Thread Info
  • Locked Locked
  • Replies 9 replies
  • Subscribers 11 subscribers
  • Views 18612 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM 9.506-2 released a few days ago as soft release

twister5800

Hi,

 

Anyone tried 9.506?

 

Running with two appliances, but no issues so far..

 

Release notes:


Up2Date 9.506002 package description:

Remarks:
System will be rebooted
Configuration will be upgraded
Connected APs will perform firmware upgrade
Connected REDs will perform firmware upgrade

News:
Maintenance Release

Bugfixes:
Fix [NUTM-8651]: [AWS] AWS Permission for "Import Via Amazon Credentials"
Fix [NUTM-7678]: [Access & Identity] Pluto dies with coredump at L2TP connections
Fix [NUTM-8211]: [Access & Identity] SSL VPN connection issue with prefetched AD groups
Fix [NUTM-8756]: [Access & Identity] AUA debug log contains plain text passwords
Fix [NUTM-8889]: [Access & Identity] ESPdump with algorithm GCM does not work
Fix [NUTM-8912]: [Access & Identity] HTML5 VPN: keyboard input not working on Android devices
Fix [NUTM-7670]: [Basesystem] Update to BIND 9.10.6
Fix [NUTM-8427]: [Basesystem] postgres[xxxxx]: [x-x] FATAL: could not create shared memory segment: No space left on device
Fix [NUTM-8769]: [Basesystem] Small models of SG105 / SG115 / SG125 / SG135 take over 5 minutes to accept network connection
Fix [NUTM-9063]: [Configuration Management] Regenerating the Web Proxy CA breaks all SSL VPN clients
Fix [NUTM-8313]: [Email] POP3 Proxy generate core dumps in versions v9.414 and v9.501
Fix [NUTM-8509]: [Email] Remove 3DES and SHA1 from SMIME
Fix [NUTM-8645]: [Email] MIME Type Detection 9.5
Fix [NUTM-9061]: [Email] User cannot open the SMTP Routing tab
Fix [NUTM-8419]: [Logging] "Search Log Files" has different search result in spite of same time frame
Fix [NUTM-8783]: [Logging] SMBv1 still required for remote logging to a smb share
Fix [NUTM-8341]: [Network] Network monitor core dump
Fix [NUTM-8685]: [Network] Some clients display an "Unknown" vendor on the wireless client list
Fix [NUTM-8738]: [Network] Error messages in fallback log about damaged static routes
Fix [NUTM-8838]: [Network] Watchdog consumes constantly 100% CPU
Fix [NUTM-7396]: [RED] UTM RED kernel log shows "seq invalid" messages
Fix [NUTM-6968]: [REST API] Restd: supporting usage of new object right after creation
Fix [NUTM-7981]: [Reporting] WAF-reporter logs irrelevant information
Fix [NUTM-8359]: [Reporting] SMTP log on Mail Manager is empty after upgrading postgres to 64bit
Fix [NUTM-7802]: [Sandboxd] If using a ' character in the email address, postgres is not able to insert this to the TransactionLog (Sandbox)
Fix [NUTM-8715]: [UI Framework] Unable to access "Manage Computers" page
Fix [NUTM-8061]: [WAF] WAF still reporting virus found when AV engine on the UTM is updating
Fix [NUTM-8751]: [WAF] Newly created web server listens on the slave node instead of the master node
Fix [NUTM-8806]: [WAF] Issue with TLS settings for virtual webserver
Fix [NUTM-8861]: [WAF] Leftover of shm files cause a WAF restart loop
Fix [NUTM-5964]: [WebAdmin] Support Access: WebAdmin not properly displayed after login via APU
Fix [NUTM-8512]: [WebAdmin] Can't use string ("0") as a HASH ref while "strict refs" in use at /wfe/asg/modules/asg_ca.pm line 1105
Fix [NUTM-8571]: [WebAdmin] User with only "Report Auditor" rights receives strict refs error after login into WebAdmin
Fix [NUTM-8807]: [WebAdmin] External link to Sophos UTM Knowledge Base is not correct
Fix [NUTM-8871]: [WebAdmin] Year of Single Time Events cannot be later than 2019
Fix [NUTM-7994]: [Web] Customized templates do not allow to accept quota and access site
Fix [NUTM-8037]: [Web] HA: Low disk space alert from slave
Fix [NUTM-8107]: [Web] CONFD.PLX is taking high CPU load
Fix [NUTM-8502]: [Web] HTTP Proxy coredumps with CentralFreeList in v9.413
Fix [NUTM-8687]: [Web] Segfault and coredump from HTTP proxy
Fix [NUTM-8691]: [Web] Certificate error on accessing sites with https scanning enabled
Fix [NUTM-8752]: [Web] NTLM Issue with AD SSO in Transparent Mode
Fix [NUTM-8771]: [Web] Wrong country showing up in Web proxy requests
Fix [NUTM-8826]: [Web] Teamviewer via Standard Mode with AD-SSO not possible since v9.502
Fix [NUTM-8834]: [Web] iOS11 user agent string is not detected as iOS
Fix [NUTM-8849]: [Web] Can't download Traveler_90119_Win.zip with HTTP proxy in Transparent Mode
Fix [NUTM-3129]: [Wireless] SG125w failed to create interface wifi0: -23 (Too many open files in system)
Fix [NUTM-4720]: [Wireless] Issues with 2.4 GHz channel 12 and 13 / inconsistent channel availibility / AWE_DEVICE_CHANNEL_INVALID
Fix [NUTM-8288]: [Wireless] Roaming issues with iPhone7 and RADIUS authentication
Fix [NUTM-8391]: [Wireless] AP55C/AP100X disconnecting from UTM repeatedly

