Any idea why Geoip2country DB shows current version as "0" (zero) ?

Hi Big_Buck 

I checked in local appliance found there as well 0. Let me confirm more on same and will update you here. 

SFVH_SO01_SFOS 18.0.0 GA-Build339.HF052220.1# tail -f /log/u2d.log | grep "geoip"

DEBUG Jun 05 11:11:53 [20284]: --pkg_geoip_version = 0
DEBUG Jun 05 11:11:53 [20284]: --pkg_geoip_cv = 1.00
?&serialkey=CXXXXXXXXXXX&deviceid=XXXXXXXXXXXXXXXXXXXXX&fwversion=18.0.0.339&productcode=CN&appmodel=SF01V&appvendor=SO01&useragent=SF&oem=Sophos&pkg_ips_version=18.17.15&pkg_ips_cv=15.0&pkg_atp_version=1.0.0302&pkg_atp_cv=1.00&pkg_savi_version=1.0.15682&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.408109&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=0&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0019&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.011&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.000&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.007&pkg_sslvpn_cv=1.00&pkg_ipsec_version=1.4.001&pkg_ipsec_cv=1.00&central_mgmt=1.0

Hi Big_Buck 

I checked in local appliance found there as well 0. Let me confirm more on same and will update you here. 

SFVH_SO01_SFOS 18.0.0 GA-Build339.HF052220.1# tail -f /log/u2d.log | grep "geoip"

DEBUG Jun 05 11:11:53 [20284]: --pkg_geoip_version = 0
DEBUG Jun 05 11:11:53 [20284]: --pkg_geoip_cv = 1.00
?&serialkey=CXXXXXXXXXXX&deviceid=XXXXXXXXXXXXXXXXXXXXX&fwversion=18.0.0.339&productcode=CN&appmodel=SF01V&appvendor=SO01&useragent=SF&oem=Sophos&pkg_ips_version=18.17.15&pkg_ips_cv=15.0&pkg_atp_version=1.0.0302&pkg_atp_cv=1.00&pkg_savi_version=1.0.15682&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.408109&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=0&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0019&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.011&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.000&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.007&pkg_sslvpn_cv=1.00&pkg_ipsec_version=1.4.001&pkg_ipsec_cv=1.00&central_mgmt=1.0

Just to let you know I wiped clean that firewall.  So it is a fresh SFOS ISO install with a restore from a backup.

Two things I noticed.  Messages related to the SQL Injection breach few days ago are gone.  I do not have a warning to change passwords anymore.  And, this geo localisation showing version "0".

Paul Jr

Hi Big_Buck 

As of now this is known issue with ID NC-58681 : "geoip on up2date: version shown as - or 0 "and Dev team is working on same. As of now fix version is marked SF 18.0 MR2 ( We do not have release date info for SF 18.0 MR2 and if there will be any change in fix version we will update you here).

Hi Paul,

I just completed a rollback to the original MR-1 with patches and found the geopip database updated this morning to version 2.0.002.

I needed some of the configuration details that only work in mr-1.

Ian

Well.  It is now showing correctly version 2.0.002.

And I am clearly not at version MR2 ...

Paul Jr

Hi Big_Buck 

Strange..! In my firewall still status is same (0).

SFVH_SO01_SFOS 18.0.0 GA-Build339.HF052220.1# tail -f /log/u2d.log | grep "geoip"
DEBUG Jun 11 11:40:22 [32125]: --pkg_geoip_version = 0
DEBUG Jun 11 11:40:22 [32125]: --pkg_geoip_cv = 1.00
?&serialkey=C0XXXXXXXXXX&deviceid=deac5ad3-XXXX-XXXXXXXcfe&fwversion=18.0.0.339&productcode=CN&appmodel=SF01V&appvendor=SO01&useragent=SF&oem=Sophos&pkg_ips_version=18.17.16&pkg_ips_cv=15.0&pkg_atp_version=1.0.0303&pkg_atp_cv=1.00&pkg_savi_version=1.0.15682&pkg_savi_patch=2&pkg_savi_cv=1.00&pkg_avira_version=1.0.408267&pkg_avira_patch=2&pkg_avira_cv=4.00&pkg_geoip_version=0&pkg_geoip_cv=1.00&pkg_clientauth_version=1.0.0019&pkg_clientauth_cv=2.00&pkg_apfw_version=11.0.011&pkg_apfw_cv=1.00&pkg_redfw_version=3.0.000&pkg_redfw_cv=2.00&pkg_sslvpn_version=1.0.007&pkg_sslvpn_cv=1.00&pkg_ipsec_version=1.4.001&pkg_ipsec_cv=1.00