This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[9.201-25] Error opening "Network Protection"->"Firewall"

Hi,
when opening the "Firewall" tab I get the following error message:
Can't use string ("0") as a HASH ref while "strict refs" in use at /wfe/asg/modules/asg_packetfilter.pm line 440.


I already tried rebooting the system.

While googling I found some other threads about a similar problem. It was suggested to run the command "cc get_dashboard_data" via SSH. The output looks normal though:
 vpn:/home/login # cc get_dashboard_data

{
          'appliance' => 'software',
          'appliance_model' => 'ASG',
          'appliance_subtype' => '',
          'ports' => {
                       'eth0' => [
                                   {
                                     'in' => '-',
                                     'link_status' => 1,
                                     'name' => 'used in lag0',
                                     'net_status' => '-',
                                     'op_status' => '-',
                                     'out' => '-',
                                     'type' => 'Link Aggregation'
                                   }
                                 ],
                       'eth1' => [
                                   {
                                     'in' => '4.1 kbit',
                                     'inperc' => '0.0963334894106735',
                                     'itf_ref' => 'REF_IntEthExternaWan',
.....


Any suggestions?

Many thanks in advance!


This thread was automatically locked due to age.
  • Hi, Terrax, and welcome to the User BB!

    Please click on [Go Advanced] and attach a picture of the error on the screen.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • The error only appears in the tab "Rules". 
    "Advanced" works as expected.

  • Try restoring a config backup from before this problem appeared.  Any luck?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Already tried that - no luck :-(
  • What happens if you add a new user "terrax" to "SuperAdmins" and login with that user?  If that doesn't work, try the Up2Date to 9.202-033.  If that doesn't work, reinstall from ISO and start over.  Any luck?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Starting over never sounds like fun.

    Does /var/log/confd.log or /var/log/confd-debug.log provide any clues?

    Also potentially of interest (the logs hopefully give a better clue for where the problem lies):
    cc get_objects_filtered '$_->{class} eq "packetfilter"'
  • What happens if you add a new user "terrax" to "SuperAdmins" and login with that user?  If that doesn't work, try the Up2Date to 9.202-033.  If that doesn't work, reinstall from ISO and start over.  Any luck?

    New user didn't work - same error. I'm downloading the update right now and will try it - thank you!

    Starting over never sounds like fun.

    Does /var/log/confd.log or /var/log/confd-debug.log provide any clues?

    Also potentially of interest (the logs hopefully give a better clue for where the problem lies):
    cc get_objects_filtered '$_->{class} eq "packetfilter"'

    Starting over doesn't sound like fun indeed...

    No activity in confd.log while "tail -f"-ing it and triggering the error.
    confd-debug.log seems normal, too:
    [...]
    
    2014:06:06-23:17:04 vpn-2 confd[11345]: D sys::AUTOLOAD:301() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="dennis_admin" srcip="192.168.11.112" facility="webadmin" client="webadmin.plx" lock="none" method="list_sessions"
    2014:06:06-23:17:06 vpn-1 confd[15571]: D Role::authenticate:146() => id="3106" severity="debug" sys="System" sub="confd" name="authentication successful" user="system" srcip="127.0.0.1" sid="ghPbsBVGUsxFkquFRXPe" facility="system" client="confd-qrunner.pl" call="new"Jun  6 23:17:06 confd[15571]: D sys::AUTOLOAD:301() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="system" client="confd-qrunner.pl" lock="none" method="get_SID"
    2014:06:06-23:17:06 vpn-1 confd[15571]: D sys::AUTOLOAD:301() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="system" client="confd-qrunner.pl" lock="none" method="commit"
    2014:06:06-23:17:06 vpn-1 confd[15571]: D sys::AUTOLOAD:301() => id="3100" severity="debug" sys="System" sub="confd" name="external call" user="system" srcip="127.0.0.1" facility="system" client="confd-qrunner.pl" lock="none" method="logout"
    2014:06:06-23:17:06 vpn-1 confd[15571]: D Session::terminate:290() => id="3100" severity="debug" sys="System" sub="confd" name="closing session" user="system" srcip="127.0.0.1" sid="ghPbsBVGUsxFkquFRXPe" facility="system" client="confd-qrunner.pl" call="logout" function="logout"
    2014:06:06-23:17:06 vpn-1 confd[15571]: D sys:[:D]ESTROY:229() => id="3100" severity="debug" sys="System" sub="confd" name="worker process exiting" user="system" srcip="127.0.0.1" facility="system" client="confd-qrunner.pl"
    [...]


    The CLI command gives the following output:
    [
    
              {
                'autoname' => 1,
                'class' => 'packetfilter',
                'data' => {
                            'action' => 'accept',
                            'auto' => 1,
                            'auto_type' => 'ssl_vpn_server',
                            'comment' => 'Created from upgrade: ssl_vpn server_connection (ssl.vpn...

    ...and so on
  • What happens if you add a new user "terrax" to "SuperAdmins" and login with that user?  If that doesn't work, try the Up2Date to 9.202-033.  If that doesn't work, reinstall from ISO and start over.  Any luck?

    The update just finished. 
    Can't use string ("0") as a HASH ref while "strict refs" in use at /wfe/asg/modules/asg_packetfilter.pm line 451.

    The line number changed from 440 to 451... It was worth a try though!
  • No further details in webadmin.log either?
  • After reinstalling from ISO, you can try restoring a config backup, but I bet there's a bollixed database that can't be fixed, and that this is a new-enough install that you'll save time installing from scratch.  If you haven't already worked from the Rulz, this might be an opportunity to get off on a better foot.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA