FortiProxy provides enterprise-class protection against internet-borne threats and Advanced Web Content Caching
Article Id 284350


This article describes how to enable/disable high priority kernel debug messages (such as kernel panic backtraces) to display on the console.


The feature added that the kernel's printk level was raised in system to ensure that kernel panic dumps are always visible on console.

That, in combination with the SNAT code using an improper printk level, is causing the output to be visible when it should not.

For example, the ippool log message is repeated continuously after one successful ping. So the system CPU/Memory resources are exhausted and the system does not operate properly due to the output of a large amount of debug messages.


Proxy# execute ping

PING ( 56 data bytes

64 bytes from icmp_seq=4 ttl=255 time=1534.4 ms

[ 140.450697] id 1 pool count 1 ip count 7

[ 140.450710] start 0xac140adf count 7

[ 140.507023] id 1 pool count 1 ip count 7

[ 140.522452] id 1 pool count 1 ip count 7

[ 140.553971] start 0xac140adf count 7

[ 140.600870] start 0xac140adf count 7

[ 140.694785] id 1 pool count 1 ip count 7




FortiProxy v7.0.11 and above.




This new CLI command was added in the 7.0.11 version and is able to enable/disable kernel debug messages on the console.

To prevent unnecessary kernel messages from occurring, the CLI command below has been added to 7.0.11 later and is able to be set by enable/disable.


config system global

    set kernel-panic-debug enable/disable



Related document:

FortiProxy CLI Interface