[FW1] Polsrvd, netsod and fwd.elg

Tue, 14 Nov 2000 09:04:29 -0800 


I recently found the following two lines at the end of my fwauthd.conf file
(FW-1 V4.1 SP1 on Solaris 7):

        0       polsrvd respawn 0
        19190   netsod wait 19190

Does anybody know where they come from and what they are for. I recently
upgraded to SP2, but later had to roll-back to SP1 and wondered if they were
part of SP2. Netsod also had an associated logfile, netsod.elg, in the log
directory.

I only discovered them simply because the fwd.elg logfile was growing very
big with the following repeated line:

        fwd: fwauthd: execv /opt/CPfw1-41/bin/polsrvd 0 failed: No such file
or directory

Does anybody know what netsod is and its associated log file netsod.elg in
the log directory are for.

Also I have the HTTP Security server running for virus checking e-mail via
TrendMicro VirusScan (CVP) and log file last night grew to 16GB and filled
the file system, crashing FW-1: why do these *.elg log files not get reset
or switched when firewall is restarted?

Is there any explanation of the contents of these log files? I searched the
manuals and Checkpoint website, but couldn't find anything.

Which log files can be nulled out without any problem.

ahttpd.elg contains lots of stuff like:

        Cannot connect to WWW-server: Transport endpoint is not connected
        sn c44ad8 src 145.239.60.61 40312 dst 195.216.16.152  -1 uri \
        
/www.keatsestateagents.co.uk:80/Graphics/K-buttons/intro_2.jpg 
        handle_write_error : sn = ea67f8, sock = 41, buf_len = 3909, len =
-1 : \
                Error in writing to the client: Broken pipe
        Cannot connect to WWW-server: Transport endpoint is not connected
        sn d7eb78 src 145.239.60.61 41283 dst 202.60.252.42  -1 uri \
                /www.valuesponsor.com:80/cgi-bin/non/banner.cgi?karox
        ...skipping...
        new header length exceeded max_header_length
        new header length exceeded max_header_length
        new header length exceeded max_header_length
        new header length exceeded max_header_length


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to