FortiOS CLI 命令1

获取所有静态路由

get router info routing-table static

配合使用grep过滤出路由

get router info routing-table static | grep xxx.xxx.xxx.xxx

编辑静态路由

config route static

edit xx

按需求过滤出session

diag sys session filter dst xxx.xxx.xxx.xxx
diag sys session filter proto 17 //proto number 17 为UDP

diag sys session filter proto 6 //proto number 6 为TCP

diag sys session filter dport 5000

diag sys session filter negate dport  //端口不为5000

diag sys session filter //查看当前过滤规则

diag sys session list //列出所有过滤出来的session

diag sys session clear //结束所有过滤出来的session

参考：

https://kb.fortinet.com/kb/documentLink.do?externalID=FD31635

https://kb.fortinet.com/kb/viewContent.do?externalId=FD30042