FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
gmanea
Staff
Staff
Article Id 195863

Description


This article describes how to list the different processes and explains their purpose. 


Solution

 

To list the processes that are running in memory run the command: 

 

# diagnose sys top

 

Here is a list of the processes in FortiGate along with their description:

 

Process Process Description
initXXXXXXXXXXX its job is to start other processes
hp_api hp api
cmdbsvr cmdb server - update processes / configuration
uploadd upload daemon
adsl2plus adsl2plus daemon
sqldb sqldb
reportd report daemon
miglogd log daemon
chlbd chassis loadbalance daemon
haocd content cluster HA over chassis daemon
kmiglogd kernel log daemon
httpsd https daemon
pyfcgid python config daemon
sslvpnd ssl vpn
info_sslvpnd ssl vpn info daemon
smbcd smb client daemon
lcdapp Control the LCD panel
proxyd proxy daemon
imd IM proxy daemon
wad_launcher wan acceleration proxy
wad explicit proxy, mapi rpc
wad_diskd wan acceleration disk daemon
dlpfingerprint dlp fingerprint daemon
dlpfpcache dlp fingerprint cache daemon
scanunitd scanunit daemon
getty wait for console/telnet connection
mingetty tty1 mingetty tty1 daemon
iked ike daemon
updated update daemon <= to init some shared memory segment used by other executables
merged_daemons merge daemon - should be split in future. There is a mantics.
fclicense FC license daemon
amc_monitor AMC monitor daemon
forticron crl update daemon
chassisd 192.168.127.254 chassis daemon
fdsmgmtd fortiguard management daemon
fds_msg fds message daemon
snmpd snmp
dhcpd dhcp server
dhcpcd dhcp client
dhcprd dhcp relay
hatalk ha protocol module
haysnc ha synchronization module
harelay ha relay module for tcp
pptpd pptp
l2tpd l2tp
ipldbd ipldbd daemon
vsd virtual server daemon
acd aggregate controller daemon
src-vis source visibility daemon
pppoed pppoe daemon
ddnscd ddns client daemon
urlfilter URL filter daemon
ntpd ntp server daemon
tftpd tftp daemon
telnetd telnet daemon
authd authenticated daemon
fssod fsso daemon
quard quarantine daemon
rtmon ping server
radvd router adv daemon
alertemail alertemail daemon
dnsproxy dns proxy daemon
sflowd sflow protocol daemon
nat64d NAT64 daemon
radiusd radius daemon
notifd notification daemon = carrier only
gtpgkd gtp daemon = carrier only
mass_mmsd mass mms daemon, carrier only
alarmd alarm daemon
pptpcd pptp client daemon
wpad_client port access client daemon - atheros wifi
wpad port access entity daemon - prism54 wifi
eap_proxy epa proxy - wpa enterprise wifi
modemd modem daemon
dialinsvr dial-in server daemon
cardmgr pcmcia card manager daemon
getty aux getty aux daemon
pppoatmd ppp over atm daemon
adsl_mon adsl monitor daemon
l2tpcd l2tp client daemon
httpclid http client daemon
sessionsync session sync daemon
fgfmd fortigate/fortimanager communication daemon
wccpd wccp daemon
garpd vip gratuitous arp daemon
cw_acd capwap ac daemon
wpad_ac wpad ac daemon
cw_wtpd capwap wtp daemon
cw_stad capwap sta daemon
fortilinkd fortilinkd
cu_acd Capwap FortiSwitch
swctrl_authd Switch controller authentication daemon
vrrpd vrrp daemon
usbmuxd usbmux daemon
fsd forti-start daemon
proxyacceptor proxyacceptor daemon
proxyworker proxyworker daemons
sslacceptor sslacceptor daemon
sslworker sslworker daemons
fcnacd forticlient NAC daemon
stpd_name spanning tree protocol daemon
wiredapd wired ap 802.1x port based auth daemon
confsynchbd conf-sync heartbeat daemon
confsyncd conf-sync daemon
poed poe daemon
cbp cbp daemon
nsm routing FIB update
imi routing related
bgpd bgp
ospfd ospf
pim6d pim multicast v6
pimd pim multicast
pdmd pim dense monde
ripd rip
ripngd ripv6
netscan netscan daemon
dhcp6s dhcp6 server
dhcp6r dhcp6 relay
dhcp6c dhcp6 client
newcli CLI commands execution - ssh, telnet
vpd vpn policy daemon - handle vpn traffic to know to which policy the traffic corresponds
rlogd reliable syslog daemon

 

It is possible to use the commands "diagnose sys kill <signal> <process ID>". Signal can be 9 or 11. The process ID possible to get from the command 'diag sys top' second column from the output will give process ID.

 

For example, to kill the 'httpsd' the command is 'diagnose sys kill 11 243'.