FLEX100: Will not load config, piece of...

MikeForshock
MikeForshock Posts: 31  Freshman Member
So making updates to our default (more rules...) and suddenly lost communication with firewall.

in the console it all started here:
Got LINK_CHANGE
Port [3] Copper is up --> Group [3] is up

INIT: [3060] Core dump: Send the signal to notify app. watchdog [13406] to recover this app. if necessary.

firewalld is dead at Wed May 11 17:44:38 2022
firewalld is dead at Wed May 11 17:45:38 2022
firewalld is dead at Wed May 11 17:46:38 2022
firewalld is dea at Wed May 11 17:47:38 2022
firewalld is dead at Wed May 11 17:48:38 2022
firewalld is dead at Wed May 11 17:49:38 2022
firewalld is dead at Wed May 11 17:50:38 2022
Unable to connect ZySH daemon
  command function history:
        0x1000fb78      argc:1  args:
        0x100101c0      argc:1  args:
        0x10159810      argc:3  args:show username
        0x101a3c30      argc:3  args:show groupname
        0x1013ae90      argc:3  args:show schedule-object
        0x1013aec0      argc:4  args:show object-group schedule
        0x10129840      argc:3  args:show address-object
        0x10129ac8      argc:4  args:show object-group address
        0x10135cd8      argc:4  args:show service-object _v4
        0x10135dc0      argc:5  args:show object-group service _v4
        0x102289c8      argc:3  args:show zone
        0x104aba60      argc:5  args:show device profile all
        0x1031ea20      argc:4  args:show app profiles
        0x102403f0      argc:4  args:show content-filter profile
        0x104a40b0      argc:5  args:show dns-content-filter profile all
        0x103aed38      argc:4  args:show anti-spam profile
        0x103a5360      argc:4  args:show anti-virus profile
        0x102c79a8      argc:5  args:show idp signature profiles
        0x10318b68      argc:4  args:show ssl-inspection profile
        0x102ec420      argc:4  args:show secure-policy-style status
        0x100103e8      argc:2  args:exit
        0x10010578      argc:1  args:
        0x1003b048      argc:3  args:cpu status
        0x1003b048      argc:3  args:mem status
        0x1003c1f0      argc:2  args:status
        0x1003b048      argc:3  args:system uptime
        0x100b9db0      argc:1  args:
        0x1000fb78      argc:1  args:
        0x100101c0      argc:1  args:
        0x10301298      argc:2  args:5
        0x102f27a0      argc:4  args:5 log alert
        0x102ffdc8      argc:3  args:5 exit
firewalld is dead at Wed May 11 17:51:38 2022
firewalld is dead at Wed May 11 17:52:38 2022
firewalld is dead at Wed May 11 17:53:38 2022
firewalld is dead at Wed May 11 17:54:38 2022
firewalld is dead at Wed May 11 17:55:38 2022


HTTP:  Will show login form, but will fail to respond when user/pass is submitted.  No bad password or other error shown.  Simply no response.  Will show login page.

Now it wont restart shows this as the last entries:
<div>[&nbsp; &nbsp;66.562882] [y_adp]load ZyADP Ver1.0.0 OK</div><div>Check ip reputation signature package</div><div>Cloud Query Daemon Start!</div><div>Check abn signatre package</div><div>Check av signature package</div><div>load av threat info</div><div>...................Applying system configuration file, please wait...</div><div>..................% Please check auth server setting.</div><div>.................................................

</div>
Forced a reset (paperclip...) and it loaded the system-default
And of course it completely wiped our config file! Stupid *#*@&amp;%&#!!!!! (not "bad", just gone!)

USG FLEX 100 5.30


All Replies

  • MikeForshock
    MikeForshock Posts: 31  Freshman Member
    On top of that, the stupid initial setup is so frustrating, just let us load a config file and bug us on the dashboard!

  • MikeForshock
    MikeForshock Posts: 31  Freshman Member
    A completely waste of a few hours getting entries all lined up, all a waste... 
  • MikeForshock
    MikeForshock Posts: 31  Freshman Member
    More debugging getting these as well:

    Unable to connect ZySH daemon
      command function history:
            0x102f27a0      argc:4  args:11 to ZyWALL
            0x102f27a0      argc:4  args:11 sourceip AGRP_Z1
            0x102f27a0      argc:4  args:11 service Z1-Device_Allow
            0x102f27a0      argc:3  args:11 log
            0x102f27a0      argc:4  args:11 action allow
            0x102ffdc8      argc:3  args:11 exit
            0x10301298      argc:2  args:12
            0x102f27a0      argc:4  args:12 name Z0_Device
            0x102f27a0      argc:4  args:12 description  Z0 to Device
            0x102f27a0      argc:4  args:12 to ZyWALL
            0x102f27a0      argc:4  args:12 sourceip AGRP_Z0
            0x102f27a0      argc:4  args:12 service Z0-Device_Allow
            0x102f27a0      argc:3  args:12 log
            0x102f27a0      argc:4  args:12 action allow
            0x102ffdc8      argc:3  args:12 exit
            0x10301298      argc:2  args:13
            0x102f27a0      argc:4  args:13 name WAN_Outgoing
            0x102f27a0      argc:4  args:13 description  WAN Outgoing
            0x102f27a0      argc:4  args:13 sourceip AGRP_WebAccess
            0x102f27a0      argc:4  args:13 destinationip GEOGRP_WAN_Out
            0x102f27a0      argc:7  args:13 cf-profile SCADA_Normal log by-profile a                                             ctivate
            0x102f27a0      argc:4  args:13 action allow
            0x102f27a0      argc:4  args:13 to WAN
            0x102f27a0      argc:4  args:13 log alert
            0x102ffdc8      argc:3  args:13 exit
            0x10301298      argc:2  args:14
            0x102f27a0      argc:4  args:14 name WAN_Bypass
            0x102f27a0      argc:4  args:14 description  Unlocked web access
            0x102f27a0      argc:4  args:14 to WAN
            0x102f27a0      argc:4  args:14 user Users_WebAccess
            0x102f27a0      argc:4  args:14 action allow
            0x102ffdc8      argc:3  args:14 exit
    sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f                                             ile or directory
    sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f                                             ile or directory
    sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f                                             ile or directory
    sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f                                             ile or directory
    sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f                                             ile or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory
    /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20                                             -59_zyshd.dbg: No such file or directory

