"No records found" at the SSL/TLS Inspection Rules Tab after adding multiple Rules.

Hello!

I'm currently running a XG 115w Rev.3 on v19 EAP 1.

After adding multiple TLS Inspection Rules, the admin interface stopped showing any rules and now only returns "No records found".

Even if I add a new Rule, it won't be shown in the interface but will work as expected.

I've been fiddling within the logs but I couldn't find anything useful on it besides this snippet:

XG115w_XN03_SFOS 19.0.0 EAP1-Build244# tail -f /log/applog.log
Dec 23 13:16:33Z
->input_string=ssl_curr_summary,hourly,N/A
Dec 23 13:16:41Z apiInterface:: Deleting Entity and Event for legacy mode base operation
Dec 23 13:16:42Z Request type = 1
Dec 23 13:16:42Z apiInterface:versionsupported: true.
Dec 23 13:16:42Z apiInterface:request mode -> 2836.
Dec 23 13:16:42Z apiInterface:Current ver :::'1900.1'
Dec 23 13:16:42Z apiInterface:entityjson::::::::HASH(0x9e91e30)
Dec 23 13:16:42Z Info:: Transaction will not be rolled back for opcode get_tls_rule_bandwidth_info. If any operation fails, request is part of multiple request :
Dec 23 13:16:42Z get_tls_rule_bandwidth_info

Is there any log file where I can find the reason on why the WebUI stopped showing the rules?

Thanks!

Fixed Thread Name.
[edited by: Prism at 1:19 PM (GMT -8) on 23 Dec 2021]

Top Replies

Michael Dunn over 2 years ago in reply to Prism +2 verified

Thanks for letting me track this down on your box, Prism. It seems that when rules have special characters (such as apostrophe) and then do certain operations (Add below, move) there is a problem. This…

0 LuCar Toni over 2 years ago

Just to be sure: If you use other browser, delete caches etc. will it resolve the problem?

__________________________________________________________________________________________________________________
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Prism over 2 years ago in reply to LuCar Toni

I've already cleaned the cache multiple times and just tried to open the TLS Inspection tab with a brand-new Firefox installation, but the problem persists.

I'm going to reboot the firewall later to see if that fixes this issue.

Thanks!

If a post solves your question use the 'Verify Answer' button.

Ryzen 5600U + I226-V (KVM) v20 GA @ Home

XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Prism over 2 years ago in reply to Prism

I've just rebooted It and the problem still persists, is there anything I can do besides wipe the appliance?
I don't want to do all configurations from scratch again.

Thanks!

If a post solves your question use the 'Verify Answer' button.

Ryzen 5600U + I226-V (KVM) v20 GA @ Home

XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 LuCar Toni over 2 years ago in reply to Prism

Oddly enough, this should not be the case. Can you give us the Access ID? Do you have a official License and can put a Feedback?

__________________________________________________________________________________________________________________
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Prism over 2 years ago in reply to LuCar Toni

I've just submitted a feedback with more explanation and with an attached picture.

I will send you my Access ID through a private message soon.

If a post solves your question use the 'Verify Answer' button.

Ryzen 5600U + I226-V (KVM) v20 GA @ Home

XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Prism over 2 years ago in reply to LuCar Toni

Is there any log file where I can look at it?

Just to understand why this is happening.

If a post solves your question use the 'Verify Answer' button.

Ryzen 5600U + I226-V (KVM) v20 GA @ Home

XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 Prism over 2 years ago in reply to Prism

I was wrong, even after creating a new TLS Inspection Rule, it won't show it on the Web UI and doesn't work as expected.

Looking at the SSL/TLS Inspection Logs It only shows connections to sophos.com as It's allowed through the hidden rule #0.

Nothing else shows in the Logs besides this.

If a post solves your question use the 'Verify Answer' button.

Ryzen 5600U + I226-V (KVM) v20 GA @ Home

XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel
0 LuCar Toni over 2 years ago in reply to Prism

You could do a csc debug (csc custom debug) and check the csc log while creating/opening. Check if you see any kind of integration.

Due christmas days, this will be covered next year i assume.

__________________________________________________________________________________________________________________
Cancel
Vote Up +1 Vote Down

Sign in to reply

Verify Answer

Cancel

0 Prism over 2 years ago in reply to LuCar Toni

Thanks, hopefully this can be fixed before the official release.

Looking at CSC I've found these (ERROR) lines being generated every time I do something over the SSL/TLS Inspection Tab:

DEBUG     Dec 24 10:54:57Z  [getvalidcacerts:23813]: log_exec: Command: /bin/certverify /conf/certificate/cacerts /conf/certificate/cacerts/Default.pem
ERROR     Dec 24 10:54:57Z  [getvalidcacerts:23813]: log_exec: Failed Command: /bin/certverify /conf/certificate/cacerts /conf/certificate/cacerts/Default.pem
DEBUG     Dec 24 10:54:57Z  [getvalidcacerts:23813]: log_exec: Command: /bin/certverify /conf/certificate/cacerts /conf/certificate/cacerts/SecurityAppliance_SSL_CA.pem
ERROR     Dec 24 10:54:57Z  [getvalidcacerts:23813]: csc_execve: Child exited with status 101
ERROR     Dec 24 10:54:57Z  [getvalidcacerts:23813]: log_exec: Failed Command: /bin/certverify /conf/certificate/cacerts /conf/certificate/cacerts/SecurityAppliance_SSL_CA.pem
INFO      Dec 24 10:54:57Z  [getvalidcacerts:23813]: create_act_out_perl_obj: varname=out
INFO      Dec 24 10:54:57Z  [getvalidcacerts:23813]: create_act_out_perl_obj: out.status=101
INFO      Dec 24 10:54:57Z  [getvalidcacerts:23813]: FORLOOP condition false
DEBUG     Dec 24 10:54:57Z  [getvalidcacerts:23813]: destroy_db_handle_pl: Destroying DBI DB handle.
INFO      Dec 24 10:54:57Z  [getvalidcacerts:23813]: opcode 'getvalidcacerts': time taken: 0.349907818 seconds

If a post solves your question use the 'Verify Answer' button.

Ryzen 5600U + I226-V (KVM) v20 GA @ Home

XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall

0 Prism over 2 years ago in reply to Prism

I couldn't find the reason on why this is happening, but I've managed to replicate It on a virtual machine.

One cool thing about this, if you try to create two rules with the same name, even that they don't show in the WebUI or work as expected, the interface will warn you there's already a rule with the same name.

If a post solves your question use the 'Verify Answer' button.

Ryzen 5600U + I226-V (KVM) v20 GA @ Home

XG 115w Rev.3 8GB RAM v19.5 MR3 @ Travel Firewall
Cancel
Vote Up 0 Vote Down

Sign in to reply

Verify Answer

Cancel