This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering Can't Initialize Anti-Virus, Can't visit HTTP

Strangest thing happened to me today, I couldn't get to any HTTP locations. Took me a minute to recognize what was going on, especially since I could get to HTTPS. From the webfilter log:

httpproxy[15250]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="scanner_init" file="avirascanner.c" line="304" message="failed to load Avira engine: aviraglue_init() failed to load: /var/pattern/avira3/libsavapi3.so: cannot open shared object file: File name too long"
httpproxy[15250]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" function="load_scanners" file="scanner.c" line="679" message="avirascanner.so: scanner initialization failure"

I also noticed that I have a stuck up2date package that is differnent from the known 9.201-25 problem:

auisys[7648]: Searching for available up2date packages for type 'savi'
auisys[7648]: Installing up2date package file '/var/up2date//savi/u2d-savi-9.5049-5069.patch.tgz.gpg'
auisys[7648]: no u2d-savi RPM installed
auisys[7648]: Verifying up2date package signature
auisys[7648]: Unpacking installation instructions
auisys[7648]: Unpacking up2date package container
auisys[7648]: Running pre-installation checks
auisys[7648]: Starting up2date package installation
auisys[7648]: =================================================================== auisys[7648]: Failed testing RPM installation (command: 'rpm --test -U /var/up2date//savi-install/u2d-savi-9.5069/rpms/u2d-savi-9.5049-5069.patch.rpm')
auisys[7648]: 1. Internal::Systemstep::real_installation:2598() auisys.pl
auisys[7648]: 2. main:[:P]erform_work:1176() auisys.pl
auisys[7648]: 3. main::auisys_prepare_and_work:555() auisys.pl
auisys[7648]: 4. main::top-level:32() auisys.pl
=================================================================== auisys[7648]: Error details:
auisys[7648]: (stdout):$VAR1 = [];
auisys[7648]: (stderr):$VAR1 = [
auisys[7648]: 'error: Failed dependencies:
auisys[7648]: ',
auisys[7648]: ' u2d-savi = 9-5049 | u2d-savi = 9-5050 | u2d-savi = 9-5051 | u2d-savi = 9-5052 | u2d-savi = 9-5053 | u2d-savi = 9-5054 | u2d-savi = 9-5055 | u2d-savi = 9-5056 | u2d-savi = 9-5057 | u2d-savi = 9-5058 | u2d-savi = 9-5059 | u2d-savi = 9-5060 | u2d-savi = 9-5061 | u2d-savi = 9-5062 | u2d-savi = 9-5063 | u2d-savi = 9-5064 | u2d-savi = 9-5065 | u2d-savi = 9-5066 | u2d-savi = 9-5067 | u2d-savi = 9-5068 is needed by u2d-savi-9-5069
auisys[7648]: '
auisys[7648]: ];
auisys[7648]:
auisys[7648]: 1. Internal::Systemstep::real_installation:2599() auisys.pl
auisys[7648]: 2. main:[:P]erform_work:1176() auisys.pl
auisys[7648]: 3. main::auisys_prepare_and_work:555() auisys.pl
auisys[7648]: 4. main::top-level:32() auisys.pl
auisys[7648]: ===================================================================
auisys[7648]: id="371O" severity="error" sys="system" sub="up2date" name="Fatal: Up2Date package installation failed: An error occured during the RPM pre-installation test (1)" status="failed" action="install" code="1" package="savi"

I can work around the problem by disabling web filtering or specifying only the sophos scanning engine, but I really have no idea what happened. Thanks for any ideas.

This thread was automatically locked due to age.

0 teched_01 over 11 years ago
Which version are you running?

How often does your UTM do pattern updates?

This looks like two different problems: Avira doesn't load (filename too long message) and Sophos Antivirus isn't updating (rpm lines).

