FLEX100: Will not load config, piece of...
Options
MikeForshock
Posts: 57 
Ally Member
Ally Member
in Security
So making updates to our default (more rules...) and suddenly lost communication with firewall.
in the console it all started here:
HTTP: Will show login form, but will fail to respond when user/pass is submitted. No bad password or other error shown. Simply no response. Will show login page.
Now it wont restart shows this as the last entries:
And of course it completely wiped our config file! Stupid *#*@&%&#!!!!! (not "bad", just gone!)
USG FLEX 100 5.30
in the console it all started here:
Got LINK_CHANGE
Port [3] Copper is up --> Group [3] is up
INIT: [3060] Core dump: Send the signal to notify app. watchdog [13406] to recover this app. if necessary.
firewalld is dead at Wed May 11 17:44:38 2022
firewalld is dead at Wed May 11 17:45:38 2022
firewalld is dead at Wed May 11 17:46:38 2022
firewalld is dea at Wed May 11 17:47:38 2022
firewalld is dead at Wed May 11 17:48:38 2022
firewalld is dead at Wed May 11 17:49:38 2022
firewalld is dead at Wed May 11 17:50:38 2022
Unable to connect ZySH daemon
command function history:
0x1000fb78 argc:1 args:
0x100101c0 argc:1 args:
0x10159810 argc:3 args:show username
0x101a3c30 argc:3 args:show groupname
0x1013ae90 argc:3 args:show schedule-object
0x1013aec0 argc:4 args:show object-group schedule
0x10129840 argc:3 args:show address-object
0x10129ac8 argc:4 args:show object-group address
0x10135cd8 argc:4 args:show service-object _v4
0x10135dc0 argc:5 args:show object-group service _v4
0x102289c8 argc:3 args:show zone
0x104aba60 argc:5 args:show device profile all
0x1031ea20 argc:4 args:show app profiles
0x102403f0 argc:4 args:show content-filter profile
0x104a40b0 argc:5 args:show dns-content-filter profile all
0x103aed38 argc:4 args:show anti-spam profile
0x103a5360 argc:4 args:show anti-virus profile
0x102c79a8 argc:5 args:show idp signature profiles
0x10318b68 argc:4 args:show ssl-inspection profile
0x102ec420 argc:4 args:show secure-policy-style status
0x100103e8 argc:2 args:exit
0x10010578 argc:1 args:
0x1003b048 argc:3 args:cpu status
0x1003b048 argc:3 args:mem status
0x1003c1f0 argc:2 args:status
0x1003b048 argc:3 args:system uptime
0x100b9db0 argc:1 args:
0x1000fb78 argc:1 args:
0x100101c0 argc:1 args:
0x10301298 argc:2 args:5
0x102f27a0 argc:4 args:5 log alert
0x102ffdc8 argc:3 args:5 exit
firewalld is dead at Wed May 11 17:51:38 2022
firewalld is dead at Wed May 11 17:52:38 2022
firewalld is dead at Wed May 11 17:53:38 2022
firewalld is dead at Wed May 11 17:54:38 2022
firewalld is dead at Wed May 11 17:55:38 2022HTTP: Will show login form, but will fail to respond when user/pass is submitted. No bad password or other error shown. Simply no response. Will show login page.
Now it wont restart shows this as the last entries:
<div>[ 66.562882] [y_adp]load ZyADP Ver1.0.0 OK</div><div>Check ip reputation signature package</div><div>Cloud Query Daemon Start!</div><div>Check abn signatre package</div><div>Check av signature package</div><div>load av threat info</div><div>...................Applying system configuration file, please wait...</div><div>..................% Please check auth server setting.</div><div>................................................. </div>Forced a reset (paperclip...) and it loaded the system-default
And of course it completely wiped our config file! Stupid *#*@&%&#!!!!! (not "bad", just gone!)
USG FLEX 100 5.30
0
All Replies
-
On top of that, the stupid initial setup is so frustrating, just let us load a config file and bug us on the dashboard!
0 -
A completely waste of a few hours getting entries all lined up, all a waste...0
-
More debugging getting these as well:
Unable to connect ZySH daemon command function history: 0x102f27a0 argc:4 args:11 to ZyWALL 0x102f27a0 argc:4 args:11 sourceip AGRP_Z1 0x102f27a0 argc:4 args:11 service Z1-Device_Allow 0x102f27a0 argc:3 args:11 log 0x102f27a0 argc:4 args:11 action allow 0x102ffdc8 argc:3 args:11 exit 0x10301298 argc:2 args:12 0x102f27a0 argc:4 args:12 name Z0_Device 0x102f27a0 argc:4 args:12 description Z0 to Device 0x102f27a0 argc:4 args:12 to ZyWALL 0x102f27a0 argc:4 args:12 sourceip AGRP_Z0 0x102f27a0 argc:4 args:12 service Z0-Device_Allow 0x102f27a0 argc:3 args:12 log 0x102f27a0 argc:4 args:12 action allow 0x102ffdc8 argc:3 args:12 exit 0x10301298 argc:2 args:13 0x102f27a0 argc:4 args:13 name WAN_Outgoing 0x102f27a0 argc:4 args:13 description WAN Outgoing 0x102f27a0 argc:4 args:13 sourceip AGRP_WebAccess 0x102f27a0 argc:4 args:13 destinationip GEOGRP_WAN_Out 0x102f27a0 argc:7 args:13 cf-profile SCADA_Normal log by-profile a ctivate 0x102f27a0 argc:4 args:13 action allow 0x102f27a0 argc:4 args:13 to WAN 0x102f27a0 argc:4 args:13 log alert 0x102ffdc8 argc:3 args:13 exit 0x10301298 argc:2 args:14 0x102f27a0 argc:4 args:14 name WAN_Bypass 0x102f27a0 argc:4 args:14 description Unlocked web access 0x102f27a0 argc:4 args:14 to WAN 0x102f27a0 argc:4 args:14 user Users_WebAccess 0x102f27a0 argc:4 args:14 action allow 0x102ffdc8 argc:3 args:14 exit sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f ile or directory sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f ile or directory sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f ile or directory sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f ile or directory sh: line 1: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20-59_zyshd.dbg: No such f ile or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 41: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory /usr/sbin/gdb_parser_t.sh: line 51: /etc/zyxel/ftp/tmp/zyshd_bt/2022-05-11-23-20 -59_zyshd.dbg: No such file or directory
0 -
Looks like you will have to reset, flash, re-flash, and reset your box again to find out if your Flex100 is defective or not.0
-
Locked it up again...
