[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Seg fault...
found this on phoneboy.com. hope it helps...
---------------------------------------
Has only loopback (lo) interface, aborting...
Q:
When attempting to install a policy, I get the following error message:
Installing Security Policy foobar on all.all@firewall
Has only loopback (lo) interface, aborting...
Failed to Load Security Policy: No such file or directory
Fetching Security Policy from firewall failed
A:
It is also possible that FireWall-1 has no clue about any of the interfaces
that are loaded. You can force FireWall-1 to refresh it's interface list by
uninstalling and reinstalling the kernel module as follows:
fw ctl uninstall
fw ctl install
fw fetch localhost
You should also check the Interfaces tab on the workstation object
representing your firewall. If the interfaces listed are incorrect or
missing, perform an SNMP Get and reset Anti-Spoofing as appropriate. You
should then be able to install your policy.
This error may also be caused by backing out a service pack on Solaris
(Sparc and i386). If the back out process fails, /etc/init.d/fw1boot and
/etc/init.d/fw1bootd may not be restored correctly. As a result, FireWall-1
may give an error saying it recognizes only the loopback interface. A
workaround is to backup the files /etc/init.d/fw1boot and
/etc/init.d/fw1bootd before backing out the service pack and restoring them
after backing out the service pack.
Another person suggested removing $FWDIR/conf/product.conf and re-running
fwconfig or cpconfig. This works fine in 4.0, but not with 4.1. Instead, run
'cpconfig -install'. You should also check to see /etc/fwboot/if.dev has the
correct interface types listed there. This can happen when re-running
fwconfig or cpconfig.
A person from Check Point explains the "accept" or "deny" in this file:
The deny/accept sets only the way the FW talks to the driver. If it will use
DLPI or not. DLPI is supported on some adapters, and not supported by
others. If you would change all the 'deny' to 'accept' you could have
extremly odd behaviour with the FW. It is best not to touch the file, and if
cpconfig asks you about cards that do not appear in the file, it is
recommended that if in doubt about the capabilities of the NIC you should
choose to deny DLPI.
-----------------------------------------------
-----Original Message-----
From: Firebird [mailto:[email protected]]
Sent: Wednesday, September 27, 2000 3:53 PM
To: [email protected]
Subject: [FW1] Seg fault...
Hello guys,
Ack... I just installed SP2 on the FW-1 v4.1 on Sol8 and rebooted the
machine. I now have a segfault :
| FireWall-1: Fetching Security Policy from localhost
| Trying to fetch Security Policy from localhost:
| Segmentation Fault - core dumped
Further error are :
| Has only loopback (lo) interface, aborting...
| Failed to Load Security Policy: Illegal seek
| Fetching Security Policy from localhost failed
Does someone knows what this is about ? and how I can fix this, please?
Thanks,
Firebird
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================