RPM packages contained:
libopenssl1_0_0-1.0.2j-4.1.0.273786758.g4b4a1fb.rb11.i686.rpm
libopenssl1_0_0_httpproxy-1.0.2j-4.1.0.273786758.g4b4a1fb.rb11.i686.rpm
modavscan-9.50-211.g147c834.rb9.i686.rpm
openssl-1.0.2j-4.1.0.273786758.g4b4a1fb.rb11.i686.rpm
perf-tools-3.12.74-0.268741462.g5cd15cc.rb6.i686.rpm
perl-Net-MAC-Vendor-1.18-1.981.g8d7fa55.rb10.noarch.rpm
postgresql-8.4.14-255.ga926ce8.rb6.i686.rpm
postgresql92-9.2.13-113.ga926ce8.rb6.i686.rpm
postgresql92-64-9.2.13-113.ga926ce8.rb6.x86_64.rpm
python-setuptools-0.9.8-3.1.2.19.g214889e.rb3.i686.rpm
red-firmware2-5124-0.274355563.g9ac89dc.rb4.noarch.rpm
red15-firmware-5124-0.274355580.gaba09d7.rb4.noarch.rpm
rubygem-addressable-2.5.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-airbrake-5.7.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-airbrake-ruby-1.7.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-aws-sdk-v1-1.66.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-blankslate-2.1.2.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-builder-3.2.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-celluloid-0.17.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-celluloid-essentials-0.20.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-celluloid-extras-0.20.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-celluloid-fsm-0.20.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-celluloid-pool-0.20.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-celluloid-supervision-0.20.6-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-chef-12.21.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-chef-config-12.21.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-chef-zero-5.3.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-coderay-1.1.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-crack-0.4.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-diff-lcs-1.2.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-docile-1.1.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-docker-api-1.33.6-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-erubis-2.7.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-excon-0.57.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-faraday-0.12.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-ffi-1.9.14-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-ffi-yajl-2.3.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-fuzzyurl-0.9.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-gssapi-1.2.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-gyoku-1.3.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-hashdiff-0.3.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-hashie-3.5.6-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-highline-1.7.8-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-hitimes-1.2.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-htmlentities-4.3.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-httpclient-2.8.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-iniparse-1.4.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-inspec-1.31.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-ipaddress-0.8.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-json-1.8.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-libyajl2-1.2.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-little-plugger-1.1.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-logging-2.1.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-method_source-0.8.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-mini_portile2-2.0.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-mixlib-archive-0.4.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-mixlib-authentication-1.4.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-mixlib-cli-1.7.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-mixlib-config-2.2.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-mixlib-log-1.7.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-mixlib-shellout-2.2.7-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-multi_json-1.12.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-multipart-post-2.0.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-net-scp-1.2.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-net-sftp-2.1.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-net-ssh-4.1.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-net-ssh-gateway-2.0.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-net-ssh-multi-1.2.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-net-telnet-0.1.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-nokogiri-1.6.7.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-nori-2.6.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-ohai-8.24.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-parallel-1.11.