Getting Started with FortiGate
Tuesday, December 24, 2013
New Book - Getting Started with Fortigate
I recently had the chance to work with Fabrizio on a new book he was writing. Go ahead and check it out. Yours truly served as a technical reviewer :)
Getting Started with FortiGate
Getting Started with FortiGate
Thursday, December 5, 2013
Get a 'grep' on your config
I search configs a lot via the CLI. This saves time and sometimes downloading a config and searching it in Notepad++ is not an option.
When looking for particular pieces of a config you can use the UNIX style "grep" command to filter output, for example:
# show | grep 192.168.1.99
set ip 192.168.1.99 255.255.255.0
Great. Now we know that there is a line that contains the IP address. But where in the config is it? In FortiOS 5.0 the "FortiOS context" switch was introduced which helps in tracking this down.
# show | grep -f 192.168.1.99
config system interface
edit "port10"
set vdom "root"
set ip 192.168.1.99 255.255.255.0 <---
set type physical
set snmp-index 10
next
end
Notice that when using the -f switch the firewall shows the entire "context" that the string is used in. Also there's a handy little arrow on the right which points out where in the context the string exists.
When looking for particular pieces of a config you can use the UNIX style "grep" command to filter output, for example:
# show | grep 192.168.1.99
set ip 192.168.1.99 255.255.255.0
Great. Now we know that there is a line that contains the IP address. But where in the config is it? In FortiOS 5.0 the "FortiOS context" switch was introduced which helps in tracking this down.
# show | grep -f 192.168.1.99
config system interface
edit "port10"
set vdom "root"
set ip 192.168.1.99 255.255.255.0 <---
set type physical
set snmp-index 10
next
end
Notice that when using the -f switch the firewall shows the entire "context" that the string is used in. Also there's a handy little arrow on the right which points out where in the context the string exists.
Subscribe to:
Posts (Atom)