diagnose ips anomaly status
This command is used to list anomaly status.
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips anomaly status < Enter >
Command
diagnose ips anomaly status
Output
:meter budget: 10000
:meter used: 0/0
:meter depth: 0
:sensor active: 0
:sensor pending: 0
diagnose ips anomaly6 config
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips anomaly6 config < Enter > — List DoS-sensor
Command
diagnose ips anomaly6 config
Output
DoS sensors in kernel vd 0:
total # DoS sensors: 0.
diagnose ips av stats show
This command is used to display AV statistics and it can be used within each VDOM.
Firmware – FortiOS: 5.6
Syntax
diagnose sys ips stats show
Command
diagnose sys ips stats show
Output
AV stats:
HTTP virus detected: 0
HTTP virus blocked: 0
SMTP virus detected: 0
SMTP virus blocked: 0
POP3 virus detected: 0
POP3 virus blocked: 0
IMAP virus detected: 0
IMAP virus blocked: 0
NNTP virus detected: 0
NNTP virus blocked: 0
FTP virus detected: 0
FTP virus blocked: 0
SMB virus detected: 0
SMB virus blocked: 0
diagnose ips config enable log-verbose
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips config enable log-verbose < Enter > — Enable
diagnose ips debug disable detect
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable detect < Enter > — Detect
diagnose ips debug disable dissector
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable dissector < Enter > — Dissector
diagnose ips debug disable error
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable error < Enter > — error
diagnose ips debug disable mail
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable mail < Enter > — mail
diagnose ips debug disable p2p
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
< code> diagnose ips debug disable p2p < Enter > — p2p
diagnose ips debug disable packet detail
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable packet_detail < Enter > — packet_detail
diagnose ips debug disable proxy
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable proxy < Enter > — proxy
diagnose ips debug disable rpc
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable rpc < Enter > — rpc
diagnose ips debug disable timeout
Firmware – FortiOS: 5.0 5.2 5.4 5.6 6.0
Syntax
diagnose ips debug disable timeout < Enter > — timeout
diagnose ips debug disable voip
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug disable voip < Enter > — voip {5.0}
diagnose ips debug enable av
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable av < Enter >
diagnose ips debug enable content detail
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable content_detail < Enter > — content_detail
diagnose ips debug enable detect
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable detect < Enter > — detect
diagnose ips debug enable dissector
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable dissector < Enter > — dissector
diagnose ips debug enable dns
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable dns < Enter > — dns
diagnose ips debug enable error
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable error < Enter > — error
diagnose ips debug enable http
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable http < Enter > — http
diagnose ips debug enable ipsa
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable ipsa
diagnose ips debug enable mail
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable mail < Enter >
diagnose ips debug enable packet dump
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable packet_dump < Enter > — packet_dump
diagnose ips debug enable rpc
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable rpc < Enter > — rpc
diagnose ips debug enable session
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable session < Enter > — session
diagnose ips debug enable ssh
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable ssh < Enter > — ssh
diagnose ips debug enable tcp
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips debug enable tcp < Enter > — tcp
diagnose ips dissector status
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips dissector status < Enter > — status
diagnose ips filter ip
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips filter ip < ip > — ip
diagnose ips filter port
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips filter port < port > — port
diagnose ips filter protocol
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips filter protocol < protocol number > — protocol
diagnose ips filter status
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips filter status < Enter > — Status
diagnose ips memory list
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips memory list < Enter > — list
diagnose ips memory status
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips memory status < Enter > — status
diagnose ips packet clear
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips packet clear < Enter > — clear
diagnose ips packet status
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips packet status < Enter > — status
diagnose ips session clear
Firmware – FortiOS: 5.0 5.2 5.4 5.6
This command is used to clear IPS sessions.
Syntax
diagnose ips session clear < Enter >
Starting in 5.4, there is the additional option of [vdom]
diagnose ips session clear [vdom]
Options
vdom
This option allows the command to clear just the IPS sessions of the specified VDOM.
If no VDOM is given, all IPS engine sessions are cleared.
Multiple VDOM should be separated by spaces.
diagnose ips session content
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips session content < Enter > — content
diagnose ips session list
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips session list < Enter > — list {5.0}
diagnose ips session performance
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips session performance < Enter > — performance
diagnose ips share list
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips share list < pool > — list
diagnose ips ssl status
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips ssl status < Enter > — status
diagnose ips ssl bypass disable
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips ssl bypass disable < Enter > — disable
diagnose ips ssl debug dbg
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips ssl debug dbg < Enter > — dbg
diagnose ips ssl noscan enable
Firmware – FortiOS: 5.0 5.2 5.4
Syntax
diagnose ips ssl noscan enable < Enter > — enable
diagnose ips test cmd
Firmware – FortiOS: 5.6
This command allows the running of new commands or new versions of commands in the IPS engine without having to reboot the FortiGate.
Syntax
diagnose ips test cmd
The command strings are separated by a semicolon such as:
diagnose ips test cmd command1;command2;command3
Command
This command triggers the diagnosis commands in the double quotation marks in order.
diagnose ips test cmd „ips memory track;ips memory status;ips session status”
Output
Commands[0]: ips memory track
—-< execute "diagnose ips memory track" >—-
Commands[1]: ips memory status
—-< execute "diagnose ips memory status" >—-
Commands[2]: ips session status
—-< execute "diagnose ips session status" >—-
diagnose ips urlfilter status
Firmware – FortiOS: 5.0 5.2 5.4
Display statistics for URL filters. This includes number of requests, responses, pending responses, errors, timeouts, blocked, and allowed.
Syntax
diagnose ips urlfilter status < Enter >