Anomaly cli configuration, Config ips anomaly) config limit, Command syntax pattern – Fortinet 100A User Manual

IPS

Anomaly CLI configuration

FortiGate-100A Administration Guide

01-28007-0068-20041203

287

Anomaly CLI configuration

(config ips anomaly) config limit

Access the config limit subcommand using the config ips anomaly
command. Use this command for session control based on source and

destination network address. This command is available for tcp_src_session,
tcp_dst_session, icmp_src_session, icmp_dst_session,
udp_src_session, udp_dst_session.
You cannot edit the default entry. Addresses are matched from more specific to

more general. For example, if you define thresholds for 192.168.100.0/24 and
192.168.0.0/16, the address with the 24 bit netmask will be matched first.

Command syntax pattern

config limit

edit

set

end

config limit

edit

unset

end

config limit

delete

Example

Use the following command to configure the limit for the tcp_src_session

anomaly.

config ips anomaly tcp_src_session

config limit

edit subnet1

set ipaddress 1.1.1.0 255.255.255.0
set threshold 300

end

end

Note: This guide only covers Command Line Interface (CLI) commands that are not
represented in the web-based manager. For complete descriptions and examples of how to use
CLI commands see the FortiGate CLI Reference Guide.

Note: This command has more keywords than are listed in this Guide. See the FortiGate CLI
Reference Guide for a complete list of commands and keywords.

limit command keywords and variables

Keywords and variables

Description

Default Availability

ipaddress

The ip address and netmask of the

source or destination network.

No

default.

All models.

threshold

Set the threshold that triggers this

anomaly.

No

default.

All models.