Fortinet Document Library

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:

Version:


Table of Contents

CLI Reference

web-spam

Use the following commands to configure FortiGuard antispam related settings.

web-spam fgd-setting

Use this command to configure FortiGuard run parameters.

Syntax

config fmupdate web-spam fgd-setting

set as-cache <integer>

set as-log {all | disable | nospam}

set as-preload {disable | enable}

set av-cache <integer>

set av-log {all | disable | novirus}

set av-preload {disable | enable}

set eventlog-query {disable | enable}

set fq-cache <integer>

set fq-log {all | disable | nofilequery}

set fq-preload {disable | enable}

set linkd-log {disable | enable}

set max-log-quota <integer>

set max-unrated-size <integer>

set restrict-as1-dbver <string>

set restrict-as2-dbver <string>

set restrict-as4-dbver <string>

set restrict-av-dbver <string>

set restrict-fq-dbver <string>

set restrict-wf-dbver <string>

set stat-log-interval <integer>

set stat-sync-interval <integer>

set update-interval <integer>

set update-log {disable | enable}

set wf-cache <integer>

set wf-dn-cache-expire-time <integer>

set wf-dn-cache-max-number <integer>

set wf-log {all | disable | nourl}

set wf-preload {disable | enable}

config server-override

set status {disable | enable}

config servlist

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set port <integer>

set service-type {fgc | fgd | fsa}

end

end

end

Variable

Description

as-cache <integer>

Set the antispam service maximum memory usage. Range: 100 to 2800 (MB)

as-log {all | disable | nospam}

Antispam log setting. The following options are available: 

  • all: Log all spam lookups.
  • disable: Disable spam log.
  • nospam: Log non-spam events.

as-preload {disable | enable}

Enable/disable preloading the antispam database into memory.

av-cache <integer>

Set the web filter service maximum memory usage. Range: 100 to 500 (MB)

av-log {all | disable | novirus}

Antivirus log settings. The following options are available: 

  • all: Log all virus lookups.
  • disable: Disable virus log.
  • novirus: Log non-virus events.

av-preload {disable | enable}

Enable/disable preloading the antivirus database into memory.

eventlog-query {disable | enable}

Enable or disable record query to event-log besides fgd-log.

fq-cache <integer>

Set the file query service maximum memory usage. Range: 100 to 500MB

fq-log {all | disable | nofilequery}

Filequery log settings. The following options are available: 

  • all: Log all file query.
  • disable: Disable file query log.
  • nofilequery: Log non-file query events.

fq-preload {disable | enable}

Enable/disable preloading the filequery database to memory.

linkd-log {disable | enable}

Enable/disable the linkd log.

max-log-quota <integer>

Maximum log quota setting. Range: 100 to 20480MB

max-unrated-size <integer>

Maximum number of unrated site in memory. Range: 10 to 5120K. Default: 500K

restrict-as1-dbver <string>

Restrict the system update to the indicated antispam(1) database version.

Character limit: 127

restrict-as2-dbver <string>

Restrict the system update to the indicated antispam(2) database version. Character limit: 127

restrict-as4-dbver <string>

Restrict the system update to the indicated antispam(4) database version. Character limit: 127

restrict-av-dbver <string>

Restrict the system update to the indicated antivirus database version. Character limit: 127

restrict-fq-dbver <string>

Restrict the system update to the indicated filequery database version. Character limit: 127

restrict-wf-dbver <string>

Restrict the system update to the indicated webfilter database version. Character limit: 127

stat-log-interval <integer>

Statistic log interval setting. Range: 1 to 1440 (minutes)

stat-sync-interval <integer>

Synchronization interval for statistics of unrated sites. Range: 1 to 60 (minutes)

update-interval <integer>

Enter the FortiGuard database update wait time if there are not enough delta files. Range: 2 to 24 (hours)

update-log {disable | enable}

Enable/disable update log setting.

wf-cache <integer>

Enter the web filter service maximum memory usage, in megabytes (100 - 2800, default = 600).

wf-dn-cache-expire-time

Web filter DN cache expire time, in minutes (1 - 1440, 0 = never, default = 30).

wf-dn-cache-max-number

Maximum number of Web filter DN cache (0 = disable, default = 10000).

wf-log {all | disable | nourl}

Web filter log setting. The following options are available: 

  • all: Log all URL lookups.
  • disable: Disable URL log.
  • nourl: Log non-URL events.

wf-preload {disable | enable}

Enable/disable preloading the web filter database into memory.

