Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 8060 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

HTTP Proxy Stops Responding

strsmatt
Hello

I've opened a case with Sophos premium support, but I thought I'd post the problem here as well to see if anyone has any suggestions.

A few times per day we're getting "Proxy server not responding". I managed to catch it in the live log today, and this is the last few lines before it stops responding:

2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3384" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1567" message="Read error on the http handler 1746 (Input/output error)"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1567" message="Read error on the http handler 971 (Input/output error)"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1567" message="Read error on the http handler 448 (Input/output error)"
2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_network_filter" file="confd-client.c" line="1851" message="failed to get network: Operation not permitted (req=[{ "id": 399308, "method": "get_object", "params": [ "" ] }])"
..... [few more of the same]
2015:04:27-11:40:37 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="aptp_reload" file="aptpscanner.c" line="133" message="reloading ATP pattern"


Clients are configured to use the utm as a proxy, and transparently, but both have problems.

Any ideas appreciated!

Matt


This thread was automatically locked due to age.
Parents Reply Children
  • 0 in reply to William Warren
    get a support ticket started...cannot tell you anything more than that..sorry..


    Thanks anyway William [:)]

    I'll post back with any developments!

    Matt
  • 0 in reply to strsmatt
    I would be interested in any update on this problem. Since updating to 9.310.11 I can no longer enable the web proxy in transparent mode as I get the passthrough6.fw-notify.net error and the proxy shutsdown.

    2015:04:30-15:20:09 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
    2015:04:30-15:20:09 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3384" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
    2015:04:30-15:20:09 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="main" file="httpproxy.c" line="295" message="caching templates"
    2015:04:30-15:20:09 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="main" file="httpproxy.c" line="298" message="reading profiles"
    2015:04:30-15:20:09 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_network_filter" file="confd-client.c" line="1851" message="failed to get network: Operation not permitted (req=[{ "id": 69, "method": "get_object", "params": [ "" ] }])"
    2015:04:30-15:20:10 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="scanner_init" file="aptpscanner.c" line="176" message="ATP loaded"
    2015:04:30-15:20:11 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="main" file="httpproxy.c" line="337" message="notifiying argos daemon
    2015:04:30-15:20:11 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="argos_notify" file="httpproxy.c" line="199" message="connect: Connection refused"
    2015:04:30-15:20:11 huginn httpproxy[15951]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="main" file="httpproxy.c" line="343" message="finished startup"
  • 0 in reply to strsmatt
    strsmatt,
    I had the same issues as you had,

    2015:04:27-11:40:34 sophosutm httpproxy[5759]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_network_filter" file="confd-client.c" line="1851" message="failed to get network: Operation not permitted (req=[{ "id": 399308, "method": "get_object", "params": [ "" ] }])"
    ..... [few more of the same]

    I have resolved this by enabling caching or either disable all exceptions related to caching where tags are used.
    Seemed like it couldn't apply the "do not cache"-function for the sites I tagged as "do not cache", because caching was not enabled.

    Kind regards,
    Frank
  • 0 in reply to FrankBarmentlo
    Frank - do you mean the 'Enable Caching' option under Web Protection -> Filtering Options -> Misc? If so, it's already switched on (apart from SSL content).

    I'm not sure we're using tags, but either way I haven't had this problem since the upgrade to 9.312-8

    Matt
Unfiltered HTML