Unable to connect ZySH daemon command function history: 0x104a40b0 argc:5 args:show dns-content-filter profile all 0x1025c980 argc:4 args:show security-service status 0x100103e8 argc:2 args:exit 0x10010578 argc:1 args: 0x1000fb78 argc:1 args: 0x100101c0 argc:1 args: 0x1031ea20 argc:4 args:show app profiles 0x102403f0 argc:4 args:show content-filter profile 0x104a40b0 argc:5 args:show dns-content-filter profile all 0x1025c980 argc:4 args:show security-service status 0x100103e8 argc:2 args:exit 0x10010578 argc:1 args: 0x1000fb78 argc:1 args: 0x100101c0 argc:1 args: 0x10301298 argc:3 args:insert 1 0x102f27a0 argc:5 args:insert 1 name Z5_Users 0x102f27a0 argc:5 args:insert 1 description Z5 Incoming (Users) 0x102f27a0 argc:5 args:insert 1 user Users_Z5 0x102f27a0 argc:5 args:insert 1 sourceip AGRP_ALLZONES 0x102f27a0 argc:5 args:insert 1 destinationip AGRP_Z5 0x102f27a0 argc:5 args:insert 1 service Z5_IN_Allow 0x102f27a0 argc:4 args:insert 1 log 0x102f27a0 argc:5 args:insert 1 no app-profile 0x102f27a0 argc:5 args:insert 1 no cf-profile 0x102f27a0 argc:5 args:insert 1 no dns-cf-profile 0x102f27a0 argc:5 args:insert 1 no idp-profile 0x102f27a0 argc:5 args:insert 1 no av-profile 0x102f27a0 argc:5 args:insert 1 no as-profile 0x102f27a0 argc:5 args:insert 1 no ssl-profile 0x102f27a0 argc:5 args:insert 1 no thrweb-profile 0x102f27a0 argc:5 args:insert 1 no dns-profile 0x102ffdc8 argc:4 args:insert 1 exitThe content filter is also NOT working at all on any profile0 -
Tried config on both flash images, appears to be constant issue.smb_corp_user said:Looks like you will have to reset, flash, re-flash, and reset your box again to find out if your Flex100 is defective or not.0 -
Came back this time on reboot
.Applying system configuration file, please wait... ...................ZyWALL system is configured successfully with startup-config.conf /etc/zyxel/conf/ZLDconfig: line 1114: 3060 Segmentation fault (core dumped) /usr/sbin/firewalld > /dev/null 2> /dev/null
0 -
Hi @MikeForshock,
it may need analysis diag-info to check what could went wrong.
Please help to get diag-info, and send me in PM.
"MAINTENANCE > Diagnostics > "Collect now"
Download diag-info
0 -
So I have figured out what is the most likely cause each time, based on it happening 4 times in total.
On Security Policy, I click Clone, enter the priority, it pops up the editor for the new (cloned) entry.
It doesnt happen every time I use it, but every lockup has been when doing this action.
Two times it required a complete factory reset, two times it took over 10 minutes to boot!
I have now completed all of the modifications to out security policy.
I sure hope this isnt more signs ZyXel is losing control on its software QA process. This, poor firmware updates, av signature lockup, numerous unauthenticated access exploits and the latest "We forgot to report a CVE" just a day or two ago AND TRYING TO HIDE IN THE FIRMWARE RELEASE NOTES!
0 -
Hi @MikeForshock,
Sorry for bad user experience. We are trying to simulate this issue in lab test. one quick question, does the rule have any UTM service applying before you clone rule?0
Master Member
Guru Member
Categories
- All Categories
- 439 Beta Program
- 2.8K Nebula
- 199 Nebula Ideas
- 125 Nebula Status and Incidents
- 6.3K Security
- 496 USG FLEX H Series
- 322 Security Ideas
- 1.6K Switch
- 83 Switch Ideas
- 1.3K Wireless
- 48 Wireless Ideas
- 6.8K Consumer Product
- 286 Service & License
- 457 News and Release
- 89 Security Advisories
- 31 Education Center
- 10 [Campaign] Zyxel Network Detective
- 4.3K FAQ
- 34 Documents
- 34 Nebula Monthly Express
- 85 About Community
- 95 Security Highlight