Variables for config server-override subcommand:

status {enable | disable}

Enable/disable the override (default = disable).

<id>

Enter the override server ID (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the override server address (default = 0.0.0.0).

ip6 <ipv6_address>

Enter the IPv6 address of the override server address.

port <integer>

Enter the port number to use when contacting the FDS (1 - 65535, default = 443).

service-type {fgc | fgd | fsa}

Set the override service type.

web-spam poll-frequency

Use this command to configure the web-spam poll frequency.

Syntax

config fmupdate web-spam poll-frequency

set time <hh:mm>

end

Variable

Description

time <hh:mm>

Enter the poll frequency time interval

web-spam web-proxy

Use this command to configure the web-spam web-proxy.

Syntax

config fmupdate web-spam web-proxy

set ip <proxy_ipv4_address>

set ip6 <proxy_ipv6_address>

set mode {proxy | tunnel}

set password <passwd>

set port <integer>

set status {disable | enable}

end

Variable

Description

ip <proxy_ipv4_address>

Enter the IPv4 address of the web proxy. Default: 0.0.0.0

ip6 <proxy_ipv6_address>

Enter the IPv6 address of the web proxy.

mode {proxy | tunnel}

Enter the web proxy mode.

password <passwd>

If the web proxy requires authentication, type the password for the user name.

port <integer>

Enter the port number of the web proxy. Default: 80. Range: 1 to 65535

status {disable | enable}

Enable/disable connections through the web proxy. Default: disable

username <string>

If the web proxy requires authentication, enter the user name.

web-spam

Use the following commands to configure FortiGuard antispam related settings.

web-spam fgd-setting

Use this command to configure FortiGuard run parameters.

Syntax

config fmupdate web-spam fgd-setting

set as-cache <integer>

set as-log {all | disable | nospam}

set as-preload {disable | enable}

set av-cache <integer>

set av-log {all | disable | novirus}

set av-preload {disable | enable}

set eventlog-query {disable | enable}

set fq-cache <integer>

set fq-log {all | disable | nofilequery}

set fq-preload {disable | enable}

set linkd-log {disable | enable}

set max-log-quota <integer>

set max-unrated-size <integer>

set restrict-as1-dbver <string>

set restrict-as2-dbver <string>

set restrict-as4-dbver <string>

set restrict-av-dbver <string>

set restrict-fq-dbver <string>

set restrict-wf-dbver <string>

set stat-log-interval <integer>

set stat-sync-interval <integer>

set update-interval <integer>

set update-log {disable | enable}

set wf-cache <integer>

set wf-dn-cache-expire-time <integer>

set wf-dn-cache-max-number <integer>

set wf-log {all | disable | nourl}

set wf-preload {disable | enable}

config server-override

set status {disable | enable}

config servlist

edit <id>

set ip <ipv4_address>

set ip6 <ipv6_address>

set port <integer>

set service-type {fgc | fgd | fsa}

end

end

end

Variable

Description

as-cache <integer>

Set the antispam service maximum memory usage. Range: 100 to 2800 (MB)

as-log {all | disable | nospam}

Antispam log setting. The following options are available: 

  • all: Log all spam lookups.
  • disable: Disable spam log.
  • nospam: Log non-spam events.

as-preload {disable | enable}

Enable/disable preloading the antispam database into memory.

av-cache <integer>

Set the web filter service maximum memory usage. Range: 100 to 500 (MB)

av-log {all | disable | novirus}

Antivirus log settings. The following options are available: 

  • all: Log all virus lookups.
  • disable: Disable virus log.
  • novirus: Log non-virus events.

