Technical Tip: FortiGate firewall objects reference
Description
This article describes that FortiOS includes a command to allow users to find all places where any 'object' is used. This can be useful in order to delete an object that may no longer be used.
Scope
FortiGate.
Solution
From the CLI, enter the following commands:
diagnose system checkused sytem.interface.name <path.object.mkey> <interface_name>
This will return all objects where interface_name is referenced.
For example:
diagnose system checkused sytem.interface.name dmz
entry used by table system.interface:name 'vlan1‘
diagnose system checkused system.vdom. root
entry used by conplex system.global:management-vdom
entry used by table system.interface:name '101'
entry used by table system.interface:name '201'
entry used by table system.interface:name 'dmz'
This command is already removed and replaced by the command: diagnose sys cmdb refcnt show <path.object.mkey>.