Comfortable at the command line? Check the following, root required:

audld.plx --level d

rpm -q u2d-savi
Cancel
Vote Up 0 Vote Down

Cancel

0 trainee over 11 years ago in reply to teched_01

rpm -q u2d-savi doesnt look good:

package u2d-savi is not installed

audld.plx --level d spits out a lot (hopefully I didn't miss sanitizing something):

Starting Up2Date Package Downloader

##################
2014-05-25 01:03:01.131 INFORMATIVE MESSAGE audld.plx[31149]: main::run:204()
| Starting Up2Date Package Downloader

##################
2014-05-25 01:03:01.133 DEBUG INFORMATION audld.plx[31149]: main::get_proxy_conf             ig:853()
| >> proxy configuration: $VAR1 = {
|           'status' => 0
|         };

##################
2014-05-25 01:03:01.133 DEBUG INFORMATION audld.plx[31149]: main::run:245()
| proxy_config ={
|   'status' => 0
| }

##################
2014-05-25 01:03:01.156 INFORMATIVE MESSAGE audld.plx[31149]: main::run:389()
| patch up2date possible

##################
2014-05-25 01:03:01.156 DEBUG INFORMATION audld.plx[31149]: main::run:392()
| Selected update types: cadata sys wafcrs man9 geoip ipsbundle clvbrowser ohelp             9 mpfc ip***ception

##################
2014-05-25 01:03:01.158 DEBUG INFORMATION audld.plx[31149]: main:[:P]repare_server             _list:489()
| sorted server list$VAR1 = [
|           {
|             'name' => 'v8up2date1',
|             'Port' => '443',
|             'Host' => 'v8up2date1.astaro.com',
|             'Ip' => '79.125.21.244',
|             'Fallback_Ip' => '79.125.21.244'
|           },
|           {
|             'name' => 'v8up2date3',
|             'Port' => '443',
|             'Host' => 'v8up2date3.astaro.com',
|             'Ip' => '175.41.132.12',
|             'Fallback_Ip' => '175.41.132.12'
|           },
|           {
|             'name' => 'v8up2date2',
|             'Port' => '443',
|             'Host' => 'v8up2date2.astaro.com',
|             'Ip' => '184.72.238.199',
|             'Fallback_Ip' => '184.72.238.199'
|           }
|         ];

##################
2014-05-25 01:03:01.158 DEBUG INFORMATION audld.plx[31149]: main:[:P]repare_server             _list:510()
| using the following servers: $VAR1 = [
|           '79.125.21.244:443',
|           '79.125.21.244:443',
|           '175.41.132.12:443',
|           '175.41.132.12:443',
|           '184.72.238.199:443',
|           '184.72.238.199:443'
|         ];

##################
2014-05-25 01:03:01.158 DEBUG INFORMATION audld.plx[31149]: main::authenticate:5             31()
| >>>>>> START up2date authentication

##################
2014-05-25 01:03:01.159 DEBUG INFORMATION audld.plx[31149]: main::authenticate:5             36()
| GLOBALCONF={
|   'authserverlist' => '/etc/up2date/servers.sorted',
|   'gbaseworkdir' => '/var/up2date/',
|   'proxyconfigfile' => '/etc/up2date/proxy.conf'
| }

##################
2014-05-25 01:03:01.159 DEBUG INFORMATION audld.plx[31149]: Internal::Systemattr             ibutes::get:1665()
| Start fetching system attributes ...

##################
2014-05-25 01:03:02.285 DEBUG INFORMATION audld.plx[31149]: main::authenticate:5             92()
| Auth attribs:
| {
|   'asg' => '',
|   'build' => 'asg-9.107-33.1.iso',
|   'ccc' => '122',
|   'hid' => '0xDEADBEEF',
|   'lid' => '0xDEADBEEF',
|   'luips' => '50',
|   'oem' => '',
|   'patchup2date' => 1,
|   'pkg_cadata' => '955',
|   'pkg_clvbrowser' => '944',
|   'pkg_geoip' => '784',
|   'pkg_ipsbundle' => '9136',
|   'pkg_ip***ception' => '96',
|   'pkg_man9' => '962',
|   'pkg_mpfc' => '723',
|   'pkg_ohelp9' => '989',
|   'pkg_sys' => '9111007',
|   'pkg_wafcrs' => '737',
|   'product' => 'TM_GROMIT',
|   'uips' => 14,
|   'ver' => '9.111'
| }

##################
2014-05-25 01:03:02.286 DEBUG INFORMATION audld.plx[31149]: main::authenticate:6             02()
| authentication vars string: '&pkg_ipsbundle=9136&pkg_mpfc=723&pkg_man9=962&pkg             _ohelp9=989&pkg_wafcrs=737&pkg_clvbrowser=944&pkg_cadata=955&pkg_geoip=784&pkg_i             p***ception=96&uips=14&luips=50&hid=0xDEADBEEF&pkg_sys=911             1007&oem=&ver=9%2e111&lid=0xDEADBEEF&patchup2date=1&build=asg%2d9%2e107%2d33%2e1%2ei             so&asg=&product=TM_GROMIT&ccc=122'
Authenticating ...

