[FortiGate] Basic knowledge about configuration command in CLI

Firewall (UTM)

About config contents

Config components

  • config
    • One setting hierarchy
  • edit
    • Configuration hierarchy for one object in config
    • One edit hierarchy corresponds to one object
      • example: Policies, address objects, static routes, etc.
  • set
    • One setting item in config or edit

Config structure pattern

  • Pattern with only one hierarchy
config <Item name>
    set <Item name> <Setting value>
    ...
end

  • A pattern with an edit hierarchy inside the config hierarchy
config <Item name>
    edit "id"
        set <Item name> <Setting value>
        ...
    next
    ...
end

  • A pattern in which there is an additional config hierarchy within the config hierarchy
config <Item name>
    set <Item name> <Setting value>
    ...
    config <Item name>
        edit "ID"
            set <Item name> <Setting value>
            ...
        next
    end
    ...
end

Config setting operation command

Command for changing settings

  • config <Item name>
    • Go to the config hierarchy to change settings

Operations in the config hierarchy

  • set <Item name> <Setting value>
    • Set one setting item
  • unset <Item name>
    • Return the setting of one setting item to the default value
  • edit "ID"
    1. Add a new edit hierarchy (when an unused value is specified for the ID)
      • Creates an edit hierarchy with the specified ID and then moves to that edit hierarchy
    2. Moves to the edit hierarchy of the specified ID (when an existing ID is specified)
  • delete "ID"
    • Delete the existing edit hierarchy (specify the existing ID)
  • show [full-configuration]
    • View the current config hierarchy settings [including items with default values]
  • end
    • Confirm the setting change and exit from the config hierarchy
  • abort
    • Undo the configuration change and exit the config hierarchy
      • Only the setting change for the set item can be canceled, and the addition / deletion of the edit hierarchy is confirmed immediately and cannot be canceled.

Operations in the edit hierarchy

  • set <Item name> <Setting value>
    • Set one setting item
  • unset <Item name>
    • Return the setting of one setting item to the default value
  • show [full-configuration]
    • Display the settings of the current edit hierarchy [including items with default values]
  • next
    • Confirm the configuration change and return from the edit hierarchy to the parent config hierarchy
  • end
    • Confirm the setting change and exit from the parent config hierarchy
  • abort
    • Undo the configuration change and exit the parent config hierarchy
FortiGate Mastery Web Book
Getting Started with FortiGate How to access the GUI of factory default FortiGate Basic knowledge about configuration co...
network-knowledge.work
2021.11.01
スポンサーリンク

Comments

Copied title and URL