Fortinet FortiGate 4000 Betriebsanweisung

Use this command to configure how the FortiGate unit handles antivirus scanning of 
large files and what ports the FortiGate unit virus scans for HTTP traffic. 

config antivirus service http

set <keyword> <variable>

end

config antivirus service http

unset <keyword>

end

get antivirus service [http]

show antivirus service [http]

This example shows how to add antivirus scanning for HTTP traffic on ports 70, 90, 
and 443. Adding more ports for scanning does not erase the default, port 80. Use the 
unset command to remove all ports from the list.

config antivirus service http

set port 70
set port 90
set port 443

end

drop_heuristic 
{ftp http imap pop3 smtp}

Do not quarantine files found by 

heuristic scanning in traffic for the 

specified protocols.

imap 

smtp 

pop3 

http 

ftp

FortiGate 

models 

numbered 

200 and 

higher.

store_heuristic 
{ftp http imap pop3 smtp}

Quarantine files found by heuristic 

scanning in traffic for the specified 

protocols.

No 

default.

FortiGate 

models 

numbered 

200 and 

higher.

Note: This command has more keywords than are listed in this Guide. See the FortiGate CLI 
Reference Guide for a complete list of commands and keywords.

port <port_integer>

Configure antivirus scanning on a 

nonstandard port number or 

multiple port numbers for HTTP. 

You can use ports from the range 

1-65535. You can add up to 20 

ports. 

80

All models.