##################
2014-05-25 01:03:02.289 DEBUG INFORMATION audld.plx[31149]: Modules::Trad_Get_Fi             lelist::contact:1503()
| outbound interface for '79.125.21.244' (79.125.21.244) : eth1 (100.0.192.217)

##################
2014-05-25 01:03:02.289 DEBUG INFORMATION audld.plx[31149]: Modules::Trad_Get_Fi             lelist::contact:1515()
| Authentication request: 79.125.21.244:443/authenticate.pl

##################
2014-05-25 01:03:03.184 DEBUG INFORMATION audld.plx[31149]: main::authenticate:6             26()
| Result of auth server contact:{
|   'Packagelist' => {
|     'Package' => {
|       'sys' => {
|         'File' => [
|           {
|             'location' => 'asg/v9/sys/u2d-sys-9.201023-201025.tgz.gpg',
|             'md5sum' => '4c017a198fe1dbab87846065885f2b4a',
|             'mtime' => '1400764245',
|             'name' => 'u2d-sys-9.201023-201025.tgz.gpg',
|             'size' => '148162'
|           }
|         ]
|       }
|     },
|     'revision' => '61152'
|   }
| }

##################
2014-05-25 01:03:03.185 INFORMATIVE MESSAGE audld.plx[31149]: main::alf:886()
| id="3701" severity="info" sys="system" sub="up2date" name="Authentication succ             essful"
Authentication successful!

##################
2014-05-25 01:03:03.200 DEBUG INFORMATION audld.plx[31149]: main:[[:D]]ownload:667()
| GLOBALCONF={
|   'authserverlist' => '/etc/up2date/servers.sorted',
|   'gbaseworkdir' => '/var/up2date/',
|   'proxyconfigfile' => '/etc/up2date/proxy.conf'
| }

##################
2014-05-25 01:03:03.200 DEBUG INFORMATION audld.plx[31149]: main:[[:D]]ownload:669()
| >>>>>> START up2date download
Starting Up2Date Download

##################
2014-05-25 01:03:03.200 DEBUG INFORMATION audld.plx[31149]: main:[[:D]]ownload:683()
| global pattern revision: 61152

##################
2014-05-25 01:03:03.200 DEBUG INFORMATION audld.plx[31149]: main:[[:D]]ownload:692()
| starting download phase for 1 packages types, 70 progress slots available per              type
Starting sync mode for 'sys'

##################
2014-05-25 01:03:03.200 DEBUG INFORMATION audld.plx[31149]: main:[[:D]]ownload:703()
| SPECIALCONF={
|   'description' => 'System Up2Date',
|   'status' => '1'
| }

##################
2014-05-25 01:03:03.201 DEBUG INFORMATION audld.plx[31149]: main:[[:D]]ownload:729()
| Using incoming directory: '/var/up2date//sys'!

##################
2014-05-25 01:03:03.201 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:987()
| received file list:
| [
|   {
|     'location' => 'asg/v9/sys/u2d-sys-9.201023-201025.tgz.gpg',
|     'md5sum' => '4c017a198fe1dbab87846065885f2b4a',
|     'mtime' => '1400764245',
|     'name' => 'u2d-sys-9.201023-201025.tgz.gpg',
|     'size' => '148162'
|   }
| ]

##################
2014-05-25 01:03:03.201 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:1033()
| existing local files in Download Directory: {
|   'u2d-sys-9.111007-201023.tgz.gpg' => 1,
|   'u2d-sys-9.201023-201025.tgz.gpg' => 1
| }

##################
2014-05-25 01:03:03.204 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :verify_chksum_of_file:962()
| '4c017a198fe1dbab87846065885f2b4a4c017a198fe1dbab87846065885f2b4a' for file              '/var/up2date//sys/u2d-sys-9.201023-201025.tgz.gpg'

##################
2014-05-25 01:03:03.204 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:1080()
| existing local file 'u2d-sys-9.201023-201025.tgz.gpg' has correct checksum

##################
2014-05-25 01:03:03.205 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:1115()
| Marked as to-be-deleted in Download Directory: {
|   'u2d-sys-9.111007-201023.tgz.gpg' => 1
| }

