cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Former Member
Not applicable
Report Inappropriate Content
Message 1 of 4

Not getting any firewall rules - HIPS 8.0 and EPO 4.5

Anyone else seen this?

The HIPS 8.0 is installed via EPO 4.5. I get the Rules once, after updating policy all created rules are gone.

Any ideas?

Log FireSvc:

07/08/2013 07:27:36 Policy.cpp[912] ERROR    (2456) handleClickTimeout_2() - failed to find group with client id = "fca6ddf3-88f5-47bb-9a60-492f73467bf4" for jump rule = "Dynajump".

07/08/2013 07:27:36 Policy.cpp[810] ERROR    (2456) handleClickTimeout() - failed to eval click timeout for rule = "Dynajump".

07/08/2013 07:27:36 PolicyMgr.cpp[288] ERROR    (2456) buildPolicyFw() - failed to build firewall policy.

07/08/2013 07:27:36 FireCore.cpp[1217] ERROR    (2456) buildPolicyFw() - failed to build the firewall policy.

07/08/2013 07:27:36 FireCorePlugin.cpp[165] ERROR    (2456) hipfc_SetFwPolicy() - Failed to build firewall policy.

07/08/2013 07:27:36 CCONFIG[946] ERROR    sendFWRulesToKernel() - failed to build firewall policy.

07/08/2013 07:27:36 FireCore.cpp[840] ERROR    (2456) enablePolicyType( true ) - called before a policy has been set.

07/08/2013 07:27:36 FireCorePlugin.cpp[146] ERROR    (2456) hipfc_Enable() - Failed to enable FireCore.

07/08/2013 07:27:36 CCONFIG[982] ERROR    sendFWRulesToKernel() - failed to enable firewall policy in FireCore.

Log FireUI:

07/08/2013 07:39:48 Policy.cpp[912] ERROR    (3940) handleClickTimeout_2() - failed to find group with client id = "0d8042ca-2277-439e-b6e7-7ce830ff3dc0" for jump rule = "Dynajump".

07/08/2013 07:39:48 Policy.cpp[810] ERROR    (3940) handleClickTimeout() - failed to eval click timeout for rule = "Dynajump".

07/08/2013 07:39:48 PolicyMgr.cpp[288] ERROR    (3940) buildPolicyFw() - failed to build firewall policy.

07/08/2013 07:39:48 FireCore.cpp[1374] ERROR    (3940) buildPolicyFw_Runtime() - failed to build the firewall policy.

07/08/2013 07:39:48 FireCorePlugin.cpp[187] ERROR    (3940) hipfc_BuildPolicyFw_Runtime() - Failed to build the firewall runtime policy.

07/08/2013 07:39:48 FirewallRule80.cpp[9804] ERROR    (3940) getAllAggrMatches() - failed to find aggr match with client id = FW-Regeln::Settings (BC9CDC17-21C9-4417-A847-FC53E603AEE3). Will continue processing the rule's other aggr match refs.

Log: HipMgtPlugin

07/08/2013 07:32:22 POUtility.cpp[1118] ALERT    (3108) handleNewSettings() - updated log level to "Error".

07/08/2013 07:32:22 POUtility.cpp[1118] ALERT    (4400) handleNewSettings() - updated log level to "Error".

07/08/2013 07:32:22 POUtility.cpp[1118] ALERT    (3108) POPLUGIN_InitializeW() - updated log level to "Error".

07/08/2013 07:32:25 POUtility.cpp[1118] ALERT    (3108) POPLUGIN_GetPropertiesW() - updated log level to "Error".

07/08/2013 07:32:32 POUtility.cpp[1118] ALERT    (3100) POPLUGIN_EnforcePolicyObject() - updated log level to "Error".

07/08/2013 07:32:32 polBaseFwRules.cpp[781] ERROR    ImportRuleSequence() - found multiple sequences with no owner rule ids.

07/08/2013 07:32:32 PolicyObject.cpp[75] ERROR    FireCore_FW_Rules::internalImport() failed importing setting name = "FW-Regeln::Settings (7DF8CE68-4CC9-4DF2-B3AA-C76CAA4DBD9A)". err = -11984.

