Chapter 19 Troubleshooting : ­Troubleshooting tools : FortiOS diagnostics : Proxy operation
  
Proxy operation
Monitor proxy operations using the following command:
diag test application <application> <option>
 
The <application> value can include the following:
http
HTTP proxy.
smtp
SMTP proxy.
ftpd
FTP proxy.
pop3
POP3 proxy.
imap
IMAP proxy.
nntp
NNTP proxy.
proxyacceptor
Proxy acceptor.
proxyworker
Proxy worker.
scanunit
Scanning unit.
sslacceptor
SSL proxy.
sslworker
SSL proxy.
ssh
SSH proxy.
harelay
HA relay daemon.
hasync
HA sync daemon.
forticldd
FortiCloud daemon.
miglogd
Miglog logging daemon.
urlfilter
URL filter daemon.
ovrd
Override daemon.
ipsmonitor
ips monitor
ipsengine
ips sensor
ipldbd
IP load balancing daemon.
ddnscd
DDNS client daemon.
snmpd
SNMP daemon.
acd
Aggregate Controller.
dnsproxy
DNS proxy.
sflowd
sFlow daemon.
init
init process.
l2tpcd
L2TP client daemon.
dhcprelay
DHCP relay daemon.
pptpcd
PPTP client.
wccpd
WCCP daemon.
wad
WAD related processes.
radiusd
RADIUS daemon.
sqldb
SQL database daemon.
reportd
Report daemon.
dlpfingerprint
DLP fingerprint daemon.
dlpfpcache
DLP fingerprint cache daemon.
wpad
WPA daemon.
fsd
FortiExplorer daemon.
ipsufd
IPS urlfilter daemon.
stp
Spanning Tree Protocol daemon.
lted
USB LTE daemon.
swctrl_authd
Switch controller authentication daemon.
forticron
Forticron daemon.
uploadd
Upload daemon.
quarantined
Quarantine daemon.
dhcp6c
DHCP6 client daemon.
info-sslvpnd
SSL-VPN info daemon.
thmd
Traffic history monitor daemon.
dsd
DLP Statistics daemon.
lnkmtd
Link monitor daemon.
dhcp6r
DHCP6 relay daemon.
fnbamd
Fortigate non-blocking auth daemon.
 
The <option> value depends from the application value used in the command. Here are some examples:
 
If the application is http, the CLI command will be
diag test application http <option>
The <option> value can be one from the following:
2
Drop all connections.
22
Drop max idle connections.
222
Drop all idle connections.
4
Display connection stat.
44
Display info per connection.
444
Display connections per state.
4444
Display per-VDOM statistics.
44444
Display information about idle connections.
55
Display tcp info per connection.
6
Display ICAP information.
70
Disable ICAP 'Allow: 204' (default).
71
Enable ICAP 'Allow: 204' .
72
Drop all ICAP server connections.
11
Display the SSL session ID cache statistics.
12
Clear the SSL session ID cache statistics.
13
Display the SSL session ID cache.
14
Clear the SSL session ID cache.
80
Show Fortinet bar SSL-VPN bookmark info.
81
Show Fortinet bar SSL-VPN bookmark cache.
82
Show Fortinet bar SSL-VPN bookmark LRU list.
 
If the application is ipsmonitor, the CLI command will be
diag test application ipsmonitor <option>
The <option> value can be one from the following:
 
1
Display IPS engine information
2
Toggle IPS engine enable/disable status
3
Display restart log
4
Clear restart log
5
Toggle bypass status
6
Submit attack characteristics now
10
IPS queue length
11
Clear IPS queue length
12
IPS L7 socket statistics
13
IPS session list
14
IPS NTurbo statistics
15
IPSA statistics
97
Start all IPS engines
98
Stop all IPS engines
99
Restart all IPS engines and monitor