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-parslet-1.5.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-pg-0.19.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-pidfile-0.3.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-plist-3.3.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-proxifier-1.0.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-pry-0.10.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-public_suffix-2.0.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rack-2.0.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rainbow-2.2.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-retries-0.0.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rspec-3.5.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rspec-core-3.5.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rspec-expectations-3.5.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rspec-its-1.2.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rspec-mocks-3.5.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rspec-support-3.5.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rspec_junit_formatter-0.2.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rubyntlm-0.6.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-rubyzip-1.2.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-safe_yaml-1.0.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-semverse-2.0.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-sequel-4.43.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-serverspec-2.39.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-sfl-2.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-simplecov-0.12.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-simplecov-html-0.10.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-slop-3.6.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-sophos-iaas-1.0.0-1.0.275408289.g7d6dad4.rb4.i686.rpm
rubygem-specinfra-2.69.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-sslshake-1.2.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-syslog-logger-1.6.8-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-systemu-2.6.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-thor-0.19.4-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-timers-4.1.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-toml-0.1.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-train-0.25.0-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-uuidtools-2.1.5-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-vcr-3.0.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-webmock-2.3.2-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-winrm-2.2.3-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-winrm-fs-1.0.1-0.270828330.g7a4fe5f.rb6.i686.rpm
rubygem-wmi-lite-1.0.0-0.270828330.g7a4fe5f.rb6.i686.rpm
samba-4.6.8-1.g34e51e0.rb8.i686.rpm
tcpdump-4.3.0-6.1.1632.g875917c.rb8.i686.rpm
ep-reporting-9.50-52.geaa2ea3.rb9.i686.rpm
ep-reporting-c-9.50-147.g54ce959.rb4.i686.rpm
ep-reporting-resources-9.50-52.geaa2ea3.rb9.i686.rpm
ep-aua-9.50-65.gf891614.rb3.i686.rpm
ep-branding-ASG-afg-9.50-77.g0e8eab8.rb7.noarch.rpm
ep-branding-ASG-ang-9.50-77.g0e8eab8.rb7.noarch.rpm
ep-branding-ASG-asg-9.50-77.g0e8eab8.rb7.noarch.rpm
ep-branding-ASG-atg-9.50-77.g0e8eab8.rb7.noarch.rpm
ep-branding-ASG-aug-9.50-77.g0e8eab8.rb7.noarch.rpm
ep-confd-9.50-1759.gf1bb52a.i686.rpm
ep-confd-tools-9.50-1718.g72de052.rb16.i686.rpm
ep-cssd-9.50-45.g69441e6.rb5.i686.rpm
ep-ha-aws-9.50-610.g7d6dad4.rb4.noarch.rpm
ep-init-9.50-33.g500c379.rb6.noarch.rpm
ep-ipv6-watchdog-9.50-19.g2878345.rb4.i686.rpm
ep-libs-9.50-26.g22e3aa4.rb7.i686.rpm
ep-localization-afg-9.50-54.gcd881e2.rb2.i686.rpm
ep-localization-ang-9.50-54.gcd881e2.rb2.i686.rpm
ep-localization-asg-9.50-54.gcd881e2.rb2.i686.rpm
ep-localization-atg-9.50-54.gcd881e2.rb2.i686.rpm
ep-localization-aug-9.50-54.gcd881e2.rb2.i686.rpm
ep-logging-9.50-15.g9b17108.rb3.i686.rpm
ep-mdw-9.50-972.gdbc72b7.rb8.i686.rpm
ep-postgresql92-9.50-106.g38cbe8d.rb5.i686.rpm
ep-postgresql92-64-9.50-106.g38cbe8d.rb5.x86_64.rpm
ep-restd-9.50-0.273924782.g7383443.rb8.i686.rpm
ep-sandboxd-9.50-0.266725220.g4e36e6c.rb4.i686.rpm
ep-screenmgr-9.50-3.g07035cc.rb24.i686.rpm
ep-tools-9.50-19.g7ca148e.rb3.i686.rpm
ep-utm-watchdog-9.50-83.g1e551db.rb4.i686.rpm
ep-webadmin-9.50-1318.gc7edf8d.rb8.i686.rpm
ep-webadmin-contentmanager-9.50-78.g21a585a.rb5.i686.rpm
ep-cloud-ec2-9.50-182.g34965ba.rb6.i686.rpm
ep-chroot-smtp-9.50-126.g74cc04b.rb4.i686.rpm
chroot-bind-9.10.6-0.271786106.ged14240.rb6.i686.rpm
chroot-ipsec-9.50-21.gfde6c67.rb5.i686.rpm
chroot-reverseproxy-2.4.10-381.gf46aba5.rb6.i686.rpm
ep-chroot-pop3-9.50-19.g0bf330d.rb5.i686.rpm
ep-httpproxy-9.50-457.gb8589ed.rb3.i686.rpm
kernel-smp-3.12.74-0.268741462.g5cd15cc.rb6.i686.rpm
kernel-smp64-3.12.74-0.268741462.g5cd15cc.rb6.x86_64.rpm
ep-release-9.506-2.noarch.rpm

