Created on 05-23-2013 05:21 AM Edited on 01-23-2024 05:32 AM By Jean-Philippe_P
Description
This article describes a method to count the total number of firewall policies on a FortiGate.
CLI commands listed below will display the total number of policies, and how many policies are enabled or disabled.
Scope
Solution
Using the command modifier '| grep' instructs the firewall to 'search for' the information that follows (in quotes if multiple words are used).
Using the command modifier '-c' instructs the firewall to only 'count' the number of occurrences.
The command to count the total number of firewall policies:
sh full-configuration firewall policy | grep -c 'set status'
To count enabled firewall policies:
sh full-configuration firewall policy | grep -c 'set status enable'
To count disabled firewall policies.
sh full-configuration firewall policy | grep -c 'set status disable'
This can be applied to all contexts, not only to firewall policies.
Note: this only works per VDOM, and does not display a summary of all vdoms. To see the output from another VDOM, that VDOM needs to be entered first.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.