This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Web Filtering not working?

Hello everyone,
Hope someone can help me

The specs:
Model: ASG Software
Type: Virtual
Firmware version: 8.316
Pattern version: 77394

Recently my web filter logs are somewhat empty, as the only information showed /reported are the "internal" proces, nothing from the actual web navigation [:S][:S] :


2015:03:19-10:35:42 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs12.astaro.com' access time: 309ms"

2015:03:19-10:35:42 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs16.astaro.com' access time: 336ms"

2015:03:19-10:35:42 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs26.astaro.com' access time: 346ms"

2015:03:19-10:35:43 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs01.astaro.com' access time: 321ms"

2015:03:19-10:35:43 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs08.astaro.com' access time: 345ms"

2015:03:19-10:35:43 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs04.astaro.com' access time: 368ms"

2015:03:19-10:35:44 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs09.astaro.com' access time: 389ms"

2015:03:19-10:35:44 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs10.astaro.com' access time: 411ms"

2015:03:19-10:35:45 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs17.astaro.com' access time: 484ms"

2015:03:19-10:35:45 MYTUM httpproxy[6628]: id="0003" severity="info" sys="SecureWeb" sub="http" request="(nil)" srcip="" function="sc_check_servers" file="scr_scanner.c" line="876" message="server 'cffs15.astaro.com' access time: 484ms"

I know that the simpliest solution will be to update to V9.X, but we cant at the moment for several reasons [:(] , so, im hoping this can be solved.

I have already restarted the UTM and changed some options with no avail.

Thanks in advance

This thread was automatically locked due to age.

Parents

0 larellanos over 10 years ago

Thanks for the reply Bob

Thats really strange [:S], some days ago the logs were filled with correct info, and we didnt change anything[:(]


2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="3518" request="0x10232b80" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4365" request="0xb94de70" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4406" request="0xfdeb5d8" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4958" request="0x30b3d8b0" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4666" request="0x109df5e0" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5169" request="0xb94de70" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5554" request="0x10232b80" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4229" request="0x30b3d8b0" url="www.sanborns.com.mx/.../jpeg

Reply

0 larellanos over 10 years ago

Thanks for the reply Bob

Thats really strange [:S], some days ago the logs were filled with correct info, and we didnt change anything[:(]


2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="3518" request="0x10232b80" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4365" request="0xb94de70" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4406" request="0xfdeb5d8" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4958" request="0x30b3d8b0" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4666" request="0x109df5e0" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5169" request="0xb94de70" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="5554" request="0x10232b80" url="www.sanborns.com.mx/.../jpeg"

2015:03:04-16:05:35 MYTUM httpproxy[6716]: id="0001" severity="info" sys="SecureWeb" sub="http" name="http access" action="pass" method="GET" srcip="***.***.***.***" dstip="200.57.186.145" user="" statuscode="200" cached="0" profile="REF_DefaultHTTPProfile (Default Proxy)" filteraction="REF_DefaultHTTPCFFAction (Default content filter action)" size="4229" request="0x30b3d8b0" url="www.sanborns.com.mx/.../jpeg

Children

No Data