Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 14 replies
  • Subscribers 4 subscribers
  • Views 2716 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Protection | Web Filtering - isn't partial working - often reloading the config

Andreas Czech

Hi to all,

I've a stress problem -> the Web Filtering reloads every 4-10min. The good thing is -> it don't affects the ability to surf. After google for several Days and set the UTM from the Image up, I have no solution then to post here.

My Situation:

DNS: all internal networks and the VPN network, Forwards: the standard NTP Group (Pool)

Certificates: not changed (Standard)

I read in some Google Posts it is related to DNS or Certificates.

The Web Filtering works for the VPN Clients (separate profile), but not for my Internal network

Furthermore I've attached my Webfiltering Live Log

2022:05:29-13:53:02 sg105 URID[5148]: T=5148 ------ 2 - Warning: EARLY TIMEOUT: dns context 1 has 5895 ms before it should time out\n
2022:05:29-13:53:02 sg105 URID[5148]: T=5148 ------ 2 - Warning: EARLY TIMEOUT: dns context 0 has 5894 ms before it should time out\n
2022:05:29-13:53:02 sg105 URID[5148]: T=5148 ------ 2 - Warning: EARLY TIMEOUT: dns context 2 has 5894 ms before it should time out\n
2022:05:29-13:53:02 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 26"
2022:05:29-13:53:03 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.4" dstip="23.53.172.52" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="13631" request="0xda8ca700" url="">https://bag.itunes.apple.com/" referer="" error="" authtime="0" dnstime="275068" aptptime="1705" cattime="4618816" avscantime="0" fullreqtime="5183282" device="0" auth="0" ua="" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" application="itunes" app-id="246"
2022:05:29-13:53:08 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.4" dstip="216.58.212.174" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="8675" request="0xda9c7500" url="">https://www.youtube.com/" referer="" error="" authtime="0" dnstime="237066" aptptime="72802" cattime="3494985" avscantime="0" fullreqtime="9778265" device="0" auth="0" ua="" exceptions="" category="147" reputation="neutral" categoryname="Streaming Media" application="youtube" app-id="557"
2022:05:29-13:53:08 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.4" dstip="142.250.186.182" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="26312" request="0xda8cb500" url="">https://i.ytimg.com/" referer="" error="" authtime="0" dnstime="234618" aptptime="72898" cattime="3494514" avscantime="0" fullreqtime="9789059" device="0" auth="0" ua="" exceptions="" category="177" reputation="trusted" categoryname="Content Server" application="youtube" app-id="557"
2022:05:29-13:53:30 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-13:53:31 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-13:53:31 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-13:57:30 sg105 URID[5148]: T=5148 ------ 2 - Warning: LATE TIMEOUT: dns context 6 should have timed out 1626 ms ago\n
2022:05:29-13:57:32 sg105 URID[5148]: T=5148 ------ 2 - Warning: LATE TIMEOUT: dns context 5 should have timed out 3529 ms ago\n
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 27"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.242.2.4" dstip="42.119.138.22" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" request="0xda78aa00" url="">zpsocial-f48-w120.zadn.vn/17b8011ce8ae07f05ebf.jpg" referer="" error="" authtime="0" dnstime="212344" aptptime="323" cattime="4665778" avscantime="553955079" fullreqtime="560430620" device="0" auth="0" ua="NotificationServiceExtension-Production/454 CFNetwork/1333.0.4 Darwin/21.5.0" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" sandbox="-" content-type="image/jpeg"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1131" message="Write error on the epoll handler 99 (Connection reset by peer)"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1131" message="Write error on the epoll handler 89 (Connection reset by peer)"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.4" dstip="87.123.250.26" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="7356" request="0xda9c6700" url="">iphone-ld.apple.com/" referer="" error="" authtime="0" dnstime="279004" aptptime="147696" cattime="4481017" avscantime="0" fullreqtime="560717995" device="0" auth="0" ua="" exceptions="" category="105" reputation="trusted" categoryname="Business" application="apple" app-id="621"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.4" dstip="87.123.250.26" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="138402" request="0xda894700" url="">iphone-ld.apple.com/" referer="" error="" authtime="0" dnstime="279345" aptptime="147666" cattime="4480529" avscantime="0" fullreqtime="560717601" device="0" auth="0" ua="" exceptions="" category="105" reputation="trusted" categoryname="Business" application="apple" app-id="621"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1131" message="Write error on the epoll handler 96 (Broken pipe)"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="plain_write_vector" file="epoll.c" line="1131" message="Write error on the epoll handler 166 (Broken pipe)"
2022:05:29-14:02:18 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.4" dstip="23.53.172.157" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="9619" request="0xda894000" url="">https://cl5.apple.com/" referer="" error="" authtime="0" dnstime="290769" aptptime="359" cattime="4627398" avscantime="0" fullreqtime="560843708" device="0" auth="0" ua="" exceptions="" category="9998" reputation="unverified" categoryname="Uncategorized" application="apple" app-id="621"
