Displaying information about security processing modules
You can display information about installed SP modules using the CLI command
diagnose npu spm
For example, for the FortiGate-5101C:
FG-5101C # diagnose npu spm list
Available SP Modules:
ID Model Slot Interface
0 xh0 built-in port1, port2, port3, port4,
base1, base2, fabric1, fabric2
eth10, eth11, eth12, eth13
eth14, eth15, eth16, eth17
eth18, eth19
You can also use this command to get more info about SP processing. This example shows how to display details about how the module is processing sessions using the syn proxy.
diagnose npu spm dos synproxy <sp_id>
This is a partial output of the command:
Number of proxied TCP connections : 0
Number of working proxied TCP connections : 0
Number of retired TCP connections : 0
Number of valid TCP connections : 0
Number of attacks, no ACK from client : 0
Number of no SYN-ACK from server : 0
Number of reset by server (service not supported): 0
Number of established session timeout : 0
Client timeout setting : 3 Seconds
Server timeout setting : 3 Seconds