Resolved issues
The following issues have been resolved in the FortiDDoS-F 6.5.1 release. For inquiries about particular bugs, please contact Fortinet Customer Service & Support.
|
Bug ID |
Description |
|---|---|
| 0898986 | When multiple SPPs (or other groups associated with threshold-based reports) were configured in a threshold-based report, only the first SPP could trigger the report. |
| 0898227 | NTP Version anomaly was incorrectly dropping Version 1 Mode 0 packets. |
| 0898223 | Offline editing the system configuration, especially around adding SPPs and Reports, risked a failed configuration upload. |
| 0898162 | The generated reports had stopped showing on the GUI in some conditions. |
| 0897673 | All legends on Layer 3/4/7 > Layer 4 > SYN > SYN Per Destination were unable to be chosen on click. |
| 0896618 | Changes to the type of report (PDF, HTML, Word) did not apply when they were made after the creation of the report. |
| 0896509 | In Asymmetric Mode, some logs falsely displayed "outside" IPs as Protected (Inside) IPs. This issue particularly affected IP Reputation and TCP Invalid flags. |
| 0896178 | TCP Port 80 graphs did not match HTTP graphs. |
| 0894792 | Some systems reported false drops at sudden increases in traffic after a period of no traffic, despite high thresholds and enabling Detection Mode. |
| 0892948 | Some Drops Monitor > SPP > Anomaly Drops graphs did not create the correct inbound/outbound graphs (Directionality new in 6.5.0). |
| 0892438 | The attack log and monitor for DNS known opcode anomaly was not functional. |
| 0891409 | Reports with SPP ID #10 or larger failed to generate. |
| 0889883 | Drops associated with a deleted/disabled global or SPP ACL remained displayed on ACL graphs with no reference to what caused them. |
| 0889708/0879971 | Read-only users are were able to change bypass stage via dashboard. |
| 0889220 | Event logs with the log level set to debug were unable to be sent to the log remote server. |
| 0889213 | Attack logs were not generated for Concurrent Connections per Source. |
| 0888756 | Disabling and re-enabling a local Event Log category may prevent it from reporting to a remote Event Log server. |
| 0887891 | When the Dashboard Status > Interface panel is expanded, only 8 ports were displayed when the system supports 16. |
| 0887867 | When a new SPP is created via GUI, the Source Tracking Multiplier's default values were incorrectly set to 4/4/8/8 instead of 2/2/2/2. This is unlikely to have any impact on mitigation or false positives. This also does not affect existing SPPs when upgraded. |
| 0887170 | Changing SPPs from the Monitor Graph dropdown did not always successfully redraw graph for the new SPP. |
| 0886629 | DNS Response packets with response code 3 were being dropped by DNS Query Anomaly: QR bit set |
| 0886537 | Systems were not updating the geolocation database from 6.5.0 after uploading License and being authenticated by the server. |
| 0885839 | Uploading global IPv4 Blocklist and Domain Reputation in some text file formats resulted in failure to apply these files with no error message. This could also cause a numerical discrepancy in the count of addresses when correct formats were subsequently uploaded. |
| 0876080 | A timer issue associated with all parameters randomly caused false-positive drops to show up in logs and graphs. |
| 0867796 | DNSSEC Asymmetric Response/Source counter was not resetting correctly, leading to higher-than-expected traffic counts. |
| 0866095 | Some logs inconsistently displayed /N for a null entry instead of blank entries, -, or Other. |
|
0850584 |
Extraneous small false-positive drops showed up in some protocol graphs. |
|
0836190 |
False-positive drops were created as a result of SSL/TLS Incomplete Request reading the incorrect part of the packet header. |