Anomaly cli configuration, Config ips anomaly) config limit, Command syntax pattern – Fortinet 100A User Manual

IPS

Anomaly CLI configuration

FortiGate-100A Administration Guide

01-28007-0068-20041203

287

Anomaly CLI configuration

(config ips anomaly) config limit

Access the config limit subcommand using the config ips anomaly
<name_str> command. Use this command for session control based on source and

destination network address. This command is available for tcp_src_session,
tcp_dst_session, icmp_src_session, icmp_dst_session,
udp_src_session, udp_dst_session.
You cannot edit the default entry. Addresses are matched from more specific to

more general. For example, if you define thresholds for 192.168.100.0/24 and
192.168.0.0/16, the address with the 24 bit netmask will be matched first.

Command syntax pattern

config limit

edit <name_str>

set <keyword> <variable>

end

config limit

edit <name_str>

unset <keyword>

end

config limit

delete <name_str>

Example

Use the following command to configure the limit for the tcp_src_session

anomaly.

config ips anomaly tcp_src_session

config limit

edit subnet1

set ipaddress 1.1.1.0 255.255.255.0
set threshold 300

end

end

Note: This guide only covers Command Line Interface (CLI) commands that are not
represented in the web-based manager. For complete descriptions and examples of how to use
CLI commands see the FortiGate CLI Reference Guide.

Note: This command has more keywords than are listed in this Guide. See the FortiGate CLI
Reference Guide for a complete list of commands and keywords.

limit command keywords and variables

Keywords and variables

Description

Default Availability

ipaddress
<address_ipv4mask>

The ip address and netmask of the

source or destination network.

No

default.

All models.

threshold
<threshold_integer>

Set the threshold that triggers this

anomaly.

No

default.

All models.