Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Replies 17 replies
  • Subscribers 0 subscribers
  • Views 7307 views
  • Users 0 members are here
Options
Suggested

[9.201][FIXED] Upgrade from 9.111 to 9.201-23 broke IPS

twister5800
Hi,

Have just upgraded from 9.111 in dual HA (active / passive) setup with 2 x UTM 220, upgrade went fine, but IPS went AWOL, disconnecting all Internet connection, after IPS is disabled it works again, but this error keeps coming in the IPS log along with other errors:

FATAL ERROR: Can't find nfqmnl DAQ

Attached is the IPS log

Also when IPS get's enabled, theese snort errors are coming:
Snort not running - restarted

EDIT: I have now done this with another 2 x UTM 220 setup, and they also have the same problem,
ips-2014-04-24.zip
Parents Reply Children
  • 0 in reply to kofi
    I think it should work but I'm not 100% sure, sorry.

    You can watch the update log to see whether ips is updated or not.



    I can now confirm that it works! - have just done the testing on the productionenvironment, gave 5 minutes outages during update but after this they run fine :-)

    6:55 fw01-1 auisys[4643]: Searching for available up2date packages for type 'ipsbundle'
    2014:04:29-14:46:55 fw01-1 auisys[4643]: Installing up2date package file '/var/up2date//ipsbundle/u2d-ipsbundle-9.134.tgz.gpg'
    2014:04:29-14:46:55 fw01-1 auisys[4643]: Verifying up2date package signature
    2014:04:29-14:46:56 fw01-1 auisys[4643]: Unpacking installation instructions
    2014:04:29-14:46:56 fw01-1 auisys[4643]: Unpacking up2date package container
    2014:04:29-14:46:57 fw01-1 auisys[4643]: Running pre-installation checks
    2014:04:29-14:46:57 fw01-1 auisys[4643]: Starting up2date package installation
    2014:04:29-14:47:23 fw01-1 auisys[4643]: id="371Z" severity="info" sys="system" sub="up2date" name="Successfully installed Up2Date package" status="success" action="install" package_version="9.134" package="ipsbundle"
    2014:04:29-14:47:23 fw01-1 auisys[4643]: [INFO-306] New Pattern Up2Dates installed

    -----

    Best regards
    Martin

    Sophos XGS 2100 @ Home | Sophos v19 Architect

Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?