FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes how to identify if ‘diag sys session clear’ command has been issued to clear session.
Solution To identify if the ‘diag sys session clear’ command has been issued, is by checking on the ‘flush’ counter. This ‘flush’ counter will be shown when ‘diag sys session stat’ command is being executed. The ‘flush’ counter value will increase each time the ‘diag sys session clear’ command is issued.
Below is the sample output:
# diag sys session stat misc info: session_count=30 setup_rate=0 exp_count=0 clash=0 memory_tension_drop=0 ephemeral=0/131062 removeable=0 delete=0, flush=0, dev_down=0/0 ses_flush_filters=0 <----- 0, before clear session. flush_work_num=0 TCP sessions: 6 in ESTABLISHED state firewall error stat: error1=00000000 error2=00000000 error3=00000000 error4=00000000 tt=00000000 cont=00000000 ids_recv=00000000 url_recv=00000000 av_recv=00000000 fqdn_count=00000000 fqdn6_count=00000000 global: ses_limit=0 ses6_limit=0 rt_limit=0 rt6_limit=0
# diag sys session clear <----- command to clear session.