av-preload {disable | enable}

Enable/disable preloading the antivirus database into memory.

eventlog-query {disable | enable}

Enable or disable record query to event-log besides fgd-log.

fq-cache <integer>

Set the file query service maximum memory usage. Range: 100 to 500MB

fq-log {all | disable | nofilequery}

Filequery log settings. The following options are available: 

  • all: Log all file query.
  • disable: Disable file query log.
  • nofilequery: Log non-file query events.

fq-preload {disable | enable}

Enable/disable preloading the filequery database to memory.

linkd-log {disable | enable}

Enable/disable the linkd log.

max-log-quota <integer>

Maximum log quota setting. Range: 100 to 20480MB

max-unrated-size <integer>

Maximum number of unrated site in memory. Range: 10 to 5120K. Default: 500K

restrict-as1-dbver <string>

Restrict the system update to the indicated antispam(1) database version.

Character limit: 127

restrict-as2-dbver <string>

Restrict the system update to the indicated antispam(2) database version. Character limit: 127

restrict-as4-dbver <string>

Restrict the system update to the indicated antispam(4) database version. Character limit: 127

restrict-av-dbver <string>

Restrict the system update to the indicated antivirus database version. Character limit: 127

restrict-fq-dbver <string>

Restrict the system update to the indicated filequery database version. Character limit: 127

restrict-wf-dbver <string>

Restrict the system update to the indicated webfilter database version. Character limit: 127

stat-log-interval <integer>

Statistic log interval setting. Range: 1 to 1440 (minutes)

stat-sync-interval <integer>

Synchronization interval for statistics of unrated sites. Range: 1 to 60 (minutes)

update-interval <integer>

Enter the FortiGuard database update wait time if there are not enough delta files. Range: 2 to 24 (hours)

update-log {disable | enable}

Enable/disable update log setting.

wf-cache <integer>

Enter the web filter service maximum memory usage, in megabytes (100 - 2800, default = 600).

wf-dn-cache-expire-time

Web filter DN cache expire time, in minutes (1 - 1440, 0 = never, default = 30).

wf-dn-cache-max-number

Maximum number of Web filter DN cache (0 = disable, default = 10000).

wf-log {all | disable | nourl}

Web filter log setting. The following options are available: 

  • all: Log all URL lookups.
  • disable: Disable URL log.
  • nourl: Log non-URL events.

wf-preload {disable | enable}

Enable/disable preloading the web filter database into memory.

Variables for config server-override subcommand:

status {enable | disable}

Enable/disable the override (default = disable).

<id>

Enter the override server ID (1 - 10).

ip <ipv4_address>

Enter the IPv4 address of the override server address (default = 0.0.0.0).

ip6 <ipv6_address>

Enter the IPv6 address of the override server address.

port <integer>

Enter the port number to use when contacting the FDS (1 - 65535, default = 443).

service-type {fgc | fgd | fsa}

Set the override service type.

web-spam poll-frequency

Use this command to configure the web-spam poll frequency.

Syntax

config fmupdate web-spam poll-frequency

set time <hh:mm>

end

Variable

Description

time <hh:mm>

Enter the poll frequency time interval

web-spam web-proxy

Use this command to configure the web-spam web-proxy.

Syntax

config fmupdate web-spam web-proxy

set ip <proxy_ipv4_address>

set ip6 <proxy_ipv6_address>

set mode {proxy | tunnel}

set password <passwd>

set port <integer>

set status {disable | enable}

end

Variable

Description

ip <proxy_ipv4_address>

Enter the IPv4 address of the web proxy. Default: 0.0.0.0

ip6 <proxy_ipv6_address>

Enter the IPv6 address of the web proxy.

mode {proxy | tunnel}

Enter the web proxy mode.

password <passwd>

If the web proxy requires authentication, type the password for the user name.

port <integer>

Enter the port number of the web proxy. Default: 80. Range: 1 to 65535

status {disable | enable}

Enable/disable connections through the web proxy. Default: disable

username <string>

If the web proxy requires authentication, enter the user name.