Description
This article describes how to force restart internal processes and daemons, without the need to restart the whole unit.
Scope
All FortiGate and FortiMail units on v 4MR3, 5.0 and 5.2.
Solution
# execute reload [<daemon_name>]
On FortiGate, the most common daemons could be restarted by using '# diagnose' command:
# diagnose test application <daemon_name> 99
When the above procedures do not show the process has restarted, then it could be necessary to kill the process.The kill instruction should be used as the last resort before a reboot of the unit.The format of the command to use is:
# diagnose sys kill <sig_term> <pid>
The process ID (pid) could be taken from the second column of the command '# diagnose sys top'.For example:
# diagnose sys topRun Time: 2 days, 16 hours and 48 minutes0U, 0S, 100I; 442T, 154F, 127KFscanunitd 519 R 4.7 3.2ipsengine 63 S < 0.0 8.4pyfcgid 511 S 0.0 4.9
In this example, the 'ipsengine' process has the pid '63'.Although the <sig_term> is mostly the same as those used on Unix/Unix-like platforms, is recommended to use only SIGSEGV (11), SIGINT (2), SIGTERM(15) or SIGKILL(9) in that order.SIGSEGV (11): is used to terminate the process and dump a crash exit into the crashlog (diag debug crashlog read). This is helpful for troubleshooting that process.SIGINT (2): is used as for example the user hits 'Ctrl-C' on keyboard to end a process.SIGTERM (15): is a 'polite' termination signal, asking the process to close connections, files, handlers, buffer, etc. For device stability is the recommended way to end a process.SIGKILL (9): This is a mandatory termination of the process. This signal could not be ignored by system (except by specific conditions where system is waiting the process to free physical I/O resources). This kind of signal could leave sessions and files opened.In the above example, to kill process 'ipsengine', it is possible to perform the following:
# diagnose sys kill 11 63
Related Articles
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.