Neues Problem, seit vorgestern Nacht.
Der HTTP Proxy läuft die meiste Zeit auf Volldampf. Habe am System nichts geändert, läuft eigentlich immer ruhig vor sich hin. Als Lösung habe ich versucht den http Prtoxy neu zu starten, hat nichts gebracht. Auch der komplstte Neustart hat nichts geholfen. Bin ratlos... Firmwareversion:9.400-9 Patternversion: 98934Letzte Prüfung:7 Minuten zuvor
Zitiere mich mal selbst.
Habe eine Lösung gefunden, wie es aussieht.
Quelle: https://community.sophos.com/products/unified-threat-management/f/52/t/29425
OK here is my recommendations,
- Change pattern update to every 2 hours or more (with 600 users id recommend maybe once every 12 hours)
- Change IPS settings to last 12 month, and untick rules that you don't host internally i.e pop3, sql server, etc
- If you are using transparent proxy, ensure that its set as transparent. When upgrading from 9.1 to 9.2 it seems like it sets it as "Full transparent, but this is not a selectable option any more and is greyed out" so set it to "Transparent"
Then SSH into the box - and first lets turn all settings off
cc set http sc_local_db none
cc set http use_sxl_urid 0
/var/mdw/scripts/httpproxy restart
cd /var/storage/chroot-http/var/pattern/sfcontrol
rm sfcontrol
ls
(ls should show no folders)
exit out of SSH
- Restart both UTM
log back in to SSH
cc set http sc_local_db mem
/var/mdw/scripts/httpproxy restart
After a few minutes it will start downloading the database (this will take sometime about 15 minutes - ensure that your patten update is much greater than 15 minutes)
You can check how much its downloaded by going to
ls -l /var/chroot-http/var/pattern/sfcontrol
and should show something like this (or be downloading up to this number):
total 403052
-rw------- 1 httpproxy httpproxy 412719748 Jun 3 23:04 sfcontrol