[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] HTTP security server woes on NG... frustration level rising...
Greetings all, I'm having an issue with the HTTP security server (trying to do some URL filtering) and I'm hoping someone has come up with a solution to this, 'cause I'm finding lots of people asking the question but no one offering a solution. I'm running FireWall-1 NG FP1 on Solaris 8 in 64-bit mode. The original problem was that I was receiving a lot of "error in accept statement: Too many open files" errors in ahttpd.elog. Searched on Google, came up with a fix (added "set rlim_fd_max=32768" and "set rlim_fd_cur=4096" in /etc/system - as well as a number of other tweaks I found in a performance tuning guide on Checkpoint's web site), and I'm no longer receiving that error message. Instead, I'm now receiving and equally large number of the following: T_get_event: bad socket/type: 1075/0 T_get_event: bad socket/type: 1076/0 T_get_event: bad socket/type: 1076/0 T_get_event: bad socket/type: 1077/1 T_get_event: bad socket/type: 1077/1 T_get_event: bad socket/type: 1078/1 T_get_event: bad socket/type: 1078/1 T_get_event: bad socket/type: 1079/0 T_get_event: bad socket/type: 1079/0 T_get_event: bad socket/type: 1080/0 T_get_event: bad socket/type: 1080/0 T_get_event: bad socket/type: 1081/0 T_get_event: bad socket/type: 1081/0 T_get_event: bad socket/type: 1082/0 T_get_event: bad socket/type: 1082/0 Seems to be incrementing port numbers, but I'm not sure why it would be saying that it couldn't bind a socket to that port... if that indeed is what it's saying. =) Anywho, has anyone ran across this and come up with a fix? I'm also receiving tons of "Cannot connect to WWW-server: Transport endpoint is not connected" errors in ahttpd.elg. From what I can find after some searching is that this is a "normal" error which could mean that a user might have hit "Cancel" while a page was loading or in some other way broke the connection. Is this true? If it is, how can I keep the log from being flooded with these? Last but not least, I'm also receiving the following entries in ahttpd.elg: cpsc: Unable to find default lang tag Could not open file /opt/CPfw1-50/conf/netso.ini Everything works fine regardless of these errors, but what is netso.ini and SHOULD it have been created somehow during the installation or configuration of the firewall? Thanks, Abe -- Abe L. Getchell Security Engineer [email protected] ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|