ScreenOS Firewalls (NOT SRX)
Reply
Contributor
murat
Posts: 15
Registered: ‎06-12-2008
0

SSG140 AV video and download problen

Hi all, i have a question about ssg 140 antivirus. i try to download somefiles, after the 1 mb download files not continue or stopped. same problem repeats watch the video files. some video files watching after the a little bit time video files stopped. do you know how to resolve this problem can you answer that?

 

PS: if i disabled the antivirus everything be ok

 

Thanks, best regards.

Super Contributor
Nadia
Posts: 94
Registered: ‎11-06-2007
0

Re: SSG140 AV video and download problen

I would suggest, to begin with, having a look at the event log when you have those problems and see if you spot any messages relating to anti-virus. Also check the output of "get av scan", "get av stat", "get av", "get av all".

What ScreenOS version are you running? You can check the available release notes for any known issues with regards to AV.

 

Hope this helps,

Nadia

Contributor
murat
Posts: 15
Registered: ‎06-12-2008
0

Re: SSG140 AV video and download problen

Dear Nadia, thanks for your helps.


Software Version: 6.1.0r1.0, Type: Firewall+VPN

 

 SSG140-> get av scan
<AV scan engine info>
    AV Key Expire Date: 07/13/2009 00:00:00
    Update Server: http://update.juniper-updates.net/AV/SSG100/
           interval: 60 minutes
           auto update status: next update in 30 minutes
           last result: already have latest database
    pattern update proxy status: OFF
    AV signature version: 09/02/2008 00:25 GMT, virus records: 183994
    Scan Engine Info: last action result: No error(0x00000000), memory left 112616kB
    Scan engine default file extension list: 386;ACE;ARJ;ASP;BAT;BIN;BZ2;CAB;CHM;CLA;CMD;COM;CPL;DLL;DOC;DOT;DPL;DRV;DWG;ELF;EMF;EML;EXE;FON;FPM;GEA;GZ;HA;HLP;HTA;HTM;HTML;HTT;HXS;ICE;INI;ITSF;JAR;JPEG;JPG;JS;JSE;LHA;LNK;LZH;MBX;MD?;MIME;MSG;MSI;MSO;NWS;OCX;OTM;OV?;PDF;PHP;PHT;PIF;PK;PL;PLG;PP?;PRG;PRJ;RAR;REG;RTF;SCR;SH;SHS;SWF;SYS;TAR;TGZ;THE;TSP;VBE;VBS;VXD;WSF;WSH;XL?;XML;ZIP;
    pattern type: standard
    max content size: 30000(k) (pass if exceeds)
    max-msgs: 512 (pass if exceeds)
    decompress layer: (pass if exceeds)
    password file: (pass if occurs)
    corrupt file: (pass if occurs)
    out of resource: (pass if occurs)
    scan engine is not ready: (pass if occurs)
    timeout: (pass if occurs)

 

 

SSG140-> get av stat
<AV statistics>
No Scan: Max Msg:            0
No Scan: Max Content Size:   1
Fwd to Scan Engine: Total:   40624
Fwd to Scan Engine (scan-all):          0
Fwd to Scan Engine (scan-intelligent):  40620
Fwd to Scan Engine (scan-ext):          0
Scan Code: Clear             40594
Scan Code: Infect            1
Scan Code: Psw Archive File  0
Scan Code: Decompress Layer  17
Scan Code: Corrupt File      8
Scan Code: Out Of Resource   0
Scan Code: Internal Error    1
Scan Code: Error             0
Scan Eng: Error:             0
Fail Mode: corrupt file      8
Fail Mode: decompress layer  17
Fail Mode: password file     0
Fail Mode: engine not ready  50
Fail Mode: out of resource   0
Fail Mode: timeout           0
Fail Mode: max content size  1
Fail Mode: max msgs          0
Fail Mode: others            1

<App Session>
Max. Sessions:           8000
Init. Sessions:          1600
Total Alloc Sessions:    64250
Total Free Sessions:     64158
Tcp Sessions:            92
Active Sessions:         92
Run out of packet count: 0

 

 

SSG140-> get av
<AV global setting>
    fail-mode traffic: permit
    max. percent of AV resources allowed per client: 70(percent)
<AV HTTP setting>
    connection mode: keep-alive
    trickling: disabled
    scanning: HTTP (including WebMail)
<AV scan engine info>
    AV Key Expire Date: 07/13/2009 00:00:00
    Update Server: http://update.juniper-updates.net/AV/SSG100/
           interval: 60 minutes
           auto update status: next update in 28 minutes
           last result: already have latest database
    pattern update proxy status: OFF
    AV signature version: 09/02/2008 00:25 GMT, virus records: 183994
    Scan Engine Info: last action result: No error(0x00000000), memory left 112564kB
    Scan engine default file extension list: 386;ACE;ARJ;ASP;BAT;BIN;BZ2;CAB;CHM;CLA;CMD;COM;CPL;DLL;DOC;DOT;DPL;DRV;DWG;ELF;EMF;EML;EXE;FON;FPM;GEA;GZ;HA;HLP;HTA;HTM;HTML;HTT;HXS;ICE;INI;ITSF;JAR;JPEG;JPG;JS;JSE;LHA;LNK;LZH;MBX;MD?;MIME;MSG;MSI;MSO;NWS;OCX;OTM;OV?;PDF;PHP;PHT;PIF;PK;PL;PLG;PP?;PRG;PRJ;RAR;REG;RTF;SCR;SH;SHS;SWF;SYS;TAR;TGZ;THE;TSP;VBE;VBS;VXD;WSF;WSH;XL?;XML;ZIP;
    pattern type: standard
    max content size: 30000(k) (pass if exceeds)
    max-msgs: 512 (pass if exceeds)
    decompress layer: (pass if exceeds)
    password file: (pass if occurs)
    corrupt file: (pass if occurs)
    out of resource: (pass if occurs)
    scan engine is not ready: (pass if occurs)
    timeout: (pass if occurs)

 

SSG140-> get av all
<AV global setting>
    fail-mode traffic: permit
    max. percent of AV resources allowed per client: 70(percent)

 

 

Super Contributor
Nadia
Posts: 94
Registered: ‎11-06-2007
0

Re: SSG140 AV video and download problen

Are there any messages in the event log?

I would recommend an upgrade to 6.1r3, I saw a couple of AV issues mentioned in the release notes.

 

Thanks,

Nadia

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.