cancel
Showing results for 
Search instead for 
Did you mean: 

Trying to understand where the problem is!!

Hello All

I wonder if I could ask you all for your opion on the errors I'm seeing in my firesvc.log localy. See the extract from the log file below. I have no idea what the GUID type rule name is or how to find this.. Does it mean I have a configuration error within my Network Connection Aware Group?

05/20/2014 07:41:22 ENTCPWRK[1522] ERROR    Clear boot time access protection, no action taken.

05/20/2014 07:47:16 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "d1021552-ddba-48fa-afb2-6e0ef90427c4".

05/20/2014 07:47:16 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "d1021552-ddba-48fa-afb2-6e0ef90427c4".

05/20/2014 07:47:16 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "d1021552-ddba-48fa-afb2-6e0ef90427c4".

05/20/2014 07:47:16 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "d1021552-ddba-48fa-afb2-6e0ef90427c4".

05/20/2014 07:47:44 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "c6b1e76b-24ff-400b-a5eb-0b62cf715960".

05/20/2014 07:47:44 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "c6b1e76b-24ff-400b-a5eb-0b62cf715960".

05/20/2014 07:47:44 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "c6b1e76b-24ff-400b-a5eb-0b62cf715960".

05/20/2014 10:48:00 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "52d8037c-b0ed-4d1c-ac9b-be1fd785f81e".

05/20/2014 10:48:00 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "52d8037c-b0ed-4d1c-ac9b-be1fd785f81e".

05/20/2014 10:48:00 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "52d8037c-b0ed-4d1c-ac9b-be1fd785f81e".

05/20/2014 10:48:00 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "52d8037c-b0ed-4d1c-ac9b-be1fd785f81e".

05/20/2014 10:48:00 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "52d8037c-b0ed-4d1c-ac9b-be1fd785f81e".

05/20/2014 12:48:11 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "7c1fa208-6943-434f-aecf-b332d0a13512".

05/20/2014 14:48:22 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "27ac0834-3166-48d3-ad52-289aa50b70f7".

05/20/2014 14:48:22 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "27ac0834-3166-48d3-ad52-289aa50b70f7".

05/20/2014 14:48:22 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "27ac0834-3166-48d3-ad52-289aa50b70f7".

05/20/2014 14:48:22 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "27ac0834-3166-48d3-ad52-289aa50b70f7".

05/20/2014 14:48:22 FireCore.cpp[5003] ERROR    (3468) fillLogMessage() - failed to find the jump rule's group in the policy data. Will log the traffic event using the name of jump rule "27ac0834-3166-48d3-ad52-289aa50b70f7".

Again thanks in advanced..

1 Reply
McAfee Employee
McAfee Employee
Report Inappropriate Content
Message 2 of 2

Re: Trying to understand where the problem is!!

My guess is probably a corrupt ruleset on the client. 

Try:

1. Switch the HIPS policies (specifically the Firewall Rule policy) to "McAfee Default" and see if these errors continue.  This might point to a policy issue.

2. If the issue still occurs with the default policies, remove/reboot/reinstall the HIPS client.  It might be a client-side issue, that maybe a reinstall resolves.

KB73127 - MSIEXEC Uninstallation Commands for Host IntrusionPrevention 7.0 / 8.0

https://kc.mcafee.com/corporate/index?page=content&id=KB73127