Thread Info
  • State Not Answered
  • Replies 20 replies
  • Subscribers 0 subscribers
  • Views 5510 views
  • Users 0 members are here
Options
Suggested

[7.903][BUG][CLOSED] HTTP conf reload every 3-4 minutes

RFCat_vk_01
Hi,
yes this is very similar to another thread I have running, but I thought it needed to be highlighted.

At the http proxy conf reloads every 3-4 minutes.

what needs to be changed to make it wait a bit longer between reloads?

Drops downloads..

Ian M
Parents
  • 0
    Can you please check the output of
    grep dns-resolver.plx /var/log/confd.log

    at the command line?

    The proxy works fine on my installations. But we touched the dns-resolver recently.
    So maybe there is a link.

    Regards,
    Daniel
  • 0 in reply to anonymous_02
    Can you please check the output of 
    grep dns-resolver.plx /var/log/confd.log

    at the command line?

    The proxy works fine on my installations. But we touched the dns-resolver recently.
    So maybe there is a link.

    Regards,
    Daniel


    Will do... I'll post what I get here in a minute.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    Daniel, it does look like these items are related... here's a log excerpt from the command you asked me to run...  


    2010:04:23-11:00:20 asgmgmt2 confd[3662]: I main::top-level:564() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16665" version="135" storage="/cfg"
    2010:04:23-11:01:20 asgmgmt2 confd[16715]: I Storage::commit:344() => id="3100" severity="info" sys="System" sub="confd" name="internal commit" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" storage="/cfg"
    2010:04:23-11:01:20 asgmgmt2 confd[3662]: I main::top-level:462() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_YKkbUzNvUu" objname="liveupdate.symantecliveupdate.com" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16715" attr_addresses="['64.208.121.58','64.208.121.64','64.208.121.19','64.208.121.8','64.208.121.41','64.208.121.17']" oldattr_addresses="['204.2.215.8','204.2.215.10','204.2.215.82','204.2.215.17','204.2.215.18','204.2.215.19','204.2.215.81','204.2.215.9','204.2.215.73']"
    2010:04:23-11:01:20 asgmgmt2 confd[3662]: I main::top-level:564() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16715" version="136" storage="/cfg"
    2010:04:23-11:02:21 asgmgmt2 confd[16788]: I Storage::commit:344() => id="3100" severity="info" sys="System" sub="confd" name="internal commit" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" storage="/cfg"
    2010:04:23-11:02:22 asgmgmt2 confd[3662]: I main::top-level:462() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_YKkbUzNvUu" objname="liveupdate.symantecliveupdate.com" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16788" attr_addresses="['24.143.201.56','24.143.201.19','24.143.201.64','24.143.201.25','24.143.201.50','24.143.201.40']" oldattr_addresses="['64.208.121.58','64.208.121.64','64.208.121.19','64.208.121.8','64.208.121.41','64.208.121.17']"
    2010:04:23-11:02:22 asgmgmt2 confd[3662]: I main::top-level:564() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16788" version="137" storage="/cfg"
    2010:04:23-11:02:22 asgmgmt2 confd[16788]: I Storage::commit:344() => id="3100" severity="info" sys="System" sub="confd" name="internal commit" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" storage="/cfg"
    2010:04:23-11:02:22 asgmgmt2 confd[3662]: I main::top-level:462() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_HUCUMYuZmy" objname="pop.secureserver.net" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16788" attr_addresses="['97.74.135.111']" oldattr_addresses="['64.202.165.92']"
    2010:04:23-11:02:23 asgmgmt2 confd[3662]: I main::top-level:564() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16788" version="138" storage="/cfg"
    2010:04:23-11:03:24 asgmgmt2 confd[16897]: I Storage::commit:344() => id="3100" severity="info" sys="System" sub="confd" name="internal commit" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" storage="/cfg"
    2010:04:23-11:03:24 asgmgmt2 confd[3662]: I main::top-level:462() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_YKkbUzNvUu" objname="liveupdate.symantecliveupdate.com" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16897" attr_addresses="['204.2.215.24','204.2.215.40','204.2.215.8','204.2.215.82','204.2.215.10','204.2.215.42','204.2.215.19','204.2.215.73','204.2.215.9']" oldattr_addresses="['24.143.201.56','24.143.201.19','24.143.201.64','24.143.201.25','24.143.201.50','24.143.201.40']"
    2010:04:23-11:03:24 asgmgmt2 confd[3662]: I main::top-level:564() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16897" version="139" storage="/cfg"
    2010:04:23-11:04:25 asgmgmt2 confd[16946]: I Storage::commit:344() => id="3100" severity="info" sys="System" sub="confd" name="internal commit" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" storage="/cfg"
    2010:04:23-11:04:26 asgmgmt2 confd[3662]: I main::top-level:462() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_YKkbUzNvUu" objname="liveupdate.symantecliveupdate.com" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16946" attr_addresses="['204.2.215.24','204.2.215.74','204.2.215.32','204.2.215.25','204.2.215.33','204.2.215.58']" oldattr_addresses="['204.2.215.24','204.2.215.40','204.2.215.8','204.2.215.82','204.2.215.10','204.2.215.42','204.2.215.19','204.2.215.73','204.2.215.9']"
    2010:04:23-11:04:26 asgmgmt2 confd[3662]: I main::top-level:564() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="16946" version="140" storage="/cfg"
    2010:04:23-11:05:27 asgmgmt2 confd[17020]: I Storage::commit:344() => id="3100" severity="info" sys="System" sub="confd" name="internal commit" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" storage="/cfg"
    2010:04:23-11:05:27 asgmgmt2 confd[3662]: I main::top-level:462() => id="310a" severity="info" sys="System" sub="confd" name="object changed" class="network" type="dns_group" ref="REF_HUCUMYuZmy" objname="pop.secureserver.net" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="17020" attr_addresses="['72.167.82.11']" oldattr_addresses="['97.74.135.111']"
    2010:04:23-11:05:27 asgmgmt2 confd[3662]: I main::top-level:564() => id="310n" severity="info" sys="System" sub="confd" name="applied changes" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" pid="17020" version="141" storage="/cfg"
    2010:04:23-11:06:28 asgmgmt2 confd[17097]: I Storage::commit:344() => id="3100" severity="info" sys="System" sub="confd" name="internal commit" user="system" srcip="127.0.0.1" sid="huEJcfyfxkkibjQBMsub" facility="system" client="dns-resolver.plx" storage="/cfg"



