Thread Info
  • State Not Answered
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 8 replies
  • Subscribers 2 subscribers
  • Views 7173 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering not working

iborianschpro
My web filtering does not seem to work. My Live Log show the following:

2015:08:19-13:14:56 fwint httpproxy[19231]: Integrated HTTP-Proxy (c) 2007-2015 Sophos Ltd, Release 258.g3645241.rb1
2015:08:19-14:07:27 fwint httpproxy[19231]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="580" message="reloading config"
2015:08:19-14:07:27 fwint httpproxy[19231]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
2015:08:19-14:07:27 fwint httpproxy[19231]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3560" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
2015:08:19-14:07:29 fwint httpproxy[19231]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="636" message="reloading config done, new version 20"


The policy test shows that the policies are ok and working fine, but when i try it on a client... nothing. Currently on v. 9.315-2 in transparent mode. My noob self has restarded the utm, stopped and restarted Web filtering but nothing seems to help. Would really appreciate all the help I can get.


This thread was automatically locked due to age.
  • 0
    Hi, and welcome to the User BB!

    severity="info"

    This is just the UTM being chatty and is not a problem.  My guess would be that the developer forgot to turn off a debug switch before compiling.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    Thanks Bob, and thank you for the reply...but why are my policies not working? Blocking e.g nudity and clients can still access nudity sites. Tried blocking specific urls and one can still access them. Really frustrated.
  • 0
    Hi,
    I have the same issue to.

    Web filtering is not working and also getting this logs.
    2015:08:20-12:16:59 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="main" file="httpproxy.c" line="343" message="finished startup"
    2015:08:20-12:16:59 crimson httpproxy[8243]: Integrated HTTP-Proxy (c) 2007-2014 Sophos Ltd, Release 111.g0705bb5.rb1
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="578" message="reloading config"
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3349" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="634" message="reloading config done, new version 953"
    2015:08:20-12:21:40 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="578" message="reloading config"
    2015:08:20-12:21:41 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
    2015:08:20-12:21:41 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3349" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
    2015:08:20-12:21:43 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="634" message="reloading config done, new version 954"
    2015:08:20-12:21:49 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="aptp_reload" file="aptpscanner.c" line="133" message="reloading ATP pattern"
    2015:08:20-12:21:50 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="aptp_reload" file="aptpscanner.c" line="151" message="reloading ATP pattern finished"
    2015:08:20-12:21:54 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="578" message="reloading config"
    2015:08:20-12:21:54 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
    2015:08:20-12:21:54 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3349" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
    2015:08:20-12:21:55 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="634" message="reloading config done, new version 955"
  • 0 in reply to lite
    2015:08:20-12:16:59 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="main" file="httpproxy.c" line="343" message="finished startup"
    2015:08:20-12:16:59 crimson httpproxy[8243]: Integrated HTTP-Proxy (c) 2007-2014 Sophos Ltd, Release 111.g0705bb5.rb1
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="578" message="reloading config"
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3349" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
    2015:08:20-12:21:25 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="634" message="reloading config done, new version 953"
    2015:08:20-12:21:40 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="578" message="reloading config"
    2015:08:20-12:21:41 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
    2015:08:20-12:21:41 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3349" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
    2015:08:20-12:21:43 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="634" message="reloading config done, new version 954"
    2015:08:20-12:21:49 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="aptp_reload" file="aptpscanner.c" line="133" message="reloading ATP pattern"
    2015:08:20-12:21:50 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="aptp_reload" file="aptpscanner.c" line="151" message="reloading ATP pattern finished"
    2015:08:20-12:21:54 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="578" message="reloading config"
    2015:08:20-12:21:54 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="parse_address" file="util.c" line="464" message="getaddrinfo: passthrough6.fw-notify.net: Name or service not known"
    2015:08:20-12:21:54 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_filter" file="confd-client.c" line="3349" message="failed to resolve passthrough6.fw-notify.net, using 2a01:198:200:680::8080"
    2015:08:20-12:21:55 crimson httpproxy[8243]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="634" message="reloading config done, new version 955"[/QUOTE]
  • 0
    iborianschpro, please show a line from the Web Filtering log file where an access was allowed that you believe should have been stopped.

    Lite, did you read my post above?  What problem are you seeing?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0 in reply to BAlfson
    iborianschpro, please show a line from the Web Filtering log file where an access was allowed that you believe should have been stopped.

    Lite, did you read my post above?  What problem are you seeing?

    Cheers - Bob


    Hej Bob,

    That's the thing, there is nothing in the log file apart from what I posted earlier, nothing. Really weird. No line that say "I've blocked this" or "I've passed this", NADA!!!! [:@]
    Restoring my 9.312-8 backup. Have to check if it has something to do with my 9.315-2 update.
  • 0
    You clients are reaching the internet without going through the proxy, which is why nothing is logged or blocked.

    You need to look at your deployment.  Are you using standard mode or transparent mode?  What is your network setup?
Unfiltered HTML