From a84497e7d19843fff825f50a83ab3d7a877618aa Mon Sep 17 00:00:00 2001
From: yuriskinfo <yuri@yurisk.info>
Date: Tue, 6 Jun 2023 10:25:16 +0300
Subject: [PATCH] Added remark about disabling offloading for the Fortigate
 sniffer

---
 .../Fortigate-debug-diagnose-complete-cheat-sheet.adoc         | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc b/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc
index b60ea5f..12b139f 100644
--- a/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc
+++ b/cheat-sheets/Fortigate-debug-diagnose-complete-cheat-sheet.adoc
@@ -123,6 +123,9 @@ until the SSH/console timeout or until stopped with `CTRL + C`.
 |For IPv6 traffic, the command is the same, but use the relevant `filter` clauses instead, 
 e.g. `host 2001:db8::1` or `net 2001:db8::/64` or `icmp6`.
 
+|*set auto-asic-offload disable*
+|You may need to temporarily disable NPU hardware acceleration offloading, to see accelerated packets. You do so inside a specific firewall policy. This will cause all packets passing on this policy rule to be processed by CPU and thus make packets visible to the sniffer. This may increase the CPU load. E.g. `config firewall policy`, `edit 1`, `set auto-asic-offload disable`. Do not forget to turn it on again: `set auto-asic-offload enable`.
+
 |===