- Products
- Learn
- Local User Groups
- Partners
-
More
It's Here!
CPX 360 2021 Content
Check Point Harmony
Highest Level of Security for Remote Users
Important certificate update to CloudGuard Controller, CME,
and Azure HA Security Gateways
Advanced Protection for
Small and Medium Business
Secure Endpoints from
the Sunburst Attack
Important! R80 and R80.10
End Of Support around the corner (May 2021)
Dear folks,
we are running R80.20 on an 2200 appliance since 2 month without problems.
This week some problems occurs. We got a lot of errors like these:
Jun 13 11:19:25 2019 XXXXX kernel: [fw4_0];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jun 13 11:19:26 2019 XXXXX kernel: [fw4_0];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jun 13 11:19:26 2019 XXXXX kernel: [fw4_0];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
If we do a restart of the appliance they can't install policy (policy install failed) and default policy is loaded.
A manual fw fetch after restart loads the actual policy, but the shown errors occurs again after some minutes.
Any ideas or seen this error anywhere?
Wolfgang
Hi.
I'm having this same issue on our R80.20.
It started a few days ago, right after Take 80 update instalation:
Jun 14 11:13:14 SPA-GW kernel: [fw4_2];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jun 14 11:13:16 SPA-GW kernel: [fw4_1];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jun 14 11:13:17 SPA-GW kernel: [fw4_2];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jun 14 11:13:17 SPA-GW kernel:
Jun 14 11:13:17 SPA-GW kernel: FW-1: stopping debug messages for the next 43 seconds
Jun 14 11:13:17 SPA-GW kernel: [fw4_1];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jun 14 11:13:21 SPA-GW last message repeated 4 times
Jun 14 11:13:21 SPA-GW kernel: [fw4_0];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
It's spaming our syslog...
Our support created a ticket on checkpoint and the answer was:
"We have few other customers who have reported same messages after upgrading the machine. The issue is currently under investigation of the R&D team, will update you with more information as and when received."
(12/06/2019 - 14:17)
I can say that there's no negative impact so far.
Hope checkpoint solve this soon.
Best regards.
Nserrao
Hello.
Our local support team reply me the following as solution:
Didn't test it yet but I'll came back with news when it's done.
Best regards.
Nelson
Just upgrade to R80.20 Take 87 per TAC.
Also seeing the messages , several per second
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_6];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_9];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_6];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_6];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_6];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_6];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_9];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_9];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_9];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_6];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_7];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_7];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_4];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jul 11 18:40:36 2019 SJHFW1 kernel: [fw4_4];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=0 flags=1 opcode=15)
Jul 11 18:40:37 2019 SJHFW1 kernel: [fw4_11];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jul 11 18:40:37 2019 SJHFW1 kernel: [fw4_11];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jul 11 18:40:37 2019 SJHFW1 kernel: [fw4_2];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jul 11 18:40:37 2019 SJHFW1 kernel: [fw4_2];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jul 11 18:40:37 2019 SJHFW1 kernel: [fw4_4];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jul 11 18:40:37 2019 SJHFW1 kernel: [fw4_4];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
Jul 11 18:40:38 2019 SJHFW1 kernel: [fw4_0];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=2 flags=1 opcode=15)
Jul 11 18:40:38 2019 SJHFW1 kernel: [fw4_4];fwmutlik_do_sequence_accounting_on_entry: bad dir -1 (gconn_segment=1 flags=1 opcode=15)
(END)
Hello,
I would like to bring clarity into this thread discussion
Thanks,
Ophir
Hello.
Thank you for your reply.
We also updated R80.20 into take 87 last week but it's still spamming our syslog.
We'll ignore those messages and wait for take 91.
Best regards.
Nelson
i had to request a hotfix for take 87, so one is available through tac
Raj,
you used the image with security management software only.
2200 appliances supports only gateway with R80.xx. (shown in your screenshot)
R80.20 Fresh Install and Upgrade for Security Gateway and Standalone
regards
Wolfgang
Ah, good catch. Thanks for that, too early for me! Appreciate it....
About CheckMates
Learn Check Point
Advanced Learning
WELCOME TO THE FUTURE OF CYBER SECURITY