Example configuration: logging all FortiGate traffic Log&Report
FortiGate Version 4.0 MR1 Administration Guide
736 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
next
edit port2
set log enable
end
4 Use the following command to enable logging of other traffic. This option is only
available when logging to an external syslog server.
config log syslogd filter
set other-traffic enable
end
5 Go to UTM > Intrusion Protection > IPS Sensor and select Create New to add an IPS
Sensor.
Edit the IPS Sensor and select Add Pre-defined Override to add the following
predefined IPS signatures to the sensor.
• Invalid.Protocol.Header
• TCP.Bad.Flags
• TCP.Invalid.Packet.Size
Enable each of these signatures, set Action to Block and enable Logging.
6 Enter the following CLI commands to add a DoS policy (called an interface policy in the
CLI) that includes the IPS Sensor.
config firewall interface-policy
edit 1
set interface <interface_name>
set srcaddr all
set dstaddr all
set service ANY
set ips-sensor-status enable
set ips-sensor <sensor_name>
end
Where <sensor_name> is the name of the IPS sensor added above.
To Next Page
Loading...
