Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 7 subscribers
  • Views 6523 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

9.510-5 Web Filtering

rsenio

Anyone running 9.510-5 with web proxy, AD SSO, and HTTP scanning? I'm seeing lots of 

function="ssl_raw_read" file="ssl.c" line="816" message="SSL_ERROR_SYSCALL: ret=-1 error=Connection reset by peer"

in the logs. Anyone else seeing this?

 



This thread was automatically locked due to age.
  • 0

    I'm not noticing any related issues, are you?

    This started in my lab logs on 1 August.  9.510-4 was installed on 30 July and 9.510-5 on 7 August, so I suspect a pattern update on 1 August before 13:00 UTC.

    Cheers - Bob

    NB 2.5 hrs later: There were two updates each of savi and avira patterns about 20:13 UTC on 30 July.

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0

    I also have a lot of connections reset by peers after updating the firmware. three times so far today. I don't know if there's a correlation, but in my case I'm running in transparent mode with no authentication, and URL filtering only.

     

    2018:08:26-12:56:10 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 90 (Broken pipe)"
2018:08:26-12:59:09 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 107 (Connection reset by peer)"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="587" message="reloading config"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3859" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="651" message="reloading config done, new version 3380"

    2018:08:25-00:13:51 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 107 (Broken pipe)"
2018:08:25-00:16:56 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 73 (Connection reset by peer)"
2018:08:25-00:17:42 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 80 (Broken pipe)"
2018:08:25-00:17:43 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 83 (Broken pipe)"
2018:08:25-00:17:43 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 91 (Connection reset by peer)"
2018:08:25-00:19:14 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 97 (Broken pipe)"
2018:08:25-00:19:28 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 73 (Connection reset by peer)"
2018:08:25-00:22:08 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 91 (Connection reset by peer)"
  • 0 in reply to alan weir

    I am not noticing any issues, so far, with my users and the proxy. But there are quite often "function="ssl_raw_read" file="ssl.c" line="816" message="SSL_ERROR_SYSCALL: ret=-1 error=Connection reset by peer"" messages in the filtering log. 

     

    Alan, it look like the web filtering proxy service is restarting on yours. Mine was doing that as well, but for whatever reason, I ended up turning off SSL scanning...waiting....and turning it back on again. The service restarts haven't occurred again, yet.

  • 0

    Almost same issue after 9.510-5 upgrade HA Cluster with web Proxy, AD SSO and HTTP scanning. http.log is fill up and appliance shut down.

    Workaround, deleted AD account and created again. Hopefully this workaround fixed this problem.

     

     

  • 0 in reply to alan weir

    Same issues here. Does anybody have the solution?

     
    2018:10:23-08:19:35 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 172 (Broken pipe)"
    2018:10:23-08:20:10 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 1367 (Connection refused)"
    2018:10:23-08:20:10 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 1367 (Connection refused)"
    2018:10:23-08:20:45 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 652 (Broken pipe)"
    2018:10:23-08:21:08 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 527 (Broken pipe)"
    2018:10:23-08:21:10 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 224 (Connection refused)"
    2018:10:23-08:21:10 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 202 (Connection refused)"
    2018:10:23-08:21:14 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 1031 (Broken pipe)"
    2018:10:23-08:21:15 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 1063 (Broken pipe)"
    2018:10:23-08:21:21 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 1177 (Broken pipe)"
    2018:10:23-08:21:46 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 1522 (Broken pipe)"
    2018:10:23-08:21:51 xxxxxx httpproxy[7622]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 631 (Broken pipe)"
Unfiltered HTML