webfilter : override-user
 
override-user
Use this command to configure FortiGuard-Web filter user overrides.
When a user attempts to access a blocked site, if override is enabled, a link appears on the block page directing the user to an authentication form. The user must provide a correct user name and password or the web site remains blocked. Authentication is based on user groups and can be performed for local, RADIUS, and LDAP users.
Administrators can only view and delete the user overrides entries.
Syntax
config webfilter override-user
edit <override_int>
set expires <yyyy/mm/dd hh:mm:ss>
set initiator <user_name>
set ip <ipv4>
set ip6 <ipv6>
set new-profile <profile_str>
set old-profile <profile_str>
set scope {user | user-group | ip | ip6}
set status {enable | disable}
set user <user_str>
set user-group <user_group_str>
end
get webfilter override-user <override_int>
 
Variable
Description
Default
<override_int>
The unique ID number of the override.
 
expires
<yyyy/mm/dd hh:mm:ss>
The date and time the override expires.
For example, the command to configure an expiry time of 6:45 p.m. on May 22, 2009 would be formatted this way:
set expires 2010/05/22 18:45:00
15 minutes after the override is created.
initiator <user_name>
The user who initiated the override rule. This field is get-only.
 
ip <ipv4>
When the scope is IP, enter the IP address for which the override rule applies.
0.0.0.0
ip6 <ipv6>
When the scope is ip6, enter the IP address for which the override rule applies.
::
new-profile <profile_str>
Specify the new web-filter profile to apply the override.
null
old-profile <profile_str>
Specify the web-filter profile for which the override applies.
null
scope {user | user-group | ip | ip6}
The scope of the override rule.
user
status {enable | disable}
Enable or disable the override rule.
disable
user <user_str>
When the scope is user, the user for which the override rule applies.
 
user-group <user_group_str>
When the scope is user-group, the user group for which the override rule applies.