Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Mlinko
Contributor
Jump to solution

Var/log/messages SPAM - cmik_loader_fw_context_match_cb: match_cb for CMI APP 31

Dear All

since the upgrade to take 76, we've noticed that our messages get SPAMed from "kernel Error" (logs are below). Does someone know what is causing this error messages?

Appliance 23800

KR
Rok



Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:25999 -> 13.107.206.39:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executin
g context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:25032 -> 205.251.196.141:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execut
ing context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.222:20890 -> 205.251.196.141:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execut
ing context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:51691 -> 150.171.16.37:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executin
g context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:44074 -> 2.23.154.132:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executing
context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:35573 -> 13.107.206.39:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executin
g context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:62790 -> 66.163.53.1:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executing
context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:63925 -> 150.171.10.201:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executi
ng context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.222:56365 -> 150.171.10.201:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executi
ng context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.223:56797 -> 205.251.194.187:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execut
ing context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_0];[172.16.10.222:45689 -> 170.72.18.2:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executing
context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:FW-1: stopping debug messages for the next 39 seconds. To disable this suppression see sk74580
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_36];[172.16.10.222:58264 -> 204.14.183.5:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executin
g context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:FW-1: stopping debug messages for the next 39 seconds. To disable this suppression see sk74580
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_31];[172.16.10.223:32702 -> 208.84.5.222:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executin
g context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_31];[172.16.10.222:38189 -> 199.180.182.53:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execut
ing context 366 and adding the app to apps in exception
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:FW-1: stopping debug messages for the next 39 seconds. To disable this suppression see sk74580
Sep 7 10:31:21 2024 fwgw-wbg-01 AutoUpdater[25735]: Error occurred running the application.
Sep 7 10:31:21 2024 fwgw-wbg-01 kernel:[fw4_23];[172.16.10.222:60344 -> 199.180.182.53:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execut
ing context 366 and adding the app to apps in exception
Sep 7 10:31:22 2024 fwgw-wbg-01 kernel:[fw4_23];[172.16.10.223:50733 -> 13.107.236.201:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execut
ing context 366 and adding the app to apps in exception
Sep 7 10:31:23 2024 fwgw-wbg-01 kernel:[fw4_23];[172.16.10.222:45935 -> 81.169.144.234:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execut
ing context 366 and adding the app to apps in exception
Sep 7 10:31:23 2024 fwgw-wbg-01 kernel:[fw4_23];[172.16.10.222:19411 -> 150.171.10.32:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executi
ng context 366 and adding the app to apps in exception
Sep 7 10:31:23 2024 fwgw-wbg-01 kernel:[fw4_23];[172.16.10.223:28740 -> 140.205.122.243:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execu
ting context 366 and adding the app to apps in exception
Sep 7 10:31:23 2024 fwgw-wbg-01 kernel:[fw4_23];[172.16.10.223:65035 -> 108.162.192.122:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, execu
ting context 366 and adding the app to apps in exception
Sep 7 10:31:23 2024 fwgw-wbg-01 kernel:
Sep 7 10:31:23 2024 fwgw-wbg-01 kernel:FW-1: stopping debug messages for the next 37 seconds. To disable this suppression see sk74580
Sep 7 10:31:26 2024 fwgw-wbg-01 AutoUpdater[26181]: Error occurred running the application.
Sep 7 10:31:31 2024 fwgw-wbg-01 AutoUpdater[26295]: Error occurred running the application.
Sep 7 10:31:36 2024 fwgw-wbg-01 AutoUpdater[26675]: Error occurred running the application.
Sep 7 10:31:42 2024 fwgw-wbg-01 AutoUpdater[26709]: Error occurred running the application.
Sep 7 10:31:47 2024 fwgw-wbg-01 AutoUpdater[26732]: Error occurred running the application.

0 Kudos
1 Solution

Accepted Solutions
AkosBakos
Advisor

Hi @Mlinko 

Did you read this SK? https://support.checkpoint.com/results/sk/sk182606

 

Symptoms

  • The $FWDIR/log/fwk.elg or /var/log/messages file on the Security Gateway / Cluster Member contains this line repeatedly:
    cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executing context 366 and adding the app to apps in exception

  • Traffic outages through a Security Gateway / Cluster / VSX Virtual System, and core dumps are created.

