Support Center > Search Results > SecureKnowledge Details
Specific web sites are not reachable when Anti-Virus/Anti-Bot blade is enabled and the packet is generated by the Security Gateway
Symptoms
  • Specific web sites are not reachable when Anti-Virus/Anti-Bot blade is enabled and the packet is generated by the Security Gateway.
  • Issue affect HTTP/HTTPS redirect packets generated by the Security Gateway.
  • Enabling HTTP/HTTPS proxy affects respective HTTP/HTTPS links.
Cause

Packets, which are gzipped contain an empty field in the body portion.
In a traffic capture, the packet looks as follows (the relevant field is highlighted):

    Gzipped packet 

After the packet enters the kernel, it will be unzipped - the field for the body will contain running zeros.
This causes a conflict in the inspection code for Anti-Virus and Anti-Bot which will cause the packet to be rejected.

Kernel debug shows the following errors, which confirm this behavior is occurring;

ws_http_session_format_url_for_logging: [ERROR]: http session is invalid 00000000;
{av} [VSID: 00000] ci_ws_ext_av_filter_inspect_body_cb: [ERROR]: ws_http_session_format_url_for_logging() failed;
{av} [VSID: 00000] ci_ws_filter_process: [ERROR]: ci_ws_ext_av_filter_inspect_body_cb() failed;
{body} [SID: 1480078] ws_filter_mgr_execute_filter: [ERROR]: ws_abs_filter_process failed;
{body} [SID: 1480078] ws_filter_mgr_execute_filter_chain: [ERROR]: execute_filter failed;
{session} [SID: 1480078] ws_http_process_body: [ERROR]: failed to execute filter chain;
{session} [SID: 1480078] ws_http_session_server_read: [ERROR]: failed to process body;

Solution
Note: To view this solution you need to Sign In .