##################
2014-05-25 01:03:03.227 INFORMATIVE MESSAGE audld.plx[31149]: Modules::Getupdate             s::sync_local:1125()
| Deleted lingering download files:
|   u2d-sys-9.111007-201023.tgz.gpg

##################
2014-05-25 01:03:03.228 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:1137()
| bless( {
|   '_local_instdir' => '/var/up2date//sys-install',
|   '_local_workdir' => '/var/up2date//sys',
|   '_progress' => bless( {
|     'debug' => 0,
|     'debugfile' => '/tmp/up2date_progress.log',
|     'progressfile' => '/var/up2date/download_progress',
|     'type' => 'downloader',
|     'version' => ''
|   }, 'Internal:[:D]ownloadProgress' ),
|   '_progress_slots' => 68,
|   '_progress_state' => 21,
|   '_proxy_config' => {
|     'status' => 0
|   },
|   '_sorted_servers' => [
|     '79.125.21.244:443',
|     '79.125.21.244:443',
|     '175.41.132.12:443',
|     '175.41.132.12:443',
|     '184.72.238.199:443',
|     '184.72.238.199:443'
|   ]
| }, 'Modules::Getupdates' )

##################
2014-05-25 01:03:03.228 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:1151()
| final download server list:
| [
|   '79.125.21.244:80',
|   '79.125.21.244:80',
|   '175.41.132.12:80',
|   '175.41.132.12:80',
|   '184.72.238.199:80',
|   '184.72.238.199:80'
| ]

##################
2014-05-25 01:03:03.228 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:1164()
| Fileset/DownloadPlan (see '_done' variable):
| {
|   'u2d-sys-9.201023-201025.tgz.gpg' => {
|     '_checksum' => '4c017a198fe1dbab87846065885f2b4a',
|     '_done' => 1,
|     '_size' => '148162',
|     '_targetfile' => 'u2d-sys-9.201023-201025.tgz.gpg',
|     '_tempfile' => 'u2d-sys-9.201023-201025.tgz.gpg.4c017a198fe1dbab8784606588             5f2b4a.tmp',
|     '_urlpathsuffix' => 'asg/v9/sys/u2d-sys-9.201023-201025.tgz.gpg'
|   }
| }

##################
2014-05-25 01:03:03.228 DEBUG INFORMATION audld.plx[31149]: Modules::Getupdates:             :sync_local:1175()
| downloading 1 files, 68 slots available (68 slots per file)
Fileset synchronous

##################
2014-05-25 01:03:03.229 INFORMATIVE MESSAGE audld.plx[31149]: main::alf:886()
| id="3707" severity="info" sys="system" sub="up2date" name="Successfully synchr             onized fileset" status="success" action="download" package="sys"

##################
2014-05-25 01:03:03.230 DEBUG INFORMATION audld.plx[31149]: main:[[:D]]ownload:790()
| Saving global revision (61152) to file '/var/up2date//global_revision'

I am a home user, so if I had to reinstall from scratch the only person who would gripe would be my wife, but I am somewhat curious as to what went wrong. Thanks for your help.

0 teched_01 over 11 years ago
If you aren't scanning https then the proxy breaking wouldn't affect https.

Neither avira nor savi appear in your audld debug - do you currently have web (or any/all) antivirus disabled in the UTM?

savi might update now if re-enabled?

When did Avira break? (assuming it was May)
zcat /var/log/http/2014/05/* | grep -F 'failed to load Avira engine'

This seems like an interesting failure but don't put off rebuilding the firewall on my account.
Cancel
Vote Up 0 Vote Down

Cancel
0 trainee over 11 years ago

I ended up just re-installing from the latest iso. Thanks for the help.
Cancel
Vote Up 0 Vote Down

Cancel
0 Michael Dunn over 11 years ago

Same issue as this thread:
https://community.sophos.com/products/unified-threat-management/astaroorg/f/55/t/46431

Looks like maybe a bad avira update? AFAIK not a lot of people complaining about this (yet).
Cancel
Vote Up 0 Vote Down

Cancel
0 dknyinva over 11 years ago in reply to Michael Dunn

Same issue as this thread:
https://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/53196-http-proxy-not-running-restarted.html

Looks like maybe a bad avira update? AFAIK not a lot of people complaining about this (yet).
https://www.astaro.org/gateway-products/web-protection-web-filtering-application-visibility-control/53196-http-proxy-not-running-restarted.html#post271015
Cancel
Vote Up 0 Vote Down

Cancel