Cause

A missing attribute in the DNS server response causes a data failure.

Solution

Contact Check Point Support to get a Hotfix for this issue.
The fix resolves this issue by ensuring that the Security Gateway does not fail when the specified attribute is invalid.

A Support Engineer will make sure the Hotfix is compatible with your environment before providing it.
For faster resolution and verification, collect these files:

  1. CPinfo file from the Management Server involved in the case.
  2. CPinfo file from the Security Gateway / each Cluster Member involved in the case.

Hotfix installation instructions:
Refer to sk168597 - How to install a Hotfix.

----------------
\m/_(>_<)_\m/

View solution in original post

0 Kudos
11 Replies
AkosBakos
Advisor

Hi @Mlinko 

Did you read this SK? https://support.checkpoint.com/results/sk/sk182606

 

Symptoms

  • The $FWDIR/log/fwk.elg or /var/log/messages file on the Security Gateway / Cluster Member contains this line repeatedly:
    cmik_loader_fw_context_match_cb: match_cb for CMI APP 31 - DNS_DATA_SOURCE failed on context 201, executing context 366 and adding the app to apps in exception

  • Traffic outages through a Security Gateway / Cluster / VSX Virtual System, and core dumps are created.

Cause

A missing attribute in the DNS server response causes a data failure.

Solution

Contact Check Point Support to get a Hotfix for this issue.
The fix resolves this issue by ensuring that the Security Gateway does not fail when the specified attribute is invalid.

A Support Engineer will make sure the Hotfix is compatible with your environment before providing it.
For faster resolution and verification, collect these files:

  1. CPinfo file from the Management Server involved in the case.
  2. CPinfo file from the Security Gateway / each Cluster Member involved in the case.

Hotfix installation instructions:
Refer to sk168597 - How to install a Hotfix.

----------------
\m/_(>_<)_\m/
0 Kudos
Mlinko
Contributor

Hi @AkosBakos,

I was searching for the SK but I couldn't find one, thank you for our reply! I'll have a look at it!

KR
Rok

0 Kudos
Nandhakumar_N
Participant

I am also getting same error on gateway which is running in R81.20 version take 76 hotfix

PhoneBoy
Admin
Admin

The fix for this does not appear to be available as part of a JHF yet.
You will need to request the specific hotfix from TAC.

0 Kudos
Daniel_Kavan
Advisor

I applied the JHF76 hotfix yesterday and I'm still getting these errors, but not nearly as many.   TAC is looking at it.  

[Mon Sep 16 05:58:19 2024] [fw4_4];[someIP:56780 -> someEXTip:53] [ERROR]: cmik_loader_fw_context_match_cb: match_cb for CMI APP 10 - RESOURCE_REPUTATION failed on context 201, executing context 366 and adding the app to apps in exception

0 Kudos
Olavi_Lentso
Contributor

The same messages continue to appear also in take 84. Quite long time without adding the fix into a jumbo hotfix.

0 Kudos
itinfranetwork
Explorer

What is worse :

  • the hotfix is only available by opening a support case, which for the majority of the customers implies going through a partner, adding latency to the resolution
  • the SK182606 has been created on 2024-08-21, before JHF 84 was out ("Released on 5 Sep 2024 and declared as Recommended on 18 Sep 2024"), and is still not listed in the known issues of any JHF
  • in our case, upgrading from JHF 53 to 84, the bug has been introduced by the JHF 84 !

 

cdelcarmen
Contributor

in Take 76, checkpoint tac provided a hotfix for this DNS errror and I had to remove the hotfix checkpoint provided in order to be able to upgrade to take 84, not  good. 

 

(1)
Olavi_Lentso
Contributor

Even the latest R81.20 take 89 reports still same errors ...

0 Kudos
Richard_Wieser
Participant

I was seeing this in T76 and T84. Contacted TAC and was provided a portfix and the issue gone now. 

0 Kudos
Olavi_Lentso
Contributor

Yep, a hotfix does exist, but it has not been added into any jumbo hotfixes yet, after being discovered so long time ago.

0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events