diff --git a/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc b/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc index 68cba36..0ea667e 100644 --- a/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc +++ b/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc @@ -104,7 +104,50 @@ NOTE: All debug will run for 30 minutes by default, to increase use `diagnose de |*get system session status* |Show current number of sessions passing the Fortigate. Run inside the VDOM in multi-vdom environment to get number of connections/sessions for this specific VDOM. +|*get sys session-info statistics* +| Get general statistics on sessions: current number of, global limits, number of clashes (different sesison trying to use the same ports), TCP sessions stats per state +|*get sys session-info ttl* +|Show the default TTL setting for the connections in the table, default being 3600 seconds. + +|*diagnose sys session filter * +| Set filter to show/manipulate only specific connections in the stateful table. Run without any filter parameters this command displays the current filter applied if any. Parameters: + +`vd` - id number of the vdom. When entering the vdom with edit vdom, this number is shown first. + +`sintf` - source interface. + +`dintf` - destination interface. + +`proto` - protocol, by IANA protocol number. + +`proto-state` - protocol state. + +`src` - source IP. + +`dst` - destination IP. + +`nsrc` - NATed source IP. + +`sport` - source port. + +`nport` - NATed source port. + +`dport` - destination port. + +`policy` - policy id. + +`duration ` - duration. + +`expire ` - expiration time. + +`session-state1 ` - session state, where _x_ is in hex, state bits. + +`negate ` - negate the match, i.e. match if a connection does NOT contain _parameter_. Where parameter is one of the mentioned above. + + +|*diagnose sys session clear* +|Clear/delete connections from the session table. IMPORTANT: If no session filter is set (see above) before running this command, ALL connections passing the Fortigate will be deleted! Which means they will be disconnected. So use carefully. |===