AnsweredAssumed Answered

Entries in log/messages

Question asked by Luca Fabbri on Jan 23, 2019
Latest reply on Jan 27, 2019 by Dmitry Krupnik

Hello all,

I was checking /var/log/messages from the active node (Check Point R80.10 Cluster in Open Server - Take 154) and I found these entries; please can you help me to understand what they means and address the investigation:


1. kernel: [fw4_0];fwmultik_dispatch_inbound: instance mismatch (on connection <IP Address>(80) -> <IP Address> (9307) IPP 6): predefined says 2 lookup says 0)

2. kernel: [fw4_0];fwpslglue_do_log: Log buffer is full

3. kernel: [fw4_1];FW-1: Starting CUL mode because CPU usage (81%) on the local member increased above the configured threshold (80%).
4. kernel: [fw4_0];FW-1: SIM (SecureXL Implementation Module) SecureXL device detected.

kernel: [fw4_1];fwioctl: Policy has ended. Continuing extending dead timouts (fwha_cul_policy_done_time=8522491)


I also notices the $FWDIR/log/fw.log  is unreadable:



Is that a normal behavior ? I don't think so...


Any useful information is really appreciated.


Thank you very much,