I search configs a lot via the CLI. This saves time and sometimes downloading a config and searching it in Notepad++ is not an option.
When looking for particular pieces of a config you can use the UNIX style "grep" command to filter output, for example:
# show | grep 192.168.1.99
set ip 192.168.1.99 255.255.255.0
Great. Now we know that there is a line that contains the IP address. But where in the config is it? In FortiOS 5.0 the "FortiOS context" switch was introduced which helps in tracking this down.
# show | grep -f 192.168.1.99
config system interface
edit "port10"
set vdom "root"
set ip 192.168.1.99 255.255.255.0 <---
set type physical
set snmp-index 10
next
end
Notice that when using the -f switch the firewall shows the entire "context" that the string is used in. Also there's a handy little arrow on the right which points out where in the context the string exists.
No comments:
Post a Comment