 

You can find it on the ftp server



This thread was automatically locked due to age.
Parents

  • Regarding:

    NUTM-8107 [Web] CONFD.PLX is taking high CPU load.

    Before this update I was (just for the last 5-6 weeks, before that no problems) seeing CONFD.PL(X?) [EDIT4: I think for me it's confd.pld, not plx] (and also every now and then gen_inline_repo) taking 100% CPU (which was requiring me to SSH and kill processes), however, after the update, and finding internet to be almost unusable for a while, I dug in to find that now instead of just one single CONFD.PLX process hogging CPU, I have 10 CONFD.PLX processes all maxing the CPU!!!

    Seems like too much of a coincidence to think that this is not related to the bug fix?

    Having this many CONFD.PLX processes all maxing out the CPU seems also to prevent me from connecting to the admin page, because the login page doesn't load properly, and therefore there's no fields to enter credentials and login. It doesn't matter how many times I try or how long I wait, it doesn't load.

    The only way I can think to work around this is by SSHing and killing the CONFD.PLX processes so that I can login and restart the UTM, HOWEVER, every time I kill one, another respawns!

    So I'm writing this now thinking my only option is to pull the plug as I'm dead in the water.

    This looks like a pretty serious issue from where I am sitting.

    Happy to provide any extra information if it would help.

    Regards.

    EDIT: I forced a reboot using SSH and back up now with CPU usage looking OK (for now). Will report back. The CPU usage issues started appearing around the end of November (prior to that smooth sailing) and if they stay true to form, they might take several days to re-appear.

    EDIT2: Checked the dashboard and it looks like the 10x CONFD.PLX mayhem started about 12 hours after the update. Also, the history of ANY max CPU issues only started (it seems) after enabling EndPoint protection.

