Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
RF
New Contributor

custom signature

i am using fortigate 1000c i am trying to create a custom signature to block web traffic on windows xp computers. i am getting error invalid index code. please do correct the below syntax. F-SBID( --attack_id 8151; --vuln_id 8151; --name " Windows.NT.5.Web.Surfing" ; --default_action drop_session; --service HTTP; --protocol tcp; --app_cat 25; --flow from_client; --pattern " Windows NT 5." ; --no_case; --context header; )
RF
RF
2 REPLIES 2
TuncayBAS
Contributor II

please use follow code
F-SBID(--name " Windows.NT.5.Web.Surfing" ; --default_action drop_session; --service HTTP; --protocol tcp; --app_cat 25; --flow from_client;--pattern " Windows NT 5." ; --no_case; --context header; )
Tuncay BAS
RZK Muhendislik Turkey
FCA,FCP,FCF,FCSS
Tuncay BASRZK Muhendislik TurkeyFCA,FCP,FCF,FCSS
Warren_Olson_FTNT

Just FYI, you don' t need to put the " vuln_id" option. If you remove that piece the rest will work fine. But by removing the attack_id as yaba did in his example the FortiGate will just choose another unused one of its' own.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors