Description
This article describes how to configure system alias on FortiGate.
Solution
Configuration of system alias makes it possible to save collections of execute commands that can be run on demand.
config system alias
edit "router"
set command " get router info routing-table all"
next
end
alias router
Routing table for VRF=0
Codes:
K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default
S* 0.0.0.0/0 [10/0] via 10.109.31.254, port1
C 10.109.16.0/20 is directly connected, port1
C 10.109.48.0/20 is directly connected, port2
C 172.16.190.0/24 is directly connected, port3
C 172.16.251.0/24 is directly connected, port5
C 172.16.252.0/24 is directly connected, port6
Note:
Multiple commands can be put into the same alias command.
Use the open quote at the beginning of the first command.
Separate the commands using the Enter key.
Close the quote only at the end of the last command.
config system alias
edit "system"
set command "show system dns"
show system ddns"
next
end
alias system
config system dns
set primary 172.16.190.216
set secondary 208.91.112.52
set domain "iba.local"
end
config system ddns
end
For system alias, it is possible to use different commands in combination with 'grep' in order to filter only certain output.
Example:
config system alias
edit "performance"
set command "get sys status | grep time
diagnose sys session stat | grep session_count
diagnose sys session list | grep proto=6 -c" <--- this command grep only TCP sessions and count the total amount of them
next
end
Output from the 'alias performance':
alias performance
System time: Fri Dec 13 05:41:51 2024
misc info: session_count=26 setup_rate=0 exp_count=0 reflect_count=0 clash=0
npu_session_count=0
11 <--- 11 TCP sessions
The alias command can also be used to perform an iPerf3 test ".
config system alias
edit "iperf_test"
set command "diagnose sys waninfo ipify port1 | grep Public/WAN
diagnose traffictest server-intf port1
diagnose traffictest client-intf port1
diagnose traffictest port 5200
diagnose traffictest run -c 45.147.210.189 "
next
end
alias iperf_test
Try to get my public IP through https://api.ipify.org with src_ip=0.0.0.0 device=port1 vfid=0(root) ...
Public/WAN IP: 213.157.28.115
server-intf: port1
client-intf: port1
port: 5200
Connecting to host 45.147.210.189, port 5200
[ 7] local 10.191.19.160 port 9236 connected to 45.147.210.189 port 5200
[ ID] Interval Transfer Bitrate Retr Cwnd
[ 7] 0.00-1.00 sec 78.2 MBytes 656 Mbits/sec 176 1.40 MBytes
[ 7] 1.00-2.00 sec 81.2 MBytes 682 Mbits/sec 0 1.48 MBytes
[ 7] 2.00-3.00 sec 86.2 MBytes 724 Mbits/sec 0 1.55 MBytes
[ 7] 3.00-4.00 sec 88.8 MBytes 744 Mbits/sec 0 1.59 MBytes
[ 7] 4.00-5.00 sec 91.2 MBytes 765 Mbits/sec 0 1.62 MBytes
[ 7] 5.00-6.00 sec 92.5 MBytes 776 Mbits/sec 0 1.63 MBytes
[ 7] 6.00-7.00 sec 92.5 MBytes 776 Mbits/sec 0 1.64 MBytes
[ 7] 7.00-8.00 sec 93.8 MBytes 786 Mbits/sec 0 1.66 MBytes
[ 7] 8.00-9.00 sec 95.0 MBytes 797 Mbits/sec 0 1.70 MBytes
[ 7] 9.00-10.00 sec 86.2 MBytes 723 Mbits/sec 38 1.27 MBytes
- - - - - - - - - - - - - - - - - - - - - - - - -
[ ID] Interval Transfer Bitrate Retr
[ 7] 0.00-10.00 sec 886 MBytes 743 Mbits/sec 214 sender
[ 7] 0.00-10.02 sec 883 MBytes 740 Mbits/sec receiver
iperf Done.
