This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Proxy reloads config every 60 seconds after upgrade to 9.407-3?

Hello,

It looks that web proxy reloads its config every 60 second after upgrading UTM 9 to version 9.407-3. Is it a bug? Is there any workaround to disable this auto config reloads?

regards,

Adam

2016:10:06-08:58:34 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="587" message="reloading config"
2016:10:06-08:58:34 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="643" message="reloading config done, new version 81"
2016:10:06-08:59:34 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="587" message="reloading config"
2016:10:06-08:59:35 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="643" message="reloading config done, new version 84"
2016:10:06-08:59:35 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="587" message="reloading config"
2016:10:06-08:59:35 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="643" message="reloading config done, new version 84"
2016:10:06-08:59:35 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="587" message="reloading config"
2016:10:06-08:59:36 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="643" message="reloading config done, new version 84"
2016:10:06-09:00:22 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_update_list" file="early_scr_scanner.c" line="719" message="reloading list (1)"
2016:10:06-09:00:35 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="587" message="reloading config"
2016:10:06-09:00:35 gate01-mnet httpproxy[28218]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="643" message="reloading config done, new version 85"



This thread was automatically locked due to age.
Parents
  • Hi Adam,

    Welcome to Sophos Community.

    It doesn't happen on every 9.407-3 install. In fact, I still cannot reproduce the scenario after a fresh install of 9.407-3. I think something else is causing the mdw to restart. What do the kernel.log and confd.log reflect, any particulars?

    Thanks

    Sachin Gurung
    Team Lead | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  |  Video tutorials
    Remember to like a post.  If a post (on a question thread) solves your question use the 'This helped me' link.

  • Hi Sachin, 

    Thank you for your reply and pointing me into right direction in troubleshooting!

    I have found in the confd.log that the issue is caused by frequently changing IP address in one of the DNS group objects, which I used in my transparent proxy skip list. The IP changed every 60 seconds which caused the issue. In fact there are 2 IPs associated with one DNS name (my work network perimeter firewall load balancer). I think that previously these 2 IPs were correctly recognized and recorded in the DNS group, but now I see just one IP and changing every 60 sec. But it is possible that something changed in my work network as well, which caused this issue... 

    Anyway, I have deleted the DNS group object and created two static Host entries which I added to transparent proxy skiplist. Not a perfect solution as this requires manually updating them in case my work network changed load balancer IPs, but this does not happen so often.

    Once again thank you for your reply!

    regards,

    Adam

  • Does the web proxy reloads cause any issues? Mine reloads regularly. I assume it is because entries in my skiplist have multiple IP addresses. If the dns-resolver is only recording the first entry and my upstream DNS is 'round robin'ing the IP addresses then the IP address will change on every query .

  • Hi Adam,

     

    I have the exact same problem running my home UTM on Firmware: 9.409-9.

     

    Throughout the day, I will lose all network connectivity to the UTM. It stops ping replying, doesn't allow traffic and either comes good after 5 minutes or requires me to disconnect and reconnect the NIC's via ESX.

     

    I looked in confd and have a similar message too:

    2017:01:23-15:58:51 gateway confd[4000]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_NtpPool" objname="NTP Server Pool" user="system" srcip="127.0.0.1" sid="oooqUDQSoLofGrUYVhmv" facility="system" client="dns-resolver.plx" pid="32658" attr_addresses="['129.250.35.251','13.55.50.68','45.32.189.94']" oldattr_addresses="['27.124.125.251','203.100.61.10','129.250.35.250']"

     

     

    As a sledgehammer approach, I have removed the NTP Pool servers from System Settings --> Time and Date --> NTP Servers to see if that resolves the issue.

     

    Thanks for the post. I would have never found the issue without this post.

Reply
  • Hi Adam,

     

    I have the exact same problem running my home UTM on Firmware: 9.409-9.

     

    Throughout the day, I will lose all network connectivity to the UTM. It stops ping replying, doesn't allow traffic and either comes good after 5 minutes or requires me to disconnect and reconnect the NIC's via ESX.

     

    I looked in confd and have a similar message too:

    2017:01:23-15:58:51 gateway confd[4000]: I main::top-level:677() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_NtpPool" objname="NTP Server Pool" user="system" srcip="127.0.0.1" sid="oooqUDQSoLofGrUYVhmv" facility="system" client="dns-resolver.plx" pid="32658" attr_addresses="['129.250.35.251','13.55.50.68','45.32.189.94']" oldattr_addresses="['27.124.125.251','203.100.61.10','129.250.35.250']"

     

     

    As a sledgehammer approach, I have removed the NTP Pool servers from System Settings --> Time and Date --> NTP Servers to see if that resolves the issue.

     

    Thanks for the post. I would have never found the issue without this post.

Children
No Data