File filter as a standalone profile
The previously embedded file filter within web filter, email filter, SSH inspection, and CIFS has moved to a standalone profile. The file filter can be applied directly to firewall policies and supports various traffic protocols in proxy or flow mode.
config file-filter profile edit "test" set comment '' set feature-set flow set replacemsg-group '' set log enable set scan-archive-contents enable config rules edit "Block Exe" set comment '' set protocol http ftp smtp imap pop3 mapi cifs ssh set action block set direction any set password-protected any set file-type "exe" next end next end
When upgrading to FortiOS 6.4.1, existing embedded file filter rules (web filter, email filter, SSH inspection, and CIFS) that are not used in any policies or profile groups will have new file filter profiles created for them. Any firewall policies, proxy policies, or profile groups with existing embedded file filter rules will have new file filter profiles created for them.