Fortinet black logo

CLI Reference

execute waf block-ip

execute waf block-ip

Use the following commands to view, filter, or release any client IP address that is currently blocked by WAF modules prior to the block expiry period.

execute waf block-ip list

Use this command to generate a list of all the IP addresses that are currently blocked by WAF modules through the Block or Period Block actions.

Syntax

execute waf block-ip list

execute waf block-ip filter

Use this command to filter through the WAF blocked IPs via the IP address or the name of the virtual server that has blocked the IP address.

Syntax

execute waf block-ip filter {clear|ip|show|vs-name} {<ip>|<vs-name>}

clear

Clears the filters.

ip

Filter by a single IP or an IP range.

show

Show the filters.

vs-name

Filter by a virtual server name.

<ip>

If ip, specify the IP or an IP range to filter by. For example, 1.1.1.1-2.2.2.2

<vs-name>

If vs-name, specify the name of the virtual server that has blocked the IP address.

Example

FortiADC-VM # execute waf block-ip filter ip 50.1.0.1

FortiADC-VM # execute waf block-ip filter show
ip range: 50.1.0.1 - 50.1.0.1
virtual server: any

FortiADC-VM # execute waf block-ip filter vs-name VS1

FortiADC-VM # execute waf block-ip filter show
ip range: any
virtual server: VS1

execute waf block-ip release

Use this command to release one or all WAF blocked IP addresses.

Syntax

execute waf block-ip release {all|ip|vs-name} {<ip>|<vs-name>}

all

Release all the IP addresses currently blocked by the WAF.

ip

Release a single IP or an IP range.

vs-name

Release an IP by their virtual server name.

<ip>

If ip, specify the IP or an IP range to release. For example, '1.1.1.1-2.2.2.2'

<vs-name>

If vs-name, specify the name of the virtual server that has blocked the IP address.

Example

FortiADC-VM # execute waf block-ip release ip 50.1.0.1

FortiADC-VM # execute waf block-ip release vs-name VS1

FortiADC-VM # execute waf block-ip release vs-name VS1 ip '1.1.1.1'

execute waf block-ip

Use the following commands to view, filter, or release any client IP address that is currently blocked by WAF modules prior to the block expiry period.

execute waf block-ip list

Use this command to generate a list of all the IP addresses that are currently blocked by WAF modules through the Block or Period Block actions.

Syntax

execute waf block-ip list

execute waf block-ip filter

Use this command to filter through the WAF blocked IPs via the IP address or the name of the virtual server that has blocked the IP address.

Syntax

execute waf block-ip filter {clear|ip|show|vs-name} {<ip>|<vs-name>}

clear

Clears the filters.

ip

Filter by a single IP or an IP range.

show

Show the filters.

vs-name

Filter by a virtual server name.

<ip>

If ip, specify the IP or an IP range to filter by. For example, 1.1.1.1-2.2.2.2

<vs-name>

If vs-name, specify the name of the virtual server that has blocked the IP address.

Example

FortiADC-VM # execute waf block-ip filter ip 50.1.0.1

FortiADC-VM # execute waf block-ip filter show
ip range: 50.1.0.1 - 50.1.0.1
virtual server: any

FortiADC-VM # execute waf block-ip filter vs-name VS1

FortiADC-VM # execute waf block-ip filter show
ip range: any
virtual server: VS1

execute waf block-ip release

Use this command to release one or all WAF blocked IP addresses.

Syntax

execute waf block-ip release {all|ip|vs-name} {<ip>|<vs-name>}

all

Release all the IP addresses currently blocked by the WAF.

ip

Release a single IP or an IP range.

vs-name

Release an IP by their virtual server name.

<ip>

If ip, specify the IP or an IP range to release. For example, '1.1.1.1-2.2.2.2'

<vs-name>

If vs-name, specify the name of the virtual server that has blocked the IP address.

Example

FortiADC-VM # execute waf block-ip release ip 50.1.0.1

FortiADC-VM # execute waf block-ip release vs-name VS1

FortiADC-VM # execute waf block-ip release vs-name VS1 ip '1.1.1.1'