FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pminarik
Staff
Staff
Article Id 193331
Description
After creating a new DLP sensor by cloning an existing one, changing the file-type filter on one changes the other as well.

Solution
This happens because the file-type filters are separate objects referenced by number in the sensor’s configuration.
config dlp sensor
    edit "TEST_SENSOR"
        config filter
            edit 1
                set proto smtp pop3 imap http-get http-post ftp
                set filter-by file-type
                set file-type 3
                set action block
            next
        end
    next
end

config dlp filepattern
    edit 3
        set name "TEST_SENSOR3"
        config entries
            edit "exe"
                set filter-type type
                set file-type exe
            next
            edit "*.abc"
            next
           end
    next
end
When the sensor is copied with the clone option into a new sensor, the copy gets the exact same file-type filter reference.  This results in two DLP sensors pointing to the same file-type pattern.

The solution is to manually create a copy from scratch, if a copy with some changes is needed.

Contributors