FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ppatel
Staff
Staff
Description

This article describes that CLI attributes for custom signatures are ignored in 6.2 and later versions.

Scope

FortiGate v6.2

FortiGate v6.4

FortiGate v7.0

Solution

Creating a custom signature as follows:

 

# config ips custom
    edit "test_signature"

      set signature "F-SBID( --attack_id 8888; --name test_signature;)

      set severity low    <-----

      set location server <-----

      set status disable  <-----

      set comment "test"

    next

end

 

The 'statu'”, 'location' and 'severity' CLI attributes are not used anymore and will have no effect.

The status will remain default 'enable' and severity 'critical'.

 

The severity can be only defined in the signature syntax with '--severity' statement.

Contributors