Troubleshooting Tips
This section includes suggestions to help you find and fix problems you may be having with your scripts.
• Make sure the commands you are trying to execute are valid for the version of FortiOS running on your target FortiGate device.
• You should always use braces when evaluating code that may contain user input, to avoid possible security breaches. To illustrate the danger, consider this interactive session:
% set userinput {[puts DANGER!]}
[puts DANGER!]
% expr $userinput == 1
DANGER!
0
% expr {$userinput == 1}
0
In the first example, the code contained in the user-supplied input is evaluated, whereas in the second the braces prevent this potential danger. As a general rule, always surround expressions with braces, whether using expr directly or some other command that takes an expression.
• A number that includes a leading zero or zeros, such as 0500 or 0011, is interpreted as an octal number, not a decimal number. So 0500 is actually 320 in decimal, and 0011 is 9 in decimal.
• There is a limit to the number of scripts allowed on the FortiManager unit. Try removing an old script before trying to save your current one.
• Using the TCL command “catch” you can add custom error messages in your script to alert you to problems during the script execution. When catch encounters an error it will return 1, but if there is no error it will return 0. For example:
if { [catch {open $someFile w} fid] } {
puts stderr "Could not open $someFile for writing\n$fid"
exit 1 ;# error opening the file!
} else {
# put the rest of your script here
}