2022:05:29-14:02:25 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:02:25 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:02:26 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="2.19.244.28" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="517" request="0xdaa70300" url="">bag.itunes.apple.com/" referer="" error="" authtime="0" dnstime="3037260" aptptime="711579" cattime="3291938" avscantime="0" fullreqtime="7660571" device="0" auth="0" ua="" exceptions="" category="112" reputation="trusted" categoryname="Entertainment" application="itunes" app-id="246"
2022:05:29-14:02:26 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="23.32.238.203" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="517" request="0xda8cd800" url="">p16-sign-va.tiktokcdn.com/" referer="" error="" authtime="0" dnstime="3334810" aptptime="532965" cattime="3406143" avscantime="0" fullreqtime="8151950" device="0" auth="0" ua="" exceptions="" category="177" reputation="neutral" categoryname="Content Server"
2022:05:29-14:02:26 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="23.53.174.4" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="517" request="0xa553500" url="">configuration.ls.apple.com/" referer="" error="" authtime="0" dnstime="3171034" aptptime="197" cattime="3819449" avscantime="0" fullreqtime="7839433" device="0" auth="0" ua="" exceptions="" category="105" reputation="trusted" categoryname="Business" application="apple" app-id="621"
2022:05:29-14:02:26 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="23.53.172.157" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="517" request="0xda6c5500" url="">https://cl5.apple.com/" referer="" error="" authtime="0" dnstime="2535392" aptptime="191" cattime="3875559" avscantime="0" fullreqtime="7839805" device="0" auth="0" ua="" exceptions="" category="105" reputation="trusted" categoryname="Business" application="apple" app-id="621"
2022:05:29-14:02:26 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="184.24.77.43" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="517" request="0xdaa6f500" url="">weather-data.apple.com/" referer="" error="" authtime="0" dnstime="3650918" aptptime="701053" cattime="3302470" avscantime="0" fullreqtime="8321452" device="0" auth="0" ua="" exceptions="" category="105" reputation="trusted" categoryname="Business" application="apple" app-id="621"
2022:05:29-14:02:27 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="17.253.79.203" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="517" request="0xda7d5500" url="">gsp-ssl.ls.apple.com/" referer="" error="" authtime="0" dnstime="3302549" aptptime="63398" cattime="3880061" avscantime="0" fullreqtime="8321304" device="0" auth="0" ua="" exceptions="" category="105" reputation="trusted" categoryname="Business" application="apple" app-id="621"
2022:05:29-14:02:27 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 34"
2022:05:29-14:02:27 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:02:27 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:02:27 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:02:28 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 34"
2022:05:29-14:02:28 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:02:28 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:02:28 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:02:29 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 34"
2022:05:29-14:02:29 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:02:29 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:02:29 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:02:31 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 34"
2022:05:29-14:02:31 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:02:31 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:02:31 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:02:32 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 34"
2022:05:29-14:02:32 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:02:32 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:02:32 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:02:33 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 34"
2022:05:29-14:02:33 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:02:33 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:02:33 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:02:34 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 34"
2022:05:29-14:02:45 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="2.19.244.28" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="7911" request="0xdaa6fc00" url="">init.itunes.apple.com/" referer="" error="" authtime="0" dnstime="3051981" aptptime="709207" cattime="3294496" avscantime="0" fullreqtime="27503521" device="0" auth="0" ua="" exceptions="" category="112" reputation="trusted" categoryname="Entertainment" application="itunes" app-id="246"
2022:05:29-14:02:46 sg105 httpproxy[5378]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="CONNECT" srcip="10.242.2.3" dstip="2.19.244.28" user="" group="" ad_domain="" statuscode="200" cached="0" profile="REF_HttProContaInterNetwo2 (VPN (LAN & Remote))" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="7917" request="0xda70c300" url="">configuration.apple.com/" referer="" error="" authtime="0" dnstime="3617459" aptptime="710245" cattime="3293708" avscantime="0" fullreqtime="28114064" device="0" auth="0" ua="" exceptions="" category="178" reputation="neutral" categoryname="Internet Services" application="apple" app-id="621"
2022:05:29-14:03:08 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="594" message="reloading config"
2022:05:29-14:03:09 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="540" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2022:05:29-14:03:09 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3882" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2022:05:29-14:03:10 sg105 httpproxy[5378]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="658" message="reloading config done, new version 35"

Hope someone can help.



This thread was automatically locked due to age.
Parents Reply Children
Unfiltered HTML