loggrp-permission> -- config |- data-access |- report-access +- threat-weight |- <utmgrp-permission> -- antivirus |- ips |- webfilter |- spamfilter |- data-loss-prevention |- application-control |- icap |- voip |- waf +- dnsfilter |- admintimeout-override +- admintimeout (1,480) |- <npu> |- [vdom-link] --*name (12) |- vcluster +- type |- [switch-interface] --*name (16) |- vdom (32) |- span-dest-port (16) |- [span-source-port] --*interface-name (65) |- [member] --*interface-name (65) |- type |- intra-switch-policy |- span +- span-direction |- [object-tag] --*name (64) |- <lte-modem> -- status |- extra-init (128 xss) |- authtype |- username (64 xss) |- passwd |- apn (128 xss) |- modem-port (0,20) |- mode |- holddown-timer (10,60) +- interface (64) |- [interface] --*name (16) |- vdom (32) |- cli-conn-status (0,4294967295) |- fortilink |- mode |- distance (1,255) |- priority (0,4294967295) |- dhcp-relay-service |- dhcp-relay-ip |- dhcp-relay-type |- management-ip |- ip |- allowaccess |- gwdetect |- ping-serv-status (0,255) |- detectserver |- detectprotocol |- ha-priority (1,50) |- fail-detect |- fail-detect-option |- fail-alert-method |- fail-action-on-extender |- [fail-alert-interfaces] --*name (65) |- dhcp-client-identifier (49) |- ipunnumbered |- username (65 xss) |- pppoe-unnumbered-negotiate |- password |- idle-timeout (0,32767) |- detected-peer-mtu (0,4294967295) |- disc-retry-timeout (0,4294967295) |- padt-retry-timeout (0,4294967295) |- service-name (64) |- ac-name (64) |- lcp-echo-interval (0,32767) |- lcp-max-echo-fails (0,32767) |- defaultgw |- dns-server-override |- auth-type |- pptp-client |- pptp-user (65) |- pptp-password |- pptp-server-ip |- pptp-auth-type |- pptp-timeout (0,65535) |- arpforward |- ndiscforward |- broadcast-forward |- bfd |- bfd-desired-min-tx (1,100000) |- bfd-detect-mult (1,50) |- bfd-required-min-rx (1,100000) |- l2forward |- icmp-redirect |- vlanforward |- stpforward |- stpforward-mode |- ips-sniffer-mode |- ident-accept |- ipmac |- subst |- macaddr |- substitute-dst-mac |- speed |- status |- netbios-forward |- wins-ip |- type |- dedicated-to |- trust-ip-1 |- trust-ip-2 |- trust-ip-3 |- trust-ip6-1 |- trust-ip6-2 |- trust-ip6-3 |- mtu-override |- mtu (0,4294967295) |- wccp |- netflow-sampler |- sflow-sampler |- drop-overlapped-fragment |- drop-fragment |- scan-botnet-connections |- src-check |- sample-rate (10,99999) |- polling-interval (1,255) |- sample-direction |- explicit-web-proxy |- explicit-ftp-proxy |- proxy-captive-portal |- tcp-mss (0,4294967295) |- inbandwidth (0,16776000) |- outbandwidth (0,16776000) |- spillover-threshold (0,16776000) |- ingress-spillover-threshold (0,16776000) |- weight (0,255) |- interface (16) |- external |- vlanid (1,4094) |- forward-domain (0,2147483647) |- remote-ip |- [managed-device] --*name (65) |- devindex (0,4294967295) |- vindex (0,65535) |- switch (16) |- description |- alias (26) |- l2tp-client |- <l2tp-client-settings> -- user (128) |- password |- peer-host (256) |- peer-mask |- peer-port (1,65535) |- auth-type |- mtu (40,65535) |- distance (1,255) |- priority (0,4294967295) |- defaultgw +- ip |- security-mode |- captive-portal (0,4294967295) |- security-mac-auth-bypass |- security-8021x-mode |- security-8021x-master (16) |- security-8021x-dynamic-vlan-id (0,4094) |- security-external-web (128) |- security-external-logout (128) |- replacemsg-override-group (36) |- security-redirect-url (128) |- security-exempt-list (36) |- [security-groups] --*name (65) |- stp |- stp-ha-slave |- device-identification |- device-user-identification |- device-access-list (36) |- lldp-transmission |- fortiheartbeat |- broadcast-forticlient-discovery |- endpoint-compliance |- estimated-upstream-bandwidth (0,4294967295) |- estimated-downstream-bandwidth (0,4294967295) |- vrrp-virtual-mac |- [vrrp] --*vrid (1,255) |- vrgrp (1,65535) |- vrip |- priority (1,255) |- adv-interval (1,255) |- start-time (1,255) |- preempt |- vrdst |- vrdst-priority (0,254) +- status |- role |- snmp-index (0,4294967295) |- secondary-IP |- [secondaryip] --*id (0,4294967295) |- ip |- allowaccess |- gwdetect |- ping-serv-status (0,255) |- detectserver |- detectprotocol +- ha-priority (1,50) |- preserve-session-route |- auto-auth-extension-device |- ap-discover |- fortilink-stacking |- fortilink-split-interface |- internal (0,255) |- fortilink-backup-link (0,255) |- switch-controller-access-vlan |- switch-controller-igmp-snooping |- switch-controller-dhcp-snooping |- switch-controller-dhcp-snooping-verify-mac |- switch-controller-dhcp-snooping-option82 |- switch-controller-auth |- switch-controller-radius-server (36) |- color (0,32) +- <ipv6> -- ip6-mode |- nd-mode |- nd-cert (36) |- nd-security-level (0,7) |- nd-timestamp-delta (1,3600) |- nd-timestamp-fuzz (1,60) |- nd-cga-modifier |- ip6-dns-server-override |- ip6-address |- [ip6-extra-addr] --*prefix |- ip6-allowaccess |- ip6-send-adv |- ip6-manage-flag |- ip6-other-flag |- ip6-max-interval (4,1800) |- ip6-min-interval (3,1350) |- ip6-link-mtu (0,4294967295) |- ip6-reachable-time (0,3600000) |- ip6-retrans-time (0,4294967295) |- ip6-default-life (0,9000) |- ip6-hop-limit (0,255) |- autoconf |- ip6-upstream-interface (16) |- ip6-subnet |- [ip6-prefix-list] --*prefix |- autonomous-flag |- onlink-flag |- valid-life-time (0,4294967295) |- preferred-life-time (0,4294967295) |- rdnss +- [dnssl] --*domain (80) |- [ip6-delegated-prefix-list] --*prefix-id (0,4294967295) |- upstream-interface (16) |- autonomous-flag |- onlink-flag |- subnet |- rdnss-service +- rdnss |- dhcp6-relay-service |- dhcp6-relay-type |- dhcp6-relay-ip |- dhcp6-client-options |- dhcp6-prefix-delegation |- dhcp6-information-request |- dhcp6-prefix-hint |- dhcp6-prefix-hint-plt (0,4294967295) +- dhcp6-prefix-hint-vlt (0,4294967295) |- [physical-switch] --*name (16) |- age-enable |- age-val (0,4294967295) +- [port] --*name (16) |- speed +- status |- [virtual-switch] --*name (16) |- physical-switch (16) |- [port] --*name (16) |- speed |- status +- alias (26) |- span |- span-source-port (16) |- span-dest-port (16) +- span-direction |- <stp> |- switch-priority |- hello-time (1,10) |- forward-delay (4,30) |- max-age (6,40) +- max-hops (1,40) |- <password-policy> -- status |- apply-to |- minimum-length (8,128) |- min-lower-case-letter (0,128) |- min-upper-case-letter (0,128) |- min-non-alphanumeric (0,128) |- min-number (0,128) |- change-4-characters |- expire-status |- expire-day (1,999) +- reuse-password |- <password-policy-guest-admin> -- status |- apply-to |- minimum-length (8,128) |- min-lower-case-letter (0,128) |- min-upper-case-letter (0,128) |- min-non-alphanumeric (0,128) |- min-number (0,128) |- change-4-characters |- expire-status |- expire-day (1,999) +- reuse-password |- [sms-server] --*name (36) +- mail-server (64 xss) |- [custom-language] --*name (36) |- filename (64) +- comments |- [admin] --*name (36) |- wildcard |- remote-auth |- remote-group (36) |- password |- peer-auth |- peer-group (36) |- trusthost1 |- trusthost2 |- trusthost3 |- trusthost4 |- trusthost5 |- trusthost6 |- trusthost7 |- trusthost8 |- trusthost9 |- trusthost10 |- ip6-trusthost1 |- ip6-trusthost2 |- ip6-trusthost3 |- ip6-trusthost4 |- ip6-trusthost5 |- ip6-trusthost6 |- ip6-trusthost7 |- ip6-trusthost8 |- ip6-trusthost9 |- ip6-trusthost10 |- accprofile (36) |- allow-remove-admin-session |- comments |- hidden (0,255) |- [vdom] --*name (65) |- ssh-public-key1 |- ssh-public-key2 |- ssh-public-key3 |- ssh-certificate (36) |- schedule (36) |- accprofile-override |- radius-vdom-override |- password-expire |- force-password-change |- [gui-dashboard] --*id (0,4294967295) |- name (36 xss) |- scope |- layout-type |- columns (5,20) +- [widget] --*id (0,4294967295) |- type |- x-pos (0,1000) |- y-pos (0,1000) |- width (1,50) |- height (1,50) |- interface (16) |- report-by |- timeframe |- sort-by (128) |- visualization +- [filters] --*id (0,4294967295) |- key (128) +- value (128) |- two-factor |- fortitoken (17) |- email-to (64) |- sms-server |- sms-custom-server (36) |- sms-phone (16) |- guest-auth |- [guest-usergroups] --*name (65 xss) |- guest-lang (36) |- history0 |- history1 |- [login-time] --*usr-name (36) |- last-login +- last-failed-login |- [gui-global-menu-favorites] --*id (65 xss) +- [gui-vdom-menu-favorites] --*id (65 xss) |- [api-user] --*name (36) |- comments |- api-key |- accprofile (36) |- [vdom] --*name (65) |- schedule (36) |- cors-allow-origin (270) |- peer-auth |- peer-group (36) +- [trusthost] --*id (0,4294967295) |- type |- ipv4-trusthost +- ipv6-trusthost |- <settings> -- comments |- opmode |- inspection-mode |- ngfw-mode |- ssl-ssh-profile (36) |- http-external-dest |- firewall-session-dirty |- manageip |- gateway |- ip |- manageip6 |- gateway6 |- ip6 |- device (36) |- bfd |- bfd-desired-min-tx (1,100000) |- bfd-required-min-rx (1,100000) |- bfd-detect-mult (1,50) |- bfd-dont-enforce-src-port |- utf8-spam-tagging |- wccp-cache-engine |- vpn-stats-log |- vpn-stats-period (60,86400) |- v4-ecmp-mode |- mac-ttl (300,8640000) |- fw-session-hairpin |- snat-hairpin-traffic |- dhcp-proxy |- dhcp-server-ip |- dhcp6-server-ip |- central-nat |- [gui-default-policy-columns] --*name (65 xss) |- lldp-transmission |- asymroute |- asymroute-icmp |- tcp-session-without-syn |- ses-denied-traffic |- strict-src-check |- asymroute6 |- asymroute6-icmp |- sip-helper |- sip-nat-trace |- status |- sip-tcp-port (1,65535) |- sip-udp-port (1,65535) |- sip-ssl-port (0,65535) |- sccp-port (0,65535) |- multicast-forward |- multicast-ttl-notchange |- multicast-skip-policy |- allow-subnet-overlap |- deny-tcp-with-icmp |- ecmp-max-paths (1,100) |- discovered-device-timeout (1,365) |- email-portal-check-dns |- default-voip-alg-mode |- gui-icap |- gui-nat46-64 |- gui-implicit-policy |- gui-dns-database |- gui-load-balance |- gui-multicast-policy |- gui-dos-policy |- gui-object-colors |- gui-replacement-message-groups |- gui-voip-profile |- gui-ap-profile |- gui-dynamic-profile-display |- gui-local-in-policy |- gui-explicit-proxy |- gui-dynamic-routing |- gui-dlp |- gui-sslvpn-personal-bookmarks |- gui-sslvpn-realms |- gui-policy-based-ipsec |- gui-threat-weight |- gui-multiple-utm-profiles |- gui-spamfilter |- gui-application-control |- gui-ips |- gui-endpoint-control |- gui-endpoint-control-advanced |- gui-dhcp-advanced |- gui-vpn |- gui-wireless-controller |- gui-switch-controller |- gui-fortiap-split-tunneling |- gui-webfilter-advanced |- gui-traffic-shaping |- gui-wan-load-balancing |- gui-antivirus |- gui-webfilter |- gui-dnsfilter |- gui-waf-profile |- gui-fortiextender-controller |- gui-advanced-policy |- gui-allow-unnamed-policy |- gui-email-collection |- gui-domain-ip-reputation |- gui-multiple-interface-policy |- gui-policy-learning |- compliance-check |- ike-session-resume |- ike-quick-crash-detect +- ike-dn-format |- [sit-tunnel] --*name (16) |- source |- destination |- ip6 |- interface (16) +- auto-asic-offload |- <fsso-polling> -- status |- listening-port (1,65535) |- authentication +- auth-password |- <ha> -- group-id (0,255) |- group-name (33) |- mode |- sync-packet-balance |- password |- key |- hbdev |- session-sync-dev |- route-ttl (5,3600) |- route-wait (0,3600) |- route-hold (0,3600) |- multicast-ttl (5,3600) |- load-balance-all |- sync-config |- encryption |- authentication |- hb-interval (1,20) |- hb-lost-threshold (1,60) |- hello-holddown (5,300) |- gratuitous-arps |- arps (1,60) |- arps-interval (1,20) |- session-pickup |- session-pickup-connectionless |- session-pickup-expectation |- session-pickup-nat |- session-pickup-delay |- session-sync-daemon-number (1,15) |- link-failed-signal |- uninterruptible-upgrade |- standalone-mgmt-vdom |- ha-mgmt-status |- [ha-mgmt-interfaces] --*id (0,4294967295) |- interface (16) |- dst |- gateway +- gateway6 |- ha-eth-type (5) |- hc-eth-type (5) |- l2ep-eth-type (5) |- ha-uptime-diff-margin (1,65535) |- standalone-config-sync |- vcluster2 |- vcluster-id (0,255) |- override |- priority (0,255) |- override-wait-time (0,3600) |- schedule |- weight |- cpu-threshold |- memory-threshold |- http-proxy-threshold |- ftp-proxy-threshold |- imap-proxy-threshold |- nntp-proxy-threshold |- pop3-proxy-threshold |- smtp-proxy-threshold |- monitor |- pingserver-monitor-interface |- pingserver-failover-threshold (0,50) |- pingserver-slave-force-reset |- pingserver-flip-timeout (6,2147483647) |- vdom |- <secondary-vcluster> -- vcluster-id (0,255) |- override |- priority (0,255) |- override-wait-time (0,3600) |- monitor |- pingserver-monitor-interface |- pingserver-failover-threshold (0,50) |- pingserver-slave-force-reset +- vdom +- ha-direct |- <ha-monitor> -- monitor-vlan |- vlan-hb-interval (1,30) +- vlan-hb-lost-threshold (1,60) |- [storage] --*name (36) |- partition (17) |- media-type (5) |- device (13) +- size (0,4294967295) |- <dedicated-mgmt> -- status |- interface (16) |- default-gateway |- dhcp-server |- dhcp-netmask |- dhcp-start-ip +- dhcp-end-ip |- [arp-table] --*id (0,4294967295) |- interface (16) |- ip +- mac |- [ipv6-neighbor-cache] --*id (0,4294967295) |- interface (16) |- ipv6 +- mac |- <dns> -- primary |- secondary |- domain (128) |- ip6-primary |- ip6-secondary |- dns-cache-limit (0,4294967295) |- dns-cache-ttl (60,86400) |- cache-notfound-responses +- source-ip |- [ddns] --*ddnsid (0,4294967295) |- ddns-server |- ddns-server-ip |- ddns-zone (65) |- ddns-ttl (60,86400) |- ddns-auth |- ddns-keyname (65) |- ddns-key |- ddns-domain (65) |- ddns-username (65) |- ddns-sn (65) |- ddns-password |- use-public-ip |- update-interval (60,2592000) |- clear-text |- ssl-certificate (36) |- bound-ip +- [monitor-interface] --*interface-name (65) |- <sflow> -- collector-ip |- collector-port (0,65535) +- source-ip |- <vdom-sflow> -- vdom-sflow |- collector-ip |- collector-port (0,65535) +- source-ip |- <netflow> -- collector-ip |- collector-port (0,65535) |- source-ip |- active-flow-timeout (1,60) |- inactive-flow-timeout (10,600) |- template-tx-timeout (1,1440) +- template-tx-counter (10,6000) |- <vdom-netflow> -- vdom-netflow |- collector-ip |- collector-port (0,65535) +- source-ip |- <vdom-dns> -- vdom-dns |- primary |- secondary |- ip6-primary |- ip6-secondary +- source-ip |- [replacemsg-image] --*name (24) |- image-type +- image-base64 |- replacemsg -- [mail] --*msg-type (29) |- buffer |- header +- format |- [http] --*msg-type (29) |- buffer |- header +- format |- [webproxy] --*msg-type (29) |- buffer |- header +- format |- [ftp] --*msg-type (29) |- buffer |- header +- format |- [nntp] --*msg-type (29) |- buffer |- header +- format |- [fortiguard-wf] --*msg-type (29) |- buffer |- header +- format |- [spam] --*msg-type (29) |- buffer |- header +- format |- [alertmail] --*msg-type (29) |- buffer |- header +- format |- [admin] --*msg-type (29) |- buffer |- header +- format |- [auth] --*msg-type (29) |- buffer |- header +- format |- [sslvpn] --*msg-type (29) |- buffer |- header +- format |- [ec] --*msg-type (29) |- buffer |- header +- format |- [device-detection-portal] --*msg-type (29) |- buffer |- header +- format |- [nac-quar] --*msg-type (29) |- buffer |- header +- format |- [traffic-quota] --*msg-type (29) |- buffer |- header +- format +- [utm] --*msg-type (29) |- buffer |- header +- format |- [replacemsg-group] --*name (36) |- comment |- group-type |- [mail] --*msg-type (29) |- buffer |- header +- format |- [http] --*msg-type (29) |- buffer |- header +- format |- [webproxy] --*msg-type (29) |- buffer |- header +- format |- [ftp] --*msg-type (29) |- buffer |- header +- format |- [nntp] --*msg-type (29) |- buffer |- header +- format |- [fortiguard-wf] --*msg-type (29) |- buffer |- header +- format |- [spam] --*msg-type (29) |- buffer |- header +- format |- [alertmail] --*msg-type (29) |- buffer |- header +- format |- [admin] --*msg-type (29) |- buffer |- header +- format |- [auth] --*msg-type (29) |- buffer |- header +- format |- [sslvpn] --*msg-type (29) |- buffer |- header +- format |- [ec] --*msg-type (29) |- buffer |- header +- format |- [device-detection-portal] --*msg-type (29) |- buffer |- header +- format |- [nac-quar] --*msg-type (29) |- buffer |- header +- format |- [traffic-quota] --*msg-type (29) |- buffer |- header +- format |- [utm] --*msg-type (29) |- buffer |- header +- format +- [custom-message] --*msg-type (29) |- buffer |- header +- format |- snmp -- <sysinfo> -- status |- engine-id (25) |- description |- contact-info |- location |- trap-high-cpu-threshold (1,100) |- trap-low-memory-threshold (1,100) +- trap-log-full-threshold (1,100) |- [community] --*id (0,4294967295) |- name (36) |- status |- [hosts] --*id (0,4294967295) |- source-ip |- ip |- ha-direct +- host-type |- [hosts6] --*id (0,4294967295) |- source-ipv6 |- ipv6 |- ha-direct +- host-type |- query-v1-status |- query-v1-port (1,65535) |- query-v2c-status |- query-v2c-port (0,65535) |- trap-v1-status |- trap-v1-lport (1,65535) |- trap-v1-rport (1,65535) |- trap-v2c-status |- trap-v2c-lport (1,65535) |- trap-v2c-rport (1,65535) +- events +- [user] --*name (33) |- status |- trap-status |- trap-lport (0,65535) |- trap-rport (0,65535) |- queries |- query-port (0,65535) |- notify-hosts |- notify-hosts6 |- source-ip |- source-ipv6 |- ha-direct |- events |- security-level |- auth-proto |- auth-pwd |- priv-proto +- priv-pwd |- autoupdate -- <push-update> -- status |- override |- address +- port (0,65535) |- <schedule> -- status |- frequency |- time +- day +- <tunneling> -- status |- address (64) |- port (0,65535) |- username (50) +- password |- <session-ttl> -- default +- [port] --*id (0,65535) |- protocol (0,255) |- start-port (0,65535) |- end-port (0,65535) +- timeout |- dhcp -- [server] --*id (0,4294967295) |- status |- lease-time (300,8640000) |- mac-acl-default-action |- forticlient-on-net-status |- dns-service |- dns-server1 |- dns-server2 |- dns-server3 |- wifi-ac1 |- wifi-ac2 |- wifi-ac3 |- ntp-service |- ntp-server1 |- ntp-server2 |- ntp-server3 |- domain (36) |- wins-server1 |- wins-server2 |- default-gateway |- next-server |- netmask |- interface (16) |- [ip-range] --*id (0,4294967295) |- start-ip +- end-ip |- timezone-option |- timezone |- tftp-server (64) |- filename (128) |- [options] --*id (0,4294967295) |- code (0,255) |- type |- value (313) +- ip |- server-type |- ip-mode |- conflicted-ip-timeout (60,8640000) |- ipsec-lease-hold (0,8640000) |- auto-configuration |- ddns-update |- ddns-update-override |- ddns-server-ip |- ddns-zone (65) |- ddns-auth |- ddns-keyname (65) |- ddns-key |- ddns-ttl (60,86400) |- vci-match |- [vci-string] --*vci-string (256) |- [exclude-range] --*id (0,4294967295) |- start-ip +- end-ip +- [reserved-address] --*id (0,4294967295) |- ip |- mac |- action +- description |- dhcp6 -- [server] --*id (0,4294967295) |- status |- rapid-commit |- lease-time (300,8640000) |- dns-service |- dns-search-list |- dns-server1 |- dns-server2 |- dns-server3 |- domain (36) |- subnet |- interface (16) |- option1 |- option2 |- option3 |- upstream-interface (16) |- ip-mode +- [ip-range] --*id (0,4294967295) |- start-ip +- end-ip |- [virtual-wire-pair] --*name (36) |- [member] --*interface-name (65) +- wildcard-vlan |- <modem> -- status |- pin-init (128 xss) |- network-init (128 xss) |- lockdown-lac (128 xss) |- mode |- auto-dial |- dial-on-demand |- idle-timer (1,9999) |- redial |- reset (0,10) |- holddown-timer (1,60) |- connect-timeout (30,255) |- interface (64) |- wireless-port (0,4294967295) |- dont-send-CR1 |- phone1 (64 xss) |- dial-cmd1 (64) |- username1 (64 xss) |- passwd1 |- extra-init1 (128 xss) |- peer-modem1 |- ppp-echo-request1 |- authtype1 |- dont-send-CR2 |- phone2 (64 xss) |- dial-cmd2 (64) |- username2 (64 xss) |- passwd2 |- extra-init2 (128 xss) |- peer-modem2 |- ppp-echo-request2 |- authtype2 |- dont-send-CR3 |- phone3 (64 xss) |- dial-cmd3 (64) |- username3 (64 xss) |- passwd3 |- extra-init3 (128 xss) |- peer-modem3 |- ppp-echo-request3 |- altmode |- authtype3 |- traffic-check |- action |- distance (1,255) +- priority (0,4294967295) |- 3g-modem -- [custom] --*id (0,4294967295) |- vendor (36) |- model (36) |- vendor-id |- product-id |- class-id +- init-string (128) |- <dialinsvr> -- status |- server-ip |- client-ip |- usrgrp (36) +- allowaccess |- <status> |- performance -- <status> |- <top> -- <delay> -- <lines> (0) +- firewall -- <packet-distribution> +- <statistics> |- <session> |- <cmdb> |- <fortiguard-service> |- <fortianalyzer-connectivity> |- checksum -- <status> |- <mgmt-csum> |- <ha-nonsync-csum> |- <fortiguard-log-service> |- <central-mgmt> |- [alias] --*name (36) +- command |- [auto-script] --*name (36) |- interval (0,31557600) |- repeat (0,65535) |- start |- script +- output-size (10,1024) |- info -- admin -- <status> +- <ssh> |- <management-tunnel> -- status |- allow-config-restore |- allow-push-configuration |- allow-push-firmware |- allow-collect-statistics |- authorized-manager-only +- serial-number |- <fortimanager> -- ip |- vdom (32) |- ipsec |- central-management |- central-mgmt-auto-backup |- central-mgmt-schedule-config-restore +- central-mgmt-schedule-script-restore |- <fm> -- status |- id (36) |- ip |- vdom (32) |- auto-backup |- scheduled-config-restore +- ipsec |- <central-management> -- mode |- type |- schedule-config-restore |- schedule-script-restore |- allow-push-configuration |- allow-pushd-firmware |- allow-remote-firmware-upgrade |- allow-monitor |- serial-number |- fmg |- fmg-source-ip |- fmg-source-ip6 |- vdom (32) |- [server-list] --*id (0,4294967295) |- server-type |- addr-type |- server-address |- server-address6 +- fqdn (256) |- include-default-servers +- enc-algorithm |- [zone] --*name (36) |- intrazone +- [interface] --*interface-name (65) |- [geoip-country] --*id (3) +- name (64) |- [ipv6-tunnel] --*name (16) |- source |- destination |- interface (16) +- auto-asic-offload |- [ips-urlfilter-dns] --*address +- status |- <network-visibility> -- destination-visibility |- source-location |- destination-hostname-visibility |- hostname-ttl (60,86400) |- hostname-limit (0,50000) +- destination-location |- [gre-tunnel] --*name (16) |- interface (16) |- remote-gw |- local-gw |- dscp-copying |- keepalive-interval (0,32767) +- keepalive-failtimes (1,255) |- [ipip-tunnel] --*name (16) |- interface (16) |- remote-gw |- local-gw +- auto-asic-offload |- [mobile-tunnel] --*name (16) |- status |- roaming-interface (16) |- home-agent |- home-address |- renew-interval (5,60) |- lifetime (180,65535) |- reg-interval (5,300) |- reg-retry (1,30) |- n-mhae-spi (0,4294967295) |- n-mhae-key-type |- n-mhae-key |- hash-algorithm |- tunnel-mode +- [network] --*id (0,4294967295) |- interface (16) +- prefix |- [pppoe-interface] --*name (16) |- dial-on-demand |- ipv6 |- device (16) |- username (65 xss) |- password |- auth-type |- ipunnumbered |- pppoe-unnumbered-negotiate |- idle-timeout (0,4294967295) |- disc-retry-timeout (0,4294967295) |- padt-retry-timeout (0,4294967295) |- service-name (64) |- ac-name (64) |- lcp-echo-interval (0,4294967295) +- lcp-max-echo-fails (0,4294967295) |- [vxlan] --*name (16) |- interface (16) |- vni (1,16777215) |- ip-version |- [remote-ip] --*ip (16) |- [remote-ip6] --*ip6 (46) |- dstport (1,65535) +- multicast-ttl (1,255) |- [dns-database] --*name (36) |- status |- domain (256) |- allow-transfer |- type |- view |- ip-master |- primary-name (256) |- contact (256) |- ttl (0,2147483647) |- authoritative |- forwarder |- source-ip +- [dns-entry] --*id (0,4294967295) |- status |- type |- ttl (0,2147483647) |- preference (0,65535) |- ip |- ipv6 |- hostname (256) +- canonical-name (256) |- [dns-server] --*name (16) |- mode +- dnsfilter-profile (36) |- <resource-limits> -- session (0,4294967295) |- ipsec-phase1 (0,4294967295) |- ipsec-phase2 (0,4294967295) |- dialup-tunnel (0,4294967295) |- firewall-policy (0,4294967295) |- firewall-address (0,4294967295) |- firewall-addrgrp (0,4294967295) |- custom-service (0,4294967295) |- service-group (0,4294967295) |- onetime-schedule (0,4294967295) |- recurring-schedule (0,4294967295) |- user (0,4294967295) |- user-group (0,4294967295) |- sslvpn (0,4294967295) |- proxy (0,4294967295) +- log-disk-quota (0,4294967295) |- [vdom-property] --*name (32) |- description (128) |- snmp-index (0,4294967295) |- session |- ipsec-phase1 |- ipsec-phase2 |- dialup-tunnel |- firewall-policy |- firewall-address |- firewall-addrgrp |- custom-service |- service-group |- onetime-schedule |- recurring-schedule |- user |- user-group |- sslvpn |- proxy +- log-disk-quota |- <virtual-wan-link> -- status |- load-balance-mode |- fail-detect |- [fail-alert-interfaces] --*name (65) |- [members] --*seq-num (0,255) |- interface (16) |- gateway |- weight (0,255) |- priority (0,4294967295) |- spillover-threshold (0,16776000) |- ingress-spillover-threshold (0,16776000) |- volume-ratio (0,255) +- status |- [health-check] --*name (36) |- server (64) |- protocol |- port (1,65535) |- security-mode |- password |- packet-size (64,1024) |- http-get (1025) |- http-match (1025) |- interval (1,3600) |- timeout (1,255) |- failtime (1,10) |- recoverytime (1,10) |- update-cascade-interface |- update-static-route |- threshold-warning-packetloss (0,100) |- threshold-alert-packetloss (0,100) |- threshold-warning-latency (0,4294967295) |- threshold-alert-latency (0,4294967295) |- threshold-warning-jitter (0,4294967295) +- threshold-alert-jitter (0,4294967295) +- [service] --*id (0,255) |- name (36) |- mode |- quality-link (0,255) |- member (0,255) |- tos |- tos-mask |- protocol (0,255) |- start-port (0,65535) |- end-port (0,65535) |- [dst] --*name (65) |- [src] --*name (65) |- [users] --*name (65) |- [groups] --*name (65) |- internet-service |- [internet-service-custom] --*name (65) |- [internet-service-id] --*id (0,4294967295) |- health-check (36) |- link-cost-factor |- link-cost-threshold (0,10000000) |- [priority-members] --*seq-num (0,4294967295) +- status |- <csf> -- status |- upstream-ip |- upstream-port (1,65535) |- group-name (36) |- group-password |- logging-mode +- management-ip |- [cluster-sync] --*sync-id (0,255) |- peervd (32) |- peerip |- [syncvd] --*name (65) |- [down-intfs-before-sess-sync] --*name (65) |- hb-interval (1,10) |- hb-lost-threshold (1,10) |- slave-add-ike-routes +- <session-sync-filter> -- srcintf (16) |- dstintf (16) |- srcaddr |- dstaddr |- srcaddr6 |- dstaddr6 +- [custom-service] --*id (0,4294967295) |- src-port-range +- dst-port-range |- <fortiguard> -- port |- service-account-id (51 xss) |- load-balance-servers (1,266) |- auto-join-forticloud |- antispam-force-off |- antispam-cache |- antispam-cache-ttl (0,4294967295) |- antispam-cache-mpercent (1,15) |- antispam-license (0,4294967295) |- antispam-expiration (0,4294967295) |- antispam-timeout (1,30) |- webfilter-force-off |- webfilter-cache |- webfilter-cache-ttl (300,86400) |- webfilter-license (0,4294967295) |- webfilter-expiration (0,4294967295) |- webfilter-timeout (1,30) |- sdns-server-ip |- sdns-server-port (1,65535) |- source-ip |- source-ip6 |- ddns-server-ip +- ddns-server-port (1,65535) |- <arp> |- <email-server> -- type |- reply-to (64) |- server (64) |- port (1,65535) |- source-ip |- source-ip6 |- authenticate |- validate-server |- username (36) |- password +- security |- <alarm> -- status |- audible +- [groups] --*id (0,4294967295) |- period (0,4294967295) |- admin-auth-failure-threshold (0,1024) |- admin-auth-lockout-threshold (0,1024) |- user-auth-failure-threshold (0,1024) |- user-auth-lockout-threshold (0,1024) |- replay-attempt-threshold (0,1024) |- self-test-failure-threshold (0,1) |- log-full-warning-threshold (0,1024) |- encryption-failure-threshold (0,1024) |- decryption-failure-threshold (0,1024) |- [fw-policy-violations] --*id (0,4294967295) |- threshold (0,1024) |- src-ip |- dst-ip |- src-port (0,65535) +- dst-port (0,65535) |- fw-policy-id (0,4294967295) +- fw-policy-id-threshold (0,1024) |- [mac-address-table] --*mac |- interface (36) +- reply-substitute |- [session-helper] --*id (0,4294967295) |- name |- protocol (0,255) +- port (1,65535) |- [proxy-arp] --*id (0,4294967295) |- interface (16) |- ip +- end-ip |- <fips-cc> -- status |- entropy-token |- self-test-period (1,1440) +- key-generation-self-test |- [tos-based-priority] --*id (0,4294967295) |- tos (0,15) +- priority |- [dscp-based-priority] --*id (0,4294967295) |- ds (0,63) +- priority |- <probe-response> -- port (1,65535) |- http-probe-value (1025) |- ttl-mode |- mode |- security-mode |- password +- timeout (10,3600) |- [link-monitor] --*name (36 xss) |- srcintf (16) |- [server] --*address (65) |- protocol |- port (1,65535) |- gateway-ip |- source-ip |- http-get (1025) |- http-match (1025) |- interval (1,3600) |- timeout (1,255) |- failtime (1,10) |- recoverytime (1,10) |- security-mode |- password |- packet-size (64,1024) |- ha-priority (1,50) |- update-cascade-interface |- update-static-route +- status |- <auto-install> -- auto-install-config |- auto-install-image |- default-config-file (128) +- default-image-file (128) |- <console> -- mode |- baudrate |- output |- login +- fortiexplorer |- <ntp> -- ntpsync |- type |- syncinterval (1,1440) |- [ntpserver] --*id (0,4294967295) |- server (64) |- ntpv3 |- authentication |- key +- key-id (0,4294967295) |- source-ip |- server-mode +- [interface] --*interface-name (65) |- [wccp] --*service-id (4) |- router-id |- cache-id |- group-address |- server-list |- router-list |- ports-defined |- ports |- authentication |- password |- forward-method |- cache-engine-method |- service-type |- primary-hash |- priority (0,255) |- protocol (0,255) |- assignment-weight (0,255) |- assignment-bucket-format |- return-method +- assignment-method |- <nat64> -- status |- nat64-prefix |- always-synthesize-aaaa-record +- generate-ipv6-fragment-header |- [vdom-radius-server] --*name (32) |- status +- radius-server-vdom (32) |- <startup-error-log> |- source-ip -- <status> |- auto-update -- <status> +- <versions> |- session-info -- <list> |- <expectation> |- <full-stat> |- <statistics> +- <ttl> |- session-helper-info -- <list> |- ip-conflict -- <status> |- <ftm-push> -- server-port (1,65535) |- server-ip +- status |- [geoip-override] --*name (64) |- description (128) |- country-id (3) +- [ip-range] --*id (0,65535) |- start-ip +- end-ip +- <fortisandbox> -- status |- server |- source-ip |- enc-algorithm +- email (64) |- wireless-controller -- <inter-controller> -- inter-controller-mode |- inter-controller-key |- inter-controller-pri |- fast-failover-max (3,64) |- fast-failover-wait (10,86400) +- [inter-controller-peer] --*id (0,4294967295) |- peer-ip |- peer-port (1024,49150) +- peer-priority |- <global> -- name (36) |- location (36) |- max-retransmit (0,64) |- data-ethernet-II |- link-aggregation |- mesh-eth-type (0,65535) |- fiapp-eth-type (0,65535) |- discovery-mc-addr |- max-clients (0,4294967295) |- rogue-scan-mac-adjacency (0,31) |- ipsec-base-ip |- ap-log-server |- ap-log-server-ip +- ap-log-server-port (0,65535) |- [vap] --*name (16) |- vdom (32) |- fast-roaming |- external-fast-roaming |- mesh-backhaul |- max-clients (0,4294967295) |- max-clients-ap (0,4294967295) |- ssid (33 xss) |- broadcast-ssid |- security-obsolete-option |- security |- pmf |- pmf-assoc-comeback-timeout (1,20) |- pmf-sa-query-retry-timeout (1,5) |- okc |- voice-enterprise |- fast-bss-transition |- ft-mobility-domain (1,65535) |- ft-r0-key-lifetime (1,65535) |- ft-over-ds |- tkip-counter-measure |- external-web (128) |- external-logout (128) |- radius-mac-auth |- radius-mac-auth-server (36) |- auth |- encrypt |- keyindex (1,4) |- key |- passphrase |- radius-server (36) |- acct-interim-interval (60,86400) |- [usergroup] --*name (65) |- portal-message-override-group (36) |- <portal-message-overrides> -- auth-disclaimer-page (36) |- auth-reject-page (36) |- auth-login-page (36) +- auth-login-failed-page (36) |- portal-type |- [selected-usergroups] --*name (65) |- security-exempt-list (36) |- security-redirect-url (128) |- intra-vap-privacy |- schedule (36) |- ldpc |- mpsk |- mpsk-concurrent-clients (0,65535) |- [mpsk-key] --*key-name (36) |- passphrase |- concurrent-clients (16) +- comment |- local-standalone |- local-standalone-nat |- ip |- dhcp-lease-time (300,8640000) |- local-bridging |- split-tunneling |- local-authentication |- vlanid (0,4094) |- vlan-auto |- dynamic-vlan |- captive-portal-radius-server (64) |- captive-portal-radius-secret |- captive-portal-ac-name (36) |- alias (26) |- multicast-rate |- multicast-enhance |- broadcast-suppression |- me-disable-thresh (2,256) |- probe-resp-suppression |- probe-resp-threshold (8) |- vlan-pooling |- [vlan-pool] --*id (0,4094) +- wtp-group (36) |- ptk-rekey |- ptk-rekey-intv (1800,864000) |- gtk-rekey |- gtk-rekey-intv (1800,864000) |- eap-reauth |- eap-reauth-intv (1800,864000) |- qos-profile (36) |- rates-11a |- rates-11bg |- rates-11n-ss12 |- rates-11n-ss34 |- rates-11ac-ss12 |- rates-11ac-ss34 |- mac-filter |- mac-filter-policy-other +- [mac-filter-list] --*id (0,4294967295) |- mac +- mac-filter-policy |- <timers> -- echo-interval (1,255) |- discovery-interval (2,180) |- client-idle-timeout (20,3600) |- rogue-ap-log (0,1440) |- fake-ap-log (1,1440) |- darrp-optimize (0,86400) |- darrp-day |- [darrp-time] --*time (6) |- sta-stats-interval (1,255) |- vap-stats-interval (1,255) |- radio-stats-interval (1,255) |- sta-capability-interval (1,255) |- sta-locate-timer (0,86400) |- ipsec-intf-cleanup (30,3600) +- ble-scan-report-intv (10,3600) |- <setting> -- account-id (64) |- country |- duplicate-ssid +- fapc-compatibility |- [bonjour-profile] --*name (36) |- comment (64) +- [policy-list] --*policy-id (1,65535) |- description (64) |- from-vlan (64) |- to-vlan (64) +- services |- [vap-group] --*name (36) |- comment +- [vaps] --*name (36) |- [wids-profile] --*name (36) |- comment (64) |- sensor-mode |- ap-scan |- ap-bgscan-period (60,3600) |- ap-bgscan-intv (1,600) |- ap-bgscan-duration (10,1000) |- ap-bgscan-idle (0,1000) |- ap-bgscan-report-intv (15,600) |- ap-bgscan-disable-day |- ap-bgscan-disable-start |- ap-bgscan-disable-end |- ap-fgscan-report-intv (15,600) |- ap-scan-passive |- ap-auto-suppress |- wireless-bridge |- deauth-broadcast |- null-ssid-probe-resp |- long-duration-attack |- long-duration-thresh (1000,32767) |- invalid-mac-oui |- weak-wep-iv |- auth-frame-flood |- auth-flood-time (5,120) |- auth-flood-thresh (1,100) |- assoc-frame-flood |- assoc-flood-time (5,120) |- assoc-flood-thresh (1,100) |- spoofed-deauth |- asleap-attack |- eapol-start-flood |- eapol-start-thresh (2,100) |- eapol-start-intv (1,3600) |- eapol-logoff-flood |- eapol-logoff-thresh (2,100) |- eapol-logoff-intv (1,3600) |- eapol-succ-flood |- eapol-succ-thresh (2,100) |- eapol-succ-intv (1,3600) |- eapol-fail-flood |- eapol-fail-thresh (2,100) |- eapol-fail-intv (1,3600) |- eapol-pre-succ-flood |- eapol-pre-succ-thresh (2,100) |- eapol-pre-succ-intv (1,3600) |- eapol-pre-fail-flood |- eapol-pre-fail-thresh (2,100) |- eapol-pre-fail-intv (1,3600) +- deauth-unknown-src-thresh (0,65535) |- [ble-profile] --*name (36) |- comment (64) |- advertising |- ibeacon-uuid (64) |- major-id (0,65535) |- minor-id (0,65535) |- eddystone-namespace (11) |- eddystone-instance (7) |- eddystone-url (128) |- txpower |- beacon-interval (40,3500) +- ble-scanning |- [wtp-profile] --*name (36) |- comment |- <platform> -- type |- ble-profile (36) |- wan-port-mode |- <lan> -- port-mode |- port-ssid (16) |- port1-mode |- port1-ssid (16) |- port2-mode |- port2-ssid (16) |- port3-mode |- port3-ssid (16) |- port4-mode |- port4-ssid (16) |- port5-mode |- port5-ssid (16) |- port6-mode |- port6-ssid (16) |- port7-mode |- port7-ssid (16) |- port8-mode +- port8-ssid (16) |- energy-efficient-ethernet |- led-state |- dtls-policy |- dtls-in-kernel |- max-clients (0,4294967295) |- handoff-rssi (20,30) |- handoff-sta-thresh (5,35) |- handoff-roaming |- [deny-mac-list] --*id (0,4294967295) +- mac |- ap-country |- ip-fragment-preventing |- tun-mtu-uplink (576,1500) |- tun-mtu-downlink (576,1500) |- split-tunneling-acl-local-ap-subnet |- [split-tunneling-acl] --*id (0,4294967295) +- dest-ip |- allowaccess |- login-passwd-change |- login-passwd |- lldp |- poe-mode |- <radio-1> -- radio-id (0,2) |- mode |- band |- protection-mode |- powersave-optimize |- transmit-optimize |- amsdu |- coexistence |- short-guard-interval |- channel-bonding |- auto-power-level |- auto-power-high (0,4294967295) |- auto-power-low (0,4294967295) |- power-level (0,100) |- dtim (1,255) |- beacon-interval (0,65535) |- rts-threshold (256,2346) |- frag-threshold (800,2346) |- ap-sniffer-bufsize (1,32) |- ap-sniffer-chan (0,4294967295) |- ap-sniffer-addr |- ap-sniffer-mgmt-beacon |- ap-sniffer-mgmt-probe |- ap-sniffer-mgmt-other |- ap-sniffer-ctl |- ap-sniffer-data |- channel-utilization |- spectrum-analysis |- wids-profile (36) |- darrp |- max-clients (0,4294967295) |- max-distance (0,54000) |- frequency-handoff |- ap-handoff |- vap-all |- [vaps] --*name (36) |- [channel] --*chan (4) |- call-admission-control |- call-capacity (0,60) |- bandwidth-admission-control +- bandwidth-capacity (1,600000) |- <radio-2> -- radio-id (0,2) |- mode |- band |- protection-mode |- powersave-optimize |- transmit-optimize |- amsdu |- coexistence |- short-guard-interval |- channel-bonding |- auto-power-level |- auto-power-high (0,4294967295) |- auto-power-low (0,4294967295) |- power-level (0,100) |- dtim (1,255) |- beacon-interval (0,65535) |- rts-threshold (256,2346) |- frag-threshold (800,2346) |- ap-sniffer-bufsize (1,32) |- ap-sniffer-chan (0,4294967295) |- ap-sniffer-addr |- ap-sniffer-mgmt-beacon |- ap-sniffer-mgmt-probe |- ap-sniffer-mgmt-other |- ap-sniffer-ctl |- ap-sniffer-data |- channel-utilization |- spectrum-analysis |- wids-profile (36) |- darrp |- max-clients (0,4294967295) |- max-distance (0,54000) |- frequency-handoff |- ap-handoff |- vap-all |- [vaps] --*name (36) |- [channel] --*chan (4) |- call-admission-control |- call-capacity (0,60) |- bandwidth-admission-control +- bandwidth-capacity (1,600000) +- <lbs> -- ekahau-blink-mode |- ekahau-tag |- erc-server-ip |- erc-server-port (1024,65535) |- aeroscout |- aeroscout-server-ip |- aeroscout-server-port (1024,65535) |- aeroscout-mu-factor (0,4294967295) |- aeroscout-mu-timeout (0,65535) |- fortipresence |- fortipresence-server |- fortipresence-port (300,65535) |- fortipresence-secret |- fortipresence-project (17) |- fortipresence-frequency (5,65535) |- fortipresence-rogue |- fortipresence-unassoc +- station-locate |- [wtp] --*wtp-id (36) |- index (0,4294967295) |- admin |- name (36) |- location (36) |- wtp-profile (36) |- wtp-mode |- bonjour-profile (36) |- override-led-state |- led-state |- override-wan-port-mode |- wan-port-mode |- override-ip-fragment |- ip-fragment-preventing |- tun-mtu-uplink (576,1500) |- tun-mtu-downlink (576,1500) |- override-split-tunnel |- split-tunneling-acl-local-ap-subnet |- [split-tunneling-acl] --*id (0,4294967295) +- dest-ip |- override-lan |- <lan> -- port-mode |- port-ssid (16) |- port1-mode |- port1-ssid (16) |- port2-mode |- port2-ssid (16) |- port3-mode |- port3-ssid (16) |- port4-mode |- port4-ssid (16) |- port5-mode |- port5-ssid (16) |- port6-mode |- port6-ssid (16) |- port7-mode |- port7-ssid (16) |- port8-mode +- port8-ssid (16) |- override-allowaccess |- allowaccess |- override-login-passwd-change |- login-passwd-change |- login-passwd |- <radio-1> -- radio-id (0,2) |- override-band |- band |- override-analysis |- spectrum-analysis |- override-txpower |- auto-power-level |- auto-power-high (0,4294967295) |- auto-power-low (0,4294967295) |- power-level (0,100) |- override-vaps |- vap-all |- [vaps] --*name (36) |- override-channel +- [channel] --*chan (4) |- <radio-2> -- radio-id (0,2) |- override-band |- band |- override-analysis |- spectrum-analysis |- override-txpower |- auto-power-level |- auto-power-high (0,4294967295) |- auto-power-low (0,4294967295) |- power-level (0,100) |- override-vaps |- vap-all |- [vaps] --*name (36) |- override-channel +- [channel] --*chan (4) |- image-download |- mesh-bridge-enable |- coordinate-enable |- coordinate-x (16) +- coordinate-y (16) |- [wtp-group] --*name (36) |- platform-type +- [wtps] --*wtp-id (36) |- [qos-profile] --*name (36) |- comment (64) |- uplink (0,2097152) |- downlink (0,2097152) |- uplink-sta (0,2097152) |- downlink-sta (0,2097152) |- burst |- wmm |- wmm-uapsd |- call-admission-control |- call-capacity (0,60) |- bandwidth-admission-control |- bandwidth-capacity (1,600000) |- dscp-wmm-mapping |- [dscp-wmm-vo] --*id (0,63) |- [dscp-wmm-vi] --*id (0,63) |- [dscp-wmm-be] --*id (0,63) +- [dscp-wmm-bk] --*id (0,63) |- <scan> |- [ap-status] --*id (0,4294967295) |- bssid |- ssid (33 xss) +- status |- <wlchanlistlic> |- <status> -- [1|2] (0) |- <wtp-status> -- <wtp-id> (0) |- <client-info> -- <vfid> -- <intf> -- <ip> (0) |- <vap-status> -- [1] (0) |- <rf-analysis> -- <wtp-id> (0) +- <spectral-info> -- [wtp-id] -- <radio-id> (0) |- extender-controller -- [extender] --*id (20) |- admin |- ifname (16) |- vdom (0,4294967295) |- role |- mode |- dial-mode |- redial |- redundant-intf (16) |- dial-status (0,4294967295) |- conn-status (0,4294967295) |- ext-name (32) |- description (32) |- quota-limit-mb (0,10485760) |- billing-start-day (1,28) |- at-dial-script (128 xss) |- modem-passwd |- initiated-update |- modem-type |- ppp-username (32) |- ppp-password |- ppp-auth-protocol |- ppp-echo-request |- wimax-carrier (32) |- wimax-realm (32) |- wimax-auth-protocol |- sim-pin |- access-point-name (64) |- multi-mode |- roaming |- cdma-nai (32) |- aaa-shared-secret |- ha-shared-secret |- primary-ha (32) |- secondary-ha (32) |- cdma-aaa-spi (32) +- cdma-ha-spi (32) |- ipsec -- <tunnel> |- firewall -- [address] --*name (64) |- uuid |- subnet |- type |- start-ip |- end-ip |- fqdn (256) |- country (3) |- wildcard-fqdn (256) |- cache-ttl (0,86400) |- wildcard |- comment |- visibility |- associated-interface (36) |- color (0,32) |- [tags] --*name (65) +- allow-routing |- [multicast-address] --*name (64) |- type |- subnet |- start-ip |- end-ip |- comment |- visibility |- associated-interface (36) |- color (0,32) +- [tags] --*name (65) |- [address6] --*name (64) |- uuid |- type |- ip6 |- start-ip |- end-ip |- visibility |- color (0,32) |- [tags] --*name (65) +- comment |- [multicast-address6] --*name (64) |- ip6 |- comment |- visibility |- color (0,32) +- [tags] --*name (65) |- [addrgrp] --*name (64) |- uuid |- [member] --*name (65) |- comment |- visibility |- color (0,32) |- [tags] --*name (65) +- allow-routing |- [addrgrp6] --*name (64) |- uuid |- visibility |- color (0,32) |- comment |- [member] --*name (65) +- [tags] --*name (65) |- service -- [category] --*name (64) +- comment |- [custom] --*name (64) |- proxy |- category (64) |- protocol |- helper |- iprange |- fqdn (256) |- protocol-number (0,254) |- icmptype (0,4294967295) |- icmpcode (0,255) |- tcp-portrange |- udp-portrange |- sctp-portrange |- tcp-halfclose-timer (0,86400) |- tcp-halfopen-timer (0,86400) |- tcp-timewait-timer (0,300) |- udp-idle-timer (0,86400) |- session-ttl (300,604800) |- check-reset-range |- comment |- color (0,32) |- visibility |- app-service-type |- [app-category] --*id (0,4294967295) +- [application] --*id (0,4294967295) +- [group] --*name (36) |- [member] --*name (65) |- proxy |- comment +- color (0,32) |- [internet-service] --*id (0,4294967295) |- name (64 xss) |- reputation (0,4294967295) |- icon-id (0,4294967295) |- offset (0,4294967295) +- [entry] --*id (0,4294967295) |- protocol (0,255) |- port (0,65535) |- ip-range-number (0,4294967295) +- ip-number (0,65535) |- [internet-service-custom] --*name (64 xss) |- master-service-id (0,4294967295) |- comment |- [entry] --*id (0,255) |- protocol (0,255) |- [port-range] --*id (0,4294967295) |- start-port (1,65535) +- end-port (1,65535) +- [dst] --*name (65) +- [disable-entry] --*id (0,4294967295) |- protocol (0,255) |- port (0,65535) +- [ip-range] --*id (0,4294967295) |- start-ip +- end-ip |- <internet-service-summary> |- shaper -- [traffic-shaper] --*name (36) |- guaranteed-bandwidth (0,16776000) |- maximum-bandwidth (0,16776000) |- bandwidth-unit |- priority |- per-policy |- diffserv +- diffservcode |- [per-ip-shaper] --*name (36) |- max-bandwidth (0,16776000) |- bandwidth-unit |- max-concurrent-session (0,2097000) |- diffserv-forward |- diffserv-reverse |- diffservcode-forward +- diffservcode-rev |- <traffic> +- <per-ip> |- schedule -- [onetime] --*name (32) |- start |- end |- color (0,32) +- expiration-days (0,100) |- [recurring] --*name (32) |- start |- end |- day +- color (0,32) +- [group] --*name (32) |- [member] --*name (65) +- color (0,32) |- [ippool] --*name (36) |- type |- startip |- endip |- source-startip |- source-endip |- block-size (64,4096) |- num-blocks-per-user (1,128) |- permit-any-host |- arp-reply |- arp-intf (16) |- associated-interface (16) +- comments |- [ippool6] --*name (36) |- startip |- endip +- comments |- [ldb-monitor] --*name (36) |- type |- interval (5,65535) |- timeout (1,255) |- retry (1,255) |- port (0,65535) |- http-get (256) |- http-match (256) +- http-max-redirects (0,5) |- [vip] --*name (64) |- id (0,65535) |- uuid |- comment |- type |- dns-mapping-ttl (0,604800) |- ldb-method |- [src-filter] --*range (65) |- [service] --*name (65) |- extip |- [extaddr] --*name (65) |- [mappedip] --*range (65) |- mapped-addr (64) |- extintf (36) |- arp-reply |- server-type |- persistence |- nat-source-vip |- portforward |- protocol |- extport |- mappedport |- gratuitous-arp-interval (5,8640000) |- [srcintf-filter] --*interface-name (65) |- portmapping-type |- [realservers] --*id (0,4294967295) |- ip |- port (1,65535) |- status |- weight (1,255) |- holddown-interval (30,65535) |- healthcheck |- http-host (64) |- max-connections (0,2147483647) |- monitor (65) +- client-ip |- http-cookie-domain-from-host |- http-cookie-domain (36) |- http-cookie-path (36) |- http-cookie-generation (0,4294967295) |- http-cookie-age (0,525600) |- http-cookie-share |- https-cookie-secure |- http-multiplex |- http-ip-header |- http-ip-header-name (36) |- outlook-web-access |- weblogic-server |- websphere-server |- ssl-mode |- ssl-certificate (36) |- ssl-dh-bits |- ssl-algorithm |- [ssl-cipher-suites] --*priority (0,4294967295) |- cipher +- versions |- ssl-server-algorithm |- [ssl-server-cipher-suites] --*priority (0,4294967295) |- cipher +- versions |- ssl-pfs |- ssl-min-version |- ssl-max-version |- ssl-server-min-version |- ssl-server-max-version |- ssl-send-empty-frags |- ssl-client-fallback |- ssl-client-renegotiation |- ssl-client-session-state-type |- ssl-client-session-state-timeout (1,14400) |- ssl-client-session-state-max (1,10000) |- ssl-server-session-state-type |- ssl-server-session-state-timeout (1,14400) |- ssl-server-session-state-max (1,10000) |- ssl-http-location-conversion |- ssl-http-match-host |- ssl-hpkp |- ssl-hpkp-primary (36) |- ssl-hpkp-backup (36) |- ssl-hpkp-age (60,157680000) |- ssl-hpkp-report-uri |- ssl-hpkp-include-subdomains |- ssl-hsts |- ssl-hsts-age (60,157680000) |- ssl-hsts-include-subdomains |- [monitor] --*name (65) |- max-embryonic-connections (0,100000) +- color (0,32) |- [vip46] --*name (64) |- id (0,65535) |- uuid |- comment |- type |- [src-filter] --*range (80) |- extip |- mappedip |- arp-reply |- portforward |- protocol |- extport |- mappedport |- color (0,32) |- ldb-method |- server-type |- [realservers] --*id (0,4294967295) |- ip |- port (1,65535) |- status |- weight (1,255) |- holddown-interval (30,65535) |- healthcheck |- max-connections (0,2147483647) |- monitor (65) +- client-ip +- [monitor] --*name (65) |- [vip6] --*name (64) |- id (0,65535) |- uuid |- comment |- type |- [src-filter] --*range (80) |- extip |- mappedip |- arp-reply |- portforward |- protocol |- extport |- mappedport |- color (0,32) |- ldb-method |- server-type |- persistence |- [realservers] --*id (0,4294967295) |- ip |- port (1,65535) |- status |- weight (1,255) |- holddown-interval (30,65535) |- healthcheck |- http-host (64) |- max-connections (0,2147483647) |- monitor (65) +- client-ip |- http-cookie-domain-from-host |- http-cookie-domain (36) |- http-cookie-path (36) |- http-cookie-generation (0,4294967295) |- http-cookie-age (0,525600) |- http-cookie-share |- https-cookie-secure |- http-multiplex |- http-ip-header |- http-ip-header-name (36) |- outlook-web-access |- weblogic-server |- websphere-server |- ssl-mode |- ssl-certificate (36) |- ssl-dh-bits |- ssl-algorithm |- [ssl-cipher-suites] --*priority (0,4294967295) |- cipher +- versions |- ssl-server-algorithm |- [ssl-server-cipher-suites] --*priority (0,4294967295) |- cipher +- versions |- ssl-pfs |- ssl-min-version |- ssl-max-version |- ssl-server-min-version |- ssl-server-max-version |- ssl-send-empty-frags |- ssl-client-fallback |- ssl-client-renegotiation |- ssl-client-session-state-type |- ssl-client-session-state-timeout (1,14400) |- ssl-client-session-state-max (1,10000) |- ssl-server-session-state-type |- ssl-server-session-state-timeout (1,14400) |- ssl-server-session-state-max (1,10000) |- ssl-http-location-conversion |- ssl-http-match-host |- ssl-hpkp |- ssl-hpkp-primary (36) |- ssl-hpkp-backup (36) |- ssl-hpkp-age (60,157680000) |- ssl-hpkp-report-uri |- ssl-hpkp-include-subdomains |- ssl-hsts |- ssl-hsts-age (60,157680000) |- ssl-hsts-include-subdomains |- [monitor] --*name (65) +- max-embryonic-connections (0,100000) |- [vip64] --*name (64) |- id (0,65535) |- uuid |- comment |- type |- [src-filter] --*range (80) |- extip |- mappedip |- arp-reply |- portforward |- protocol |- extport |- mappedport |- color (0,32) |- ldb-method |- server-type |- [realservers] --*id (0,4294967295) |- ip |- port (1,65535) |- status |- weight (1,255) |- holddown-interval (30,65535) |- healthcheck |- max-connections (0,2147483647) |- monitor (65) +- client-ip +- [monitor] --*name (65) |- [vipgrp] --*name (64) |- uuid |- interface (36) |- color (0,32) |- comments +- [member] --*name (65) |- [vipgrp46] --*name (64) |- uuid |- color (0,32) |- comments +- [member] --*name (65) |- [vipgrp6] --*name (64) |- uuid |- color (0,32) |- comments +- [member] --*name (65) |- [vipgrp64] --*name (64) |- uuid |- color (0,32) |- comments +- [member] --*name (65) |- ipmacbinding -- <setting> -- bindthroughfw |- bindtofw +- undefinedhost +- [table] --*seq-num (0,4294967295) |- ip |- mac |- name (36) +- status |- [profile-protocol-options] --*name (36) |- comment |- replacemsg-group (36) |- oversize-log |- switching-protocols-log |- <http> -- ports (1,65535) |- status |- inspect-all |- options |- comfort-interval (1,900) |- comfort-amount (1,10240) |- range-block |- http-policy |- post-lang |- fortinet-bar |- fortinet-bar-port (1,65535) |- streaming-content-bypass |- switching-protocols |- oversize-limit (1,186) |- uncompressed-oversize-limit (0,186) |- uncompressed-nest-limit (2,100) |- scan-bzip2 |- block-page-status-code (100,599) +- retry-count (0,100) |- <ftp> -- ports (1,65535) |- status |- inspect-all |- options |- comfort-interval (1,900) |- comfort-amount (1,10240) |- oversize-limit (1,186) |- uncompressed-oversize-limit (0,186) |- uncompressed-nest-limit (2,100) +- scan-bzip2 |- <imap> -- ports (1,65535) |- status |- inspect-all |- options |- oversize-limit (1,186) |- uncompressed-oversize-limit (0,186) |- uncompressed-nest-limit (2,100) +- scan-bzip2 |- <mapi> -- ports (1,65535) |- status |- options |- oversize-limit (1,186) |- uncompressed-oversize-limit (0,186) |- uncompressed-nest-limit (2,100) +- scan-bzip2 |- <pop3> -- ports (1,65535) |- status |- inspect-all |- options |- oversize-limit (1,186) |- uncompressed-oversize-limit (0,186) |- uncompressed-nest-limit (2,100) +- scan-bzip2 |- <smtp> -- ports (1,65535) |- status |- inspect-all |- options |- oversize-limit (1,186) |- uncompressed-oversize-limit (0,186) |- uncompressed-nest-limit (2,100) |- scan-bzip2 +- server-busy |- <nntp> -- ports (1,65535) |- status |- inspect-all |- options |- oversize-limit (1,186) |- uncompressed-oversize-limit (0,186) |- uncompressed-nest-limit (2,100) +- scan-bzip2 |- <dns> -- ports (1,65535) +- status |- <mail-signature> -- status +- signature (1024 xss) +- rpc-over-http |- [ssl-ssh-profile] --*name (36) |- comment |- <ssl> -- inspect-all |- client-cert-request |- unsupported-ssl |- allow-invalid-server-cert +- untrusted-cert |- <https> -- ports (1,65535) |- status |- client-cert-request |- unsupported-ssl |- allow-invalid-server-cert +- untrusted-cert |- <ftps> -- ports (1,65535) |- status |- client-cert-request |- unsupported-ssl |- allow-invalid-server-cert +- untrusted-cert |- <imaps> -- ports (1,65535) |- status |- client-cert-request |- unsupported-ssl |- allow-invalid-server-cert +- untrusted-cert |- <pop3s> -- ports (1,65535) |- status |- client-cert-request |- unsupported-ssl |- allow-invalid-server-cert +- untrusted-cert |- <smtps> -- ports (1,65535) |- status |- client-cert-request |- unsupported-ssl |- allow-invalid-server-cert +- untrusted-cert |- whitelist |- [ssl-exempt] --*id (0,255) |- type |- fortiguard-category (0,255) |- address (64) +- address6 (64) |- server-cert-mode |- use-ssl-server |- caname (36) |- untrusted-caname (36) |- server-cert (36) |- [ssl-server] --*id (0,4294967295) |- ip |- https-client-cert-request |- smtps-client-cert-request |- pop3s-client-cert-request |- imaps-client-cert-request |- ftps-client-cert-request +- ssl-other-client-cert-request |- ssl-anomalies-log |- ssl-exemptions-log |- rpc-over-https +- mapi-over-https |- [profile-group] --*name (36) |- av-profile (36) |- webfilter-profile (36) |- dnsfilter-profile (36) |- spamfilter-profile (36) |- dlp-sensor (36) |- ips-sensor (36) |- application-list (36) |- voip-profile (36) |- icap-profile (36) |- waf-profile (36) |- profile-protocol-options (36) +- ssl-ssh-profile (36) |- [ssl-server] --*name (36) |- ip |- port (1,65535) |- ssl-mode |- add-header-x-forwarded-proto |- mapped-port (1,65535) |- ssl-cert (36) |- ssl-dh-bits |- ssl-algorithm |- ssl-client-renegotiation |- ssl-min-version |- ssl-max-version |- ssl-send-empty-frags +- url-rewrite |- [identity-based-route] --*name (36) |- comments (128 xss) +- [rule] --*id (0,4294967295) |- gateway |- device (36) +- [groups] --*name (65) |- <auth-portal> -- [groups] --*name (65) |- portal-addr (64) |- portal-addr6 (64) +- identity-based-route (36) |- [policy] --*policyid (0,4294967294) |- name (36 xss) |- uuid |- [srcintf] --*name (65) |- [dstintf] --*name (65) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- internet-service |- [internet-service-id] --*id (0,4294967295) |- [internet-service-custom] --*name (65) |- rtp-nat |- [rtp-addr] --*name (65) |- learning-mode |- action |- send-deny-packet |- firewall-session-dirty |- status |- schedule (36) |- schedule-timeout |- [service] --*name (65) |- dscp-match |- dscp-negate |- dscp-value |- tcp-session-without-syn |- utm-status |- profile-type |- profile-group (36) |- av-profile (36) |- webfilter-profile (36) |- dnsfilter-profile (36) |- spamfilter-profile (36) |- dlp-sensor (36) |- ips-sensor (36) |- application-list (36) |- voip-profile (36) |- icap-profile (36) |- waf-profile (36) |- profile-protocol-options (36) |- ssl-ssh-profile (36) |- logtraffic |- logtraffic-start |- auto-asic-offload |- np-accelation |- traffic-shaper (36) |- traffic-shaper-reverse (36) |- per-ip-shaper (36) |- [application] --*id (0,4294967295) |- [app-category] --*id (0,4294967295) |- [url-category] --*id (0,4294967295) |- nat |- permit-any-host |- permit-stun-host |- fixedport |- ippool |- [poolname] --*name (65) |- session-ttl (300,604800) |- vlan-cos-fwd (0,7) |- vlan-cos-rev (0,7) |- inbound |- outbound |- natinbound |- natoutbound |- wccp |- ntlm |- ntlm-guest |- [ntlm-enabled-browsers] --*user-agent-string (65) |- fsso |- wsso |- rsso |- fsso-agent-for-ntlm (36) |- [groups] --*name (65) |- [users] --*name (65) |- [devices] --*name (36) |- auth-path |- disclaimer |- vpntunnel (36) |- natip |- match-vip |- diffserv-forward |- diffserv-reverse |- diffservcode-forward |- diffservcode-rev |- tcp-mss-sender (0,65535) |- tcp-mss-receiver (0,65535) |- comments |- label (64 xss) |- global-label (64 xss) |- auth-cert (36) |- auth-redirect-addr (64) |- redirect-url (256) |- identity-based-route (36) |- block-notification |- [custom-log-fields] --*field-id (36) |- [tags] --*name (65) |- replacemsg-override-group (36) |- srcaddr-negate |- dstaddr-negate |- service-negate |- internet-service-negate |- timeout-send-rst |- captive-portal-exempt |- ssl-mirror |- [ssl-mirror-intf] --*name (65) |- scan-botnet-connections |- dsri |- radius-mac-auth-bypass +- delay-tcp-npu-session |- [shaping-policy] --*id (0,4294967295) |- status |- ip-version |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- [srcaddr6] --*name (65) |- [dstaddr6] --*name (65) |- [service] --*name (65) |- [users] --*name (65) |- [groups] --*name (65) |- [application] --*id (0,4294967295) |- [app-category] --*id (0,4294967295) |- [url-category] --*id (0,4294967295) |- [dstintf] --*name (65) |- traffic-shaper (36) |- traffic-shaper-reverse (36) +- per-ip-shaper (36) |- [local-in-policy] --*policyid (0,4294967295) |- ha-mgmt-intf-only |- intf (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- action |- [service] --*name (65) |- schedule (36) +- status |- [policy6] --*policyid (0,4294967294) |- name (36 xss) |- uuid |- [srcintf] --*name (65) |- [dstintf] --*name (65) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- action |- firewall-session-dirty |- status |- vlan-cos-fwd (0,7) |- vlan-cos-rev (0,7) |- schedule (36) |- [service] --*name (65) |- dscp-match |- dscp-negate |- dscp-value |- tcp-session-without-syn |- utm-status |- profile-type |- profile-group (36) |- av-profile (36) |- webfilter-profile (36) |- spamfilter-profile (36) |- dlp-sensor (36) |- ips-sensor (36) |- application-list (36) |- voip-profile (36) |- icap-profile (36) |- profile-protocol-options (36) |- ssl-ssh-profile (36) |- logtraffic |- logtraffic-start |- auto-asic-offload |- np-accelation |- traffic-shaper (36) |- traffic-shaper-reverse (36) |- per-ip-shaper (36) |- [application] --*id (0,4294967295) |- [app-category] --*id (0,4294967295) |- [url-category] --*id (0,4294967295) |- nat |- fixedport |- ippool |- [poolname] --*name (65) |- session-ttl (300,604800) |- inbound |- outbound |- natinbound |- natoutbound |- send-deny-packet |- vpntunnel (36) |- diffserv-forward |- diffserv-reverse |- diffservcode-forward |- diffservcode-rev |- tcp-mss-sender (0,65535) |- tcp-mss-receiver (0,65535) |- comments |- label (64 xss) |- global-label (64 xss) |- rsso |- [custom-log-fields] --*field-id (36) |- [tags] --*name (65) |- replacemsg-override-group (36) |- srcaddr-negate |- dstaddr-negate |- service-negate |- [groups] --*name (65) |- [users] --*name (65) |- [devices] --*name (36) |- timeout-send-rst |- ssl-mirror |- [ssl-mirror-intf] --*name (65) +- dsri |- [local-in-policy6] --*policyid (0,4294967295) |- intf (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- action |- [service] --*name (65) |- schedule (36) +- status |- [ttl-policy] --*id (0,4294967295) |- status |- action |- srcintf (36) |- [srcaddr] --*name (65) |- [service] --*name (65) |- schedule (36) +- ttl |- [policy64] --*policyid (0,4294967294) |- uuid |- srcintf (36) |- dstintf (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- action |- status |- schedule (36) |- [service] --*name (65) |- logtraffic |- permit-any-host |- traffic-shaper (36) |- traffic-shaper-reverse (36) |- per-ip-shaper (36) |- fixedport |- ippool |- [poolname] --*name (65) |- tcp-mss-sender (0,65535) |- tcp-mss-receiver (0,65535) |- comments +- [tags] --*name (65) |- [policy46] -- permit-any-host |-*policyid (0,4294967294) |- uuid |- srcintf (36) |- dstintf (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- action |- status |- schedule (36) |- [service] --*name (65) |- logtraffic |- traffic-shaper (36) |- traffic-shaper-reverse (36) |- per-ip-shaper (36) |- fixedport |- tcp-mss-sender (0,65535) |- tcp-mss-receiver (0,65535) |- comments +- [tags] --*name (65) |- [proxy-address] --*name (36) |- uuid |- type |- host (64) |- host-regex (256 xss) |- path (256 xss) |- [category] --*id (0,4294967295) |- method |- ua |- header-name (80) |- header (256 xss) |- case-sensitivity |- [header-group] --*id (0,4294967295) |- header-name (80) |- header (256 xss) +- case-sensitivity |- color (0,32) |- [tags] --*name (65) |- comment +- visibility |- [proxy-addrgrp] --*name (64) |- type |- uuid |- [member] --*name (65) |- color (0,32) |- [tags] --*name (65) |- comment +- visibility |- [proxy-policy] -- uuid |-*policyid (0,4294967295) |- proxy |- [srcintf] --*name (65) |- [dstintf] --*name (65) |- [srcaddr] --*name (65) |- [poolname] --*name (65) |- [dstaddr] --*name (65) |- internet-service |- internet-service-negate |- [internet-service-id] --*id (0,4294967295) |- [internet-service-custom] --*name (65) |- [service] --*name (65) |- srcaddr-negate |- dstaddr-negate |- service-negate |- action |- status |- schedule (36) |- logtraffic |- [srcaddr6] --*name (65) |- [dstaddr6] --*name (65) |- [groups] --*name (65) |- [users] --*name (65) |- webproxy-forward-server (64) |- webproxy-profile (64) |- transparent |- disclaimer |- utm-status |- profile-type |- profile-group (36) |- av-profile (36) |- webfilter-profile (36) |- spamfilter-profile (36) |- dlp-sensor (36) |- ips-sensor (36) |- application-list (36) |- icap-profile (36) |- waf-profile (36) |- profile-protocol-options (36) |- ssl-ssh-profile (36) |- replacemsg-override-group (36) |- logtraffic-start |- [tags] --*name (65) |- label (64 xss) |- global-label (64 xss) |- scan-botnet-connections |- comments +- redirect-url |- [dnstranslation] --*id (0,4294967295) |- src |- dst +- netmask |- [multicast-policy] --*id (0,4294967294) |- status |- logtraffic |- srcintf (36) |- dstintf (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- snat |- snat-ip |- dnat |- action |- protocol (0,255) |- start-port (0,65535) |- end-port (0,65535) +- auto-asic-offload |- [multicast-policy6] --*id (0,4294967294) |- status |- logtraffic |- srcintf (36) |- dstintf (36) |- [srcaddr] --*name (80) |- [dstaddr] --*name (80) |- action |- protocol (0,255) |- start-port (0,65535) |- end-port (0,65535) +- auto-asic-offload |- [interface-policy] --*policyid (0,4294967295) |- status |- comments |- logtraffic |- address-type |- interface (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- [service] --*name (65) |- application-list-status |- application-list (36) |- ips-sensor-status |- ips-sensor (36) |- dsri |- av-profile-status |- av-profile (36) |- webfilter-profile-status |- webfilter-profile (36) |- spamfilter-profile-status |- spamfilter-profile (36) |- dlp-sensor-status |- dlp-sensor (36) |- scan-botnet-connections +- label (64 xss) |- [interface-policy6] --*policyid (0,4294967295) |- status |- comments |- logtraffic |- address-type |- interface (36) |- [srcaddr6] --*name (65) |- [dstaddr6] --*name (65) |- [service6] --*name (65) |- application-list-status |- application-list (36) |- ips-sensor-status |- ips-sensor (36) |- dsri |- av-profile-status |- av-profile (36) |- webfilter-profile-status |- webfilter-profile (36) |- spamfilter-profile-status |- spamfilter-profile (36) |- dlp-sensor-status |- dlp-sensor (36) |- scan-botnet-connections +- label (64 xss) |- [DoS-policy] --*policyid (0,9999) |- status |- comments |- interface (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- [service] --*name (65) +- [anomaly] --*name (64) |- status |- log |- action |- quarantine |- quarantine-expiry |- quarantine-log |- threshold (1,2147483647) +- threshold(default) (0,4294967295) |- [DoS-policy6] --*policyid (0,9999) |- status |- comments |- interface (36) |- [srcaddr] --*name (65) |- [dstaddr] --*name (65) |- [service] --*name (65) +- [anomaly] --*name (64) |- status |- log |- action |- quarantine |- quarantine-expiry |- quarantine-log |- threshold (1,2147483647) +- threshold(default) (0,4294967295) |- [sniffer] --*id (0,9999) |- status |- logtraffic |- ipv6 |- non-ip |- interface (36) |- host (64 xss) |- port (64 xss) |- protocol (64 xss) |- vlan (64 xss) |- application-list-status |- application-list (36) |- ips-sensor-status |- ips-sensor (36) |- dsri |- av-profile-status |- av-profile (36) |- webfilter-profile-status |- webfilter-profile (36) |- spamfilter-profile-status |- spamfilter-profile (36) |- dlp-sensor-status |- dlp-sensor (36) |- ips-dos-status |- [anomaly] --*name (64) |- status |- log |- action |- quarantine |- quarantine-expiry |- quarantine-log |- threshold (1,2147483647) +- threshold(default) (0,4294967295) |- scan-botnet-connections +- max-packet-count (1,10000) |- [central-snat-map] --*policyid (0,4294967295) |- status |- [orig-addr] --*name (65) |- [srcintf] --*name (65) |- [dst-addr] --*name (65) |- [dstintf] --*name (65) |- [nat-ippool] --*name (65) |- protocol (0,255) |- orig-port (0,65535) |- nat-port +- nat |- ssl -- <setting> -- proxy-connect-timeout (1,60) |- ssl-dh-bits |- ssl-send-empty-frags |- no-matching-cipher-action |- cert-cache-capacity (0,500) |- cert-cache-timeout (1,120) |- session-cache-capacity (0,1000) |- session-cache-timeout (1,60) |- kxp-queue-threshold (0,512) |- ssl-queue-threshold (0,512) +- abbreviate-handshake |- [ip-translation] --*transid (0,4294967295) |- type |- startip |- endip +- map-startip |- <ipv6-eh-filter> -- hop-opt |- dest-opt |- hdopt-type (0,255) |- routing |- routing-type (0,255) |- fragment |- auth +- no-next |- iprope -- <list> -- <group_number> (0) +- appctrl -- <list> +- <status> |- <proute> -- <policy route id> (0) +- <proute6> |- webfilter -- [ftgd-local-cat] -- id (140,191) +-*desc (80) |- [content] --*id (0,4294967295) |- name (36) |- comment +- [entries] --*name (128 xss) |- pattern-type |- status |- lang |- score (0,4294967295) +- action |- [content-header] --*id (0,4294967295) |- name (36) |- comment +- [entries] --*pattern (32 xss) |- action +- category |- [urlfilter] --*id (0,4294967295) |- name (36) |- comment |- one-arm-ips-urlfilter |- ip-addr-block +- [entries] --*id (0,4294967295) |- url (512 xss) |- type |- action |- status |- exempt |- web-proxy-profile (64) +- referrer-host (256) |- <ips-urlfilter-setting> -- device (36) |- distance (1,255) +- gateway |- <ips-urlfilter-cache-setting> -- dns-retry-interval (0,2147483) +- extended-ttl (0,2147483) |- [profile] --*name (36) |- comment |- replacemsg-group (36) |- inspection-mode |- options |- https-replacemsg |- ovrd-perm |- post-action |- <override> -- ovrd-cookie |- ovrd-scope |- profile-type |- ovrd-dur-mode |- ovrd-dur |- profile-attribute |- [ovrd-user-group] --*name (65) +- [profile] --*name (65) |- <web> -- bword-threshold (0,2147483647) |- bword-table (0,4294967295) |- urlfilter-table (0,4294967295) |- content-header-list (0,4294967295) |- blacklist |- whitelist |- safe-search |- youtube-restrict |- log-search +- [keyword-match] --*pattern (65) |- <ftgd-wf> -- options |- category-override |- exempt-quota |- ovrd |- [filters] --*id (0,255) |- category (0,255) |- action |- warn-duration |- [auth-usr-grp] --*name (65) |- log |- override-replacemsg (29) |- warning-prompt +- warning-duration-type |- [quota] --*id (0,4294967295) |- category |- type |- unit |- value (1,4294967295) |- duration +- override-replacemsg (29) |- max-quota-timeout (1,86400) |- rate-image-urls |- rate-javascript-urls |- rate-css-urls +- rate-crl-urls |- wisp |- [wisp-servers] --*name (65) |- wisp-algorithm |- log-all-url |- web-content-log |- web-filter-activex-log |- web-filter-command-block-log |- web-filter-cookie-log |- web-filter-applet-log |- web-filter-jscript-log |- web-filter-js-log |- web-filter-vbs-log |- web-filter-unknown-log |- web-filter-referer-log |- web-filter-cookie-removal-log |- web-url-log |- web-invalid-domain-log |- web-ftgd-err-log +- web-ftgd-quota-usage |- <fortiguard> -- cache-mode |- cache-prefix-match |- cache-mem-percent (1,15) |- ovrd-auth-port-http (0,65535) |- ovrd-auth-port-https (0,65535) |- ovrd-auth-port-warning (0,65535) |- ovrd-auth-https |- warn-auth-https |- close-ports |- request-packet-size-limit (576,10000) |- <categories> |- [override] --*id (0,4294967295) |- status |- scope |- ip |- user (65) |- user-group (64) |- old-profile (36) |- new-profile (36) |- ip6 |- expires +- initiator (65) |- [ftgd-local-rating] --*url (512 xss) |- status +- rating |- [search-engine] --*name (36) |- hostname (128 xss) |- url (128 xss) |- query (16 xss) |- safesearch |- charset +- safesearch-str (80 xss) |- <cookie-ovrd> -- redir-host (256) +- redir-port (0,65535) |- <ftgd-statistics> |- <status> -- <refresh-rate> (0) +- <override-usr> |- ips -- [sensor] --*name (36) |- comment |- replacemsg-group (36) |- block-malicious-url |- [entries] --*id (0,4294967295) |- [rule] --*id (0,4294967295) |- location |- severity |- protocol |- os |- application |- [tags] --*name (65) |- status |- log |- log-packet |- log-attack-context |- action |- rate-count (0,65535) |- rate-duration (1,65535) |- rate-mode |- rate-track |- [exempt-ip] --*id (0,4294967295) |- src-ip +- dst-ip |- quarantine |- quarantine-expiry +- quarantine-log |- [filter] --*name (32) |- location |- severity |- protocol |- os |- application |- status |- log |- log-packet |- action |- quarantine |- quarantine-expiry (1,2147483647) +- quarantine-log +- [override] --*rule-id (0,4294967295) |- status |- log |- log-packet |- action |- quarantine |- quarantine-expiry (1,2147483647) |- quarantine-log +- [exempt-ip] --*id (0,4294967295) |- src-ip +- dst-ip |- [attr-map] --*id (0,4294967295) |- name (32) +- [children] --*map-id (0,4294967295) |- [metadata-map] --*id (0,4294967295) |- type (0,4294967295) |- name (32) +- [values] --*subid (0,4294967295) +- subname (32) |- [view-map] --*id (0,4294967295) |- vdom-id (0,4294967295) |- policy-id (0,4294967295) |- id-policy-id (0,4294967295) +- which |- [decoder] --*name (64) +- [parameter] --*name (32) +- value (200) |- [rule] --*name (64) |- status |- log |- log-packet |- action |- group (64) |- severity |- location |- os |- application |- service |- rule-id (0,4294967295) |- rev (0,4294967295) |- date (0,4294967295) +- [metadata] --*id (0,4294967295) |- metaid (0,4294967295) +- valueid (0,4294967295) |- [rule-settings] --*id (0,4294967295) +- [tags] --*name (65) |- [custom] --*tag (64) |- signature (1024 xss) |- sig-name (64) |- rule-id (0,4294967295) |- severity |- location |- os |- application |- protocol |- status |- log |- log-packet |- action +- comment (64 xss) |- <global> -- fail-open |- database |- traffic-submit |- anomaly-mode |- session-limit-mode |- intelligent-mode |- socket-size (1,128) |- engine-count (0,255) |- algorithm |- sync-session-ttl |- np-accel-mode |- cp-accel-mode |- skype-client-public-ipaddr |- deep-app-insp-timeout (0,2147483647) +- deep-app-insp-db-limit (0,2147483647) |- <settings> -- packet-log-history (1,255) |- packet-log-post-attack (0,255) |- packet-log-memory (64,8192) +- ips-packet-quota (0,4294967295) +- <session> |- web-proxy -- [profile] --*name (64) |- header-client-ip |- header-via-request |- header-via-response |- header-x-forwarded-for |- header-front-end-https |- strip-encoding +- [headers] --*id (0,4294967295) |- name (80) |- action +- content (256) |- <global> -- proxy-fqdn (256) |- max-request-length (2,64) |- max-message-length (16,256) |- strict-web-check |- forward-proxy-auth |- tunnel-non-http |- unknown-http-version |- forward-server-affinity-timeout (6,60) |- max-waf-body-cache-length (10,1024) |- webproxy-profile (64) |- learn-client-ip |- learn-client-ip-from-header |- [learn-client-ip-srcaddr] --*name (65) +- [learn-client-ip-srcaddr6] --*name (65) |- <explicit> -- status |- ftp-over-http |- socks |- http-incoming-port |- https-incoming-port |- ftp-incoming-port |- socks-incoming-port |- incoming-ip |- outgoing-ip |- ipv6-status |- incoming-ip6 |- outgoing-ip6 |- strict-guest |- pref-dns-result |- unknown-http-version |- realm (64) |- sec-default-action |- https-replacement-message |- message-upon-server-error |- pac-file-server-status |- pac-file-server-port |- pac-file-name (64) |- pac-file-data |- pac-file-url |- ssl-algorithm +- trace-auth-no-rsp |- [forward-server] --*name (64) |- addr-type |- ip |- fqdn (256) |- port (1,65535) |- healthcheck |- monitor (256) |- server-down-option +- comment (64 xss) |- [forward-server-group] --*name (64) |- affinity |- ldb-method |- group-down-option +- [server-list] --*name (64) +- weight (1,100) |- [debug-url] --*name (64) |- url-pattern (512) |- status +- exact |- [wisp] --*name (36) |- comment |- outgoing-ip |- server-ip |- server-port (1,65535) |- max-connections (4,4096) +- timeout (1,15) +- [url-match] --*name (64) |- status |- url-pattern (512) |- forward-server (36) |- cache-exemption +- comment |- ftp-proxy -- <explicit> -- status |- incoming-port |- incoming-ip |- outgoing-ip +- sec-default-action |- application -- [name] --*name (64) |- id (0,4294967295) |- category (0,4294967295) |- sub-category (0,255) |- popularity (0,255) |- risk (0,255) |- weight (0,255) |- protocol |- technology |- behavior |- vendor |- parameter (36) +- [metadata] --*id (0,4294967295) |- metaid (0,4294967295) +- valueid (0,4294967295) |- [custom] --*tag (64) |- name (64) |- id (0,4294967295) |- comment (64 xss) |- signature (1024 xss) |- category (0,4294967295) |- protocol |- technology |- behavior +- vendor |- [rule-settings] --*id (0,4294967295) +- [tags] --*name (65) +- [list] --*name (36) |- comment |- replacemsg-group (36) |- other-application-action |- app-replacemsg |- other-application-log |- unknown-application-action |- unknown-application-log |- p2p-black-list |- deep-app-inspection |- options +- [entries] --*id (0,4294967295) |- [risk] --*level (0,4294967295) |- [category] --*id (0,4294967295) |- [sub-category] --*id (0,4294967295) |- [application] --*id (0,4294967295) |- protocols |- vendor |- technology |- behavior |- popularity |- [tags] --*name (65) |- [parameters] --*id (0,4294967295) +- value (64 xss) |- action |- log |- log-packet |- rate-count (0,65535) |- rate-duration (1,65535) |- rate-mode |- rate-track |- session-ttl (0,4294967295) |- shaper (36) |- shaper-reverse (36) |- per-ip-shaper (36) |- quarantine |- quarantine-expiry +- quarantine-log |- dlp -- [filepattern] --*id (0,4294967295) |- name (36) |- comment +- [entries] -- filter-type |-*pattern (80 xss) +- file-type |- [fp-sensitivity] --*name (36) +- [sensor] --*name (36) |- comment |- replacemsg-group (36) |- [filter] --*id (0,4294967295) |- name (36) |- severity |- type |- proto |- filter-by |- file-size (0,4294967295) |- company-identifier (36) |- [fp-sensitivity] --*name (36) |- file-type (0,4294967295) |- regexp (256 xss) |- archive |- action +- expiry |- dlp-log |- nac-quar-log |- flow-based |- full-archive-proto +- summary-proto |- spamfilter -- [bword] --*id (0,4294967295) |- name (36) |- comment +- [entries] -- status |-*id (0,4294967295) |- pattern (128 xss) |- pattern-type |- action |- where |- language +- score (1,99999) |- [bwl] --*id (0,4294967295) |- name (36) |- comment +- [entries] -- status |-*id (0,4294967295) |- type |- action |- addr-type |- ip4-subnet |- ip6-subnet |- pattern-type +- email-pattern (128 xss) |- [mheader] --*id (0,4294967295) |- name (36) |- comment +- [entries] -- status |-*id (0,4294967295) |- fieldname (64 xss) |- fieldbody (128 xss) |- pattern-type +- action |- [dnsbl] --*id (0,4294967295) |- name (36) |- comment +- [entries] -- status |-*id (0,4294967295) |- server (128) +- action |- [iptrust] --*id (0,4294967295) |- name (36) |- comment +- [entries] -- status |-*id (0,4294967295) |- addr-type |- ip4-subnet +- ip6-subnet |- [profile] --*name (36) |- comment |- flow-based |- replacemsg-group (36) |- spam-log |- spam-log-fortiguard-response |- spam-filtering |- external |- options |- <imap> -- log |- action |- tag-type +- tag-msg (64) |- <pop3> -- log |- action |- tag-type +- tag-msg (64) |- <smtp> -- log |- action |- tag-type |- tag-msg (64) |- hdrip +- local-override |- <mapi> -- log +- action |- <msn-hotmail> -- log |- <yahoo-mail> -- log |- <gmail> -- log |- spam-bword-threshold (0,2147483647) |- spam-bword-table (0,4294967295) |- spam-bwl-table (0,4294967295) |- spam-mheader-table (0,4294967295) |- spam-rbl-table (0,4294967295) +- spam-iptrust-table (0,4294967295) |- <fortishield> -- spam-submit-srv (64) |- spam-submit-force +- spam-submit-txt2htm +- <options> -- dns-timeout (1,30) |- log -- <threat-weight> -- status |- <level> -- low (1,100) |- medium (1,100) |- high (1,100) +- critical (1,100) |- blocked-connection |- failed-connection |- malware-detected |- url-block-detected |- botnet-connection-detected |- <ips> -- info-severity |- low-severity |- medium-severity |- high-severity +- critical-severity |- [web] --*id (0,255) |- category (0,255) +- level |- [geolocation] --*id (0,255) |- country (3) +- level +- [application] --*id (0,255) |- category (0,65535) +- level |- [custom-field] --*id (36) |- name (16) +- value (16) |- syslogd -- <setting> -- status |- server (64) |- reliable |- port (0,65535) |- facility |- source-ip (64) |- format +- [custom-field-name] --*id (0,255) |- name (36) +- custom (36) |- <override-setting> -- override |- status |- server (64) |- reliable |- port (0,65535) |- facility |- source-ip (64) |- format +- [custom-field-name] --*id (0,255) |- name (36) +- custom (36) |- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type +- <override-filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- syslogd2 -- <setting> -- status |- server (64) |- reliable |- port (0,65535) |- facility |- source-ip (64) |- format +- [custom-field-name] --*id (0,255) |- name (36) +- custom (36) +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- syslogd3 -- <setting> -- status |- server (64) |- reliable |- port (0,65535) |- facility |- source-ip (64) |- format +- [custom-field-name] --*id (0,255) |- name (36) +- custom (36) +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- syslogd4 -- <setting> -- status |- server (64) |- reliable |- port (0,65535) |- facility |- source-ip (64) |- format +- [custom-field-name] --*id (0,255) |- name (36) +- custom (36) +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- webtrends -- <setting> -- status +- server (64) +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- memory -- <global-setting> -- max-size (0,4294967295) |- full-first-warning-threshold (1,98) |- full-second-warning-threshold (2,99) +- full-final-warning-threshold (3,100) |- <setting> -- status +- diskfull +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- disk -- <setting> -- status |- ips-archive |- max-log-file-size (1,100) |- max-policy-packet-capture-size (0,4294967295) |- roll-schedule |- roll-day |- roll-time |- diskfull |- log-quota (0,4294967295) |- dlp-archive-quota (0,4294967295) |- maximum-log-age (0,4294967295) |- upload |- upload-destination |- uploadip |- uploadport (0,65535) |- source-ip |- uploaduser (36) |- uploadpass |- uploaddir (64) |- uploadtype |- uploadsched |- uploadtime (0,23) |- upload-delete-files |- upload-ssl-conn |- full-first-warning-threshold (1,98) |- full-second-warning-threshold (2,99) +- full-final-warning-threshold (3,100) +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- <eventfilter> -- event |- system |- vpn |- user |- router |- wireless-activity |- wan-opt |- endpoint |- ha |- compliance-check +- security-audit |- fortiguard -- <setting> -- status |- upload-option |- upload-interval |- upload-day |- upload-time |- enc-algorithm +- source-ip |- <override-setting> -- override |- status |- upload-option |- upload-interval |- upload-day +- upload-time |- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dlp-archive |- dns |- filter (512 xss) +- filter-type +- <override-filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dlp-archive |- dns |- filter (512 xss) +- filter-type |- null-device -- <setting> -- status +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dns |- filter (512 xss) +- filter-type |- <setting> -- resolve-ip |- resolve-port |- log-user-in-upper |- fwpolicy-implicit-log |- fwpolicy6-implicit-log |- log-invalid-packet |- local-in-allow |- local-in-deny-unicast |- local-in-deny-broadcast |- local-out |- daemon-log |- neighbor-event |- brief-traffic-format |- user-anonymize |- expolicy-implicit-log +- log-policy-comment |- <gui-display> -- resolve-hosts |- resolve-apps |- fortiview-unscanned-apps +- location |- fortianalyzer -- <setting> -- status |- ips-archive |- server (64) |- hmac-algorithm |- enc-algorithm |- conn-timeout (1,3600) |- monitor-keepalive-period (1,120) |- monitor-failure-retry-period (1,86400) |- certificate (36) |- source-ip (64) |- __change_ip (0,255) |- upload-option |- upload-interval |- upload-day |- upload-time +- reliable |- <override-setting> -- override |- use-management-vdom |- status |- ips-archive |- server (64) |- hmac-algorithm |- enc-algorithm |- conn-timeout (1,3600) |- monitor-keepalive-period (1,120) |- monitor-failure-retry-period (1,86400) |- certificate (36) |- source-ip (64) |- __change_ip (0,255) |- upload-option |- upload-interval |- upload-day |- upload-time +- reliable |- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dlp-archive |- dns |- filter (512 xss) +- filter-type +- <override-filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dlp-archive |- dns |- filter (512 xss) +- filter-type |- fortianalyzer2 -- <setting> -- status |- ips-archive |- server (64) |- hmac-algorithm |- enc-algorithm |- conn-timeout (1,3600) |- monitor-keepalive-period (1,120) |- monitor-failure-retry-period (1,86400) |- certificate (36) |- source-ip (64) |- __change_ip (0,255) |- upload-option |- upload-interval |- upload-day |- upload-time +- reliable +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dlp-archive |- dns |- filter (512 xss) +- filter-type +- fortianalyzer3 -- <setting> -- status |- ips-archive |- server (64) |- hmac-algorithm |- enc-algorithm |- conn-timeout (1,3600) |- monitor-keepalive-period (1,120) |- monitor-failure-retry-period (1,86400) |- certificate (36) |- source-ip (64) |- __change_ip (0,255) |- upload-option |- upload-interval |- upload-day |- upload-time +- reliable +- <filter> -- severity |- forward-traffic |- local-traffic |- multicast-traffic |- sniffer-traffic |- anomaly |- voip |- dlp-archive |- dns |- filter (512 xss) +- filter-type |- icap -- [server] --*name (36) |- ip-version |- ip-address |- ip6-address |- port (1,65535) +- max-connections (1,65535) +- [profile] -- replacemsg-group (36) |-*name (36) |- request |- response |- streaming-content-bypass |- request-server (36) |- response-server (36) |- request-failure |- response-failure |- request-path (128) |- response-path (128) +- methods |- vpn -- certificate -- [ca] --*name (80) |- ca |- range |- source |- trusted |- scep-url (256 xss) |- auto-update-days (0,4294967295) |- auto-update-days-warning (0,4294967295) |- source-ip +- last-updated (0,4294967295) |- [local] --*name (36) |- password |- comments (512 xss) |- private-key |- certificate |- csr |- state |- scep-url (256 xss) |- range |- source |- auto-regenerate-days (0,4294967295) |- auto-regenerate-days-warning (0,4294967295) |- scep-password |- ca-identifier (256) |- name-encoding |- source-ip |- ike-localid (64) |- ike-localid-type +- last-updated (0,4294967295) |- [crl] --*name (36) |- crl |- range |- source |- update-vdom (32) |- ldap-server (36) |- ldap-username (64) |- ldap-password |- http-url (256 xss) |- scep-url (256 xss) |- scep-cert (36) |- update-interval (0,4294967295) |- source-ip +- last-updated (0,4294967295) |- [remote] --*name (36) |- remote |- range +- source |- [ocsp-server] --*name (36) |- url (128) |- cert (128) |- secondary-url (128) |- secondary-cert (128) |- unavail-action +- source-ip +- <setting> -- ocsp-status |- ssl-ocsp-status |- ssl-ocsp-option |- ocsp-default-server (36) |- check-ca-cert |- strict-crl-check |- strict-ocsp-check |- certname-rsa1024 (36) |- certname-rsa2048 (36) |- certname-dsa1024 (36) |- certname-dsa2048 (36) |- certname-ecdsa256 (36) +- certname-ecdsa384 (36) |- ssl -- web -- [realm] --*url-path (36) |- max-concurrent-user (0,65535) |- login-page +- virtual-host |- [virtual-desktop-app-list] --*name (36) |- action +- [apps] --*name (36) +- [md5s] --*id (33) |- [host-check-software] --*name (64) |- type |- version (36) |- guid +- [check-item-list] --*id (0,65535) |- action |- type |- target (256 xss) |- version (36) +- [md5s] --*id (33) |- [portal] --*name (36) |- tunnel-mode |- ip-mode |- auto-connect |- keep-alive |- save-password |- [ip-pools] --*name (65) |- exclusive-routing |- service-restriction |- split-tunneling |- [split-tunneling-routing-address] --*name (65) |- dns-server1 |- dns-server2 |- dns-suffix |- wins-server1 |- wins-server2 |- ipv6-tunnel-mode |- [ipv6-pools] --*name (65) |- ipv6-exclusive-routing |- ipv6-service-restriction |- ipv6-split-tunneling |- [ipv6-split-tunneling-routing-address] --*name (65) |- ipv6-dns-server1 |- ipv6-dns-server2 |- ipv6-wins-server1 |- ipv6-wins-server2 |- web-mode |- display-bookmark |- user-bookmark |- allow-user-access |- user-group-bookmark |- [bookmark-group] --*name (36) +- [bookmarks] --*name (36) |- apptype |- url |- host |- folder |- additional-params |- listening-port (0,65535) |- remote-port (0,65535) |- show-status-window |- description |- server-layout |- security |- port (0,65535) |- logon-user |- logon-password |- sso |- [form-data] --*name (36) +- value |- sso-credential |- sso-username +- sso-password |- display-connection-tools |- display-history |- display-status |- heading (32) |- redir-url |- theme |- custom-lang (36) |- smb-ntlmv1-auth |- host-check |- host-check-interval (120,259200) |- [host-check-policy] --*name (65) |- limit-user-logins |- mac-addr-check |- mac-addr-action |- [mac-addr-check-rule] --*name (36) |- mac-addr-mask (1,48) +- [mac-addr-list] --*addr |- os-check |- [os-check-list] --*name (16) |- action |- tolerance (0,255) +- latest-patch-level |- virtual-desktop |- virtual-desktop-app-list (36) |- virtual-desktop-clipboard-share |- virtual-desktop-desktop-switch |- virtual-desktop-logout-when-browser-close |- virtual-desktop-network-share-access |- virtual-desktop-printing |- virtual-desktop-removable-media-access |- forticlient-download |- forticlient-download-method |- customize-forticlient-download-url |- windows-forticlient-download-url |- macos-forticlient-download-url |- skip-check-for-unsupported-os +- skip-check-for-unsupported-browser |- [user-group-bookmark] --*name (65 xss) +- [bookmarks] --*name (36) |- apptype |- url |- host |- folder |- additional-params |- listening-port (0,65535) |- remote-port (0,65535) |- show-status-window |- description |- server-layout |- security |- port (0,65535) |- logon-user |- logon-password |- sso |- [form-data] --*name (36) +- value |- sso-credential |- sso-username +- sso-password +- [user-bookmark] --*name (102 xss) |- custom-lang (36) +- [bookmarks] --*name (36) |- apptype |- url |- host |- folder |- additional-params |- listening-port (0,65535) |- remote-port (0,65535) |- show-status-window |- description |- server-layout |- security |- port (0,65535) |- logon-user |- logon-password |- sso |- [form-data] --*name (36) +- value |- sso-credential |- sso-username +- sso-password |- <settings> -- reqclientcert |- sslv3 |- tlsv1-0 |- tlsv1-1 |- tlsv1-2 |- banned-cipher |- ssl-big-buffer |- ssl-insert-empty-fragment |- https-redirect |- ssl-client-renegotiation |- force-two-factor-auth |- unsafe-legacy-renegotiation |- servercert (36) |- algorithm |- idle-timeout (0,259200) |- auth-timeout (0,259200) |- login-attempt-limit (0,4294967295) |- login-block-time (0,4294967295) |- login-timeout (10,180) |- dtls-hello-timeout (10,60) |- [tunnel-ip-pools] --*name (65) |- [tunnel-ipv6-pools] --*name (65) |- dns-suffix |- dns-server1 |- dns-server2 |- wins-server1 |- wins-server2 |- ipv6-dns-server1 |- ipv6-dns-server2 |- ipv6-wins-server1 |- ipv6-wins-server2 |- route-source-interface |- url-obscuration |- http-compression |- http-only-cookie |- deflate-compression-level (0,9) |- deflate-min-data-size (200,65535) |- port (1,65535) |- port-precedence |- auto-tunnel-static-route |- header-x-forwarded-for |- [source-interface] --*name (36) |- [source-address] --*name (65) |- source-address-negate |- [source-address6] --*name (65) |- source-address6-negate |- default-portal (36) |- [authentication-rule] --*id (0,4294967295) |- [source-interface] --*name (36) |- [source-address] --*name (65) |- source-address-negate |- [source-address6] --*name (65) |- source-address6-negate |- [users] --*name (65) |- [groups] --*name (65) |- portal (36) |- realm (36) |- client-cert |- cipher +- auth |- dtls-tunnel |- check-referer |- http-request-header-timeout (0,4294967295) +- http-request-body-timeout (0,4294967295) +- <monitor> |- ipsec -- [phase1] --*name (36) |- type |- interface (36) |- ike-version |- remote-gw |- local-gw |- remotegw-ddns (64) |- keylife (120,172800) |- [certificate] --*name (65) |- authmethod |- authmethod-remote |- mode |- peertype |- peerid (256) |- usrgrp (36) |- peer (36) |- peergrp (36) |- mode-cfg |- assign-ip |- assign-ip-from |- ipv4-start-ip |- ipv4-end-ip |- ipv4-netmask |- dns-mode |- ipv4-dns-server1 |- ipv4-dns-server2 |- ipv4-dns-server3 |- ipv4-wins-server1 |- ipv4-wins-server2 |- [ipv4-exclude-range] --*id (0,4294967295) |- start-ip +- end-ip |- ipv4-split-include (64) |- split-include-service (64) |- ipv4-name (64) |- ipv6-start-ip |- ipv6-end-ip |- ipv6-prefix (1,128) |- ipv6-dns-server1 |- ipv6-dns-server2 |- ipv6-dns-server3 |- [ipv6-exclude-range] --*id (0,4294967295) |- start-ip +- end-ip |- ipv6-split-include (64) |- ipv6-name (64) |- unity-support |- domain (64) |- banner |- include-local-lan |- save-password |- client-auto-negotiate |- client-keep-alive |- [backup-gateway] --*address (65) |- proposal |- add-route |- add-gw-route |- psksecret |- psksecret-remote |- keepalive (10,900) |- distance (1,255) |- priority (0,4294967295) |- localid (64) |- localid-type |- auto-negotiate |- negotiate-timeout (1,300) |- fragmentation |- dpd |- dpd-retrycount (0,10) |- dpd-retryinterval |- forticlient-enforcement |- comments |- npu-offload |- send-cert-chain |- dhgrp |- suite-b |- eap |- eap-identity |- acct-verify |- wizard-type |- xauthtype |- reauth |- authusr (65) |- authpasswd |- authusrgrp (36) |- mesh-selector-type |- idle-timeout |- idle-timeoutinterval (5,43200) |- ha-sync-esp-seqno |- nattraversal |- fragmentation-mtu (500,16000) |- childless-ike |- rekey |- digital-signature-auth |- signature-hash-alg |- rsa-signature-format |- enforce-unique-id |- group-authentication +- group-authentication-secret |- [phase2] --*name (36) |- phase1name (36) |- dhcp-ipsec |- use-natip |- selector-match |- proposal |- pfs |- dhgrp |- replay |- keepalive |- auto-negotiate |- add-route |- keylifeseconds (120,172800) |- keylifekbs (5120,4294967295) |- keylife-type |- single-source |- route-overlap |- encapsulation |- l2tp |- comments |- protocol (0,255) |- src-name (64) |- src-name6 (64) |- src-addr-type |- src-start-ip |- src-start-ip6 |- src-end-ip |- src-end-ip6 |- src-subnet |- src-subnet6 |- src-port (0,65535) |- dst-name (64) |- dst-name6 (64) |- dst-addr-type |- dst-start-ip |- dst-start-ip6 |- dst-end-ip |- dst-end-ip6 |- dst-subnet |- dst-subnet6 +- dst-port (0,65535) |- [manualkey] --*name (36) |- interface (16) |- remote-gw |- local-gw |- authentication |- encryption |- authkey |- enckey |- localspi |- remotespi +- npu-offload |- [concentrator] --*name (36) |- src-check +- [member] --*name (65) |- [phase1-interface] --*name (16) |- type |- interface (36) |- ip-version |- ike-version |- local-gw |- local-gw6 |- remote-gw |- remote-gw6 |- remotegw-ddns (64) |- keylife (120,172800) |- [certificate] --*name (65) |- authmethod |- authmethod-remote |- mode |- peertype |- peerid (256) |- default-gw |- default-gw-priority (0,4294967295) |- usrgrp (36) |- peer (36) |- peergrp (36) |- monitor (36) |- monitor-hold-down-type |- monitor-hold-down-delay (0,31536000) |- monitor-hold-down-weekday |- monitor-hold-down-time |- passive-mode |- exchange-interface-ip |- mode-cfg |- assign-ip |- assign-ip-from |- ipv4-start-ip |- ipv4-end-ip |- ipv4-netmask |- dns-mode |- ipv4-dns-server1 |- ipv4-dns-server2 |- ipv4-dns-server3 |- ipv4-wins-server1 |- ipv4-wins-server2 |- [ipv4-exclude-range] --*id (0,4294967295) |- start-ip +- end-ip |- ipv4-split-include (64) |- split-include-service (64) |- ipv4-name (64) |- ipv6-start-ip |- ipv6-end-ip |- ipv6-prefix (1,128) |- ipv6-dns-server1 |- ipv6-dns-server2 |- ipv6-dns-server3 |- [ipv6-exclude-range] --*id (0,4294967295) |- start-ip +- end-ip |- ipv6-split-include (64) |- ipv6-name (64) |- unity-support |- domain (64) |- banner |- include-local-lan |- save-password |- client-auto-negotiate |- client-keep-alive |- [backup-gateway] --*address (65) |- proposal |- add-route |- add-gw-route |- psksecret |- psksecret-remote |- keepalive (10,900) |- distance (1,255) |- priority (0,4294967295) |- localid (64) |- localid-type |- auto-negotiate |- negotiate-timeout (1,300) |- fragmentation |- dpd |- dpd-retrycount (0,10) |- dpd-retryinterval |- forticlient-enforcement |- comments |- npu-offload |- send-cert-chain |- dhgrp |- suite-b |- eap |- eap-identity |- acct-verify |- wizard-type |- xauthtype |- reauth |- authusr (65) |- authpasswd |- authusrgrp (36) |- mesh-selector-type |- idle-timeout |- idle-timeoutinterval (5,43200) |- ha-sync-esp-seqno |- auto-discovery-sender |- auto-discovery-receiver |- auto-discovery-forwarder |- auto-discovery-psk |- encapsulation |- encapsulation-address |- encap-local-gw4 |- encap-local-gw6 |- encap-remote-gw4 |- encap-remote-gw6 |- vni (1,16777215) |- nattraversal |- fragmentation-mtu (500,16000) |- childless-ike |- rekey |- digital-signature-auth |- signature-hash-alg |- rsa-signature-format |- enforce-unique-id |- group-authentication +- group-authentication-secret |- [phase2-interface] --*name (36) |- phase1name (16) |- dhcp-ipsec |- proposal |- pfs |- dhgrp |- replay |- keepalive |- auto-negotiate |- add-route |- auto-discovery-sender |- auto-discovery-forwarder |- keylifeseconds (120,172800) |- keylifekbs (5120,4294967295) |- keylife-type |- single-source |- route-overlap |- encapsulation |- l2tp |- comments |- protocol (0,255) |- src-name (64) |- src-name6 (64) |- src-addr-type |- src-start-ip |- src-start-ip6 |- src-end-ip |- src-end-ip6 |- src-subnet |- src-subnet6 |- src-port (0,65535) |- dst-name (64) |- dst-name6 (64) |- dst-addr-type |- dst-start-ip |- dst-start-ip6 |- dst-end-ip |- dst-end-ip6 |- dst-subnet |- dst-subnet6 +- dst-port (0,65535) |- [manualkey-interface] --*name (16) |- interface (16) |- ip-version |- addr-type |- remote-gw |- remote-gw6 |- local-gw |- local-gw6 |- auth-alg |- enc-alg |- auth-key |- enc-key |- local-spi |- remote-spi +- npu-offload |- [forticlient] --*realm (36) |- usergroupname (36) |- phase2name (36) +- status |- stats -- <crypto> +- <tunnel> +- tunnel -- <details> |- <summary> +- <name> |- <pptp> -- status |- ip-mode |- eip |- sip |- local-ip +- usrgrp (36) |- <l2tp> -- eip |- sip |- status |- usrgrp (36) +- enforce-ipsec |- ike -- <gateway> -- <name> (0) +- status -- <l2tp> |- <pptp> +- ssl -- <list> +- <hw-acceleration-status> |- certificate -- [ca] --*name (80) |- ca |- range |- source |- trusted |- scep-url (256 xss) |- auto-update-days (0,4294967295) |- auto-update-days-warning (0,4294967295) |- source-ip +- last-updated (0,4294967295) |- [local] --*name (36) |- password |- comments (512 xss) |- private-key |- certificate |- csr |- state |- scep-url (256 xss) |- range |- source |- auto-regenerate-days (0,4294967295) |- auto-regenerate-days-warning (0,4294967295) |- scep-password |- ca-identifier (256) |- name-encoding |- source-ip |- ike-localid (64) |- ike-localid-type +- last-updated (0,4294967295) +- [crl] --*name (36) |- crl |- range |- source |- update-vdom (32) |- ldap-server (36) |- ldap-username (64) |- ldap-password |- http-url (256 xss) |- scep-url (256 xss) |- scep-cert (36) |- update-interval (0,4294967295) |- source-ip +- last-updated (0,4294967295) |- user -- [radius] --*name (36) |- server (64) |- secret |- secondary-server (64) |- secondary-secret |- tertiary-server (64) |- tertiary-secret |- timeout (1,300) |- all-usergroup |- use-management-vdom |- nas-ip |- acct-interim-interval (600,86400) |- radius-coa |- radius-port (0,65535) |- h3c-compatibility |- auth-type |- source-ip |- username-case-sensitive |- [class] --*name (65) |- password-renewal |- password-encoding |- rsso |- rsso-radius-server-port (0,65535) |- rsso-radius-response |- rsso-validate-request-secret |- rsso-secret |- rsso-endpoint-attribute |- rsso-endpoint-block-attribute |- sso-attribute |- sso-attribute-key (36) |- sso-attribute-value-override |- rsso-context-timeout (0,4294967295) |- rsso-log-period (0,4294967295) |- rsso-log-flags |- rsso-flush-ip-session |- rsso-ep-one-ip-only +- [accounting-server] --*id (0,4294967295) |- status |- server (64) |- secret |- port (0,65535) +- source-ip |- [tacacs+] --*name (36) |- server (64) |- secondary-server (64) |- tertiary-server (64) |- port (1,65535) |- key |- secondary-key |- tertiary-key |- authen-type |- authorization +- source-ip |- [ldap] --*name (36) |- server (64) |- secondary-server (64) |- tertiary-server (64) |- source-ip |- cnid (21) |- dn (512 xss) |- type |- username (512 xss) |- password |- group-member-check |- group-search-base (512 xss) |- group-object-filter (2048 xss) |- group-filter (2048 xss) |- secure |- ca-cert (64) |- port (1,65535) |- password-expiry-warning |- password-renewal |- member-attr (64) |- account-key-processing +- account-key-name (21) |- [krb-keytab] --*name (36) |- principal (512) |- ldap-server (36) +- keytab |- [pop3] --*name (36) |- server (64) |- port (0,65535) +- secure |- [fsso] --*name (36) |- server (64) |- port (1,65535) |- password |- server2 (64) |- port2 (1,65535) |- password2 |- server3 (64) |- port3 (1,65535) |- password3 |- server4 (64) |- port4 (1,65535) |- password4 |- server5 (64) |- port5 (1,65535) |- password5 |- ldap-server (36) +- source-ip |- [adgrp] --*name (512 xss) +- server-name (36) |- [fsso-polling] --*id (0,4294967295) |- status |- server (64) |- default-domain (36) |- port (0,65535) |- user (36) |- password |- ldap-server (36) |- logon-history (0,48) |- polling-frequency (1,30) +- [adgrp] --*name (512 xss) |- [fortitoken] --*serial-number (17) |- status |- seed (201 xss) |- comments |- license (32) |- activation-code (33) |- activation-expire (0,4294967295) |- reg-id (257) +- os-ver (16) |- [password-policy] --*name (36) |- expire-days (0,999) +- warn-days (0,30) |- [local] --*name (65) |- id (0,4294967295) |- status |- type |- passwd |- ldap-server (36) |- radius-server (36) |- tacacs+-server (36) |- two-factor |- fortitoken (17) |- email-to (64) |- sms-server |- sms-custom-server (36) |- sms-phone (16) |- passwd-policy (36) |- passwd-time |- authtimeout (0,1440) |- workstation (36) |- auth-concurrent-override +- auth-concurrent-value (0,100) |- <setting> -- auth-type |- auth-cert (36) |- auth-ca-cert (36) |- auth-secure-http |- auth-http-basic |- auth-ssl-allow-renegotiation |- auth-timeout (1,1440) |- auth-timeout-type |- auth-portal-timeout (1,30) |- radius-ses-timeout-act |- auth-blackout-time (0,3600) |- auth-invalid-max (1,100) |- auth-lockout-threshold (1,10) |- auth-lockout-duration (0,4294967295) +- [auth-ports] --*id (0,4294967295) |- type +- port (1,65535) |- [peer] --*name (36) |- mandatory-ca-verify |- ca (128) |- subject (256 xss) |- cn (256) |- cn-type |- ldap-server (36) |- ldap-username (36) |- ldap-password |- ldap-mode |- ocsp-override-server (36) |- two-factor +- passwd |- [peergrp] --*name (36) +- [member] --*name (36) |- [group] --*name (36) |- id (0,4294967295) |- group-type |- authtimeout (0,43200) |- auth-concurrent-override |- auth-concurrent-value (0,100) |- http-digest-realm (36) |- sso-attribute-value (512) |- [member] --*name (512 xss) |- [match] --*id (0,4294967295) |- server-name (36) +- group-name (512 xss) |- user-id |- password |- user-name |- sponsor |- company |- email |- mobile-phone |- sms-server |- sms-custom-server (36) |- expire-type |- expire (1,31536000) |- max-accounts (0,500) |- multiple-guest-add +- [guest] --*user-id (65) |- name (65) |- password |- mobile-phone (36) |- sponsor (36) |- company (36) |- email (65) |- expiration +- comment |- [device-category] --*name (36) |- desc +- comment |- [device] --*alias (36) |- mac |- user (65) |- master-device (36) |- comment |- avatar |- [tags] --*name (65) +- type |- [device-group] --*name (36) |- [member] --*name (36) +- comment |- [device-access-list] --*name (36) |- default-action +- [device-list] --*id (0,4294967295) |- device (36) +- action +- [security-exempt-list] --*name (36) |- description (128) +- [rule] --*id (0,4294967295) |- [srcaddr] --*name (65) |- [devices] --*name (36) |- [dstaddr] --*name (65) +- [service] --*name (65) |- voip -- [profile] --*name (36) |- comment |- <sip> -- status |- rtp |- open-register-pinhole |- open-contact-pinhole |- strict-register |- register-rate (0,4294967295) |- invite-rate (0,4294967295) |- max-dialogs (0,4294967295) |- max-line-length (78,4096) |- block-long-lines |- block-unknown |- call-keepalive (0,10080) |- block-ack |- block-bye |- block-cancel |- block-info |- block-invite |- block-message |- block-notify |- block-options |- block-prack |- block-publish |- block-refer |- block-register |- block-subscribe |- block-update |- register-contact-trace |- open-via-pinhole |- open-record-route-pinhole |- rfc2543-branch |- log-violations |- log-call-summary |- nat-trace |- subscribe-rate (0,4294967295) |- message-rate (0,4294967295) |- notify-rate (0,4294967295) |- refer-rate (0,4294967295) |- update-rate (0,4294967295) |- options-rate (0,4294967295) |- ack-rate (0,4294967295) |- prack-rate (0,4294967295) |- info-rate (0,4294967295) |- publish-rate (0,4294967295) |- bye-rate (0,4294967295) |- cancel-rate (0,4294967295) |- preserve-override |- no-sdp-fixup |- contact-fixup |- max-idle-dialogs (0,4294967295) |- block-geo-red-options |- hosted-nat-traversal |- hnt-restrict-source-ip |- max-body-length (0,4294967295) |- unknown-header |- malformed-request-line |- malformed-header-via |- malformed-header-from |- malformed-header-to |- malformed-header-call-id |- malformed-header-cseq |- malformed-header-rack |- malformed-header-rseq |- malformed-header-contact |- malformed-header-record-route |- malformed-header-route |- malformed-header-expires |- malformed-header-content-type |- malformed-header-content-length |- malformed-header-max-forwards |- malformed-header-allow |- malformed-header-p-asserted-identity |- malformed-header-sdp-v |- malformed-header-sdp-o |- malformed-header-sdp-s |- malformed-header-sdp-i |- malformed-header-sdp-c |- malformed-header-sdp-b |- malformed-header-sdp-z |- malformed-header-sdp-k |- malformed-header-sdp-a |- malformed-header-sdp-t |- malformed-header-sdp-r |- malformed-header-sdp-m |- provisional-invite-expiry-time (10,3600) |- ips-rtp |- ssl-mode |- ssl-send-empty-frags |- ssl-client-renegotiation |- ssl-algorithm |- ssl-pfs |- ssl-min-version |- ssl-max-version |- ssl-client-certificate (36) |- ssl-server-certificate (36) |- ssl-auth-client (36) +- ssl-auth-server (36) +- <sccp> -- status |- block-mcast |- verify-header |- log-call-summary |- log-violations +- max-calls (0,65535) |- dnsfilter -- [domain-filter] --*id (0,4294967295) |- name (36) |- comment +- [entries] --*id (0,4294967295) |- domain (512 xss) |- type |- action +- status +- [profile] --*name (36) |- comment |- <domain-filter> -- domain-filter-table (0,4294967295) |- <ftgd-dns> -- options +- [filters] --*id (0,255) |- category (0,255) |- action +- log |- log-all-domain |- sdns-ftgd-err-log |- sdns-domain-log |- block-action |- redirect-portal |- block-botnet |- safe-search +- youtube-restrict |- antivirus -- <settings> -- default-db +- grayware |- <heuristic> -- mode |- <quarantine> -- agelimit (0,479) |- maxfilesize (0,500) |- quarantine-quota (0,4294967295) |- drop-infected |- store-infected |- drop-blocked |- store-blocked |- drop-heuristic |- store-heuristic |- lowspace +- destination +- [profile] --*name (36) |- comment |- replacemsg-group (36) |- inspection-mode |- ftgd-analytics |- analytics-max-upload (1,186) |- analytics-wl-filetype (0,4294967295) |- analytics-bl-filetype (0,4294967295) |- analytics-db |- mobile-malware-db |- <http> -- options |- archive-block |- archive-log +- emulator |- <ftp> -- options |- archive-block |- archive-log +- emulator |- <imap> -- options |- archive-block |- archive-log |- emulator +- executables |- <pop3> -- options |- archive-block |- archive-log |- emulator +- executables |- <smtp> -- options |- archive-block |- archive-log |- emulator +- executables |- <mapi> -- options |- archive-block |- archive-log |- emulator +- executables |- <nntp> -- options |- archive-block |- archive-log +- emulator |- <smb> -- options |- archive-block |- archive-log +- emulator |- <nac-quar> -- infected |- expiry +- log |- av-virus-log |- av-block-log +- scan-mode |- waf +- [profile] --*name (36) |- external |- <signature> -- [main-class] --*id (0,4294967295) |- status |- action |- log +- severity |- [disabled-sub-class] --*id (0,4294967295) |- [disabled-signature] --*id (0,4294967295) |- credit-card-detection-threshold (0,128) +- [custom-signature] --*name (36) |- status |- action |- log |- severity |- direction |- case-sensitivity |- pattern (512 xss) +- target |- <constraint> -- <header-length> -- status |- length (0,2147483647) |- action |- log +- severity |- <content-length> -- status |- length (0,2147483647) |- action |- log +- severity |- <param-length> -- status |- length (0,2147483647) |- action |- log +- severity |- <line-length> -- status |- length (0,2147483647) |- action |- log +- severity |- <url-param-length> -- status |- length (0,2147483647) |- action |- log +- severity |- <version> -- status |- action |- log +- severity |- <method> -- status |- action |- log +- severity |- <hostname> -- status |- action |- log +- severity |- <malformed> -- status |- action |- log +- severity |- <max-cookie> -- status |- max-cookie (0,2147483647) |- action |- log +- severity |- <max-header-line> -- status |- max-header-line (0,2147483647) |- action |- log +- severity |- <max-url-param> -- status |- max-url-param (0,2147483647) |- action |- log +- severity |- <max-range-segment> -- status |- max-range-segment (0,2147483647) |- action |- log +- severity +- [exception] --*id (0,4294967295) |- pattern (512 xss) |- regex |- address (64) |- header-length |- content-length |- param-length |- line-length |- url-param-length |- version |- method |- hostname |- malformed |- max-cookie |- max-header-line |- max-url-param +- max-range-segment |- <method> -- status |- log |- severity |- default-allowed-methods +- [method-policy] --*id (0,4294967295) |- pattern (512 xss) |- regex |- address (64) +- allowed-methods |- <address-list> -- status |- blocked-log |- severity |- [trusted-address] --*name (65) +- [blocked-address] --*name (65) |- [url-access] --*id (0,4294967295) |- address (64) |- action |- log |- severity +- [access-pattern] --*id (0,4294967295) |- srcaddr (64) |- pattern (512) |- regex +- negate +- comment |- diagnose__tree__ -- waf -- info +- dump |- netlink -- backlog -- get +- set -- backlog (0) |- device -- list |- interface -- list +- clear |- qlen -- get -- intf-name (0) +- set -- intf-name -- <len_integer> (0) |- brctl -- domain -- <name> -- <id> (0) |- list +- name -- <type> -- <name> (0) +- dstmac -- flush +- list -- [name] (0) |- ips -- anomaly -- config |- status |- list |- clear +- filter -- clear |- id -- <xx> (0) |- ip -- xxx.xxx.xxx.xxx -- xxx.xxx.xxx.xxx (0) |- pps -- <xx> -- <xx> (0) +- freq -- <xx> -- <xx> (0) |- raw -- status +- clear |- anomaly6 -- config |- status |- list |- clear +- filter -- clear |- id -- <xx> (0) |- ip -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) |- pps -- <xx> -- <xx> (0) +- freq -- <xx> -- <xx> (0) |- global -- rule -- reload |- memory -- status |- compact |- profiling -- <enable/disable/dump> (0) |- track -- enable/disable/clear (0) |- track-size -- <min size> -- <max size> (0) +- track-print -- <record count> (0) |- session -- status |- list -- by-mem -- <number> (0) |- clear -- [vdom] (0) |- performance +- content |- packet -- status +- clear |- dissector -- status +- dump |- signature -- status -- <severity mask> (0) |- hit -- <top N> (0) +- cycle -- <top N> (0) |- filter -- status |- clear |- ip -- <ip> -- <mask> (0) |- ipv6 -- <ip> -- <prefix size> (0) |- port -- <port> (0) |- protocol -- <protocol number> (0) |- session -- <session id> (0) |- asm -- <assembled packets> (0) |- length -- <session length> (0) +- l7 -- <0:all 1:l7 2:non-l7> (0) |- config -- enable -- log-verbose +- disable -- log-verbose |- debug -- status -- show |- enable -- init |- packet |- packet_detail |- error |- warn |- parse |- detect |- session |- log |- timeout |- dissector |- tcp |- http |- mail |- rpc |- dns |- im |- p2p |- ssh |- ssl |- voip |- smb |- content |- urlfilter |- av |- mime |- content_detail |- ipsa |- proxy |- packet_dump |- state |- dac +- all +- disable -- init |- packet |- packet_detail |- error |- warn |- parse |- detect |- session |- log |- timeout |- dissector |- tcp |- http |- mail |- dns |- rpc |- im |- p2p |- ssh |- ssl |- voip |- smb |- content |- urlfilter |- av |- mime |- content_detail |- ipsa |- proxy |- packet_dump |- state |- dac +- all |- share -- pool |- list -- <pool> (0) +- clear -- <pool> (0) |- urlfilter -- status +- clear |- ssl -- status |- bypass -- enable | disable (0) |- resume -- enable | disable (0) |- noscan -- enable | disable (0) |- debug -- none|err|warn|info|dbg|noise (0) |- debug-status |- clear +- cc-alg -- bic|cubic (0) |- av -- cache -- list |- status |- clear |- delete -- <ID> (0) +- set-age -- <ID> -- <age> (0) |- timeout -- set -- <Integer> (0) +- show +- stats -- show |- dac -- info +- clear -- <age> (0) +- test -- cmd -- cmd1;cmd2;cmd3 (0) |- test -- application -- http -- <Integer> (0) |- smtp -- <Integer> (0) |- ftpd -- <Integer> (0) |- pop3 -- <Integer> (0) |- imap -- <Integer> (0) |- nntp -- <Integer> (0) |- scanunit -- <Integer> (0) |- harelay -- <Integer> (0) |- hasync -- <Integer> (0) |- hatalk -- <Integer> (0) |- sessionsync -- <Integer> (0) |- forticldd -- <Integer> (0) |- miglogd -- <Integer> -- <Integer> (0) |- urlfilter -- <Integer> (0) |- ovrd -- <Integer> (0) |- ipsmonitor -- <Integer> (0) |- ipsengine -- <Integer> (0) |- ipldbd -- <Integer> (0) |- ddnscd -- <Integer> (0) |- snmpd -- <Integer> (0) |- dnsproxy -- <Integer> (0) |- sflowd -- <Integer> (0) |- init -- <Integer> (0) |- l2tpcd -- <Integer> (0) |- dhcprelay -- <Integer> (0) |- pptpcd -- <Integer> (0) |- wccpd -- <Integer> (0) |- wad -- <Integer> (0) |- radiusd -- <Integer> (0) |- wpad -- <Integer> (0) |- fsd -- <Integer> (0) |- ipsufd -- <Integer> (0) |- lted |- forticron -- <Integer> (0) |- uploadd -- <Integer> (0) |- quarantined -- <Integer> -- <Integer> (0) |- dhcp6c -- <Integer> (0) |- info-sslvpnd -- <Integer> (0) |- dsd -- <Integer> (0) |- lnkmtd -- <Integer> (0) |- dhcp6r -- <Integer> (0) |- fnbamd -- <Integer> (0) |- mrd -- <Integer> (0) |- zebos_launcher -- <Integer> (0) |- radius-das -- <Integer> (0) |- csfd -- <Integer> (0) |- fsvrd -- <Integer> (0) |- radvd -- <Integer> (0) +- fcnacd -- <Integer> (0) |- authserver -- radius |- tacacs+ |- radius-direct |- ldap-direct |- tacacs+-direct |- ldap |- ldap-digest |- ldap-search |- cert |- pop3 |- local +- user |- guest -- list |- del +- add +- update -- info +- term |- vpn -- ike -- gateway -- list -- name -- <name> (0) |- clear -- name -- <name> (0) +- flush -- name -- <name> (0) |- status -- detailed +- summary |- log -- terminal -- clear |- reset +- stats +- filter -- list |- clear |- name -- <name> (0) |- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- src-addr6 -- <ipv6-address> -- <ipv4-address> (0) |- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- src-port -- <port> -- <port> (0) |- dst-port -- <port> (0) |- vd -- <index> (0) |- interface -- <index> (0) +- negate -- vd |- src-addr4 |- dst-addr4 |- src-addr6 |- dst-addr6 |- src-port |- dst-port |- name +- interface |- log-filter -- list |- clear |- name -- <name> (0) |- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- src-addr6 -- <ipv6-address> -- <ipv4-address> (0) |- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- src-port -- <port> -- <port> (0) |- dst-port -- <port> (0) |- vd -- <index> (0) |- interface -- <index> (0) +- negate -- vd |- src-addr4 |- dst-addr4 |- src-addr6 |- dst-addr6 |- src-port |- dst-port |- name +- interface |- routes -- list |- config -- list -- summary |- restart |- errors |- stats |- counts |- crypto -- stats +- filter -- list |- clear |- name -- <name> (0) |- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- src-addr6 -- <ipv6-address> -- <ipv4-address> (0) |- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- src-port -- <port> -- <port> (0) |- dst-port -- <port> (0) |- vd -- <index> (0) |- interface -- <index> (0) +- negate -- vd |- src-addr4 |- dst-addr4 |- src-addr6 |- dst-addr6 |- src-port |- dst-port |- name +- interface |- ipsec -- status +- debug -- debug (0) |- tunnel -- down -- phase2 -- phase1 -- serial (0) |- up -- phase2 -- phase1 -- serial (0) |- list -- name +- number -- <begin-index> -- <end-index> (0) |- dialup-list |- reset |- flush |- delinbsa -- <name> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> (0) |- deloutbsa -- <name> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> -- <spi> (0) +- stat -- flush |- concentrator -- list |- l2tp -- status |- pptp -- status +- ssl -- list |- mux |- statistics -- <all|vdom-name|vfid> (0) |- hw-acceleration-status |- tunnel-test -- enable (0) |- web-mode-test -- enable (0) |- info -- <all|vdom-name|vfid> (0) +- debug-filter -- clear |- list |- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- src-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- vd -- <vdom name> (0) +- negate -- vd |- src-addr4 +- src-addr6 |- sys -- vdom-property |- last-modified-files -- [path] -- [number] (0) |- top -- <value> -- <value> -- <value> (0) |- mpstat -- <value> -- <value> (0) |- nmi-watchdog -- enable +- disable |- modem -- detect |- history |- com |- cmd -- <at> (0) |- external-modem |- query -- <[0|1]> (0) +- reset |- lte-modem -- info |- heap |- kill -- <signal> -- <pid> (0) |- csum -- <file> (0) |- dayst-info -- timezone-index -- [year] (0) |- ntp -- status |- process -- dump -- <pid> (0) |- pstack -- <pid> (0) |- trace |- daemon-auto-restart -- <action> -- <daemon> (0) +- sock-mem |- top-summary -- <options> (0) |- vd -- list |- stats |- add -- vdname (0) |- delete -- vdname (0) +- set -- vdname (0) |- device -- add -- vdname -- devname (0) |- delete -- vdname -- devname (0) +- list -- vdname (0) |- ha -- stats |- status |- mac |- checksum -- show -- <Enter> or <global/vdom-name> -- <Enter> or <object-fullpath> -- <Enter> or <entry-name> (0) |- recalculate -- <Enter> or <global/vdom-name> (0) |- cached -- <global/vdom-name> (0) |- cluster |- log -- enable |- disable +- clear +- test |- heartbeat |- checksync |- dump-by -- xdb |- group |- vcluster |- rcache |- memory |- debug-zone |- vdom |- kernel |- device |- stat |- sesync +- frup |- vcinfo |- syncinfo |- fib |- hadiff -- status |- log -- enable |- disable +- clear |- max-sync-turns -- <integer> (0) +- max-unsync-wait -- <integer> (0) |- reset-uptime |- session-sync-dev -- clear +- set |- recalculate-extfile-signature |- sync-stats |- extfile-sig |- set-as-master -- enable |- disable -- <date> -- <time> (0) +- status |- vlan-hb-monitor |- bypass-pingsvr-flip-timeout -- enable +- disable +- history -- read +- clear |- profile -- start |- stop |- show -- order +- detail |- sysmap |- cpumask +- module |- session -- sync -- reset |- list -- expectation |- clear |- stat |- full-stat |- exp-stat |- ttl |- filter -- vd -- <xxx> (0) |- sintf -- <xxxx> (0) |- dintf -- <xxxx> (0) |- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- nsrc -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- proto -- <xx> -- <xx> (0) |- sport -- <xxxx> -- <xxxx> (0) |- nport -- <xxxx> -- <xxxx> (0) |- dport -- <xxxx> -- <xxxx> (0) |- policy -- <xxx> -- <xxx> (0) |- expire -- <xxx> -- <xxx> (0) |- duration -- <xxx> -- <xxx> (0) |- proto-state -- <x> -- <x> (0) |- session-state1 -- <x> -- <x> (0) |- session-state2 -- <x> -- <x> (0) |- clear -- vd |- sintf |- dintf |- src |- nsrc |- dst |- proto |- proto-state |- sport |- nport |- dport |- policy |- expire |- duration |- session-state1 +- session-state2 +- negate -- vd |- sintf |- dintf |- src |- nsrc |- dst |- proto |- proto-state |- sport |- nport |- dport |- policy |- expire |- duration |- session-state1 +- session-state2 +- help -- list |- add -- name -- protocol -- port (0) +- delete -- protocol -- port (0) |- mcast-session -- list |- clear |- stat +- filter -- vd -- <xxx> (0) |- sintf -- <xxxx> (0) |- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- proto -- <xx> -- <xx> (0) |- sport -- <xxxx> -- <xxxx> (0) |- dport -- <xxxx> -- <xxxx> (0) |- clear -- vd |- sintf |- src |- dst |- proto |- sport +- dport +- negate -- vd |- sintf |- src |- dst |- proto |- sport +- dport |- session6 -- sync |- list -- expectation |- clear |- stat |- full-stat |- exp-stat |- filter -- vd -- <xxx> (0) |- sintf -- <xxxxx> (0) |- dintf -- <xxxxx> (0) |- src -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) |- dst -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) |- proto -- <xx> -- <xx> (0) |- proto-state -- <xx> -- <xx> (0) |- sport -- <xxxx> -- <xxxx> (0) |- dport -- <xxxx> -- <xxxx> (0) |- policy -- <xxx> -- <xxx> (0) |- expire -- <xxx> -- <xxx> (0) |- duration -- <xxx> -- <xxx> (0) |- session-state1 -- <x> -- <x> (0) |- session-state2 -- <x> -- <x> (0) |- clear -- vd |- sintf |- dintf |- src |- dst |- proto |- proto-state |- sport |- dport |- policy |- expire |- duration |- session-state1 +- session-state2 +- negate -- vd |- sintf |- dintf |- src |- dst |- proto |- proto-state |- sport |- dport |- policy |- expire |- duration |- session-state1 +- session-state2 +- help -- list |- add -- name -- protocol -- port (0) +- delete -- protocol -- port (0) |- mcast-session6 -- list |- clear |- stat +- filter -- vd -- <xxx> (0) |- sintf -- <xxxxx> (0) |- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- proto -- <xx> -- <xx> (0) |- sport -- <xxxx> -- <xxxx> (0) |- dport -- <xxxx> -- <xxxx> (0) |- clear -- vd |- sintf |- src |- dst |- proto |- sport +- dport +- negate -- vd |- sintf |- src |- dst |- proto |- sport +- dport |- tcp-option -- enable +- disable |- tcpsock |- vlan -- list |- cmdb -- info +- refcnt -- show -- <path.object.mkey> -- <tablename> (0) +- reset -- <path.object.mkey> -- <tablename> (0) |- slab -- <path or shmid> -- <object> (0) |- shm -- <address> (0) |- sem -- <semid> (0) |- allow-set -- enable +- disable |- uuid -- generate +- allow-manual-set -- enable +- disable |- flash -- list -- <file> (0) +- format |- h323 -- debug-mask -- mask (0) |- status |- peer -- list +- call -- list |- logdisk -- status -- monitor |- usage |- smart +- quota |- sccp-proxy -- stats -- list |- proto |- clear +- mem -- summary +- full |- phone -- list |- redirect -- list |- debug-console +- restart |- sip -- debug-mask -- mask (0) |- status |- dialog -- list +- clear +- mapping -- list |- fullcone |- sip-proxy -- calls -- list |- idle |- invite +- clear |- config -- list +- profiles |- redirect -- list |- vip -- real-server |- scheduler-times -- start |- stop +- display |- session -- list |- stats -- mem -- summary +- full |- list |- call |- ha |- proto |- udp |- ssl-auth +- clear |- restart |- debug-console |- ssl -- hardware +- software |- filter -- list |- clear |- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- dst-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- vd -- <index> (0) |- src-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- src-port -- <port> (0) |- dst-port -- <port> (0) |- policy -- <policy> (0) |- policy-type -- ipv4 +- ipv6 |- voip-profile -- <voip-profile> (0) +- negate -- vd |- policy |- policy-type |- src-addr4 |- dst-addr4 |- src-addr6 |- dst-addr6 |- src-port |- dst-port +- voip-profile |- log-filter -- list |- clear |- vd -- <index> (0) |- src-addr4 -- <ipv4-address> -- <ipv4-address> (0) |- dst-addr4 -- <ip-address> -- <ip-address> (0) |- src-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- dst-addr6 -- <ipv6-address> -- <ipv6-address> (0) |- src-port -- <port> (0) |- dst-port -- <port> (0) |- policy -- <policy> (0) |- policy-type -- ipv4 +- ipv6 |- voip-profile -- <voip-profile> (0) +- negate -- vd |- policy |- policy-type |- src-addr4 |- dst-addr4 |- src-addr6 |- dst-addr6 |- src-port |- dst-port +- voip-profile |- meters -- list +- vdom -- list |- proxy -- bypass -- http -- on|off (0) |- smtp -- on|off (0) |- imap -- on|off (0) |- pop3 -- on|off (0) |- nntp -- on|off (0) +- ftp -- on|off (0) |- debug-filter -- list |- clear +- src -- <ip-address> -- <ip-address> (0) |- stats -- debug |- list |- all |- protocol |- vdom -- list |- summary +- all |- clear +- binary -- enable |- disable +- clean |- filter -- list |- clear |- negate -- vd +- worker |- vd -- <index> (0) +- worker -- <id> (0) |- log -- filter -- list |- clear |- negate -- vd +- worker |- vd -- <index> (0) +- worker -- <id> (0) |- log-debug -- <integer> (0) |- memory -- usage |- allocator |- malloc |- jemalloc +- conserve -- enter +- exit |- ssl -- exempt -- flush +- list |- bypass -- flush +- list +- session |- socket-options -- status |- linger -- enable +- disable +- nagle -- enable +- disable +- restart |- fips -- error-mode |- pair |- traffic-priority -- list |- cpuset -- process -- <xxx> -- <xxx> (0) +- interrupt -- <xxx> -- <xxx> (0) |- swnet -- list -- <name> (0) |- wccp -- list |- flush +- delete -- <xxx> (0) |- stp -- bridge -- info +- filter -- list |- clear |- vd -- <name> (0) |- bridge -- <name> (0) +- port -- <name> (0) |- info |- time -- enable +- disable |- log -- terminal -- stats +- filter -- list |- clear |- vd -- <name> (0) |- bridge -- <name> (0) +- port -- <name> (0) +- restart |- 802-1x -- status |- vxlan -- fdb -- list -- <string> (0) |- server-probe -- response |- link-monitor -- status -- <name | all> (0) |- gui-summary -- <name> (0) |- interface -- <name> (0) +- launch -- <entry name> (0) |- virtual-wan-link -- member -- <seq-num> (0) |- service -- <id> (0) +- health-check -- <name> (0) |- gre -- list +- keepalive -- <name | all> (0) |- scanunit -- stats -- list |- all +- clear |- filter -- list |- clear |- negate -- vd +- worker |- vd -- <index> (0) +- worker -- <id> (0) |- log -- filter -- list |- clear |- negate -- vd +- worker |- vd -- <index> (0) +- worker -- <id> (0) |- auto-restart -- status |- requests -- <Integer> (0) |- time -- <Integer> (0) +- reset |- reload-avdb |- reload-fsa-ext |- reload-aveng +- restart |- botnet -- stat |- list -- <offset> (0) |- find -- <ip> -- <port> -- <proto> (0) |- flush |- reload +- file -- stat |- list -- <offset> -- <proto> (0) +- botnet-name -- <name ID> (0) |- csf -- downstream |- query -- <path> (0) +- neighbor -- list -- [interface] (0) +- flush -- [interface] (0) |- waninfo -- ipify -- <ddd.ddd.ddd.ddd> -- <vdom> (0) +- traffic -- statistics -- show +- clear |- endpoint -- record-list -- <ipv4-address> -- <mac-address> -- <forticlient-uid> (0) |- record-summary |- record-delete -- <ipv4-address> (0) |- information |- ec-feature-list |- registration -- summary |- list -- <ipv4-address> -- <mac-address> -- <forticlient-uid> -- <registration-fortigate> (0) |- registered-forticlients |- blocked-forticlients +- quarantined-forticlients |- cmdb-list -- <ipv4-address> -- <mac-address> -- <forticlient-uid> (0) |- block -- <id> (0) |- unblock -- <id> (0) |- quarantine -- <id> (0) |- unquarantine -- <id> (0) |- deregister -- <id> (0) |- sync-peer-list -- <1/0> (0) |- force-peer-resync |- keepalive-timestamp -- <uid> -- <1/0> (0) |- recalculate-registered-forticlients |- forticlient-licence-key-expiration-check |- ssl-session-timeout -- <ssl-session-timeout> (0) |- skip-forticlient-system-update -- <1/0> (0) +- generate-ems-xml-conf -- <vdom> -- <profile-name> -- <type> (0) |- filter -- list |- clear |- src-ip -- <ipv4-address> (0) |- ses-ip -- <ipv4-address> (0) |- mac -- <mac-address> (0) +- ftcl-uid -- <uid> (0) |- avatar -- list -- <number> (0) |- find -- <ftcl-uid> -- <user-name> (0) |- delete -- <ftcl-uid> -- <user-name> | <Enter> (0) |- clean +- purge +- ec-shared -- list -- <number> (0) +- find -- <vdom> -- <ipv4-address> (0) |- autoupdate -- status |- versions +- downgrade -- enable +- disable |- debug -- enable |- disable |- info |- reset |- duration -- <Integer> (0) |- report -- reset |- crashlog -- get |- clear |- write -- <String> (0) |- read |- interval +- history |- config-error-log -- clear +- read |- application -- http -- <Integer> (0) |- smtp -- <Integer> (0) |- ftpd -- <Integer> (0) |- pop3 -- <Integer> (0) |- imap -- <Integer> (0) |- nntp -- <Integer> (0) |- proxy -- <Integer> (0) |- radvd -- <Integer> (0) |- miglogd -- <Integer> (0) |- kmiglogd -- <Integer> (0) |- forticldd -- <Integer> (0) |- alertmail -- <Integer> (0) |- ppp -- <Integer> (0) |- l2tp -- <Integer> (0) |- pptp -- <Integer> (0) |- pptpc -- <Integer> (0) |- authd -- <Integer> -- <xxx.xxx.xxx.xxx> (0) |- foauthd -- <Integer> (0) |- fcnacd -- <Integer> (0) |- fssod -- <Integer> (0) |- dhcps -- <Integer> (0) |- dhcp6s -- <Integer> (0) |- update -- <Integer> (0) |- vpd -- <Integer> (0) |- fnbamd -- <Integer> (0) |- eap_proxy -- <Integer> (0) |- ipsmonitor -- <Integer> (0) |- ipsengine -- <Integer> (0) |- urlfilter -- <Integer> (0) |- ddnscd -- <Integer> (0) |- dhcprelay -- <Integer> (0) |- dhcp6r -- <Integer> (0) |- snmpd -- <Integer> (0) |- chassis -- <Integer> (0) |- scanunit -- <Integer> (0) |- spamfilter -- <Integer> (0) |- wpad -- <Integer> (0) |- wpad-dump -- <Integer> (0) |- wpad-crash-hexdump -- <Integer> (0) |- wifi -- <Integer> (0) |- dnsproxy -- <Integer> (0) |- sflowd -- <Integer> (0) |- hatalk -- <Integer> (0) |- hasync -- <Integer> (0) |- harelay -- <Integer> (0) |- hamonitord -- <Integer> (0) |- quarantine -- <Integer> (0) |- dhcpc -- <Integer> (0) |- zebos-launcher -- <Integer> (0) |- zebos -- <Integer> (0) |- modemd -- <Integer> (0) |- radiusd -- <Integer> (0) |- sshd -- <Integer> (0) |- sslvpn -- <Integer> (0) |- guacd -- <Integer> (0) |- info-sslvpn -- <Integer> (0) |- sessionsync -- <Integer> (0) |- l2tpcd -- <Integer> (0) |- ipldbd -- <Integer> (0) |- crl-update -- <Integer> (0) |- alarmd -- <Integer> (0) |- forticron -- <Integer> (0) |- uploadd -- <Integer> (0) |- smbcd -- <Integer> (0) |- vs -- <Integer> (0) |- sip -- <Integer> (0) |- sccp -- <Integer> (0) |- netscan -- <Integer> (0) |- ike -- <Integer> (0) |- fgfmd -- <Integer> (0) |- wccpd -- <Integer> (0) |- garpd -- <Integer> (0) |- scep -- <Integer> (0) |- dialinsvr -- <Integer> (0) |- ipsufd -- <Integer> (0) |- cw_acd -- <Integer> (0) |- cw_acd_wpad -- <Integer> (0) |- cu_acd -- <Integer> (0) |- fortilinkd -- <Integer> (0) |- flcfgd -- <Integer> (0) |- rsyslogd -- <Integer> (0) |- dlp -- <Integer> (0) |- vrrpd -- <Integer> (0) |- fgd_alert -- <Integer> (0) |- ntpd -- <Integer> (0) |- fsd -- <Integer> (0) |- dlpfingerprint -- <Integer> (0) |- httpsd -- <Integer> (0) |- stp -- <Integer> (0) |- spareblock -- <Integer> (0) |- lted -- <Integer> (0) |- lldptx -- <Integer> (0) |- src-vis -- <Integer> (0) |- wiredap -- <Integer> (0) |- dhcp6c -- <Integer> (0) |- server-probe -- <Integer> (0) |- link-monitor -- <Integer> (0) |- pppoed -- <Integer> (0) |- ovrd -- <Integer> (0) |- extenderd -- <Integer> (0) |- init -- <Integer> (0) |- mrd -- <Integer> (0) |- dssccd -- <Integer> (0) |- radius-das -- <Integer> (0) |- csfd -- <Integer> (0) |- fsvrd -- <Integer> (0) |- virtual-wan-link -- <Integer> (0) +- ftm-push -- <Integer> (0) |- kernel -- level -- <Integer> (0) +- ha -- <Integer> (0) |- remote-extender -- extenderd -- <Integer> (0) +- modem-manager -- <Integer> (0) |- console -- send -- <AT command> -- <character> -- <integer> (0) |- timestamp -- enable +- disable |- no-user-log-msg -- enable +- disable +- retry-log-msg -- enable +- disable |- cli -- <Integer> (0) |- cmdb-trace -- <Integer> (0) |- cmdb-walk -- <Integer> (0) |- rating -- <refresh-rate> (0) |- authd -- clear |- memory +- fsso -- filter -- clear |- source -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- user -- <name> (0) |- group -- <name> (0) +- server -- <name> (0) |- list |- refresh-groups |- summary |- clear-logons |- refresh-logons +- server-status |- fsso-polling -- summary |- detail -- <id> (0) |- client |- user -- <id> (0) |- group -- <id> -- <name> (0) |- refresh-user -- <id> (0) +- set-log-source -- <id> -- <src> (0) |- flow -- filter -- clear |- vd -- <xxx> (0) |- proto -- <xxx> (0) |- addr -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> -- <Enter> | or/and (0) |- saddr -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- daddr -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- port -- <xxx> -- <xxx> (0) |- sport -- <xxx> -- <xxx> (0) |- dport -- <xxx> -- <xxx> (0) +- negate -- vd |- proto |- addr |- saddr |- daddr |- port |- sport +- dport |- filter6 -- clear |- vd -- <xxx> (0) |- proto -- <xxx> (0) |- addr -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) |- saddr -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) |- daddr -- <xxx:xxx::xxx:xxx> -- <xxx:xxx::xxx:xxx> (0) |- port -- <xxx> -- <xxx> (0) |- sport -- <xxx> -- <xxx> (0) |- dport -- <xxx> -- <xxx> (0) +- negate -- vd |- proto |- addr |- saddr |- daddr |- port |- sport +- dport |- trace -- start -- <xxx> (0) |- stop |- start6 -- <xxx> (0) +- stop6 +- show -- function-name -- enable +- disable +- iprope -- enable +- disable |- urlfilter -- src-addr -- <IP address> (0) +- test-url -- <url> (0) +- admin -- error-log |- settings -- reset +- info |- geoip -- ip2country -- ip (0) +- geoip-query -- ip (0) |- log -- test |- wireless-controller |- show |- alertmail -- test -- <level> -- <number> (0) +- authcode -- <recipient> (0) |- list |- del |- read |- rlist |- rdel |- rread |- rolls |- display |- kernel-stats +- clear-kernel-stats |- alertconsole -- test |- list |- clear +- fgd-retrieve |- antivirus -- quarantine -- list -- <value> (0) |- delete -- <checksum> (0) +- purge |- bypass -- on|off (0) |- database-info +- test -- <command> (0) |- wad -- console-log -- enable or disable (0) |- debug -- enable -- level -- error |- warn |- info +- verbose +- category -- session |- packet |- dispatcher |- http |- cifs |- mapi |- socks |- ftp |- icap |- ssl |- webcache |- bytecache |- policy |- auth |- scan |- tunnel |- sys |- video |- waf |- memblk +- all |- disable -- category -- session |- packet |- dispatcher |- http |- cifs |- mapi |- socks |- ftp |- icap |- ssl |- webcache |- bytecache |- policy |- auth |- scan |- tunnel |- sys |- video |- waf +- memblk |- show |- clear |- display -- pid -- enable/disable (0) +- save-http-req-crash -- enable or disable (0) |- stats -- list |- clear |- summary -- list +- clear |- mem -- list +- clear |- crypto -- list +- clear |- scan -- list +- clear |- scripts -- list +- clear |- filter -- list +- clear |- ips -- list +- clear +- policy -- list -- <vdom> (0) +- clear -- <vdom> -- <pid> (0) |- filter -- list |- clear |- src -- <ip-address> -- <ip-address> (0) |- dst -- <ip-address> -- <ip-address> (0) |- sport -- <port> -- <port> (0) |- dport -- <port> -- <port> (0) |- vd -- <index> (0) |- explicit-policy -- <index> (0) |- firewall-policy -- <index> (0) |- drop-unknown-session -- Drop unknown sessions (0) |- negate -- <parm> (0) +- protocol -- <http> -- <mapi> -- <cifs> -- <ftp> -- <tcp> (0) |- kxp -- list +- clear |- user -- list +- clear -- id -- ip -- vdom (0) +- memory -- general |- bucket +- ssl |- webfilter -- fortiguard -- statistics -- list |- flush +- dummy +- bword -- matchfilter -- <filter string> (0) |- spamfilter -- bword -- matchfilter -- <filter string> (0) +- fortishield -- servers -- <refresh-rate> (0) +- statistics -- list +- flush |- firewall -- ipmac -- add -- <xxx.xxx.xxx.xxx> -- <xx:xx:xx:xx:xx:xx> -- <drop|accept> (0) |- delete -- <xxx.xxx.xxx.xxx> -- <xx:xx:xx:xx:xx:xx> (0) |- flush |- list +- status |- ippool -- list -- pba |- nat-ip +- user |- flush +- stats |- ippool-fixed-range -- list -- natip -- <xxx.xxx.xxx.xxx> -- <Enter>|<port> (0) |- ippool-all -- list +- stats -- <name> (0) |- iplist -- list -- optimized +- flush |- iplist6 -- list -- optimized +- flush |- iprope -- lookup -- <src_ip> -- <src_port> -- <dst_ip> -- <dst_port> -- <protocol> -- <device> (0) |- list -- <No.> (0) |- appctrl -- list |- status |- stats -- list +- clear +- shaper -- list |- show |- clear |- flush -- <No.> (0) +- state |- iprope6 -- lookup -- <src_ip> -- <src_port> -- <dst_ip> -- <dst_port> -- <protocol> -- <device> (0) |- list -- <No.> (0) |- flush -- <No.> (0) |- state |- show +- clear |- shaper -- traffic-shaper -- list |- state +- stats -- list +- clear -- <name> (0) +- per-ip-shaper -- list |- stats |- state +- clear |- schedule -- list |- fqdn -- list |- flush -- name (0) +- purge |- ipgeo -- country-list |- ip-list -- name (0) |- ip2country -- <xxx.xxx.xxx.xxx> (0) |- override +- copyright-notice |- proute -- list -- <number> (0) |- proute6 -- list |- packet -- distribution |- vip -- realserver -- flush |- list |- up -- <name> -- <xxx.xxx.xxx.xxx> (0) |- down -- <name> -- <xxx.xxx.xxx.xxx> (0) +- healthcheck -- stats -- show +- clear +- virtual-server -- log -- terminal -- clear |- reset +- stats +- filter -- list |- clear |- name -- <name> (0) |- src -- <ip-address> -- <ip-address> (0) |- dst -- <ip-address> -- <ip-address> (0) |- src-port -- <port> (0) |- dst-port -- <port> (0) |- vd -- <index> (0) |- worker -- <index> (0) +- negate -- vd |- src-addr |- dst-addr |- src-port |- dst-port |- name +- worker |- session -- list |- clear |- client -- list +- clear +- server -- list +- clear |- ssl -- list |- clear |- client -- list +- clear +- server -- list +- clear |- real-server -- list |- stats -- list |- clear |- http -- all |- list +- clear |- ssl -- all |- list +- clear |- crypto-clear |- operational -- list +- all +- summary -- list |- all +- clear |- config -- list |- session |- log +- log-vd |- filter -- list |- clear |- name -- <name> (0) |- src -- <ip-address> -- <ip-address> (0) |- dst -- <ip-address> -- <ip-address> (0) |- src-port -- <port> -- <port> (0) |- dst-port -- <port> -- <port> (0) |- vd -- <index> (0) |- worker -- <index> (0) +- negate -- vd |- src-addr |- dst-addr |- src-port |- dst-port |- name +- worker |- test -- ssl -- sync +- async |- rsa-blinding -- disable +- enable +- key-exchange -- sync +- async +- restart |- auth -- list |- clear |- ipv6 -- list +- clear +- filter -- clear |- source -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- source6 -- <xxxx::xxxx> -- <xxxx::xxxx> (0) |- policy -- <xxx> (0) |- user -- <name> (0) |- group -- <name> (0) +- method -- <method> -- <method> -- <method> -- <method> -- <method> -- <method> (0) |- blocking -- list -- <xxx.xxx.xxx.xxx> (0) |- ip-translation -- list +- flush |- ipv6-ehf -- list |- dns-xlate -- mapping -- list +- flush +- pool -- list +- flush |- uuid -- list -- <type> (0) |- internet-service -- list -- <number> (0) |- internet-service-custom -- list -- <name> (0) +- internet-service-disable -- list -- <name> (0) |- user -- device -- list |- get -- <mac> (0) |- del -- <mac> (0) |- join -- <mac> -- <master_mac> (0) |- bind-ip -- <mac> -- <ip> (0) |- clear |- os-summary |- host-type-summary |- stats +- filter -- vd -- <index> (0) |- os-name -- <name> (0) |- type -- <name> (0) |- list |- addr -- <from> -- <to> (0) |- type-src -- <source> (0) |- generation -- <from> -- <to> (0) |- type-generation -- <from> -- <to> (0) |- joined -- <value> (0) |- index -- <value> (0) |- negate -- vd |- addr |- os-name |- type |- type-src |- generation |- type-generation |- joined +- index +- clear -- vd |- addr |- os-name |- type |- type-src |- generation |- type-generation |- joined +- index +- quarantine -- list -- src4 |- src6 +- all |- add -- src4 -- <src-ipv4> -- <expiry> -- <ban-source> (0) +- src6 -- <src-ipv6> -- <expiry> -- <ban-source> (0) |- delete -- src4 -- <src-ipv4> (0) +- src6 -- <src-ipv6> (0) |- clear +- stat |- ip -- router -- command -- show +- show-vrf |- rip -- all |- events |- packet-send |- packet-receive |- show +- level -- critical |- error |- info |- none +- warn |- ospf -- all |- events |- ifsm |- lsa |- nfsm |- nsm |- packet |- route |- show +- level -- critical |- error |- info |- none +- warn |- bgp -- all |- dampening |- events |- filters |- fsm |- keepalives |- nsm |- updates |- show +- level -- critical |- error |- info |- none +- warn |- isis -- all |- ifsm |- nfsm |- pdu |- lsp |- spf |- events |- nsm |- show +- level -- critical |- error |- info |- none +- warn |- igmp -- all |- decode |- encode |- events |- fsm |- tib |- show +- level -- critical |- error |- info |- none +- warn |- pim-dm -- all |- context |- decode |- encode |- fsm |- mrt |- nexthop |- nsm |- vif |- show +- level -- critical |- error |- info |- none +- warn |- pim-sm -- all |- events |- mfc |- mib |- nexthop |- nsm |- state |- show |- packet -- all |- in +- out |- timer -- all |- assert -- all +- at |- bsr -- all |- bst +- crp |- hello -- all |- ht |- nlt +- tht |- joinprune -- all |- et |- jt |- kat |- ot +- ppt +- register -- all +- rst +- level -- critical |- error |- info |- none +- warn |- imi -- vty +- bfd -- all |- events |- packet |- fsm |- nsm |- show +- level -- critical |- error |- info |- none +- warn |- address -- list |- flush |- add -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) +- delete -- intf-name -- XXX.XXX.XXX.XXX (0) |- arp -- list |- flush -- intf-name (0) |- add -- intf-name -- XXX.XXX.XXX.XXX -- XX:XX:XX:XX:XX:XX (0) +- delete -- intf-name -- XXX.XXX.XXX.XXX (0) |- route -- list |- flush |- add -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- <1-255> -- <0-4294967295> -- verify (0) |- delete -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- <1-255> -- <0-4294967295> -- verify (0) +- verify -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX -- <1-255> -- <0-4294967295> (0) |- ipip-tunnel -- list |- add -- <name_str> -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) +- delete -- <name_str> (0) |- gre-tunnel -- list |- add -- <name_str> -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) +- delete -- <name_str> (0) |- rtcache -- list +- flush |- multicast -- mroute |- mfc-flush |- vif |- group-membership |- mac |- status |- get-igmp-limit |- mfc-add -- <in-port> -- <src-ip> -- <group-ip> -- <out-ports-map> (0) +- mfc-del -- <src-ip> -- <group-ip> (0) |- tcp -- list +- flush |- udp -- list +- flush +- framed-ip -- list |- delete -- XXX.XXX.XXX.XXX (0) +- delete-all -- <service> (0) |- hardware -- deviceinfo -- disk |- flash +- nic |- ioport -- byte |- word +- long |- pciconfig |- setpci |- lspci |- sysinfo -- cpu |- memory |- interrupts |- iomem |- ioports |- mtrr |- slab |- shm +- conserve |- smartctl |- certificate |- ipsec +- test -- bios -- sysid |- checksum +- license |- system -- cpu-config |- memory-config |- storage-config +- network-config |- pci -- list |- usb -- 2.0 +- 3.0 |- button -- reset |- cpu -- model |- function |- stress +- performance |- memory -- random |- sequence |- bit-flip |- bit-shift |- solid-bits +- stress |- network -- detect |- loopback +- stress |- npu -- np6lite-ddr |- disk -- file-data |- file-data2 +- stress |- led -- sys-led +- nic-led |- suite -- <all|pcba|stress|rack-burn-in> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> -- <arg> (0) |- setting -- log-level -- <value> (0) |- show |- json |- info |- skip -- <clear|show|interface> (0) +- skip -- <clear|show|interface> (0) |- disktest -- device |- block -- 1 |- 4 |- 16 |- 64 +- 256 |- time -- <Integer> (0) |- size -- <Integer> (0) +- run -- <Integer> (0) |- sniffer -- packet -- <interface> -- <filter> -- <verbose> -- <count> -- <tsformat> (0) |- npu -- np6lite -- fastpath -- enable -- <dev_id> (0) +- disable -- <dev_id> (0) |- dce -- <dev_id> (0) |- anomaly-drop -- <dev_id> (0) |- session-stats -- <dev_id> (0) |- port-list |- sse-stats -- <dev_id> (0) |- session -- <dev_id> (0) |- register -- <dev_id> (0) +- debug -- <param1> -- <param2> -- <param3> -- <param4> -- <param5> (0) |- ipv6 -- multicast -- mroute |- vif +- status |- address -- list |- flush |- add -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) |- delete -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) |- anycast +- multicast -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx/xxx (0) |- neighbor-cache -- list |- flush -- intf-name (0) |- add -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx -- XX:XX:XX:XX:XX:XX (0) +- delete -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (0) |- route -- list +- flush |- sit-tunnel -- list |- add -- <name_str> -- intf-name -- XXX.XXX.XXX.XXX -- XXX.XXX.XXX.XXX (0) +- delete -- <name_str> (0) |- ipv6-tunnel -- list |- add -- <name_str> -- intf-name -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx -- xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx (0) +- delete -- <name_str> (0) |- router -- rip -- all |- events |- packet-send |- packet-receive |- show +- level -- critical |- error |- info |- none +- warn +- ospf -- all |- events |- ifsm |- lsa |- nfsm |- nsm |- packet |- route |- show +- level -- critical |- error |- info |- none +- warn +- devconf -- accept-dad -- 0, 1 or 2 (0) +- disable_ipv6 -- 0 or 1 (0) |- rsso -- query -- carrier-endpoint -- <endpoint> -- <ip> (0) |- ip -- <ip> -- <ip> (0) +- rsso-key -- <name> -- <ip> (0) |- radiusd -- test -- <level> (0) |- snmp -- ip -- frags +- trap -- send |- central-mgmt -- script-history -- test |- list |- clear +- del -- <id> (0) |- forticare -- protocol -- <protocol> (0) |- server -- <IP> (0) |- cnreg-code-list +- direct-registration -- reseller-list -- <cnreg-code> (0) |- country-data -- <cnreg-code> (0) |- organization-list +- product-registration |- fortiguard -- ipblacklist -- db |- vr |- ip -- <ddd.ddd.ddd.ddd> (0) +- ctx |- internet-service -- id -- <id> (0) |- id-summary -- <id> (0) |- info -- <vdname> -- <proto> -- <port> -- <ip> (0) +- match -- <vdname> -- <ip> -- <netmask> (0) |- wireless-controller -- wlac -- <-c|-d|-k|-h> -- <value1> -- <value2> -- <value3> -- <value4> -- <value5> -- <value6> (0) |- switch-controller -- dump -- mac-hosts |- mac-hosts-switch-port |- device-access-list |- client -- switch (0) |- lldp -- neighbors-summary -- switch (0) |- neighbors-detail -- switch -- port (0) +- stats -- switch -- port (0) |- mclag -- icl -- switch (0) +- list -- switch -- mclag-trunk-name (0) |- network-upgrade -- status |- trunk-switch-config -- switch (0) |- port-stats -- switch -- port (0) |- trunk-state -- switch -- trunk-port (0) |- mac-addr -- switch -- vlan-id (0) |- igmp-snooping-interface -- switch (0) |- igmp-snooping-group -- switch (0) |- loop-guard-status -- switch (0) |- dhcp-snooping -- database -- switch (0) +- status -- switch (0) +- 802-1X-status -- switch -- port (0) |- clear-stats -- mclag -- icl -- switch (0) +- mlags -- switch -- mclag-trunk-name (0) |- kick -- device-id -- vlanid -- portid -- mac (0) |- trigger-mac-sync +- device-filter -- mac -- mac (0) |- vlan-id -- vlan-id (0) |- intf-name -- intf-name (0) +- clear |- fortitoken -- info -- <id> (0) |- test -- <id> -- <code> -- <next code> -- <screen size> (0) +- debug -- enable +- disable |- forticlient -- add-connection -- <name> -- <user> -- <id> -- <host os> -- <ip> (0) |- close-connection -- <handle> (0) +- close-all-connection |- web-ui -- debug -- enable +- disable |- cache -- enable +- disable |- app-icon-info |- app-icon-update -- timeout (0) +- cli-schema -- path -- name (0) |- src-vis -- stats |- log -- terminal -- clear |- reset +- stats |- analysis-level -- full |- bypass |- ignore |- skip-tcpfp +- ignore-tcpfp |- scheduler-times -- start |- stop +- display |- ring -- <start> -- <length> (0) |- save |- restore |- save +- restart |- lldptx -- stats -- list |- objects +- counts |- log -- terminal -- clear |- reset +- stats |- scheduler-times -- start |- stop +- display +- restart |- cp -- soc3 -- register -- <dev_id> -- <block_id> (0) |- vpn-stats -- <dev_id> (0) |- ssl-stats +- pkce-stats -- <dev_id> (0) |- fdsm -- fds-update |- log-controller-update |- account-info |- message-update |- forticlient-update |- forticlient-net-info |- modem-list |- contract-controller-update |- image-list |- image-upgrade-matrix |- image-download -- <id> (0) |- fc-installer-download -- <id> (0) |- sslvpn-package-download -- <id> (0) |- sslvpn-man-upgrade-package-download -- <id> (0) |- report-list -- <vdom> (0) |- report-download -- <oid> (0) |- cfg-list -- <type> (0) |- cfg-upload -- <comments> (0) |- cfg-download -- <type> -- <revision> (0) |- cfg-diff -- <revision1> -- <revision2> (0) |- ftk-activiate |- fortiap-latest-ver -- <model> (0) |- fortiap-download -- <id> (0) |- fortisw-latest-ver -- <model> (0) |- fortisw-download -- <id> (0) +- central-mgmt-status |- extender -- atcmd -- <at-command> -- <mark> -- <sn> (0) |- cmd -- <Integer> -- <sn> (0) +- modem-list +- traffictest -- show |- run -- [-h/arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] -- [arg] (0) |- server-intf -- <string> (0) |- client-intf -- <string> (0) |- port -- <port> (0) +- proto -- 0 +- 1 |- authentication -- [scheme] --*name (36) |- method |- negotiate-ntlm |- require-tfa |- fsso-guest +- [user-database] --*name (65) |- [rule] --*name (36) |- status |- protocol |- [srcaddr] --*name (65) |- [srcaddr6] --*name (65) |- ip-based |- active-auth-method (36) |- sso-auth-method (36) |- web-auth-cookie |- transaction-based +- comments +- <setting> -- active-auth-scheme (36) |- sso-auth-scheme (36) |- captive-portal (256) +- captive-portal-port (1,65535) |- switch-controller -- [vlan] --*name (16) |- vdom (33) |- vlanid (1,4094) |- comments (64) |- color (0,32) |- security |- auth |- radius-server (36) |- usergroup (36) |- portal-message-override-group (36) |- <portal-message-overrides> -- auth-disclaimer-page (36) |- auth-reject-page (36) |- auth-login-page (36) +- auth-login-failed-page (36) +- [selected-usergroups] --*name (65) |- <802-1X-settings> -- link-down-auth |- reauth-period (1,1440) +- max-reauth-attempt (0,15) |- security-policy -- [802-1X] --*name (32) |- security-mode |- [user-group] --*name (65) |- mac-auth-bypass |- eap-passthru |- guest-vlan |- guest-vlanid (0,65535) |- guest-vlan-id (16) |- guest-auth-delay (60,900) |- auth-fail-vlan |- auth-fail-vlanid (0,65535) |- auth-fail-vlan-id (16) |- radius-timeout-overwrite +- policy-type +- [captive-portal] --*name (32) |- vlan (16) +- policy-type |- <lldp-settings> -- status |- tx-hold (1,16) |- tx-interval (5,4095) |- fast-start-interval (0,255) +- management-interface |- [lldp-profile] --*name (64) |- med-tlvs |- 802.1-tlvs |- 802.3-tlvs |- auto-isl |- auto-isl-hello-timer (1,30) |- auto-isl-receive-timeout (3,90) |- auto-isl-port-group (0,9) |- [med-network-policy] --*name (64) |- status |- vlan (0,4094) |- priority (0,7) +- dscp (0,63) +- [custom-tlvs] --*name (64) |- oui |- subtype (0,255) +- information-string |- qos -- [dot1p-map] --*name (64) |- description (64) |- priority-0 |- priority-1 |- priority-2 |- priority-3 |- priority-4 |- priority-5 |- priority-6 +- priority-7 |- [ip-dscp-map] --*name (64) |- description (64) +- [map] --*name (64) |- cos-queue (0,7) |- diffserv |- ip-precedence +- value |- [queue-policy] --*name (64) |- schedule +- [cos-queue] --*name (64) |- description (64) |- min-rate (0,4294967295) |- max-rate (0,4294967295) |- drop-policy +- weight (0,4294967295) +- [qos-policy] --*name (64) |- default-cos (0,7) |- trust-dot1p-map (64) |- trust-ip-dscp-map (64) +- queue-policy (64) |- [switch-profile] --*name (36) |- login-passwd-override +- login-passwd |- [custom-command] --*command-name (36) |- description (36) +- command |- [managed-switch] --*switch-id (17) |- name (36) |- description (64) |- switch-profile (36) |- fsw-wan1-peer (36) |- fsw-wan1-admin |- fsw-wan2-peer (36) |- fsw-wan2-admin |- poe-pre-standard-detection |- directly-connected (0,1) |- connected (0,255) |- version (0,255) |- max-allowed-trunk-members (0,255) |- pre-provisioned (0,255) |- dynamic-capability (0,4294967295) |- switch-device-tag (33) |- dynamically-discovered (0,1) |- staged-image-version (128) |- delayed-restart-trigger (0,255) |- [ports] --*port-name (16) |- port-owner (16) |- switch-id (17) |- speed |- speed-mask (0,4294967295) |- status |- poe-status |- poe-pre-standard-detection |- port-number (1,64) |- port-prefix-type (0,1) |- fortilink-port (0,1) |- poe-capable (0,1) |- stacking-port (0,1) |- fiber-port (0,1) |- flags (0,4294967295) |- isl-local-trunk-name (16) |- isl-peer-port-name (16) |- isl-peer-device-name (17) |- fgt-peer-port-name (16) |- fgt-peer-device-name (17) |- vlan (16) |- allowed-vlans-all |- [allowed-vlans] --*vlan-name (80) |- [untagged-vlans] --*vlan-name (80) |- type |- dhcp-snooping |- dhcp-snoop-option82-trust |- igmp-snooping |- igmps-flood-reports |- igmps-flood-traffic |- stp-state |- edge-port |- loop-guard |- loop-guard-timeout (0,120) |- qos-policy (64) |- port-security-policy (32) |- lldp-status |- lldp-profile (64) |- port-selection-criteria |- description (64 xss) |- lacp-speed |- mode |- bundle |- member-withdrawal-behavior |- mclag |- min-bundle (1,24) |- max-bundle (1,24) +- [members] --*member-name (65) |- <stp-settings> -- local-override |- name (32) |- status |- revision (0,65535) |- hello-time (1,10) |- forward-time (4,30) |- max-age (6,40) |- max-hops (1,40) +- pending-timer (1,15) |- <switch-stp-settings> -- status |- <switch-log> -- local-override |- status +- severity |- <storm-control> -- local-override |- rate (1,10000000) |- unknown-unicast |- unknown-multicast +- broadcast |- [custom-command] --*command-entry (36) +- command-name (36 xss) |- <igmp-snooping> -- local-override |- aging-time (15,3600) +- flood-unknown-multicast +- <802-1X-settings> -- local-override |- link-down-auth |- reauth-period (1,1440) +- max-reauth-attempt (0,15) |- [switch-group] --*name (36) |- description (64) +- [members] --*name (65) |- <stp-settings> -- name (32) |- status |- revision (0,65535) |- hello-time (1,10) |- forward-time (4,30) |- max-age (6,40) |- max-hops (1,40) +- pending-timer (1,15) |- <storm-control> -- rate (1,10000000) |- unknown-unicast |- unknown-multicast +- broadcast |- <global> -- mac-aging-interval (10,1000000) |- allow-multiple-interfaces +- [disable-discovery] --*name (65) |- <mac-sync-settings> -- mac-sync-interval (30,600) |- <poe> -- <fortiswitch-id> -- <port> (0) |- <switch-log> -- status +- severity |- <igmp-snooping> -- aging-time (15,3600) +- flood-unknown-multicast +- <quarantine> -- quarantine +- [targets] --*mac |- entry-id (0,4294967295) |- description (64) +- [tag] --*tags (64) |- execute__tree__ -- set-next-reboot -- <primary/secondary> (0) |- ping -- <ip> (0) |- ping-options -- data-size -- <integer> (0) |- df-bit -- <string> (0) |- pattern -- <string> (0) |- repeat-count -- <string> (0) |- source -- <string> (0) |- timeout -- <integer> (0) |- adaptive-ping -- <string> (0) |- interval -- <integer> (0) |- tos -- <string> (0) |- ttl -- <integer> (0) |- validate-reply -- <string> (0) |- view-settings +- reset |- ping6 |- ping6-options -- data-size -- <integer> (0) |- pattern -- <string> (0) |- repeat-count -- <string> (0) |- source -- <string> (0) |- timeout -- <integer> (0) |- adaptive-ping -- <string> (0) |- interval -- <integer> (0) |- tos -- <string> (0) |- ttl -- <integer> (0) |- validate-reply -- <string> (0) |- view-settings +- reset |- update-now |- update-av |- update-ips |- update-src-vis |- update-geo-ip |- send-fds-statistics |- update-list |- reboot -- comment -- <string> (0) |- shutdown -- comment -- <string> (0) |- factoryreset |- factoryreset2 |- router -- restart +- clear -- bgp -- all |- as |- ip |- ipv6 |- dampening |- external +- flap-statistics |- bfd -- session -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> -- <string> (0) |- ospf -- process +- ospf6 -- process |- mrouter -- clear -- multicast-routes -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- dense-routes -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- sparse-routes -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- statistics -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- sparse-mode-bsr |- igmp-interface -- <string> (0) +- igmp-group -- <xxx.xxx.xxx.xxx> -- <string> (0) |- disconnect-admin-session -- <integer> (0) |- fsso -- refresh |- restore -- image -- tftp -- <string> -- <ip> (0) |- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- usb -- <string> (0) |- management-station -- <string> (0) +- flash -- <revision> (0) |- secondary-image -- tftp -- <string> -- <ip> (0) |- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) +- usb -- <string> (0) |- config -- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) |- flash -- <revision> (0) |- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) |- dhcp -- <port> -- <Enter> | <vlanid> (0) |- usb -- <string> -- <Enter>|<passwd> (0) |- usb-mode -- <Enter>|<passwd> (0) +- management-station -- normal -- <revision> (0) |- template -- <revision> (0) +- script -- <revision> (0) |- ipsuserdefsig -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- av -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- ips -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- src-vis -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) +- other-objects -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- revision -- list -- config +- image +- delete -- config -- <revision> -- <rev_id> (0) +- image -- <revision> -- <rev_id> (0) |- upload -- config -- tftp -- <string> -- <comment> -- <ip> (0) |- ftp -- <string> -- <comment> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) +- usb -- <string> -- <comment> (0) +- image -- tftp -- <string> -- <comment> -- <ip> (0) |- ftp -- <string> -- <comment> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) +- usb -- <string> -- <comment> (0) |- backup -- memory -- log -- tftp -- <ip> -- <string> (0) +- ftp -- <ftp server>[:ftp port] -- <user> -- <passwd> -- <string> (0) +- alllogs -- tftp -- <ip> (0) +- ftp -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- disk -- alllogs -- usb |- log -- usb -- <string> (0) +- ipsarchives -- usb |- config -- usb -- <string> -- <Enter>|<passwd> (0) |- usb-mode -- <Enter>|<passwd> (0) |- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) |- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) |- flash -- <comment> (0) +- management-station -- <comment> (0) |- full-config -- usb -- <string> -- <Enter>|<passwd> (0) |- usb-mode -- <Enter>|<passwd> (0) |- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) |- config-with-forticlient-info -- usb -- <string> -- <Enter>|<passwd> (0) |- usb-mode -- <Enter>|<passwd> (0) |- tftp -- <string> -- <ip> -- <Enter>|<passwd> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> -- <Enter>|<passwd> (0) +- ipsuserdefsig -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- enter -- <name> (0) |- formatlogdisk |- vpn -- certificate -- local -- generate -- rsa -- <string> -- <number> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <ip> -- <string> -- <string> (0) |- ec -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <string> -- <ip> -- <string> -- <string> (0) |- default-ssl-ca |- default-ssl-serv-key |- default-ssl-ca-untrusted +- default-ssl-key-certs |- verify -- <string> (0) |- export -- tftp -- <string> -- <string> -- <string> -- <ip> (0) +- import -- tftp -- <string> -- <ip> -- <string> -- <Enter>|<passwd> (0) |- crl -- import -- auto -- <string> (0) |- ca -- export -- tftp -- <string> -- <string> -- <ip> (0) +- import -- tftp -- <string> -- <ip> (0) +- auto -- <string> -- <string> -- <ip> (0) +- remote -- export -- tftp -- <string> -- <string> -- <ip> (0) +- import -- tftp -- <string> -- <ip> (0) |- ipsec -- tunnel -- down -- <phase2> -- <phase1> -- <serial> (0) +- up -- <phase2> -- <phase1> -- <serial> (0) +- sslvpn -- list -- <web|tunnel> (0) |- del-all -- <tunnel> (0) |- del-tunnel -- <index> (0) |- del-web -- <index> (0) |- rlist -- <vdom> (0) |- guirlist -- <vdom> (0) |- rdel-web -- <vdom> -- <index> (0) |- rdel-tunnel -- <vdom> -- <index> (0) |- rdel-all -- <vdom> (0) +- rdel-all-tunnel -- <vdom> (0) |- factory-license -- <key> (0) |- traceroute -- <dest> (0) |- traceroute-options -- queries -- <integer> (0) |- source -- <string> (0) |- device -- <string> (0) +- view-settings |- tracert6 |- telnet -- <dest> -- <port> (0) |- ssh -- <user@host> -- <port> (0) |- dhcp -- lease-list -- <interface> (0) +- lease-clear -- <xxx.xxx.xxx.xxx> (0) +- all (0) |- dhcp6 -- lease-list -- <interface> (0) +- lease-clear -- <xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx:xxxx> (0) +- all (0) |- webfilter -- quota-reset -- wf-profile -- endpoint (0) |- ha -- synchronize -- <string> (0) |- manage -- <string> (0) |- disconnect -- <string> -- <string> -- <ip> -- <netmask> (0) +- set-priority -- <string> -- <integer> (0) |- modem -- dial |- hangup +- trigger |- log -- fortianalyzer -- test-connectivity |- fortiguard -- test-connectivity |- upload |- upload-progress |- list -- <category> (0) |- display |- detail -- <category> -- <utmref> (0) |- filter -- reset -- <enter|all|field> (0) |- dump |- category -- <category> (0) |- device -- <device> (0) |- start-line -- number (0) |- view-lines -- number (0) |- max-checklines -- number (0) |- ha-member -- sn (0) |- field -- <name> -- <argument 1> -- <argument 2> -- <argument 3> -- <argument 4> -- <argument 5> -- <argument 6> -- <argument 7> (0) +- show-utm-ref -- number (0) |- roll |- delete |- delete-all |- backup -- <path> (0) |- flush-cache +- flush-cache-all |- policy-packet-capture -- delete-all |- time -- <hh:mm:ss> (0) |- date -- <yyyy-mm-dd> (0) |- usb-disk -- list |- delete -- <filename> (0) |- format |- rename -- <old> -- <new> (0) +- eject |- usb-device -- list +- disconnect |- upd-vd-license -- <license key> (0) |- batch -- start |- end |- status +- lastlog |- cfg -- save +- reload |- cli -- status-msg-only -- <enable/disable> (0) +- check-template-status |- interface -- dhcpclient-renew -- <interface> (0) |- pppoe-reconnect -- <interface> (0) +- dhcp6client-renew -- <interface> (0) |- clear -- system -- arp -- table |- fortiguard-log -- update |- create-account -- <id> -- <password> -- <email confirm> (0) |- login -- <id> -- <password> -- <email confirm> (0) |- try -- <id> -- <password> -- <email confirm> (0) |- join |- agreement +- certificate-activation -- <code> (0) |- central-mgmt -- set-mgmt-id -- <management id> (0) |- register-device -- <fmg-serial-no> -- <fmg-register-password> (0) +- unregister-device -- <fmg-serial-no> (0) |- fortiguard-message -- info |- update +- add -- <activation code> (0) |- wireless-controller -- reset-wtp -- <all>|<SN> (0) |- list-wtp-image |- delete-wtp-image |- upload-wtp-image -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) +- restart-acd |- replace-device -- fortiap -- <fortiap-id> -- <fortiap-id> (0) +- fortiswitch -- <fortiswitch-id> -- <fortiswitch-id> (0) |- switch-controller -- push-swtp-image -- <fortiswitch-id> -- <filename> (0) |- stage-swtp-image -- <fortiswitch-id> -- <filename> (0) |- stage-tiered-swtp-image -- <fortiswitch-id> -- <filename> (0) |- upload-swtp-image -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- list-swtp-image |- delete-swtp-image -- <filename> (0) |- restart-acd |- poe-reset -- <fortiswitch-id> -- <port> (0) |- restart-swtpd -- <fortiswitch-id> (0) |- restart-swtp -- sn -- <fortiswitch-id> (0) |- switch-group -- <switch-group ID> (0) +- all |- restart-swtp-delayed -- <fortiswitch-id> (0) |- get-conn-status -- <fortiswitch-id> (0) |- get-physical-conn -- <FortiSwitch-Stack-ID> (0) |- clear-igmp-snoop -- <FortiSwitch-id> (0) |- clear-802-1X-interface -- <FortiSwitch-id> -- <port> (0) |- factory-reset -- switch (0) |- set-standalone -- switch (0) |- loop-guard-reset -- <FortiSwitch-id> -- <port> (0) +- custom-command -- <cmd-name> -- <target-switch> (0) |- disk -- list |- format +- scan |- erase-disk |- tac -- report |- fortitoken -- activate -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> -- <id> (0) |- sync -- <id> -- <code> -- <next code> (0) |- import -- <file name> (0) +- import-sn-file -- <FTK_200 Serial Number> (0) |- fortitoken-mobile -- import -- <code> (0) |- provision -- <sn> (0) |- poll +- renew -- <sn> (0) |- forticlient -- info +- list -- <connection type> -- <start line> -- <max result> (0) |- sync-session |- system -- fortisandbox -- test-connectivity +- custom-language -- import -- <string> -- <string> -- <ip> (0) |- auto-script -- start -- <name> (0) |- stop -- <name> (0) |- stopall |- status |- result -- <name> (0) |- delete -- <name> (0) +- backup -- tftp -- <name> -- <ip> (0) +- ftp -- <name> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- extender -- push-fortiextender-image -- filename -- sn (0) |- reset-fortiextender -- <all>|<SN> (0) |- list-fortiextender-image |- delete-fortiextender-image |- upload-fortiextender-image -- tftp -- <string> -- <ip> (0) +- ftp -- <string> -- <ftp server>[:ftp port] -- <Enter>|<user> -- <passwd> (0) |- restart-fortiextender-daemon |- dial -- <SN> (0) +- hangup -- <SN> (0) |- dsscc |- api-user -- generate-key -- <name> (0) +- set -- system -- session -- filter -- list |- vd -- <xxx> (0) |- src -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- dst -- <xxx.xxx.xxx.xxx> -- <xxx.xxx.xxx.xxx> (0) |- proto -- <xx> -- <xx> (0) |- sport -- <xxxx> -- <xxxx> (0) |- dport -- <xxxx> -- <xxxx> (0) |- policy -- <xxx> -- <xxx> (0) |- expire -- <xxx> -- <xxx> (0) |- duration -- <xxx> -- <xxx> (0) |- clear -- all |- vd |- src |- dst |- proto |- sport |- dport |- policy |- expire +- duration +- negate -- vd |- src |- dst |- proto |- sport |- dport |- policy |- expire +- duration |- endpoint-control -- <settings> -- forticlient-reg-key-enforce |- forticlient-reg-key |- forticlient-reg-timeout (0,180) |- download-custom-link (128) |- download-location |- forticlient-keepalive-interval (20,300) |- forticlient-sys-update-interval (30,1440) |- forticlient-avdb-update-interval (0,24) |- forticlient-warning-interval (0,24) +- forticlient-user-avatar |- [profile] --*profile-name (36) |- <forticlient-winmac-settings> -- forticlient-registration-compliance-action |- forticlient-security-posture |- forticlient-security-posture-compliance-action |- forticlient-av |- av-realtime-protection |- av-signature-up-to-date |- sandbox-analysis |- sandbox-address (256) |- os-av-software-installed |- forticlient-application-firewall |- forticlient-application-firewall-list (36) |- forticlient-wf |- forticlient-wf-profile (36) |- forticlient-system-compliance |- forticlient-system-compliance-action |- forticlient-minimum-software-version |- forticlient-win-ver (64) |- forticlient-mac-ver (64) |- [forticlient-operating-system] --*id (0,4294967295) |- os-type +- os-name (128) |- [forticlient-running-app] --*id (0,4294967295) |- app-name (128) |- process-name (128) |- app-sha256-signature (65) |- process-name2 (128) |- app-sha256-signature2 (65) |- process-name3 (128) |- app-sha256-signature3 (65) |- process-name4 (128) +- app-sha256-signature4 (65) |- [forticlient-registry-entry] --*id (0,4294967295) +- registry-entry (128 xss) |- [forticlient-own-file] --*id (0,4294967295) +- file (128 xss) |- forticlient-log-upload |- forticlient-log-upload-level |- forticlient-log-upload-server (256) |- forticlient-vuln-scan |- forticlient-vuln-scan-compliance-action |- forticlient-vuln-scan-enforce |- forticlient-vuln-scan-enforce-grace (0,30) +- forticlient-vuln-scan-exempt |- <forticlient-android-settings> -- forticlient-wf |- forticlient-wf-profile (36) |- disable-wf-when-protected |- forticlient-vpn-provisioning |- forticlient-advanced-vpn |- forticlient-advanced-vpn-buffer +- [forticlient-vpn-settings] --*name (36) |- type |- remote-gw (256) |- sslvpn-access-port (1,65535) |- sslvpn-require-certificate |- auth-method +- preshared-key |- <forticlient-ios-settings> -- forticlient-wf |- forticlient-wf-profile (36) |- disable-wf-when-protected |- client-vpn-provisioning |- [client-vpn-settings] --*name (36) |- type |- vpn-configuration-name (36 xss) |- vpn-configuration-content |- remote-gw (256) |- sslvpn-access-port (1,65535) |- sslvpn-require-certificate |- auth-method +- preshared-key |- distribute-configuration-profile |- configuration-name (36 xss) +- configuration-content |- description |- [src-addr] --*name (65) |- [device-groups] --*name (65) |- [users] --*name (65) |- [user-groups] --*name (65) |- [on-net-addr] --*name (65) +- replacemsg-override-group (36) |- [forticlient-registration-sync] --*peer-name (36) +- peer-ip |- alertemail -- <setting> -- username (36) |- mailto1 (64) |- mailto2 (64) |- mailto3 (64) |- filter-mode |- email-interval (1,99999) |- IPS-logs |- firewall-authentication-failure-logs |- HA-logs |- IPsec-errors-logs |- FDS-update-logs |- PPP-errors-logs |- sslvpn-authentication-errors-logs |- antivirus-logs |- webfilter-logs |- configuration-changes-logs |- violation-traffic-logs |- admin-login-logs |- FDS-license-expiring-warning |- log-disk-usage-warning |- fortiguard-log-quota-warning |- amc-interface-bypass-mode |- FIPS-CC-errors |- FDS-license-expiring-days (1,100) |- local-disk-usage (1,99) |- emergency-interval (1,99999) |- alert-interval (1,99999) |- critical-interval (1,99999) |- error-interval (1,99999) |- warning-interval (1,99999) |- notification-interval (1,99999) |- information-interval (1,99999) |- debug-interval (1,99999) +- severity |- router -- [access-list] --*name (36) |- comments (128 xss) +- [rule] --*id (0,4294967295) |- action |- prefix |- wildcard |- exact-match +- flags (0,4294967295) |- [access-list6] --*name (36) |- comments (128 xss) +- [rule] --*id (0,4294967295) |- action |- prefix6 |- exact-match +- flags (0,4294967295) |- [aspath-list] --*name (36) +- [rule] --*id (0,4294967295) |- action +- regexp (64 xss) |- [prefix-list] --*name (36) |- comments (128 xss) +- [rule] --*id (0,4294967295) |- action |- prefix |- ge (0,32) |- le (0,32) +- flags (0,4294967295) |- [prefix-list6] --*name (36) |- comments (128 xss) +- [rule] --*id (0,4294967295) |- action |- prefix6 |- ge (0,128) |- le (0,128) +- flags (0,4294967295) |- [key-chain] --*name (36) +- [key] --*id (0,2147483647) |- accept-lifetime |- send-lifetime +- key-string (36) |- [community-list] --*name (36) |- type +- [rule] --*id (0,4294967295) |- action |- regexp (256 xss) +- match (256) |- [route-map] --*name (36) |- comments (128 xss) +- [rule] --*id (0,4294967295) |- action |- match-as-path (36) |- match-community (36) |- match-community-exact |- match-origin |- match-interface (16) |- match-ip-address (36) |- match-ip6-address (36) |- match-ip-nexthop (36) |- match-ip6-nexthop (36) |- match-metric (0,4294967295) |- match-route-type |- match-tag (0,4294967295) |- set-aggregator-as (1,4294967295) |- set-aggregator-ip |- set-aspath-action |- [set-aspath] --*as (65) |- set-atomic-aggregate |- set-community-delete (36) |- [set-community] --*community (65) |- set-community-additive |- set-dampening-reachability-half-life (1,45) |- set-dampening-reuse (1,20000) |- set-dampening-suppress (1,20000) |- set-dampening-max-suppress (1,255) |- set-dampening-unreachability-half-life (1,45) |- [set-extcommunity-rt] --*community (65) |- [set-extcommunity-soo] --*community (65) |- set-ip-nexthop |- set-ip6-nexthop |- set-ip6-nexthop-local |- set-local-preference (0,4294967295) |- set-metric (0,4294967295) |- set-metric-type |- set-originator-id |- set-origin |- set-tag (0,4294967295) |- set-weight (0,4294967295) |- set-flags (0,65535) +- match-flags (0,65535) |- <rip> -- default-information-originate |- default-metric (1,16) |- max-out-metric (0,15) |- recv-buffer-size (8129,2147483647) |- [distance] --*id (0,4294967295) |- prefix |- distance (1,255) +- access-list (36) |- [distribute-list] --*id (0,4294967295) |- status |- direction |- listname (36) +- interface (16) |- [neighbor] --*id (0,4294967295) +- ip |- [network] --*id (0,4294967295) +- prefix |- [offset-list] --*id (0,4294967295) |- status |- direction |- access-list (36) |- offset (1,16) +- interface (16) |- [passive-interface] --*name (65) |- [redistribute] --*name (36) |- status |- metric (0,16777214) |- routemap (36) +- flags (0,255) |- update-timer (5,2147483647) |- timeout-timer (5,2147483647) |- garbage-timer (5,2147483647) |- version +- [interface] --*name (36) |- auth-keychain (36) |- auth-mode |- auth-string |- receive-version |- send-version |- send-version2-broadcast |- split-horizon-status |- split-horizon +- flags (0,255) |- <ripng> -- default-information-originate |- default-metric (1,16) |- max-out-metric (0,15) |- [distance] --*id (0,4294967295) |- distance (1,255) |- prefix6 +- access-list6 (36) |- [distribute-list] --*id (0,4294967295) |- status |- direction |- listname (36) +- interface (16) |- [neighbor] --*id (0,4294967295) |- ip6 +- interface (16) |- [network] --*id (0,4294967295) +- prefix |- [aggregate-address] --*id (0,4294967295) +- prefix6 |- [offset-list] --*id (0,4294967295) |- status |- direction |- access-list6 (36) |- offset (1,16) +- interface (16) |- [passive-interface] --*name (65) |- [redistribute] --*name (36) |- status |- metric (0,16777214) |- routemap (36) +- flags (0,255) |- update-timer (5,2147483647) |- timeout-timer (5,2147483647) |- garbage-timer (5,2147483647) +- [interface] --*name (36) |- split-horizon-status |- split-horizon +- flags (0,255) |- [static] --*seq-num (0,4294967295) |- status |- dst |- gateway |- distance (1,255) |- weight (0,255) |- priority (0,4294967295) |- device (36) |- comment |- blackhole |- dynamic-gateway |- virtual-wan-link |- dstaddr (64) |- internet-service (0,4294967295) |- internet-service-custom (65) +- link-monitor-exempt |- [policy] --*seq-num (0,4294967295) |- [input-device] --*name (65) |- [src] --*subnet (65) |- [srcaddr] --*name (65) |- src-negate |- [dst] --*subnet (65) |- [dstaddr] --*name (65) |- dst-negate |- action |- protocol (0,255) |- start-port (0,65535) |- end-port (0,65535) |- start-source-port (0,65535) |- end-source-port (0,65535) |- gateway |- output-device (36) |- tos |- tos-mask |- status +- comments |- [policy6] --*seq-num (0,4294967295) |- input-device (36) |- src |- dst |- protocol (0,255) |- start-port (1,65535) |- end-port (1,65535) |- gateway |- output-device (36) |- tos |- tos-mask |- status +- comments |- [static6] --*seq-num (0,4294967295) |- status |- dst |- gateway |- device (36) |- devindex (0,4294967295) |- distance (1,255) |- priority (0,4294967295) |- comment +- blackhole |- <ospf> -- abr-type |- auto-cost-ref-bandwidth (1,1000000) |- distance-external (1,255) |- distance-inter-area (1,255) |- distance-intra-area (1,255) |- database-overflow |- database-overflow-max-lsas (0,4294967295) |- database-overflow-time-to-recover (0,65535) |- default-information-originate |- default-information-metric (1,16777214) |- default-information-metric-type |- default-information-route-map (36) |- default-metric (1,16777214) |- distance (1,255) |- rfc1583-compatible |- router-id |- spf-timers |- bfd |- log-neighbour-changes |- distribute-list-in (36) |- distribute-route-map-in (36) |- restart-mode |- restart-period (1,3600) |- [area] --*id |- shortcut |- authentication |- default-cost (0,4294967295) |- nssa-translator-role |- stub-type |- type |- nssa-default-information-originate |- nssa-default-information-originate-metric (0,16777214) |- nssa-default-information-originate-metric-type |- nssa-redistribution |- [range] --*id (0,4294967295) |- prefix |- advertise |- substitute +- substitute-status |- [virtual-link] --*name (36) |- authentication |- authentication-key |- md5-key |- dead-interval (1,65535) |- hello-interval (1,65535) |- retransmit-interval (1,65535) |- transmit-delay (1,65535) +- peer +- [filter-list] --*id (0,4294967295) |- list (36) +- direction |- [ospf-interface] --*name (36) |- interface (16) |- ip |- authentication |- authentication-key |- md5-key |- prefix-length (0,32) |- retransmit-interval (1,65535) |- transmit-delay (1,65535) |- cost (0,65535) |- priority (0,255) |- dead-interval (0,65535) |- hello-interval (0,65535) |- hello-multiplier (3,10) |- database-filter-out |- mtu (576,65535) |- mtu-ignore |- network-type |- bfd |- status +- resync-timeout (1,3600) |- [network] --*id (0,4294967295) |- prefix +- area |- [neighbor] --*id (0,4294967295) |- ip |- poll-interval (1,65535) |- cost (0,65535) +- priority (0,255) |- [passive-interface] --*name (65) |- [summary-address] --*id (0,4294967295) |- prefix |- tag (0,4294967295) +- advertise |- [distribute-list] --*id (0,4294967295) |- access-list (36) +- protocol +- [redistribute] --*name (36) |- status |- metric (1,16777214) |- routemap (36) |- metric-type +- tag (0,4294967295) |- <ospf6> -- abr-type |- auto-cost-ref-bandwidth (1,1000000) |- default-information-originate |- log-neighbour-changes |- default-information-metric (1,16777214) |- default-information-metric-type |- default-information-route-map (36) |- default-metric (1,16777214) |- router-id |- spf-timers |- [area] --*id |- default-cost (0,16777215) |- nssa-translator-role |- stub-type |- type |- nssa-default-information-originate |- nssa-default-information-originate-metric (0,16777214) |- nssa-default-information-originate-metric-type |- nssa-redistribution |- [range] --*id (0,4294967295) |- prefix6 +- advertise +- [virtual-link] --*name (36) |- dead-interval (1,65535) |- hello-interval (1,65535) |- retransmit-interval (1,65535) |- transmit-delay (1,65535) +- peer |- [ospf6-interface] --*name (36) |- area-id |- interface (16) |- retransmit-interval (1,65535) |- transmit-delay (1,65535) |- cost (0,65535) |- priority (0,255) |- dead-interval (1,65535) |- hello-interval (1,65535) |- status |- network-type +- [neighbor] --*ip6 |- poll-interval (1,65535) |- cost (0,65535) +- priority (0,255) |- [passive-interface] --*name (65) |- [redistribute] --*name (36) |- status |- metric (1,16777214) |- routemap (36) +- metric-type +- [summary-address] --*id (0,4294967295) |- prefix6 |- advertise +- tag (0,4294967295) |- <bgp> -- as (0,4294967295) |- router-id |- keepalive-timer (0,65535) |- holdtime-timer (3,65535) |- always-compare-med |- bestpath-as-path-ignore |- bestpath-cmp-confed-aspath |- bestpath-cmp-routerid |- bestpath-med-confed |- bestpath-med-missing-as-worst |- client-to-client-reflection |- dampening |- deterministic-med |- ebgp-multipath |- ibgp-multipath |- enforce-first-as |- fast-external-failover |- log-neighbour-changes |- network-import-check |- ignore-optional-capability |- cluster-id |- confederation-identifier (1,4294967295) |- [confederation-peers] --*peer (65) |- dampening-route-map (36) |- dampening-reachability-half-life (1,45) |- dampening-reuse (1,20000) |- dampening-suppress (1,20000) |- dampening-max-suppress-time (1,255) |- dampening-unreachability-half-life (1,45) |- default-local-preference (0,4294967295) |- scan-time (5,60) |- distance-external (1,255) |- distance-internal (1,255) |- distance-local (1,255) |- synchronization |- graceful-restart |- graceful-restart-time (1,3600) |- graceful-stalepath-time (1,3600) |- graceful-update-delay (1,3600) |- graceful-end-on-timer |- [aggregate-address] --*id (0,4294967295) |- prefix |- as-set +- summary-only |- [aggregate-address6] --*id (0,4294967295) |- prefix6 |- as-set +- summary-only |- [neighbor] --*ip (46) |- advertisement-interval (1,600) |- allowas-in-enable |- allowas-in-enable6 |- allowas-in (1,10) |- allowas-in6 (1,10) |- attribute-unchanged |- attribute-unchanged6 |- activate |- activate6 |- bfd |- capability-dynamic |- capability-orf |- capability-orf6 |- capability-graceful-restart |- capability-graceful-restart6 |- capability-route-refresh |- capability-default-originate |- capability-default-originate6 |- dont-capability-negotiate |- ebgp-enforce-multihop |- link-down-failover |- stale-route |- next-hop-self |- next-hop-self6 |- override-capability |- passive |- remove-private-as |- remove-private-as6 |- route-reflector-client |- route-reflector-client6 |- route-server-client |- route-server-client6 |- shutdown |- soft-reconfiguration |- soft-reconfiguration6 |- as-override |- as-override6 |- strict-capability-match |- default-originate-routemap (36) |- default-originate-routemap6 (36) |- description (64) |- distribute-list-in (36) |- distribute-list-in6 (36) |- distribute-list-out (36) |- distribute-list-out6 (36) |- ebgp-multihop-ttl (1,255) |- filter-list-in (36) |- filter-list-in6 (36) |- filter-list-out (36) |- filter-list-out6 (36) |- interface (16) |- maximum-prefix (1,4294967295) |- maximum-prefix6 (1,4294967295) |- maximum-prefix-threshold (1,100) |- maximum-prefix-threshold6 (1,100) |- maximum-prefix-warning-only |- maximum-prefix-warning-only6 |- prefix-list-in (36) |- prefix-list-in6 (36) |- prefix-list-out (36) |- prefix-list-out6 (36) |- remote-as (1,4294967295) |- local-as (0,4294967295) |- local-as-no-prepend |- local-as-replace-as |- retain-stale-time (0,65535) |- route-map-in (36) |- route-map-in6 (36) |- route-map-out (36) |- route-map-out6 (36) |- send-community |- send-community6 |- keep-alive-timer (0,65535) |- holdtime-timer (3,65535) |- connect-timer (0,65535) |- unsuppress-map (36) |- unsuppress-map6 (36) |- update-source (16) |- weight (0,65535) |- restart-time (0,3600) |- password +- [conditional-advertise] --*advertise-routemap (36) |- condition-routemap (36) +- condition-type |- [neighbor-group] --*name (46) |- advertisement-interval (1,600) |- allowas-in-enable |- allowas-in-enable6 |- allowas-in (1,10) |- allowas-in6 (1,10) |- attribute-unchanged |- attribute-unchanged6 |- activate |- activate6 |- bfd |- capability-dynamic |- capability-orf |- capability-orf6 |- capability-graceful-restart |- capability-graceful-restart6 |- capability-route-refresh |- capability-default-originate |- capability-default-originate6 |- dont-capability-negotiate |- ebgp-enforce-multihop |- link-down-failover |- stale-route |- next-hop-self |- next-hop-self6 |- override-capability |- passive |- remove-private-as |- remove-private-as6 |- route-reflector-client |- route-reflector-client6 |- route-server-client |- route-server-client6 |- shutdown |- soft-reconfiguration |- soft-reconfiguration6 |- as-override |- as-override6 |- strict-capability-match |- default-originate-routemap (36) |- default-originate-routemap6 (36) |- description (64) |- distribute-list-in (36) |- distribute-list-in6 (36) |- distribute-list-out (36) |- distribute-list-out6 (36) |- ebgp-multihop-ttl (1,255) |- filter-list-in (36) |- filter-list-in6 (36) |- filter-list-out (36) |- filter-list-out6 (36) |- interface (16) |- maximum-prefix (1,4294967295) |- maximum-prefix6 (1,4294967295) |- maximum-prefix-threshold (1,100) |- maximum-prefix-threshold6 (1,100) |- maximum-prefix-warning-only |- maximum-prefix-warning-only6 |- prefix-list-in (36) |- prefix-list-in6 (36) |- prefix-list-out (36) |- prefix-list-out6 (36) |- remote-as (1,4294967295) |- local-as (0,4294967295) |- local-as-no-prepend |- local-as-replace-as |- retain-stale-time (0,65535) |- route-map-in (36) |- route-map-in6 (36) |- route-map-out (36) |- route-map-out6 (36) |- send-community |- send-community6 |- keep-alive-timer (0,65535) |- holdtime-timer (3,65535) |- connect-timer (0,65535) |- unsuppress-map (36) |- unsuppress-map6 (36) |- update-source (16) |- weight (0,65535) +- restart-time (0,3600) |- [neighbor-range] --*id (0,4294967295) |- prefix |- max-neighbor-num (1,1000) +- neighbor-group (64) |- [network] --*id (0,4294967295) |- prefix |- backdoor +- route-map (36) |- [network6] --*id (0,4294967295) |- prefix6 |- backdoor +- route-map (36) |- [redistribute] --*name (36) |- status +- route-map (36) |- [redistribute6] --*name (36) |- status +- route-map (36) +- [admin-distance] --*id (0,4294967295) |- neighbour-prefix |- route-list (36) +- distance (1,255) |- <isis> -- is-type |- auth-mode-l1 |- auth-mode-l2 |- auth-password-l1 |- auth-password-l2 |- auth-keychain-l1 (36) |- auth-keychain-l2 (36) |- auth-sendonly-l1 |- auth-sendonly-l2 |- ignore-lsp-errors |- lsp-gen-interval-l1 (1,120) |- lsp-gen-interval-l2 (1,120) |- lsp-refresh-interval (1,65535) |- max-lsp-lifetime (350,65535) |- spf-interval-exp-l1 |- spf-interval-exp-l2 |- dynamic-hostname |- adjacency-check |- overload-bit |- overload-bit-suppress |- overload-bit-on-startup (5,86400) |- default-originate |- metric-style |- redistribute-l1 |- redistribute-l1-list (36) |- redistribute-l2 |- redistribute-l2-list (36) |- [isis-net] --*id (0,4294967295) +- net |- [isis-interface] --*name (16) |- status |- network-type |- circuit-type |- csnp-interval-l1 (1,65535) |- csnp-interval-l2 (1,65535) |- hello-interval-l1 (0,65535) |- hello-interval-l2 (0,65535) |- hello-multiplier-l1 (2,100) |- hello-multiplier-l2 (2,100) |- hello-padding |- lsp-interval (1,4294967295) |- lsp-retransmit-interval (1,65535) |- metric-l1 (1,63) |- metric-l2 (1,63) |- wide-metric-l1 (1,16777214) |- wide-metric-l2 (1,16777214) |- auth-password-l1 |- auth-password-l2 |- auth-keychain-l1 (36) |- auth-keychain-l2 (36) |- auth-send-only-l1 |- auth-send-only-l2 |- auth-mode-l1 |- auth-mode-l2 |- priority-l1 (0,127) |- priority-l2 (0,127) |- mesh-group +- mesh-group-id (0,4294967295) |- [summary-address] --*id (0,4294967295) |- prefix +- level +- [redistribute] --*protocol (36) |- status |- metric (0,4261412864) |- metric-type |- level +- routemap (36) |- [multicast-flow] --*name (36) |- comments (128 xss) +- [flows] --*id (0,4294967295) |- group-addr +- source-addr |- <multicast> -- route-threshold (1,2147483647) |- route-limit (1,2147483647) |- multicast-routing |- <pim-sm-global> -- message-interval (1,65535) |- join-prune-holdtime (1,65535) |- accept-register-list (36) |- accept-source-list (36) |- bsr-candidate |- bsr-interface (16) |- bsr-priority (0,255) |- bsr-hash (0,32) |- bsr-allow-quick-refresh |- cisco-register-checksum |- cisco-register-checksum-group (36) |- cisco-crp-prefix |- cisco-ignore-rp-set-priority |- register-rp-reachability |- register-source |- register-source-interface (16) |- register-source-ip |- register-supression (1,65535) |- null-register-retries (1,20) |- rp-register-keepalive (1,65535) |- spt-threshold |- spt-threshold-group (36) |- ssm |- ssm-range (36) |- register-rate-limit (0,65535) +- [rp-address] --*id (0,4294967295) |- ip-address +- group (36) +- [interface] --*name (16) |- ttl-threshold (1,255) |- pim-mode |- passive |- bfd |- neighbour-filter (36) |- hello-interval (1,65535) |- hello-holdtime (1,65535) |- cisco-exclude-genid |- dr-priority (1,4294967295) |- propagation-delay (100,5000) |- state-refresh-interval (1,100) |- rp-candidate |- rp-candidate-group (36) |- rp-candidate-priority (0,255) |- rp-candidate-interval (1,16383) |- multicast-flow (36) |- static-group (36) |- [join-group] --*address +- <igmp> -- access-group (36) |- version |- immediate-leave-group (36) |- last-member-query-interval (1,65535) |- last-member-query-count (2,7) |- query-max-response-time (1,25) |- query-interval (1,65535) |- query-timeout (60,900) +- router-alert-check |- <multicast6> -- multicast-routing |- multicast-pmtu |- [interface] --*name (16) |- hello-interval (1,65535) +- hello-holdtime (1,65535) +- <pim-sm-global> -- register-rate-limit (0,65535) +- [rp-address] --*id (0,4294967295) +- ip6-address |- <info> |- <info6> |- [auth-path] --*name (16) |- device (36) +- gateway |- <setting> -- show-filter (36) +- hostname (15) +- <bfd> -- [neighbor] --*ip +- interface (16) |- hardware -- <status> |- <cpu> |- <memory> +- <nic> -- <nic> (0) |- mgmt-data -- <status> |- test -- <http> -- <Integer> (0) |- <smtp> -- <Integer> (0) |- <ftpd> -- <Integer> (0) |- <pop3> -- <Integer> (0) |- <imap> -- <Integer> (0) |- <nntp> -- <Integer> (0) |- <scanunit> -- <Integer> (0) |- <harelay> -- <Integer> (0) |- <hasync> -- <Integer> (0) |- <hatalk> -- <Integer> (0) |- <sessionsync> -- <Integer> (0) |- <forticldd> -- <Integer> (0) |- <miglogd> -- <Integer> (0) |- <urlfilter> -- <Integer> (0) |- <ovrd> -- <Integer> (0) |- <ipsmonitor> -- <Integer> (0) |- <ipsengine> -- <Integer> (0) |- <ipldbd> -- <Integer> (0) |- <ddnscd> -- <Integer> (0) |- <snmpd> -- <Integer> (0) |- <dnsproxy> -- <Integer> (0) |- <sflowd> -- <Integer> (0) |- <init> -- <Integer> (0) |- <l2tpcd> -- <Integer> (0) |- <dhcprelay> -- <Integer> (0) |- <pptpcd> -- <Integer> (0) |- <wccpd> -- <Integer> (0) |- <wad> -- <Integer> (0) |- <radiusd> -- <Integer> (0) |- <wpad> -- <Integer> (0) |- <fsd> -- <Integer> -- <Integer> -- <Integer> (0) |- <ipsufd> -- <Integer> (0) |- <lted> -- <Integer> -- <Integer> -- <Integer> (0) |- <forticron> -- <Integer> (0) |- <uploadd> -- <Integer> (0) |- <quarantined> -- <Integer> (0) |- <dhcp6c> -- <Integer> (0) |- <info-sslvpnd> -- <Integer> (0) |- <dsd> -- <Integer> (0) |- <lnkmtd> -- <Integer> (0) |- <dhcp6r> -- <Integer> (0) |- <fnbamd> -- <Integer> (0) |- <mrd> -- <Integer> (0) |- <zebos_launcher> -- <Integer> (0) |- <radius-das> -- <Integer> (0) |- <csfd> -- <Integer> (0) |- <fsvrd> -- <Integer> (0) |- <radvd> -- <Integer> (0) +- <fcnacd> -- <Integer> (0) +- extender -- <sys-info> -- <sn> (0) +- <modem-status> -- <sn> (0)
Zurück zu : FortiGate-5.4-5.6:FAQ