Results 1 to 7 of 7
  1. #1
    Newbie
    Join Date
    Jan 2019
    Posts
    3

    Default IPS not updating

    Hi - does anyone else run into this problem? The IPS never updates and it has been that way since I performed the upgrade from the web console.

    IPS.PNG

    I'm running
    Build: 14.1.0.20181130T105219.472bdadfc6-1stretch
    Kernel: 4.9.0-7-untangle-amd64

    also, if anyone has tips on running the update command that would be very helpful too!

  2. #2
    Master Untangler cblaise's Avatar
    Join Date
    Jul 2014
    Location
    Burlington, VT
    Posts
    118

    Default

    The script from the command line runs daily from /etc/cron.daily/intrusion-prevention-get-updates.

    What happens when you run that command?

  3. #3
    Newbie
    Join Date
    Jan 2019
    Posts
    3

    Default

    Here's the problem:
    Problem while asking for hxxp[:]//localhost/admin/JSON-RPC
    Traceback (most recent call last):
    File "./intrusion-prevention-get-updates", line 362, in <module>
    main( sys.argv[1:] )
    File "./intrusion-prevention-get-updates", line 339, in main
    update.setup()
    File "./intrusion-prevention-get-updates", line 77, in setup
    uvmContext = Uvm().getUvmContext( hostname="localhost", username=None, password=None, timeout=60 )
    File "/usr/lib/python2.7/dist-packages/uvm/untangle_vm.py", line 71, in getUvmContext
    proxy = ServiceProxy( "hxxp://" + hostname + "/admin/JSON-RPC", None, handler, None )
    File "/usr/lib/python2.7/jsonrpc/proxy.py", line 56, in __init__
    self.getNonce()
    File "/usr/lib/python2.7/jsonrpc/proxy.py", line 66, in getNonce
    respdata = self.__handler.make_request( self.__serviceURL, postdata )
    File "/usr/lib/python2.7/dist-packages/uvm/untangle_vm.py", line 40, in make_request
    raise e
    pycurl.error: (7, 'Failed to connect to localhost port 80: Connection refused')
    I have custom HTTP port set up instead of port 80 under Config>Network>Services but that doesn't impact this localhost operation (even if I change it back to 80).

    I also verified the access rules which remains unchanged, which, is to allow non HTTPS on non-WAN interfaces.

    No firewall rules to block 80.

    Not bad IPS rules either; turned off IPS completely for test.

    Is some component of UVM not started or listening on localhost[:]80?

  4. #4
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Location
    Sunnyvale, CA
    Posts
    7,435

    Default

    Has there been any command line changes?
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  5. #5
    Untangle Junkie dmorris's Avatar
    Join Date
    Nov 2006
    Location
    San Carlos, CA
    Posts
    17,648

    Default

    Quote Originally Posted by Tomakey View Post
    Failed to connect to localhost port 80: Connection refused
    This means apache isn't running on port 80, which means something has gone seriously wrong or something major has been changed. Can you reach administration on port 80? port 443?
    Attention: Support and help on the Untangle Forums is provided by volunteers and community members like yourself.
    If you need Untangle support please call or email support@untangle.com

  6. #6
    Newbie
    Join Date
    Jan 2019
    Posts
    3

    Default

    Thanks @dmorris - traced it down to apache2/ports.conf - had to revert back to origin 80 (apparently by now it means that the local services setting at config>service is independent from this config). Thanks again everyone for chiming in!

  7. #7
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Location
    Phoenix, AZ
    Posts
    22,939

    Default

    Quote Originally Posted by Tomakey View Post
    Thanks @dmorris - traced it down to apache2/ports.conf - had to revert back to origin 80 (apparently by now it means that the local services setting at config>service is independent from this config). Thanks again everyone for chiming in!
    Yes it does, the service port change in the UI adjusts a port forward, not where the service actually listens.

    The moral of the story, stay out of the terminal, unless you want problems.
    Tomakey likes this.
    Rob Sandling, BS:SWE, MCP
    NexgenAppliances.com
    Phone: 866-794-8879 x201
    Email: support@nexgenappliances.com

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

SEO by vBSEO 3.6.0 PL2