Thread Info
  • State Verified Answer
  • +14 person also asked this people also asked this
  • Locked Locked
  • Replies 67 replies
  • Answers 1 answer
  • Subscribers 30 subscribers
  • Views 119049 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

[INFO-141] Http proxy not running - restarted notification + segfaults in kernel log since this morning

R0n1

Update 11:27 Sophos official workaround https://community.sophos.com/kb/en-us/127257
Update 13:48 Sophos fix: https://community.sophos.com/kb/en-us/127257 A new pattern called u2d-appctrl43-9-42 was recently released to resolve this issue. Please enable application control again. Manual Cleanup required /var/storages/cores could contain large coredump files that need to be manually removed.

Good morning,

 

This morning we received multiple  [INFO-141] Http proxy not running - restarted notifications around 09:11


When looking in the log's it seemed it occured straight after an up2date pattern update.

Looking in the kernel logs:

2017:08:07-09:11:17 gateway-1 kernel: [1448439.994411] NAVLWorker_01[31756]: segfault at 18b09499 ip 00000000f68495da sp 00000000e8cc0fec error 4 in libc-2.11.3.so[f67cd000+16c000]
2017:08:07-09:24:28 gateway-1 kernel: [1449231.586930] NAVLWorker_10[32179]: segfault at e78ba000 ip 00000000f68045e1 sp 00000000c36d8fbc error 4 in libc-2.11.3.so[f6788000+16c000]
2017:08:07-09:25:09 gateway-1 kernel: [1449272.038211] NAVLWorker_01[5095]: segfault at e9122000 ip 00000000f68875e1 sp 00000000bed45fbc error 4 in libc-2.11.3.so[f680b000+16c000]
2017:08:07-09:26:18 gateway-1 kernel: [1449341.488162] NAVLWorker_08[5501]: segfault at 4ca50b2b ip 00000000f68625df sp 00000000e7ed2fbc error 4 in libc-2.11.3.so[f67e6000+16c000]





This thread was automatically locked due to age.
Parents
  • 0

    The issue is mentioned in  NUTM-8565, please contact support to link your cases to it. Please be assured that I'll update with all the information I receive.

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • 0 in reply to sachingurung

    In the web interface i can see that there is a new version: 130308

    When i start the update manually it's not working. So i've started the update over the CLI and get the following error:

    >>> Modules::Audld::LocalRestriction::_seek_own_country::115()

    Could not connect to Server us1.utmu2d.sophos.com (status=500 Internal Server Error).

     

    Is that the reason why i don't get any new patterns?

  • 0 in reply to renehoehle

    Which command are you using?

    For me, I'm using the web interface and the logs just show this:

    2017:08:07-12:27:29 srv-gw-p08 audld[5932]: no HA system or cluster node
    2017:08:07-12:27:29 srv-gw-p08 audld[5932]: Starting Up2Date Package Downloader
    2017:08:07-12:27:30 srv-gw-p08 audld[5932]: patch up2date possible
    2017:08:07-12:27:32 srv-gw-p08 audld[5932]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"

    After that nothing happens and the pattern version remains unchanged (currently sitting at 130303)...

  • 0 in reply to Mateusz Bender

    We have 2 X SG450 UTM Appliances (Firmware 9.500-9, Pattern Version 130305) running in Active-Passive Mode.

    As advised, we disabled Application Control and this stopped 'segfault' entries appearing in the Kernel Log.

    Awaiting response from Sophos Support for a proper fix.

     

    John P

    2 x SG450 (Version 9.714-4)

    HA = Active-Passive

Reply
  • 0 in reply to Mateusz Bender

    We have 2 X SG450 UTM Appliances (Firmware 9.500-9, Pattern Version 130305) running in Active-Passive Mode.

    As advised, we disabled Application Control and this stopped 'segfault' entries appearing in the Kernel Log.

    Awaiting response from Sophos Support for a proper fix.

     

    John P

    2 x SG450 (Version 9.714-4)

    HA = Active-Passive

Children
No Data
Unfiltered HTML