Software Updater and firewall

Esa_H

Hi,

 

I've a Linux server for the F-Secure Policy Manager Server 11.31.  Some months ago Linux logfile started to grow.  Twice a hour there are many lines indicating invalid packets.  I guess it's something to do with connection tracking.

May 28 00:26:55 server kernel: IPtables: Invalid OUT: DROP: IN= OUT=em2 src=192.168.5.40 DST=192.168.5.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=19746 DF PROTO=TCP SPT=34991 DPT=3128 WINDOW=262 RES=0x00 ACK FIN URGP=0
May 28 00:26:55 server kernel: IPtables: Invalid OUT: DROP: IN= OUT=em2 src=192.168.5.40 DST=192.168.5.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=19747 DF PROTO=TCP SPT=34991 DPT=3128 WINDOW=262 RES=0x00 ACK PSH FIN URGP=0
May 28 00:26:56 server kernel: IPtables: Invalid OUT: DROP: IN= OUT=em2 src=192.168.5.40 DST=192.168.5.1 LEN=52 TOS=0x00 PREC=0x00 TTL=64 ID=19748 DF PROTO=TCP SPT=34991 DPT=3128 WINDOW=262 RES=0x00 ACK PSH FIN URGP=0

Finally I found same time stamps in the log file fspms-software-updater.log.  So it seems to me there is something different in the network connection while downloading the Software Updater database compared to the virus database downloading.

 

 

Master_Yoda

Hello

 

I believe you would need to contact our support and please do furnish us with those  logs (FSDiag) would be good. Should you need to know how to generate FSDiag, here you go

chisal

Hi!

 

Indeed, Policy Manager downloads Software Updater's databases and virus databases from different URLs. As you can see in the fspms-software-updater.log the domain xml.shavlik.com should be accessible to download Software Updater's databases.