SYSTEM WARNING: 'date_default_timezone_get(): It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected the timezone 'UTC' for now, but please set date.timezone to select your timezone.' in '/usr/share/mantis/www/core.php' line 264
| Anonymous | Login | 2022-01-21 20:21 UTC |  |
| Main | My View | View Issues | Change Log | Roadmap |
| View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | ||||||||||
| ID | Project | Category | View Status | Date Submitted | Last Update | ||||||
| 0004227 | Endian Firewall | Proxy HTTP | public | 2011-12-21 21:06 | 2012-04-30 15:39 | ||||||
| Reporter | mario79 | ||||||||||
| Assigned To | lorenzo-endian | ||||||||||
| Priority | normal | Severity | block | Reproducibility | always | ||||||
| Status | feedback | Resolution | reopened | ||||||||
| Platform | OS | OS Version | |||||||||
| Product Version | 2.4.1 | ||||||||||
| Target Version | Fixed in Version | ||||||||||
| Summary | 0004227: block update antivirus | ||||||||||
| Description | Good day to all. Sorry for my english, i use translator tools. I have a problem with antivirus updates.I ready check the rules and are well. It is not happening. When i disable the proxy, everything is going well, thanks for the attention. | ||||||||||
| Additional Information | 192.168.11.2 TCP_DENIED/403 2672 POST http://check.sanasecurity.com/ [^] - NONE/- text/html 192.168.11.8 TCP_DENIED/403 2672 GET http://192.168.11.200/wpad.dat [^] - NONE/- text/html 192.168.11.132 TCP_DENIED/403 2652 GET http://wpad/wpad.dat [^] - NONE/- text/html 192.168.11.110 TCP_DENIED/403 2710 GET http://evsecure-crl.verisign.com/EVSecure2006.crl [^] - NONE/- text/html 192.168.11.9 TCP_DENIED/403 2718 GET http://update.avg.com/softw/90/update/avg9infowin.ctf [^] - NONE/- text/html 192.168.11.9 TCP_DENIED/403 2716 GET http://backup.avg.cz/softw/90/update/avg9infowin.ctf [^] - NONE/- text/html 192.168.11.9 TCP_DENIED/403 2718 GET http://update.avg.com/softw/90/update/avg9infoavi.ctf [^] - NONE/- text/html 192.168.11.9 TCP_DENIED/403 2716 GET http://backup.avg.cz/softw/90/update/avg9infoavi.ctf [^] - NONE/- text/html | ||||||||||
| Tags | No tags attached. | ||||||||||
| Attached Files |  proxy.png [^] (186,429 bytes) 2012-04-18 23:17
log.png [^] (142,284 bytes) 2012-04-18 23:18
contenfilter.png [^] (178,736 bytes) 2012-04-18 23:19
 resolucion.jpg [^] (181,314 bytes) 2012-04-30 15:31
| ||||||||||
 Relationships |
|
 Relationships |
|
Notes |
|
|
(0007614) lorenzo-endian (manager) 2012-01-10 10:30 |
=== Note: feedback requested in italian for improving the bug report. Lo === Buongiorno mario79, dal nome presumo lei sia italiano :) potrebbe cortesemente spiegarmi piĆ¹ nel dettaglio quale sia il problema e come si presenta? Grazie mille in anticipo! Lo |
|
(0007617) mario79 (reporter) 2012-01-10 14:15 |
Buen dia Lo. Claro, tengo un firewall endian 2.4.1, cuando actualizo el antivirus karspesky, avg, nod, panda antivirus. En los logs de proxy de endian, aparecen denegados, no hay ninguna regla que bloquee esas direcciones publicas. Pero si aplico un bypass de las ips que necesitan actualizarse, estas empiezan a descargar sin problemas las firmas de actualizacion, pero de este modo no puedo filtrar url. Espero me sepa explicar y gracias de antemano por la asistencia. mario79. |
|
(0007783) christian-endian (administrator) 2012-04-02 10:27 |
You can whitelist these sites under Proxy->HTTP->Contentfilter. For help please have a look here: http://www.endian.com/us/community/get-help/ [^] |
|
(0007789) mario79 (reporter) 2012-04-02 19:39 |
25 192.168.1.50 TCP_DENIED/403 2950 GET http://ocsp.thawte.com/MFEwTzBNMEswSTAJBgUrDgMCGgUABBRsif726 [^] 3KedmR2MLuYKv9%2BWQCtWAQU1A1lP3q9NMb%2BR%2BdMDcC98t4Vq3ECECV RccvD8Qb29B4D63fPT%2Bk%3D - NONE/- text/html Web prox.. 2012-04-02 13:29:56 6 192.168.1.50 TCP_DENIED/403 2744 GET http://cs-g2-crl.thawte.com/ThawteCSG2.crl [^] - NONE/- text/html Web prox.. 2012-04-02 13:29:59 23 192.168.1.50 TCP_DENIED/403 2738 POST http://tools.google.com/service/update2 [^] - NONE/- text/html Web prox.. 2012-04-02 13:29:59 8 192.168.1.50 TCP_DENIED/403 3432 POST http://tools.google.com/service/update2?w=6:cSftlZH7HOeknePk [^] lTsX2ChKDGLcVRHgTHObKuzNSeuiuk2TfInTkgXY5cKNmU8ZFuu1ebMQZXr- xvuxia-Y50zaoKLilSYiVUfw8llBO5pGR7iAyLnEOK2sK7YQxmztL6rq7I2x A-gUx6opJNRDvbWCajje1wyNaqtornwUkTr_cJ4NTt5zRk3fItfIS7rHQ7Ws Hl5AJtuzYh6ZE7eWLj9ULLPkRxKtUnUb5JoSmlz7vqX0LKVYBi1JJrTH9p2X u0y-wUo2Ae22Lw1d12A_k0nUAlIwN7SBwhX5djAQf2hoJ-DOfGlxcRVOaeBs hjL1E6j71Jzw1Mtmgxg8XDiscQ - NONE/- text/html Web prox.. 2012-04-02 