Fun times with Fortigate
This is still a problem outside of v4.0 MR1, apparently. :D
pid-34 lock_mlog()-555 shmget()failed: No such file or directory maxsize 0
log on fails at serial console.
9600 8-n-1 off
You must interrupt normal boot, format partition(s), then load firmware. See Rollback procedure.
password: [blank/no password]
Subject: FortiGuard Update - Failed Reboot Condition Released: 10 June 2011 Modified: 18 July 2011 Product: FortiGate Description: A FortiGate may fail to restart correctly after a power cycle or a software reboot if a FortiGuard update of either the IPS engine and its signatures or the AV engine and its signatures has been performed. After the update has successfully completed and a subsequent reboot is carried out, the FortiGate device may hang and traffic may not traverse through it, the following output may be seen on the console port: __get_backdoor_timeout: Couldn't get shm __set_backdoor_timeout: Couldn't get shm __admindb_get_copy: Couldn't get admindb Affected Products: FortiGate devices running FortiOS v4.0 MR1 Patch Release 1 through to Patch Release 9, inclusive. The issue can occur, but is not specifically limited to, when IPS engine 1.230 or a later engine and signature package is loaded on the FortiGate, this can be verified with the following command: FortiGate# get sys fortiguard-service status NAME VERSION LAST UPDATE METHOD EXPIRE AV Engine 3.013 2009-08-13 15:44:00 manual 2012-01-03 00:00:00 Virus Definitions 13.309 2011-06-10 04:31:07 manual 2012-01-03 00:00:00 Extended set 0.000 2003-01-01 00:00:00 manual 2012-01-03 00:00:00 Attack Definitions 3.012 2011-06-10 04:31:07 manual 2012-01-03 00:00:00 IPS Attack Engine 1.230 2011-06-10 04:33:48 manual 2012-01-03 00:00:00 If the FortiGate is running one of the affected firmware versions listed above, the IPS engine is version 1.230 or a later release, it will also require specific attack definitions to be loaded to be susceptible to this issue. Resolution: Fortinet recommends the upgrade of the FortiOS version to v4.0 MR1 Patch Release 10 or a later release for all customers currently running FortiOS v4.0 MR1 Patch Release 1 through to Patch Release 9, inclusive, even if IPS is not used on the device. Patch Release 10, v4.0, MR1 was released on June 20th, 2011 to correct the FortiOS corruption of shared memory issue. If the FortiGate has been rebooted and is already in the hung state, recovery can be achieved by reloading the firmware image via a TFTP reload.