Category: Fortigate

One-liner: how to get all service names and associated protocol numbers on Fortigate

Run in a VDOM:

sh firewall service custom | grep 'edit\|port\|type\|proto'

    edit "ALL"
        set protocol IP
    edit "ALL_TCP"
        set tcp-portrange 1-65535
    edit "ALL_UDP"
        set udp-portrange 1-65535
    edit "ALL_ICMP"
        set protocol ICMP
        unset icmptype
    edit "GRE"
        set protocol IP
        set protocol-number 47
    edit "DHCP"
        set udp-portrange 67-68
    edit "DNS"
        set tcp-portrange 53
        set udp-portrange 53
    edit "FTP"
        set tcp-portrange 21
    edit "FTP_GET"
        set tcp-portrange 21
    edit "FTP_PUT"
        set tcp-portrange 21
    edit "H323"
        set tcp-portrange 1720 1503
        set udp-portrange 1719
    edit "HTTP"
        set tcp-portrange 80
    edit "HTTPS"
        set tcp-portrange 443
. . .