    EDIT3: I reviewed log files for any sign of trouble around the time the max CPU problem started, but could not see anything. That said, I have no idea what I am looking at and would only have noticed something really really bad or obvious. Also I didn't check all subsystems. Happy to send any logs if needed.

Reply

  • Regarding:

    NUTM-8107 [Web] CONFD.PLX is taking high CPU load.

    Before this update I was (just for the last 5-6 weeks, before that no problems) seeing CONFD.PL(X?) [EDIT4: I think for me it's confd.pld, not plx] (and also every now and then gen_inline_repo) taking 100% CPU (which was requiring me to SSH and kill processes), however, after the update, and finding internet to be almost unusable for a while, I dug in to find that now instead of just one single CONFD.PLX process hogging CPU, I have 10 CONFD.PLX processes all maxing the CPU!!!

    Seems like too much of a coincidence to think that this is not related to the bug fix?

    Having this many CONFD.PLX processes all maxing out the CPU seems also to prevent me from connecting to the admin page, because the login page doesn't load properly, and therefore there's no fields to enter credentials and login. It doesn't matter how many times I try or how long I wait, it doesn't load.

    The only way I can think to work around this is by SSHing and killing the CONFD.PLX processes so that I can login and restart the UTM, HOWEVER, every time I kill one, another respawns!

    So I'm writing this now thinking my only option is to pull the plug as I'm dead in the water.

    This looks like a pretty serious issue from where I am sitting.

    Happy to provide any extra information if it would help.

    Regards.

    EDIT: I forced a reboot using SSH and back up now with CPU usage looking OK (for now). Will report back. The CPU usage issues started appearing around the end of November (prior to that smooth sailing) and if they stay true to form, they might take several days to re-appear.

    EDIT2: Checked the dashboard and it looks like the 10x CONFD.PLX mayhem started about 12 hours after the update. Also, the history of ANY max CPU issues only started (it seems) after enabling EndPoint protection.

    EDIT3: I reviewed log files for any sign of trouble around the time the max CPU problem started, but could not see anything. That said, I have no idea what I am looking at and would only have noticed something really really bad or obvious. Also I didn't check all subsystems. Happy to send any logs if needed.

Children
  • in reply to Wayne H

    If the reboot didn't solve your problem, try a restore of the config backup made prior to applying the Up2Dates.

    This is not a common problem, so I doubt that there was an identifiable bug.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • in reply to BAlfson

    BAlfson said:
    If the reboot didn't solve your problem

    Things have been fine since the reboot, but it's only 24 hours in, so not out of the woods yet. In the past the single process CPU spikes (either confd.pld or gen_inline_repo) have taken up to a week to appear. Once they happen they'll go until intervening action is taken. Sometimes I won't even notice their presence until I view a weekly executive report.

    BAlfson said:
    This is not a common problem

    It doesn't sound like it since I have had difficulty in finding any other posts in these forums that match the exact symptoms. I had stopped looking for solutions (was going to live with the once a week 50% CPU spikes which rated as a minor inconvenience at the most) and then I noticed there were two new updates available and that the second one included fixes for high CPU (including one for confd.plx). That seemed to be the exact thing I was looking for (not sure of the technical difference between confd.pld and confd.plx), but as history shows the fix didn't quite pan out the way I was hoping! The issue went from minor inconvenience to show stopper! :)

    Anyway, if the issue returns I'll try your suggestion about the config restore. If it returns again after that, I'll report back. If it doesn't come back in a few weeks, I'll report back also.

    Thanks for the response!

  • in reply to BAlfson

    It took about 4 days, but the max CPU for confd.plx (definitely plx) came back. I SSH'd and killed it. It was just a single process this time, not the 10 like last time. Phew!

    Not sure why this keeps happening, but it's not a big deal to kill it off. Could get annoying over time I suppose, but for all the value I get from Sophos it's worth it.

Unfiltered HTML