13:30:03 65 192.168.1.50 TCP_DENIED/403 381 HEAD http://cache.pack.google.com/edgedl/chrome/install/1025.142/ [^] chrome_installer.exe - NONE/- text/html Web prox.. 2012-04-02 13:30:03 5 192.168.1.50 TCP_DENIED/403 2820 GET http://cache.pack.google.com/edgedl/chrome/install/1025.142/ [^] chrome_installer.exe - NONE/- text/html Web prox.. 2012-04-02 13:30:09 5 192.168.1.50 TCP_DENIED/403 381 HEAD http://cache.pack.google.com/edgedl/earth/client/GE6/release [^] _6_2_1/GoogleEarth-Win-Bundle-6.2.1.6014.exe - NONE/- text/html Web prox.. 2012-04-02 13:30:09 35 192.168.1.50 TCP_DENIED/403 2868 GET http://cache.pack.google.com/edgedl/earth/client/GE6/release [^] _6_2_1/GoogleEarth-Win-Bundle-6.2.1.6014.exe - NONE/- text/html Web prox.. 2012-04-02 13:30:15 5 192.168.1.50 TCP_DENIED/403 2738 POST http://tools.google.com/service/update2 [^] - NONE/- text/html I get this on the monitor online, and leaves no download anything, and agrege blacklisted those addresses, similar to antivirus update error, really do not know how to solve this dilemma. I already have version 2.5.1 and also does not appear in the Dashboard online activdad as consumption kbps for each network card and other things. Thanks in advance. |
|
(0007833) mario79 (reporter) 2012-04-18 23:19 |
trying to solve the problem of denial of antivirus update pages as google-earth entroe others. as you know the proxy is in transparent mode whitelist addresses off of servers actulizacion of antivirus, google, etc.., but I saw this review and do not know if is correct: nano / etc / squid / squid.conf http_proxy 0.0.0.0:3128 http_proxy 127.0.0.1:8080 is this correct?? and use this command giving me the following results: cat / var / log / squid / access.log | grep proxy.pac April 18 FW20411 16:25:54 squid [6227]: 1334787954.272 6 192.168.1.203 GET http://192.168.1.1/proxy.pac [^] TCP_DENIED/403 2660 - NONE / - text / html April 18 FW20411 16:25:54 squid [6227]: 1334787954.304 0 192.168.1.203 GET http://192.168.1.1/proxy.pac [^] TCP_DENIED/403 2660 - NONE / - text / html April 18 FW20411 16:26:06 squid [6227]: 1334787966.981 1 192.168.1.191 GET http://192.168.1.1/proxy.pac [^] TCP_DENIED/403 2660 - NONE / - text / html April 18 FW20411 16:26:07 squid [6227]: 1334787967.036 0 192.168.1.191 TCP_DENIED/403 in real-time logs appears this is denied, may be happening? Thank you for your attention. Endian version 2.5.1 comunity |
|
(0007849) mario79 (reporter) 2012-04-30 15:37 |
Finally, problem solved with the update lock to update antivirus, google earth, proxy.pac. Please look at the image file "resolution" when I had the problem of blocking / denial, had activated the option "user agent", I generated this lock / denial of antivirus updates, and also appeared as the blockade of proxy.pac and blocking / denial on google earth. To solve a new rule was created and without enabling the option "user agent". I hope I have explained this well and able to contribute a little to the community. The next problem that I hope will be another issue is the slowness of navigation with endian 2.5.1 when the proxy is enabled, the navigation is extremely slow. Thank you for your attention. |
|
(0007850) mario79 (reporter) 2012-04-30 15:39 |
Eye with this option disabled "useragent", is also resolved in version 2.4.1 endian. Thank you. |
|
Notes |
|
Issue History |
|||
| Date Modified | Username | Field | Change |
| 2011-12-21 21:06 | mario79 | New Issue | |
| 2012-01-10 10:30 | lorenzo-endian | Note Added: 0007614 | |
| 2012-01-10 10:30 | lorenzo-endian | Assigned To | => lorenzo-endian |
| 2012-01-10 10:30 | lorenzo-endian | Status | new => feedback |
| 2012-01-10 14:15 | mario79 | Note Added: 0007617 | |
| 2012-04-02 10:27 | christian-endian | Note Added: 0007783 | |
| 2012-04-02 10:27 | christian-endian | Status | feedback => closed |
| 2012-04-02 10:27 | christian-endian | Resolution | open => fixed |
| 2012-04-02 19:39 | mario79 | Note Added: 0007789 | |
| 2012-04-02 19:39 | mario79 | Status | closed => feedback |
| 2012-04-02 19:39 | mario79 | Resolution | fixed => reopened |
| 2012-04-18 23:17 | mario79 | File Added: proxy.png | |
| 2012-04-18 23:18 | mario79 | File Added: log.png | |
| 2012-04-18 23:19 | mario79 | File Added: contenfilter.png | |
| 2012-04-18 23:19 | mario79 | Note Added: 0007833 | |
| 2012-04-30 15:31 | mario79 | File Added: resolucion.jpg | |
| 2012-04-30 15:37 | mario79 | Note Added: 0007849 | |
| 2012-04-30 15:39 | mario79 | Note Added: 0007850 | |
|
Issue History |
| Copyright © 2000 - 2012 MantisBT Group |
 |