Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 5 replies
  • Subscribers 6 subscribers
  • Views 6440 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

9.510-5 Web Filtering

rsenio

Anyone running 9.510-5 with web proxy, AD SSO, and HTTP scanning? I'm seeing lots of 

function="ssl_raw_read" file="ssl.c" line="816" message="SSL_ERROR_SYSCALL: ret=-1 error=Connection reset by peer"

in the logs. Anyone else seeing this?

 



This thread was automatically locked due to age.
Parents
  • 0

    I also have a lot of connections reset by peers after updating the firmware. three times so far today. I don't know if there's a correlation, but in my case I'm running in transparent mode with no authentication, and URL filtering only.

     

    2018:08:26-12:56:10 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 90 (Broken pipe)"
2018:08:26-12:59:09 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 107 (Connection reset by peer)"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="587" message="reloading config"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3859" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2018:08:26-13:25:18 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="651" message="reloading config done, new version 3380"

    2018:08:25-00:13:51 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 107 (Broken pipe)"
2018:08:25-00:16:56 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 73 (Connection reset by peer)"
2018:08:25-00:17:42 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 80 (Broken pipe)"
2018:08:25-00:17:43 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 83 (Broken pipe)"
2018:08:25-00:17:43 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 91 (Connection reset by peer)"
2018:08:25-00:19:14 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 97 (Broken pipe)"
2018:08:25-00:19:28 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 73 (Connection reset by peer)"
2018:08:25-00:22:08 mysophosutm httpproxy[5389]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1117" message="Write error on the epoll handler 91 (Connection reset by peer)"
  • 0 in reply to alan weir

    I am not noticing any issues, so far, with my users and the proxy. But there are quite often "function="ssl_raw_read" file="ssl.c" line="816" message="SSL_ERROR_SYSCALL: ret=-1 error=Connection reset by peer"" messages in the filtering log. 

     

    Alan, it look like the web filtering proxy service is restarting on yours. Mine was doing that as well, but for whatever reason, I ended up turning off SSL scanning...waiting....and turning it back on again. The service restarts haven't occurred again, yet.

Reply
  • 0 in reply to alan weir

    I am not noticing any issues, so far, with my users and the proxy. But there are quite often "function="ssl_raw_read" file="ssl.c" line="816" message="SSL_ERROR_SYSCALL: ret=-1 error=Connection reset by peer"" messages in the filtering log. 

     

    Alan, it look like the web filtering proxy service is restarting on yours. Mine was doing that as well, but for whatever reason, I ended up turning off SSL scanning...waiting....and turning it back on again. The service restarts haven't occurred again, yet.

Children
No Data
Unfiltered HTML