Fortinet black logo

CLI Reference

Home FortiProxy 7.2.1 CLI Reference
7.2.1
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.0.17
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
2.0.13
2.0.12
2.0.0
1.2.4

config firewall sniffer

config firewall sniffer

Configure sniffer.

config firewall sniffer
    Description: Configure sniffer.
    edit <id>
        set status [enable|disable]
        set logtraffic [all|utm|...]
        set non-ip [enable|disable]
        set interface {string}
        set host {string}
        set port {string}
        set protocol {string}
        set vlan {string}
        set max-packet-count {integer}
    next
end

config firewall sniffer

Parameter

Description

Type

Size

Default

status

Enable/disable the active status of the sniffer.

option

-

enable

Option

Description

enable

Enable sniffer status.

disable

Disable sniffer status.

logtraffic

Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy.

option

-

utm

Option

Description

all

Log all sessions accepted or denied by this policy.

utm

Log traffic that has a security profile applied to it.

disable

Disable all logging for this policy.

non-ip

Enable/disable sniffing non-IP packets.

option

-

disable

Option

Description

enable

Enable sniffer for non-IP packets.

disable

Disable sniffer for non-IP packets.

interface

Interface name that traffic sniffing will take place on.

string

Maximum length: 35

host

Hosts to filter for in sniffer traffic .

string

Maximum length: 63

port

Ports to sniff .

string

Maximum length: 63

protocol

Integer value for the protocol type as defined by IANA .

string

Maximum length: 63

vlan

List of VLANs to sniff.

string

Maximum length: 63

max-packet-count

Maximum packet count .

integer

Minimum value: 1 Maximum value: 1000000

4000
Previous
Next

config firewall sniffer

Configure sniffer.

config firewall sniffer
    Description: Configure sniffer.
    edit <id>
        set status [enable|disable]
        set logtraffic [all|utm|...]
        set non-ip [enable|disable]
        set interface {string}
        set host {string}
        set port {string}
        set protocol {string}
        set vlan {string}
        set max-packet-count {integer}
    next
end

config firewall sniffer

Parameter

Description

Type

Size

Default

status

Enable/disable the active status of the sniffer.

option

-

enable

Option

Description

enable

Enable sniffer status.

disable

Disable sniffer status.

logtraffic

Either log all sessions, only sessions that have a security profile applied, or disable all logging for this policy.

option

-

utm

Option

Description

all

Log all sessions accepted or denied by this policy.

utm

Log traffic that has a security profile applied to it.

disable

Disable all logging for this policy.

non-ip

Enable/disable sniffing non-IP packets.

option

-

disable

Option

Description

enable

Enable sniffer for non-IP packets.

disable

Disable sniffer for non-IP packets.

interface

Interface name that traffic sniffing will take place on.

string

Maximum length: 35

host

Hosts to filter for in sniffer traffic .

string

Maximum length: 63

port

Ports to sniff .

string

Maximum length: 63

protocol

Integer value for the protocol type as defined by IANA .

string

Maximum length: 63

vlan

List of VLANs to sniff.

string

Maximum length: 63

max-packet-count

Maximum packet count .

integer

Minimum value: 1 Maximum value: 1000000

4000
Previous
Next