Fortinet black logo

Release Notes

Home FortiProxy 7.0.15 Release Notes
7.0.15
7.4.4
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.17
7.0.16
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
2.0.14
2.0.13
2.0.12
2.0.11
2.0.10
2.0.9
2.0.8
2.0.7
2.0.6
2.0.5
2.0.4
2.0.3
2.0.2
2.0.1
2.0.0
1.2.13
1.2.12
1.2.11
1.2.10
1.2.9
1.2.8
1.2.7
1.2.6
1.2.5
1.2.4
1.2.3
1.2.2
1.2.1
1.2.0
1.1.6
1.1.5
1.1.4
1.1.3
1.1.2
1.1.1
1.1.0
1.0.7
1.0.6
1.0.5
1.0.4
1.0.3
1.0.2
1.0.1
1.0.0

What's new

What's new

The following sections describe new features, enhancements, and changes in FortiProxy 7.0.15:

Improvements to ICAP logs

FortiProxy 7.0.15 improves the way ICAP errors are presented in the log by categorizing ICAP errors and showing detailed messages for each error in the log. The ICAP replacement message now also includes the ICAP server IP information at the end of the message when applicable.

CLI changes

FortiProxy 7.0.15 includes the following CLI changes:

  • diagnose wad tcp-connection list <worker-index>/all—Use this new command to show the information of the top 10 dynamic TCP connections, which is helpful for troubleshooting.

    Example output:

    diagnose wad tcp-connection list all

    ===type=worker index=0 pid=1387===

    Group by src_ip(only show top 10):

    10.5.2.39 count=3160

    Group by dst_ip:port(only show top 10):

    74.6.160.107:443 count=904

    142.251.33.67:80 count=834

    Group by dst_port(only show top 10):

    443 count=1738

    ===type=worker index=1 pid=1389===

    Group by src_ip(only show top 10):

    10.5.2.39 count=3160

    Group by dst_ip:port(only show top 10):

    74.6.160.107:443 count=904

    142.251.33.67:80 count=834

    Group by dst_port(only show top 10):

    443 count=1738

  • diagnose wad icap list—Use this new command to show detailed status information for an ICAP server.

    Example output:

    icap-server-name: server1 status: online

    VDOM=root addr=ip/0.0.0.0:1344 health_check=disable

    conns: succ=0 fail=0 ongoing=0 hits=0 blocked=0

    monitor: succ=0 fail=0

    error: stats.no_report_err=0

    num_worker_load=1

  • diag wad process[process_name] [index](-1 means all) [<cmd>] ...(up to 32 commands)—Use this new command to send commands to workers in batches. For example, diag wad process worker 1 103 104 means sending commands 103 and 104 to worker 1.

  • diag wad report <PROCESS name> <INDEX>—This new command consolidates the following signal-based diagnose commands:

    • diag wad report session

    • diag wad report user

    • diag wad report policy

  • diag test app wad—This command adds support for setting a specific group of processes as diagnosis process:

    • diag test app wad 2yxx means setting No.xx process of type y (0~9) as diagnosis process.

    • diag test app wad 2yyxx means setting No.xx process of type yy (10~99) as diagnosis process.

    • diag test app wad 2yyxxx means setting No.xx x process of type yy (0~9) as diagnosis process.

  • diagnose wad memory track—New map information in the mmap_stats section.

.

Previous
Next

What's new

The following sections describe new features, enhancements, and changes in FortiProxy 7.0.15:

Improvements to ICAP logs

FortiProxy 7.0.15 improves the way ICAP errors are presented in the log by categorizing ICAP errors and showing detailed messages for each error in the log. The ICAP replacement message now also includes the ICAP server IP information at the end of the message when applicable.

CLI changes

FortiProxy 7.0.15 includes the following CLI changes:

  • diagnose wad tcp-connection list <worker-index>/all—Use this new command to show the information of the top 10 dynamic TCP connections, which is helpful for troubleshooting.

    Example output:

    diagnose wad tcp-connection list all

    ===type=worker index=0 pid=1387===

    Group by src_ip(only show top 10):

    10.5.2.39 count=3160

    Group by dst_ip:port(only show top 10):

    74.6.160.107:443 count=904

    142.251.33.67:80 count=834

    Group by dst_port(only show top 10):

    443 count=1738

    ===type=worker index=1 pid=1389===

    Group by src_ip(only show top 10):

    10.5.2.39 count=3160

    Group by dst_ip:port(only show top 10):

    74.6.160.107:443 count=904

    142.251.33.67:80 count=834

    Group by dst_port(only show top 10):

    443 count=1738

  • diagnose wad icap list—Use this new command to show detailed status information for an ICAP server.

    Example output:

    icap-server-name: server1 status: online

    VDOM=root addr=ip/0.0.0.0:1344 health_check=disable

    conns: succ=0 fail=0 ongoing=0 hits=0 blocked=0

    monitor: succ=0 fail=0

    error: stats.no_report_err=0

    num_worker_load=1

  • diag wad process[process_name] [index](-1 means all) [<cmd>] ...(up to 32 commands)—Use this new command to send commands to workers in batches. For example, diag wad process worker 1 103 104 means sending commands 103 and 104 to worker 1.

  • diag wad report <PROCESS name> <INDEX>—This new command consolidates the following signal-based diagnose commands:

    • diag wad report session

    • diag wad report user

    • diag wad report policy

  • diag test app wad—This command adds support for setting a specific group of processes as diagnosis process:

    • diag test app wad 2yxx means setting No.xx process of type y (0~9) as diagnosis process.

    • diag test app wad 2yyxx means setting No.xx process of type yy (10~99) as diagnosis process.

    • diag test app wad 2yyxxx means setting No.xx x process of type yy (0~9) as diagnosis process.

  • diagnose wad memory track—New map information in the mmap_stats section.

.

Previous
Next