Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 2 replies
  • Subscribers 2 subscribers
  • Views 387 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

snort_inline eating 99% CPU

giang
if we turn Intrusion Prevention off every thing works fine.

ASG Software
Firmware version: 7.507
Pattern version: 20541

Last messages from update logfile:

2010:10:27-13:05:01 router audld[30573]: Starting Up2Date Package Downloader (Version 1.57)
2010:10:27-13:05:01 router audld[30573]: patch up2date possible
2010:10:27-13:05:47 router audld[30573]: Could not connect to Authentication Server 79.125.21.244:443 (code=500).
2010:10:27-13:06:32 router audld[30573]: Could not connect to Authentication Server 79.125.21.244:443 (code=500).
2010:10:27-13:06:33 router audld[30573]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
2010:10:27-13:18:02 router audld[32729]: Starting Up2Date Package Downloader (Version 1.57)
2010:10:27-13:18:02 router audld[32729]: patch up2date possible
2010:10:27-13:18:13 router audld[32729]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"
2010:10:27-13:33:02 router audld[6478]: Starting Up2Date Package Downloader (Version 1.57)
2010:10:27-13:33:02 router audld[6478]: patch up2date possible
2010:10:27-13:33:08 router audld[6478]: id="3701" severity="info" sys="system" sub="up2date" name="Authentication successful"


This thread was automatically locked due to age.
Parents
  • 0
    It's likely that you have IPS configured incorrectly.  Make sure that 'Local networks' includes only "Internal (Network)" and "DMZ (Network)" - and maybe any "VPN Pool (?????)" in use.

    I made the mistake once myself of putting "External (Network)" in 'Local networks' and had the same lockups you're experiencing.  I imagine it would be even worse if "Any" is in there.

    Was that it?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0
    It's likely that you have IPS configured incorrectly.  Make sure that 'Local networks' includes only "Internal (Network)" and "DMZ (Network)" - and maybe any "VPN Pool (?????)" in use.

    I made the mistake once myself of putting "External (Network)" in 'Local networks' and had the same lockups you're experiencing.  I imagine it would be even worse if "Any" is in there.

    Was that it?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Cookie Information Banner