Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 15 replies
  • Subscribers 1 subscriber
  • Views 8761 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Firefox

James Shakour
I have users trying to dl firefox, but b/c of the different mirror sites mozilla uses, it makes it difficult to add to the exception list. Is there a way to list them all, or maybe i am adding the wrong url to begin with.

Any thoughts?


This thread was automatically locked due to age.
  • 0
    What's the exception?  What does the log show?

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    you can try antivirus/SSL exception for Matching these URLs:mozilla
  • 0 in reply to wingman
    Hi guys,
    been there done all that to no avail. FF downloads fail - integrity issues.

    I have tried a number of things and the only one that works is taking the PC out of the http proxy group and giving it open access via PF rule.

    I have the same problem on 2 different builds of the ASG with 2 different licences.

    Watching with interest.

    Ian

    log file shows timeout.
  • 0
    Ian I am using HTTP standard mode with HTTPS enable and the way it works for me is how I've described :
    March "mozilla" and except it from antivirus and ssl
  • 0 in reply to wingman
    Here is what I got out of the log file.


    2011:06:02-15:49:56 SouthPlainfieldASG httpproxy[13755]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.7.5.8" user="" statuscode="302" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="0" time="195 ms" request="0xaf20d018" url="www.mozilla.com/.../download.html


    2011:06:02-15:49:56 SouthPlainfieldASG httpproxy[13755]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="10.7.5.8" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="44618" time="500 ms" request="0xaf20d018" url="www.mozilla.com/.../download.html
  • 0
    you haven't placed the av exception for mozilla yet [:)] , What proxy mode are yo using?
  • 0 in reply to wingman
    i put the exact url in the exception list.
  • 0
    Just put the domain only (mozilla.com) in the exception list and try, you don't need the entire string.

    XG 19.5 GA 64-bit | Intel Xeon 4-core v3 1225 3.20Ghz
    16GB Memory | 500GB SSD HDD | GB Ethernet x5

  • 0
    Remember that this is interpreted as a Regular Expression, so, for example, to create an exception for all mozilla.com URLs, you'd use:

    ^https?://[A-Za-z0-9.-]*\.mozilla\.com



    If Ian says you have to go around the HTTP/S Proxy, the easiest thing to do is follow his prescription.

    That said, if you want to play with with it, you should try Wingman's suggestion.  In fact, the log lines you posted seem to indicate an AV issue (by elimination; the marker for a total conflict with the Astaro Proxy isn't there), so I'd think his prescription might also work.

    Cheers - Bob
     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
  • 0
    The common pattern between all URL for downloading firefox etc is the word mozila , Monitor the relevant log and you will see. Adding that string and adding the exception will work. The logs posted don't have the mozila exception
Cookie Information Banner