This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web filter log only shows Input/Output Errors

I'm running UTM9.502-4. I've been trying to fine tune some web filtering exceptions after enabling Scan and Decrypt in Transparent mode. This caused a lot of iOS apps not work, which I've gathered is a normal occurrence because of cert pinning in the apps.

I've been looking at the log to figure out what to add an exception for, but all I'm seeing are Input/Output errors like this:

2017:08:28-16:28:29 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:30 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:30 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:35 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:35 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2458 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2458 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2458 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2458 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:36 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:41 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2452 (Input/output error)"

2017:08:28-16:28:42 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2452 (Input/output error)"

2017:08:28-16:28:42 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2452 (Input/output error)"

2017:08:28-16:28:42 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2452 (Input/output error)"

2017:08:28-16:28:42 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:42 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:42 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:42 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2458 (Input/output error)"

2017:08:28-16:28:47 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

2017:08:28-16:28:47 firewall httpproxy[5721]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="read_request_headers" file="request.c" line="1586" message="Read error on the http handler 2407 (Input/output error)"

I had to hook my iPhone up to a Burp proxy to discover that an exception for inbox.google.com was required for the gmail app to work.

This is making it near impossible to figure out the exceptions I need to add. Is this a bug?



This thread was automatically locked due to age.
Parents
  • I have seen this symptom on sites that use sha1 certificates, which are insecure.  If you want to connect anyway, you create an exceptiom to skip certificate checks.

    Use openssl.com server test page to see whether the site is configured securely or not.   Most ssl vendors have ssl testers which are wuicker but less comprehensive.   I use a mixture of both.  UTM logs are minimally useful for explaining why a certificate is problematic.

Reply
  • I have seen this symptom on sites that use sha1 certificates, which are insecure.  If you want to connect anyway, you create an exceptiom to skip certificate checks.

    Use openssl.com server test page to see whether the site is configured securely or not.   Most ssl vendors have ssl testers which are wuicker but less comprehensive.   I use a mixture of both.  UTM logs are minimally useful for explaining why a certificate is problematic.

Children