Works with IPv4 & IPv6 local-in policies.
Can auto-run when imported as Userscript.
Purely reads and shows the config, not touching it.
If you use it, please write a comment or click the Kudo button.
Show custom local-in policies in FortiGate's WebUI with just a click!
Result:
Copy & paste into a bookmark:
javascript:(async function(){const ip4=await fetch('/api/v2/cmdb/firewall/local-in-policy');const a4=await ip4.json();const ip6=await fetch('/api/v2/cmdb/firewall/local-in-policy6');const a6=await ip6.json();const m=document.querySelector('.mutable-menu');const p=document.createElement('div');p.setAttribute("id","clip");s=t="<table style='width:100%;padding:0;border-spacing:0;border-collapse:collapse'><tr>";if(a4.size===0 && a6.size===0){s+="<td style='text-align:center;color:#aaa'>No custom Local-in policy configured.</td></tr>"}else{u="<td style='height:37px;text-align:center;background-color:gainsboro;border:1px solid #B9B9B9' colspan='9'>Custom Local-In ";v="Policy<span style='color:#aaa'> → configured via CLI / API</span></td></tr>";w="<tr style='height:32px;text-align:center;color:#fff;background-color:#5A5A5A;border:1px solid #B9B9B9'><td> # </td><td>Status</td><td>Interface</td><td>Source</td><td>Destination</td><td>Service</td><td>Action</td><td>Schedule</td><td>Comments</td></tr>"}if(a4.size!=0){if(a6.size===0){s+=u+v+w}else{s+=u+"<span style='color:green'>IPv4</span> "+v+w}for(const _ of a4.results){src_='';for(let i in _.srcaddr){if(i!=0){src_+='<br>'}if(_["srcaddr-negate"]=='enable'){src_+='<f-icon class="fa-negate" title="Negated" style="cursor:pointer"></f-icon> '}src_+=_.srcaddr[i].name}dst_='';for(let j in _.dstaddr){if(j!=0){dst_+='<br>'}if(_["dstaddr-negate"]=='enable'){dst_+='<f-icon class="fa-negate" title="Negated" style="cursor:pointer"></f-icon> '}dst_+=_.dstaddr[j].name}svc_='';for(let k in _.service){if(k!=0){svc_+='<br>'}if(_["service-negate"]=='enable'){svc_+='<f-icon class="fa-negate" title="Negated" style="cursor:pointer"></f-icon> '}svc_+=_.service[k].name}s+='<tr style="height:32px;text-align:center"><td style="border:1px solid #E2E2E2">'+_.policyid+'</td><td style="border:1px solid #E2E2E2">'+_.status.replace('enable','<f-icon class="fa-enabled" title="Enabled" style="cursor:pointer"></f-icon> Enabled').replace('disable','<f-icon class="fa-disabled" title="Disabled" style="cursor:pointer"></f-icon> <span style="color:silver">Disabled</span>')+_["ha-mgmt-intf-only"].replace('enable','<br>HA management interface only').replace('disable','')+'</td><td style="border:1px solid #E2E2E2">'+_.intf+'</td><td style="border:1px solid #E2E2E2">'+src_+'</td><td style="border:1px solid #E2E2E2">'+dst_+'</td><td style="border:1px solid #E2E2E2">'+svc_+'</td><td style="border:1px solid #E2E2E2">'+_.action.replace('deny','<f-icon class="fa-denied" title="Deny" style="cursor:pointer"></f-icon> DENY').replace('accept','<f-icon class="fa-accepted" title="Accept" style="cursor:pointer"></f-icon> ACCEPT')+'</td><td style="border:1px solid #E2E2E2">'+_.schedule+'</td><td style="border:1px solid #E2E2E2">'+_.comments+'</td></tr>'}}if(a6.size!=0){t+=u+"<span style='color:darkviolet'>IPv6</span> "+v+w;for(const _ of a6.results){src_='';for(let l in _.srcaddr){if(l!=0){src_+='<br>'}if(_["srcaddr-negate"]=='enable'){src_+='<f-icon class="fa-negate" title="Negated" style="cursor:pointer"></f-icon> '}src_+=_.srcaddr[l].name}dst_='';for(let m in _.dstaddr){if(m!=0){dst_+='<br>'}if(_["dstaddr-negate"]=='enable'){dst_+='<f-icon class="fa-negate" title="Negated" style="cursor:pointer"></f-icon> '}dst_+=_.dstaddr[m].name}svc_='';for(let n in _.service){if(n!=0){svc_+='<br>'}if(_["service-negate"]=='enable'){svc_+='<f-icon class="fa-negate" title="Negated" style="cursor:pointer"></f-icon> '}svc_+=_.service[n].name}t+='<tr style="height:32px;text-align:center"><td style="border:1px solid #E2E2E2">'+_.policyid+'</td><td style="border:1px solid #E2E2E2">'+_.status.replace('enable','<f-icon class="fa-enabled" title="Enabled" style="cursor:pointer"></f-icon> Enabled').replace('disable','<f-icon class="fa-disabled" title="Disabled" style="cursor:pointer"></f-icon> <span style="color:silver">Disabled</span>')+'</td><td style="border:1px solid #E2E2E2">'+_.intf+'</td><td style="border:1px solid #E2E2E2">'+src_+'</td><td style="border:1px solid #E2E2E2">'+dst_+'</td><td style="border:1px solid #E2E2E2">'+svc_+'</td><td style="border:1px solid #E2E2E2">'+_.action.replace('deny','<f-icon class="fa-denied" title="Deny" style="cursor:pointer"></f-icon> DENY').replace('accept','<f-icon class="fa-accepted" title="Accept" style="cursor:pointer"></f-icon> ACCEPT')+'</td><td style="border:1px solid #E2E2E2">'+_.schedule+'</td><td style="border:1px solid #E2E2E2">'+_.comments+'</td></tr>'}}f="</table><br><table style='width:100%;padding:0;border-spacing:0;border-collapse:collapse'><tr><td style='height:37px;text-align:center;background-color:gainsboro;border:1px solid #B9B9B9;border-bottom:0'>Auto Local-In Policy<span style='color:#aaa'> → managed by FortiGate</span></td></tr></table>";if(a6.size===0){p.innerHTML=s+f}else{if(a4.size===0){p.innerHTML=t+f}else{p.innerHTML=s+"</table><br>"+t+f}}if(document.contains(document.getElementById("clip"))){document.getElementById("clip").remove();}m.after(p)})();
This code is a JavaScript bookmarklet that can be used to show custom local-in policies in FortiGate's WebUI. The bookmarklet reads the configuration and displays it in a table format, without making any changes to the configuration.
To use this bookmarklet, you can follow these steps:
1. Login to your FortiGate's WebUI and navigate to System > Feature Visibility. Make sure that the local-in policy is enabled.
2. Create a new bookmark in your web browser and copy the JavaScript code provided above into the URL field.
3. Click the bookmark and the local-in policies will be displayed in a table format.
Note that this code works for both IPv4 and IPv6 local-in policies. Also, if you use this bookmarklet, it is recommended to write a comment or click the Kudo button to acknowledge its usefulness.
I hope this helps! Let me know if you have any further questions or if there's anything else I can assist you with.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.