Checking IP Address in Fortigate Geography-based Filter list
If you have a website and want to restrict it's access only to some specific countries, Fortinet's geography-based filtering would be very handy in that situation. The geographic-based addresses allow you to indicate the country, and the traffic originating or going to this country is logged, blocked or specific filtering is applied. But there will also be a situation when you might want to know if specific subnet is included in a country list or not. The following handy command will help you in that situation.
which gave the following output:
The result shows the IP ranges containing the exact match of 180.17 in any one of the octet.
#diagnose firewall ipgeo {country-list | ip-list | ip2country}
#diagnose firewall ipgeo ip-list India | grep 180.17
which gave the following output:
180.178.0.0 - 180.178.31.255
180.179.0.0 - 180.179.255.255
72.8.180.176 - 72.8.180.187
180.152.0.0 - 180.175.255.255
180.178.192.0 - 180.178.255.255
180.178.128.0 - 180.178.191.255
The result shows the IP ranges containing the exact match of 180.17 in any one of the octet.
Comments
Post a Comment