After FW update 9.705: "urid not running - restarted"

Today I am working an a UTM 230. Immediately after updating to firmware 9.705003 on 9/24, I am getting many email with the message "urid not running - restarted". The proxy log gives me lines like this:

2020:10:18-19:28:25 lissmacutm httpproxy[5474]: id="0003" severity="info" sys="SecureWeb" sub="http" request="0x19764300" function="urid_categorize_url" file="uri_scanner.c" line="242" message="urid_query failed: (-2) "

Also getting many lines with "Categorization failed". These are not specific to any internal or external IP although MS updates are more common particularly on the weekend.

BAlfson wrote in one post that the UTM is being "chatty", but since this occurred on the day of an update and afterwards, I wonder if there's an issue with the update or did my DNS somehow get hosed?

Thanks, Tom

Parents
  • Hey Tom,

    What do you get from the following?

    cc get http use_sxl_urid

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • OK, Tom, maybe setting it to the "old" version temporarily will fix it:

    cc set http use_sxl_urid 0
    cc set http use_sxl_urid 1

    Any luck?

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • Bob, not familiar with this component. I entered both commands (was I supposed to)? Each time they return "1".

  • That meant they were both successful, Tom.  Are you still seeing the "Categorization failed" message?  If so, you will want to get a case open with Sophos Support.  Please let us know what they did to address this.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • The errors are sporadic throughout the day. I will keep an eye on the logs and report back.

    If you look at my posts with Emmanuel (EmmoSophos) farther up in this thread, you will see that he believes that SSD is failing. While that may be true, it's odd to me that the errors started immediately after the 9.705-3 update. Until you answered just now, I was considering a factory reset just for giggles.

    I'll let you know.

  • Factory Reset wouldn't help, Tom - possibly re-imaging and restoring a backup if the drive isn't damaged.  If the SSD is suspect, and you know how to use it e2fsck might be able to save the disk.  Again, good luck and let us know.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • Factory Reset wouldn't help, Tom - possibly re-imaging and restoring a backup if the drive isn't damaged.  If the SSD is suspect, and you know how to use it e2fsck might be able to save the disk.  Again, good luck and let us know.

    Cheers - Bob

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data