Support Center > Search Results > SecureKnowledge Details
Traffic drop after adding rules with Domain object and installing policy
Symptoms
  • Traffic drop after adding rules with Domain object and installing policy. This traffic is allowed in the Security Policy.
  • Running kernel debug (fw ctl zdebug + drop) is showing a drop on a rule number which does not match the source or destination of that traffic.
  • Several hundreds of domain objects are configured in the security policy.
  • Similiar errors in the /var/log/messages file:
    [DATE TIME] kernel: [fw4_2];[ERROR]: up_manager_perform_action: up_manager_resume_chain failed
    [DATE TIME] kernel: [fw4_2];[ERROR]: network_classifiers_domain_async_timeout_cb: the 'perform_action' callback function failed
Solution
Note: To view this solution you need to Sign In .