FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mgp
Staff
Staff
Article Id 212110

Description

 

This article describes how to check the various process daemons and how to kill the related daemons from the GUI.

 

Scope

 

FortiOS versions from v7.0 and later.

 

Solution

 

In the top right corner, select the username and then System -> Process Monitor.

 

button - process monitor.jpg

 

There, view the running daemons and the CPU and memory usage by each process.

 

Process Monitor.jpg

 

To kill any process, right-click on the respective daemon, select Kill Process, and then one of the 3 available options:

 

- Kill: This is a standard process kill. It creates a one-line log message in the crashlog.

- Force Kill: Forces immediate termination, the same as the kill 9 signal. Can be viewed in the crashlog.

- Kill & Trace: The same as the kill 11 signal. Gives detailed crashlog information, required for further analysis. For example:

 

2022-05-14 13:43:46 <06938> firmware FortiGate-VM64-KVM v7.0.5,build0304b0304,220208 (GA) (Release)
2022-05-14 13:43:46 <06938> application httpsd
2022-05-14 13:43:46 <06938> *** signal 11 (Segmentation fault) received ***
2022-05-14 13:43:46 <06938> Register dump:
2022-05-14 13:43:46 <06938> RAX: 0000000000000000 RBX: 0000000003edaed0
2022-05-14 13:43:46 <06938> RCX: ffffffffffffffff RDX: 000000000f2728e0
2022-05-14 13:43:46 <06938> R08: 0000000000000001 R09: 0000000003edaed0
2022-05-14 13:43:46 <06938> R10: 000000000f24b2d0 R11: 0000000000000246
2022-05-14 13:43:46 <06938> R12: 000000000000000b R13: 0000000000001b1a
2022-05-14 13:43:46 <06938> R14: 000000000f24fd30 R15: 000000000344a6f1
2022-05-14 13:43:46 <06938> RSI: 000000000000000b RDI: 0000000000001b1a
2022-05-14 13:43:46 <06938> RBP: 00007fffbf8cac20 RSP: 00007fffbf8cabf8
2022-05-14 13:43:46 <06938> RIP: 00007f740477d0f7 EFLAGS: 0000000000000246
2022-05-14 13:43:46 <06938> CS: 0033 FS: 0000 GS: 0000
2022-05-14 13:43:46 <06938> Trap: 0000000000000000 Error: 0000000000000000
2022-05-14 13:43:46 <06938> OldMask: 0000000000000000
2022-05-14 13:43:46 <06938> CR2: 0000000000000000
2022-05-14 13:43:46 <06938> stack: 0x7fffbf8cabf8 - 0x7fffbf8cc750
2022-05-14 13:43:46 <06938> Backtrace:
2022-05-14 13:43:46 <06938> [0x7f740477d0f7] => /usr/lib/x86_64-linux-gnu/libc.so.6
2022-05-14 13:43:46 (kill+0x00000007) liboffset 000390f7
2022-05-14 13:43:46 <06938> [0x00c8ebb0] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00be9964] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00be9eb0] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00beb5f6] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00becc3d] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00b97069] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00d4ef5a] => /bin/httpsd (ap_run_handler+0x0000004a)
2022-05-14 13:43:46 <06938> [0x00d4f7b6] => /bin/httpsd (ap_invoke_handler+0x000000c6)
2022-05-14 13:43:46 <06938> [0x00d94f09] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00d95151] => /bin/httpsd (ap_process_request+0x00000021)
2022-05-14 13:43:46 <06938> [0x00d8d7d5] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00d537aa] => /bin/httpsd (ap_run_process_connection+0x0000004a)
2022-05-14 13:43:46 <06938> [0x00d6904d] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00d69306] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00d694f4] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00d69b2d] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00d65001] => /bin/httpsd (ap_run_mpm+0x00000061)
2022-05-14 13:43:46 <06938> [0x00d64b36] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x0044b58f] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00453fea] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00450c4c] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x0045322f] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x00453b81] => /bin/httpsd
2022-05-14 13:43:46 <06938> [0x7f7404767deb] => /usr/lib/x86_64-linux-gnu/libc.so.6
2022-05-14 13:43:46 (__libc_start_main+0x000000eb) liboffset 00023deb
2022-05-14 13:43:46 <06938> [0x00446b5a] => /bin/httpsd
2022-05-14 13:43:46 <06938> fortidev 6.0.1.0005

 

Termination signals:

 

The table shows most common termination signal numbers and provides a description for each:

 

Signal number Description
4 Illegal instruction .
6 Abort command from FortiOS.
7 Bus error.
9 Unconditional kill.
11 Invalid memory reference.
14 Alarm clock.
15 Graceful kill.