Traffic drop after adding rules with Domain object and installing policy

SUPPORT CENTER
USER CENTER / PARTNER MAP
CYBER TALK FOR EXECUTIVES
THREAT INTELLIGENCE
UNDER ATTACK?
- We can help. Learn more about ThreatCloud Incident Response
RISK ASSESSMENT
MY ACCOUNT
- Phone
  
  General
  United States 1-800-429-4391
  International +972-3-753-4555
  
  Support
  24x7 Technical Support
  Americas: 1-972-444-6600
  International: +972-3-6115100
  Toll Free: 1-888-361-5030
- Locations
  
  United States
  Check Point Software Technologies Inc.
  959 Skyway Road
  Suite 300
  San Carlos, CA 94070
  MAP
  
  International
  Check Point Software Technologies Ltd.
  5 Ha'Solelim Street
  Tel Aviv 67897, Israel
  MAP
- Community
  CheckMates User Community
  Blog
- Chinese
- Japanese
- Russian

Support Center > Search Results > SecureKnowledge Details

Symptoms

Traffic drop after adding rules with Domain object and installing policy. This traffic is allowed in the Security Policy.
Running kernel debug (fw ctl zdebug + drop) is showing a drop on a rule number which does not match the source or destination of that traffic.
Several hundreds of domain objects are configured in the security policy.
Similiar errors in the /var/log/messages file:
[DATE TIME] kernel: [fw4_2];[ERROR]: up_manager_perform_action: up_manager_resume_chain failed [DATE TIME] kernel: [fw4_2];[ERROR]: network_classifiers_domain_async_timeout_cb: the 'perform_action' callback function failed

Solution

Note: To view this solution you need to Sign In .

THREAT INTELLIGENCE