Re: [FW-1] Management Station not listening on tcp/257

Subject:	Re: [FW-1] Management Station not listening on tcp/257
From:	Mark Ward <mark.ward AT APPLICABLE DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Fri, 22 Aug 2003 18:34:25 +0100

do you have any of your cisco routers sending to the same station as well as
I have seen instances where syslog messages from ciscos have messed with the
log viewer
----- Original Message -----
From: "Shawn Duffy" <pakkit AT CODEPIRANHA DOT ORG>
To: <FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM>
Sent: Friday, August 22, 2003 5:47 PM
Subject: [FW-1] Management Station not listening on tcp/257


> All:
>
> We have had a problem for quite a while in our environment and I am trying
> desperately to fix it.  Yes, we will be upgrading to NG soon, but this is
> a very vital firewall so we are taking it very slowly.
>
> Anyway, here is the setup:
>
> Two HiAv Nokia 530s running FireWall-1 4.1
> One Windows 2000 4.1 Management station
>
> Every four hours or so, the manager stops listening on port 257 and, of
> course, starts sending RSTs to the modules when they try to log.  So we
> end up restarting the manager and logging resumes.  When it crashes, I am
> seeing the following messages in the Application Logs on the Manager:
>
> FireWall-1: failed to read log header !!: The process cannot access the
> file because another process has locked a portion of the file.
>
> There are a ton of these in the Event Viewer right around the time the
> logging mechanism on the manager crashes and stops listening.
>
> Now, the firewall modules so send a TON of logs back to the manager, so is
> it possible that it is simply the large amount of traffic that is crashing
> the log daemon?
>
> Or, what processes could be simultaneously trying to access the file?
>
> Anyone seen this before?
>
> Thanks in advance!
>
> shawn
> pakkit at codepiranha dot org
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] Management Station not listening on tcp/257, Shawn Duffy Re: [FW-1] Management Station not listening on tcp/257, Mark Ward <= Re: [FW-1] Management Station not listening on tcp/257, Shawn Duffy [FW-1] Follow-up questions - Re: [FW-1] Management Station not listening on tcp/257, Shawn Duffy

Previous by Date:	Re: [FW-1] icmp packet drops?, Daniel Samaan
Next by Date:	Re: [FW-1] icmp packet drops?, Mark Ward
Previous by Thread:	[FW-1] Management Station not listening on tcp/257, Shawn Duffy
Next by Thread:	Re: [FW-1] Management Station not listening on tcp/257, Shawn Duffy
Indexes:	[Date] [Thread] [Top] [All Lists]