07/08/2013 07:32:32 Policy.cpp[600] ERROR    FireCore_FW_Rules::Import() failed. err = -11984.

07/08/2013 07:32:32 POUtility.cpp[149] ERROR    Error code: -11984

07/08/2013 07:32:33 polBaseFwRules.cpp[1282] ERROR    (3100) processSequence() - failed to find the CFirewallRule wrapper instance for rule with svr GUID = "beab359b-31e6-4ef8-9386-1773f1ee2f66". This can mean the rule wasn't present in the data received from CMA.

07/08/2013 07:32:33 polBaseFwRules.cpp[1443] ERROR    (3100) processSequence() - failed to populate group sequence for group "ePolicy Orchestrator Server".

07/08/2013 07:32:33 polBaseFwRules.cpp[1110] ERROR    (3100) Export() - failed to process root sequence.

07/08/2013 07:32:33 Policy.cpp[638] ERROR    FireCore_FW_Rules::Export() failed. err = -11989.

07/08/2013 07:32:33 POUtility.cpp[149] ERROR    Error code: -11989

07/08/2013 07:32:33 polFwRules.cpp[261] ERROR    (3100) mergeClickTimeout_2() - failed to find group with client id = "0d8042ca-2277-439e-b6e7-7ce830ff3dc0" for jump rule = "899bfb0c-6694-4d72-95d8-17e2b630256e".

07/08/2013 07:32:33 polFwRules.cpp[187] ERROR    (3100) mergeClickTimeout() - failed to eval click timeout for rule = "899bfb0c-6694-4d72-95d8-17e2b630256e".

07/08/2013 07:32:33 polFwRules.cpp[127] ERROR    (3100) internalMerge() - failed to merge the old click timeout data into the new firewall policy data.

07/08/2013 07:32:33 Policy.cpp[853] ERROR    (3100) FireCore_FW_Rules::Merge() failed. err = -11989.

07/08/2013 07:32:33 POUtility.cpp[149] ERROR    Error code: -11989

07/08/2013 07:32:33 Policy.cpp[1518] ERROR    (3100) Policy::handlePolicySettings() - unknown policy type = "General".

Nachricht geändert durch br1 on 08.07.13 01:43:17 CDT
3 Replies
greatscott
Level 12
Report Inappropriate Content
Message 2 of 4

Re: Not getting any firewall rules - HIPS 8.0 and EPO 4.5

Maybe try reinstalling the McAfee Agent. There seem to be errors referencing that GUID in the log file, which would indicate a potential issue with the Agent.

Former Member
Not applicable
Report Inappropriate Content
Message 3 of 4

Re: Not getting any firewall rules - HIPS 8.0 and EPO 4.5

Tried to reinstall, Windows, latest Agent/HIPS. Same issue.

Former Member
Not applicable
Report Inappropriate Content
Message 4 of 4

Re: Not getting any firewall rules - HIPS 8.0 and EPO 4.5

The Group looks like an AD Group SID? I think this is the main issue.

07/08/2013 07:27:36 Policy.cpp[912] ERROR    (2456) handleClickTimeout_2() - failed to find group with client id = "fca6ddf3-88f5-47bb-9a60-492f73467bf4" for jump rule = "Dynajump".

You Deserve an Award
Don't forget, when your helpful posts earn a kudos or get accepted as a solution you can unlock perks and badges. Those aren't the only badges, either. How many can you collect? Click here to learn more.

Community Help Hub

    New to the forums or need help finding your way around the forums? There's a whole hub of community resources to help you.

  • Find Forum FAQs
  • Learn How to Earn Badges
  • Ask for Help
Go to Community Help

Join the Community

    Thousands of customers use the McAfee Community for peer-to-peer and expert product support. Enjoy these benefits with a free membership:

  • Get helpful solutions from McAfee experts.
  • Stay connected to product conversations that matter to you.
  • Participate in product groups led by McAfee employees.
Join the Community
Join the Community