Yuri Slobodyanyuk's blog on IT Security and Networking sharing experience and expertise

Limit maximum size of scanned files in Fortigate firmware 4

New operating systems are supposed to better user experience .. I thought. Well, so I thought, until today, when I had a need to lower the maximum size of files to be scanned by Fortigate 80C . It was a matter of few clicks in the good old version 3 via management GUI but in version 4 I spent some 20 minutes digging its GUI high and low and then finally opened Command Reference and found how to do it the CLI way.
Here is the solution :

FTG80C# config antivirus service http
FTG80C(http)# sho

config antivirus service “http”
set scan-bzip2 disable
set uncompnestlimit 12
set uncompsizelimit 10

FTG80C(http) # set uncompsizelimit 2
FTG80C(http) # end

FTG80C# config antivirus service ftp
FTG80C(ftp) # set

scan-bzip2 enable scanning of bzip2 compressed files
uncompnestlimit uncompnestlimit
uncompsizelimit uncompsizelimit

FTG80C(ftp) # set uncompsizelimit

max uncompressed size to scan (1-50MB or use 0 for unlimited)

FTG80C(ftp) # set uncompsizelimit 2
FTG80C(ftp) # end

1 Comment

  1. Hi,

    nice post.
    One question… why you needed lower the maximum size of files to be scanned ?
    There is a relation with the high memory usage?

Comments are closed.

© 2016 yurisk.info

Theme by Anders NorenUp ↑