This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Sophos UTM update 9.411-3 released

Up2Date 9.411003 package description:

Remarks:
System will be rebooted
Configuration will be upgraded

News:
Maintenance Release

Bugfixes:
Fix [NUTM-6804]: [AWS] Update breaks HVM standalone installations
Fix [NUTM-6747]: [Email] SAVI scanner coredumps permanently in MailProxy after update to 9.410
Fix [NUTM-6802]: [Web] New coredumps from httpproxy after update to v9.410

RPM packages contained:
rubygem-sophos-iaas-1.0.0-0.251808053.g8ec3939.i686.rpm
ep-cssd-9.40-28.g1a032c7.rb1.i686.rpm
ep-ha-aws-9.40-376.g8ec3939.noarch.rpm
ep-cloud-ec2-9.40-47.g1d126b2.i686.rpm
ep-httpproxy-9.40-393.g39ad256.rb5.i686.rpm
ep-release-9.411-3.noarch.rpm



This thread was automatically locked due to age.
Parents
  • I have applied this update, and continue to get HTTP proxy restart errors.

     

    Http proxy not running - restarted

    --

    System Uptime      : 0 days 3 hours 39 minutes

    System Load        : 1.50

    System Version     : Sophos UTM 9.411-3

     

    Please refer to the manual for detailed instructions.

  • BC68 said:

    I have applied this update, and continue to get HTTP proxy restart errors.

     

    Http proxy not running - restarted

    --

    System Uptime      : 0 days 3 hours 39 minutes

    System Load        : 1.50

    System Version     : Sophos UTM 9.411-3

     

    Please refer to the manual for detailed instructions.

     

     

    Interesting; I've not seen this in testing.  Is this a paid license install?  If so I'd be starting a support case.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Sophos Platinum Partner

    --------------------------------------

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • No, I'm using this at my house, so it just a home license. I only starting getting this error after the 9.410-6 update, and it continued into the 9.411-3 update. Originally it was running on dedicated (even if a bit old) hardware, and I just migrated it to a VM on my ESXi server and the error followed, but so did my configuration.

  • I just installed 9.411-3 on a SG310 last night. It has all subscriptions. I'm not seeing this or any other issues right now. I have over 100 users using Web Protection. Were are you seeing this? In a specific log or dashboard?

Reply Children
  • I presume this was addressed to me. If so, that error is coming directly from the e-mail alert I'm getting from my UTM. I can also find the HTTP restart errors in my selfmonitoring log:

     

    2017:02:10-13:33:08 utm selfmonng[4790]: W actionCmd(+):  '/var/mdw/scripts/httpproxy restart'
    2017:02:10-13:33:10 utm selfmonng[4790]: W child returned status: exit='0' signal='0'
    2017:02:10-13:45:10 utm selfmonng[4790]: I check Failed increment httpproxy_running counter 1 - 3
    2017:02:10-13:45:15 utm selfmonng[4790]: I check Failed increment httpproxy_running counter 2 - 3
    2017:02:10-13:45:20 utm selfmonng[4790]: W check Failed increment httpproxy_running counter 3 - 3
    2017:02:10-13:45:20 utm selfmonng[4790]: W NOTIFYEVENT Name=httpproxy_running Level=INFO Id=141 suppressed
    2017:02:10-13:45:20 utm selfmonng[4790]: W triggerAction: 'cmd'
    2017:02:10-13:45:20 utm selfmonng[4790]: W actionCmd(+):  '/var/mdw/scripts/httpproxy restart'
    2017:02:10-13:45:22 utm selfmonng[4790]: W child returned status: exit='0' signal='0'
    2017:02:10-13:55:58 utm selfmonng[4790]: I check Failed increment httpproxy_running counter 1 - 3
    2017:02:10-13:55:58 utm selfmonng[4790]: I check Failed increment afc_running counter 1 - 3
    2017:02:10-13:56:03 utm selfmonng[4790]: I check Failed increment httpproxy_running counter 2 - 3
    2017:02:10-13:56:08 utm selfmonng[4790]: W check Failed increment httpproxy_running counter 3 - 3
    2017:02:10-13:56:08 utm selfmonng[4790]: W NOTIFYEVENT Name=httpproxy_running Level=INFO Id=141 suppressed
    2017:02:10-13:56:08 utm selfmonng[4790]: W triggerAction: 'cmd'
    2017:02:10-13:56:08 utm selfmonng[4790]: W actionCmd(+):  '/var/mdw/scripts/httpproxy restart'
    2017:02:10-13:56:10 utm selfmonng[4790]: W child returned status: exit='0' signal='0'
    2017:02:10-14:17:40 utm selfmonng[4790]: I check Failed increment httpproxy_running counter 1 - 3
    2017:02:10-14:17:45 utm selfmonng[4790]: I check Failed increment httpproxy_running counter 2 - 3
    2017:02:10-14:17:50 utm selfmonng[4790]: W check Failed increment httpproxy_running counter 3 - 3
    2017:02:10-14:17:50 utm selfmonng[4790]: [INFO-141] Http proxy not running - restarted
    2017:02:10-14:17:50 utm selfmonng[4790]: W NOTIFYEVENT Name=httpproxy_running Level=INFO Id=141 sent
    2017:02:10-14:17:50 utm selfmonng[4790]: W triggerAction: 'cmd'
    2017:02:10-14:17:50 utm selfmonng[4790]: W actionCmd(+):  '/var/mdw/scripts/httpproxy restart'
    2017:02:10-14:17:52 utm selfmonng[4790]: W child returned status: exit='0' signal='0'

    And in the kernal log:
    2017:02:10-14:17:36 utm kernel: [100694.000559] httpproxy[5937]: segfault at 0 ip 00000000f7374103 sp 00000000eafd6a40 error 4 in libtcmalloc.so.4.1.0[f734d000+48000]
  • Yep - was addressing this to you. I checked my selfmonitoring log and all was clean. I also noticed that you were not running on the appliance so there might be additional issues for you. Thanks for the clarification.