Our Untangle box has been running for about 2 weeks and we have been getting daily reports. However, this morning we had no reports e-mailed and our internet access seemed to be down. We rebooted the Untangle box and the internent came back up. When I went into the Untangle reports and tried to generate a report, I get an unavailable screen.

Is there someother way I can check to see if the reports are there?

Is this a possible security issue. (Has the box been hacked in some way?)

We do have remote admin turned on for port 444 SSL.

welcome RW$.
reports for that day could still be in process or got corrupted and therefore there's nothing to show, however you can view archived reports. http://ipaddress/reports/archived

i doubt its a security issue, i would check smtp settings are correct and if you have attack blocker installed i would put high traffic servers on exception list.
let us know if you receive the next day reports.

Archived gives the same message "The requested resource (/reports/archived/) is not available" I have tried this by accessing the reports from remote and within the network on the local IP. Same message. I know I had plenty of archive, since I utilized the archives last Friday to research activity on the network. And I received a report on Monday.

I mentioned security, because if an attacker wanted to cover their tracks, they would want to get rid of the log files.

If corrupted, what can I do to fix this?

im thinking it crashed for whatever reason that's why you lost reports. are you able to access current reports now? do you receive the reports via e-mail?

if not, you can backup config and then restore box to factory and then restore config. this will not recover reports but will give you a fresh database.

I received a report for 10/03 on 10/04 at 3pm in my e-mail. However, the web reports still shows unavailable and the archive is not available.

I will try the restore. However, is there anyway I can backup the reports? Perhaps to another drive on our network? In case this happens again.

Seems that I may not get a reply to the previous post. I assume giving me instructions on how to manually go into the command line and backup the .pdf reports would be giving away too much confidential information about Untangle, eh.

Figured it out for myself using an SSH login and command line access.

Also noted that although I am getting reports in my e-mail, they are blank. Still think this is some sort of hack. (And yes, I did set a strong password on the SSH/Command line login when I first setup the box. Until 2 days ago, it was not even available to do a remote login for SSH).

This box was hit with a huge volume of traffic in the previous week. Approximately 2.5 million e-mails were recorded in a 7 day period of which 96% was rejected as Spam. Current records show that the traffic has slowed down. Now around 300,000 per day in e-mails. I suppose we could point to the huge volume of SPAM as a possible reason for your crash senario.

It seems if I turn off Incident lists, everything returns to normal. I can access the reports via the web interface and see the archived reports as well.

I will turn on the incident lists option to see if I can reproduce the problem. I'll let you know in a few days.

hey RW$.
sorry for the delayed response. it could be a database issue. we can fix this for you, if could you send us your activation key ( Config > Setup Info ) to support@untangle.com and verify Untangle Support is allowed ( Config > Support) .

It seems if I turn off Incident lists, everything returns to normal. I can access the reports via the web interface and see the archived reports as well.

I will turn on the incident lists option to see if I can reproduce the problem. I'll let you know in a few days.

Turning this off will just give brief reports.

That is the problem. When I turn on the Incident Lists for reporting, the next days reports are slow to arrive as an e-mailed report and the online reports are "Unavailable" when I try to view them.

I will turn off the Incident Lists today and see If I have normal access tomorrow. I'll let you know.

Configuration is an AMD Athlon 64 X2 4200+ (2.2) Ghz, with 1GB Ram and an 80GB hardddrive.

I am also experiencing the same problems as RW$, I've been running untangle 5 for the past three months. Yesterday i didnt receive an email report, so i tried to view the reports from the web interface, and got the same message RW$ got. I've tried restoring to factory settings, didnt help. I DONT have SSL access enabled, so there shouldnt be any outside access. The box itself receives very little mail(+-200 mails per day). :confused:

hi Shady.
resetting to factory should have fixed it, cause it gives you a fresh database and all previous reports will be deleted.

after reset, did you try accessing reports at that same day?

Hi Richie,

On Friday i couldn't access ANY reports(current or archieved). I came into the office today though, and the daily and weekly reports were generated during the weekend. I can also now access my current and all archieved reports(Except for Thursday's daily and Monthly reports, which give the same error). :confused: . Anyways, it looks to have sorted itself out now :rolleyes: