Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 0 replies
  • Subscribers 4 subscribers
  • Views 2013 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Zoneminder and UTM 9

Pedulla

Hi All,

This is more of a, "Hey, look what I found", in hopes it may help others looking at the same problem and need a workaround.

This all started when I could not stream video from my Zoneminder (ZM) server when connected to my network through the SSL-VPN.  It would work fine while on the network directly, but not through the VPN.  If anyone could explain that, I'd love to know what's up....

At any rate trouble shooting by turning UTM things off and progressively back on till it broke again, I discovered that AV scanning was at the heart of the issue.  I know AV seems to mess up a few things. Today I discovered some interesting behavior when AV scanning is turned on with no exceptions skipping traffic from your ZM server; and interestingly enough, as I mentioned above, you get different behavior when directly on the network vs SSL-VPN'd in even though both networks are listed in Web Protection.

So ZM, streams using mjpeg, basically sending a series of jpeg images to your browser. I'm not sure how UTM 9 sees this, but depending on how large your skip av scanning setting is under the filter profile

Do not scan files larger than:  
  Megabytes

will determine how long before you actually see streaming video from your ZM server.  And what's funny is once the video starts, it's in fast forward mode to catch up to real time.

A small value like 1 Meg.. is a small delay and a short catchup video stream.  A value like 10 M (above) is about a 5-8 sec delay and then a longer catch up mode till the video is back in real time.  The original skip value I had was 150 M.... I know probably overkill, but given the symptoms above, I never waited long enough to see if the video would actually start streaming with a setting that high.

In what feels like a workaround, I've setup an exception to skip AV scan and cache for everything coming from my ZM server.

So the setup is UTM 9.506-2 (Home Edition License) on a zippy little quad core with 8G and an SSD, and Intel NIC's.  The ZM is 1.30.4 on Ubuntu 16.04 Server.  A symmetrical 75Mbps internet connection. 

Can anyone explain the difference in behavior between on network and VPN?

Can anyone explain the delay and catchup behavior of the AV scan?

Thanks

 

PS.  Is XG Home Edition ready to try again?   I did the first round and put it away quickly.... ;)



This thread was automatically locked due to age.
Share Feedback
×

Submitted a Tech Support Case lately from the Support Portal?

Unfiltered HTML