Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 57 replies
  • Answers 2 answers
  • Subscribers 39 subscribers
  • Views 205771 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Avira up2date error: Is there any solution?

dempie

Hi,

since yesterday my XG-Firewall cannot download the pattern files for the AVIRA virus scanner any more. This is what I read from 'Log Viewer' under 'View Log for Admin':

2015-12-29 11:17:30 Up2Date FAILED - Failed to download file avira_1.00_1.0.12965_full.tar.gz.gpg 18030
2015-12-29 11:16:31 Up2Date FAILED - Failed to download file savi_1.00_1.0.8492_full.tar.gz.gpg 18030

This process repeats every 30 seconds and is wasting all of my Internet bandwidth, as the download starts, but cannot be finished successfully.

I disbled 'Auto Update' from System>Administration>Updates'. Nevertheless, the XG Firewall doesn't stop downloading these files.

Is there any solution?

Thanks for your help.

Best Regards



This thread was automatically locked due to age.
Parents
  • 0

    hI all.
    I change hosts file and now bandwidth is normal. Great solution!
    I am surprised that there is a community so active for this product. I am left with some curiosity. As you have identified url? I have use Current List connection and nslookup. With PS don't work.
    have you find out a way to understand how much traffic comes from appliance?

    Thanks for solution,

    best regards

  • 0 in reply to BrunoZavettieri
    On the Advanced Shell I used:
    ps -T | grep 'curl'
    to identify the url. You can also take a look in file /log/u2d.log.

    Please make sure to write the ps command lower case. The curl process is only shown if the firewall downloads one of the pattern files. So if you changed the host file as described earlier in this thread the curl process will probably not be listed as it fails immediately.

    The host file workaround was the first solution to stop the traffic. But it won't solve the problem as the firewall won't update with newer pattern files at the moment (see log file entries community.sophos.com/.../284315 ).

    You can try the second solution:
    community.sophos.com/.../284274
    In that case please revert the changes to the host file otherwise it won't work.
    Best Regards.
  • 0 in reply to dempie
    Hi dempie,

    Thanks for explanation. i had use first solution, change file hosts, for stop traffic. Now i have update pattern file and revert file hosts. Pattern file now is empty but in updates status antivirus is now ok.

    There is another strange thing. Log file:

    Thu Jan 07 10:41:54 2016 Download completed for file savi_1.00_1.0.8528_full.tar.gz.gpg

    but in downloads:

    /var/u2d/downloads/savi_1.00_1.0.8492_full.tar.gz.gpg

    it happened to you?

    best regards,
Reply
  • 0 in reply to dempie
    Hi dempie,

    Thanks for explanation. i had use first solution, change file hosts, for stop traffic. Now i have update pattern file and revert file hosts. Pattern file now is empty but in updates status antivirus is now ok.

    There is another strange thing. Log file:

    Thu Jan 07 10:41:54 2016 Download completed for file savi_1.00_1.0.8528_full.tar.gz.gpg

    but in downloads:

    /var/u2d/downloads/savi_1.00_1.0.8492_full.tar.gz.gpg

    it happened to you?

    best regards,
Children
  • 0 in reply to BrunoZavettieri

    BrunoZavettieri said:

    Now i have update pattern file and revert file hosts. Pattern file now is empty but in updates status antivirus is now ok.

    /content/u2/pattern is something like a queue file. Entries in there have to be handled by the up2date process. After all is done the file is empty. So it is ok.

    BrunoZavettieri said:

    There is another strange thing. Log file:

    Thu Jan 07 10:41:54 2016 Download completed for file savi_1.00_1.0.8528_full.tar.gz.gpg

    but in downloads:

    /var/u2d/downloads/savi_1.00_1.0.8492_full.tar.gz.gpg



    So what I saw from the up2date process it is like this:

    /var/u2d/downloads is the directory where the curl process stores its pattern file downloads. When the up2date process has updated the virus engine files - I believe this is in /var/savapi for Avira AV and in /var/sav for Sophos AV - it normally cleans the files from directory /var/u2d/downloads.

    In your case the old pattern files were downloaded, but they could not be handled because of wrong file sizes and md5 hashes. By renaming the pattern file in /content/ud2d you cleaned the queue file and the firewall was able to process new pattern file informations it got from Sophos up2date servers. So that is how the latest pattern files got in your firewall.

    As you missed the older version 1.0.8492 of Sophos pattern files the file still is there.

    The directory /var/u2d/downloads on my firewall is empty at the moment. The up2date scripts finished even the old pattern files as I corrected the file sizes and checksums in the pattern file at that time.

    Hope I could answer all of your questions.

    Best Regards.