|
The Firewall goes into Frequent conserve mode due to the failed AntiVirus database verification check as given in the example crash log below
scanunit=manager pid=189: Warning: could not validate av package /data2/mmdb
(no signature)
the killed daemon is /bin/csfd: status=0x0
scanunit=manager pid=189: Warning: could not validate av package /data2/mmdb
(no signature)
the killed daemon is /bin/sflowd: status=0x0
service=kernel conserve=on total="3962 MB" used="3491 MB" red="3486 MB"
green="3248 MB" msg="Kernel enters memory conserve mode"
This is happening because the AntiVirus database has package update is not working and the resolution could be to manually update the signature by running the command 'execute update-now'. During this, the AntiVirus profile needs to be applied to the firewall policy.
For monitoring for errors during the upgrade process, the following commands could be used:
diag debug disable
diag debug reset
diag debug app update -1
diag debug console timestamp enable
diag debug enable
execute update-now
To stop the debug use the following command given below.
diag debug disable
diag debug reset
The FortiGuard connection needs to be reachable to run the update successfully.
If the FortiGuard is unreachable, the following KB article can be used: Troubleshooting Tip: Unable to connect to FortiGuard servers
|
