Support Center > Search Results > SecureKnowledge Details
Legitimate HTTP traffic is rejected by IPS protection 'Non Compliant HTTP' as 'Attack: Block HTTP Non Compliant' Technical Level
Symptoms
  • Legitimate HTTP traffic is rejected by IPS without any message on the web browser.

  • SmartView Tracker log shows:

    Protocol: tcp
    Attack: Block HTTP Non Compliant
    Product: IPS Software Blade
    Protection ID: BlockHttpNonProtocolCompliant
    Protection Name: Non Compliant HTTP


  • Kernel debug (fw ctl debug -m WS all) shows:

    ;ws_body_stream_resume: [ERROR]: the filter offset (54) is larger than the stream's length (41);
    ;ws_abs_stream_default_set_reading_context: [ERROR]: couldn't resume the stream;
    ;ws_skip_stream_set_reading_context: [ERROR]: ws_abs_stream_set_reading_context failed;
    ;ws_gzip_stream_set_reading_context: [ERROR]: ws_abs_stream_set_reading_context for original zipped stream failed;
    ;ws_filter_mgr_execute_filter_chain: [ERROR]: set filter context to: CI filter AV, failed;
    ;ws_http_process_body: [ERROR]: failed to execute filter chain;
    ;ws_http_session_server_read: [ERROR]: failed to process body;
    ;ws_policy_get_policy_element: [ERROR]: invalid params;
    ;ws_cpas_read_handler: [ERROR]: ws_policy_container_get_action() failed;
Solution
Note: To view this solution you need to Sign In .