    These entries are occurring constantly, and have been throughout the day, just as the http proxy reload entries are listed.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

  • 0 in reply to BrucekConvergent
    I removed a Network group which included the liveupdate.symantec.com DNS host which is constantly being re-queried in the log excerpt above from the Exceptions tab in Web Security... no change...  then I removed it from the Transparent Skip list... suddently the constant reloads stopped.  I've checked other production systems (7.504) and haven't seen this phenomenon, and some of them are configured similarly.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Reply
  • 0 in reply to BrucekConvergent
    I removed a Network group which included the liveupdate.symantec.com DNS host which is constantly being re-queried in the log excerpt above from the Exceptions tab in Web Security... no change...  then I removed it from the Transparent Skip list... suddently the constant reloads stopped.  I've checked other production systems (7.504) and haven't seen this phenomenon, and some of them are configured similarly.

    CTO, Convergent Information Security Solutions, LLC

    https://www.convergesecurity.com

    Advice given as posted on this forum does not construe a support relationship or other relationship with Convergent Information Security Solutions, LLC or its subsidiaries.  Use the advice given at your own risk.

Children
  • 0 in reply to BrucekConvergent
    Hi folks,
    I run the extract and attached it as a compressed file because the raw file is over 1mb in size.
    DNS host entries, I have the ASG defaults and a couple of others I have added.
    My http proxy is in standard mode.

    Also since I installed the 7.903 update my cpu has become very spikey. Mind you the cpu is not heavily loaded, but the new spikes are way higher than the average under previous beta releases.

    Ian M
    2010:04:24-05:07:16 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:07:17 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="724" message="server 'cffs04.astaro.com' access time: 729ms"
    2010:04:24-05:07:18 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="sc_check_servers" file="scr_scanner.c" line="724" message="server 'cffs09.astaro.com' access time: 772ms"
    2010:04:24-05:07:18 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:08:15 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:08:18 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:08:18 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:08:19 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:08:19 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:08:20 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:09:18 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:09:21 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:09:21 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:09:23 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:09:23 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:09:24 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:10:21 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:10:24 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:10:24 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:10:25 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:10:25 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:10:27 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:16:28 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:16:31 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:16:31 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:16:32 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    2010:04:24-05:16:32 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="716" message="reloading config"
    2010:04:24-05:16:34 fw1-on-house httpproxy[13812]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="confd_config_reload_func" file="confd-client.c" line="749" message="done"
    confd.zip
Cookie Information Banner