Table of Contents
Advertisement
FortiDDoS
Resolved issues
The resolved issues listed below do not list every bug that has been corrected with this release. For inquires about
a particular bug, please contact
Mantis Id
Description
520891
"Possible UDP Reflection Flood" Ports were not displayed in Exec Summary > DDoS Attack Log > Top
Attacked UDP Ports
Changes to System > SNMP > Config > User tab allow setting of trap receiver hosts without restricting
570011
SNMP Query users to the same hosts.
586193
Upgrading FDD-600B to Release 5.1.0 or 5.2.0 results in blocked traffic and potential network instability.
Upgrade from 4.7.0 to 5.3.0.
Users could change "ap-id" via CLI with unexpected results. "ap-id" is used for internal communications
587263
and should not be exposed to user modification.
589973
If formatlogdisk was used on a 5.2.0 system, the Attack Log column for SPP Operating Mode
(Detection/Prevention) was removed and Event Type descriptions would no longer be displayed. If this
was done, upgrade to 5.3.0 will replace the column.
592970
Drop packet capture doesn't dump packets for DNS RA Bit set anomaly
594355
In 5.2.0 only, new code in TP2 and TP3 SPUs can randomly result in a "graceful recovery" condition on an
SPU. The condition is logged and shown on the Dashboard Traffic Processor Status panel. The result is a
system bypass of the card (default) or a spontaneous reboot of the system to clear the processor,
depending on the settings In Global Settings > Settings > Settings: Reboot On Graceful Recovery. When
the SPU is in graceful recovery on FDD-200B/400B, all traffic is bypassed and no mitigation nor reporting
is available. When an SPU enters graceful recovery in a multi-SPU system (all other B- and E-series
models), traffic is re-balanced to other SPUs allowing mitigation to continue but at reduced throughput.
Reporting is not available. Reboot may return the SPU from graceful recovery but the condition can recur
very quickly or within a short time. Upgrade to 5.3.0 is the only fix to this problem.
594891
Daily Configuration Backup failed log showed status as "Success"
595704
FortiDDoS was not fully SNMPv3 compliant, including:
EngineID is encoded incorrectly resulting in some SNMP managers being unable to read it.
l
Handshake sequence for some variables was incorrect.
l
Several DNS Anomalies, if enabled in SPP-0 would appear in log and graphs of all SPPs even if DNS
599011
anomalies were not enabled.
26
Fortinet Customer Service & Support
.
FortiDDoS 5.3.0 Release Notes
Fortinet Technologies Inc.
Resolved issues
Advertisement
Table of Contents