  • Looks like you will have to reset, flash, re-flash, and reset your box again to find out if your Flex100 is defective or not.
  • MikeForshock
    MikeForshock Posts: 31  Freshman Member
    Locked it up again...

     Unable to connect ZySH daemon
      command function history:
            0x104a40b0      argc:5  args:show dns-content-filter profile all
            0x1025c980      argc:4  args:show security-service status
            0x100103e8      argc:2  args:exit
            0x10010578      argc:1  args:
            0x1000fb78      argc:1  args:
            0x100101c0      argc:1  args:
            0x1031ea20      argc:4  args:show app profiles
            0x102403f0      argc:4  args:show content-filter profile
            0x104a40b0      argc:5  args:show dns-content-filter profile all
            0x1025c980      argc:4  args:show security-service status
            0x100103e8      argc:2  args:exit
            0x10010578      argc:1  args:
            0x1000fb78      argc:1  args:
            0x100101c0      argc:1  args:
            0x10301298      argc:3  args:insert 1
            0x102f27a0      argc:5  args:insert 1 name Z5_Users
            0x102f27a0      argc:5  args:insert 1 description  Z5 Incoming (Users)
            0x102f27a0      argc:5  args:insert 1 user Users_Z5
            0x102f27a0      argc:5  args:insert 1 sourceip AGRP_ALLZONES
            0x102f27a0      argc:5  args:insert 1 destinationip AGRP_Z5
            0x102f27a0      argc:5  args:insert 1 service Z5_IN_Allow
            0x102f27a0      argc:4  args:insert 1 log
            0x102f27a0      argc:5  args:insert 1 no app-profile
            0x102f27a0      argc:5  args:insert 1 no cf-profile
            0x102f27a0      argc:5  args:insert 1 no dns-cf-profile
            0x102f27a0      argc:5  args:insert 1 no idp-profile
            0x102f27a0      argc:5  args:insert 1 no av-profile
            0x102f27a0      argc:5  args:insert 1 no as-profile
            0x102f27a0      argc:5  args:insert 1 no ssl-profile
            0x102f27a0      argc:5  args:insert 1 no thrweb-profile
            0x102f27a0      argc:5  args:insert 1 no dns-profile
            0x102ffdc8      argc:4  args:insert 1 exit
    The content filter is also NOT working at all on any profile
  • MikeForshock
    MikeForshock Posts: 31  Freshman Member
    Looks like you will have to reset, flash, re-flash, and reset your box again to find out if your Flex100 is defective or not.
    Tried config on both flash images, appears to be constant issue.
  • MikeForshock
    MikeForshock Posts: 31  Freshman Member
    Came back this time on reboot

    .Applying system configuration file, please wait...
    ...................ZyWALL system is configured successfully with startup-config.conf
    /etc/zyxel/conf/ZLDconfig: line 1114:  3060 Segmentation fault      (core dumped) /usr/sbin/firewalld > /dev/null 2> /dev/null

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 929  Zyxel Employee
    Hi @MikeForshock,
    it may need analysis diag-info to check what could went wrong.
    Please help to get diag-info, and send me in PM.
    "MAINTENANCE > Diagnostics > "Collect now"

    Download diag-info

  • MikeForshock
    MikeForshock Posts: 31  Freshman Member
    So I have figured out what is the most likely cause each time, based on it happening 4 times in total.

    On Security Policy, I click Clone, enter the priority, it pops up the editor for the new (cloned) entry.
    It doesnt happen every time I use it, but every lockup has been when doing this action.
    Two times it required a complete factory reset, two times it took over 10 minutes to boot!

    I have now completed all of the modifications to out security policy.  

    I sure hope this isnt more signs ZyXel is losing control on its software QA process. This, poor firmware updates, av signature lockup, numerous unauthenticated access exploits and the latest "We forgot to report a CVE" just a day or two ago AND TRYING TO HIDE IN THE FIRMWARE RELEASE NOTES!

  • Zyxel_Cooldia
    Zyxel_Cooldia Posts: 929  Zyxel Employee
    Hi @MikeForshock,
    Sorry for bad user experience. We are trying to simulate this issue in lab test. one quick question, does the rule have any UTM service applying before you clone rule?

Security Highlight