cancel
Showing results for 
Search instead for 
Did you mean: 
execnight
Level 7

Time Quota Problems

Hello,

We are experiencing a new issue with Mcafee Web Gateway 7.0.2..

Users are complaining that their quota is exceeding rapidly even when they don't use their quota at all. Also some users complain that they start the day with 0 quota time. And can't use it at all.

For testing, we have disabled all time quota rules. And re enabled them after 2 weeks. We had no complaints, but now 10 days have passed and the problem is building up again. We recieved complaints from 1 user first, after a week. Now 3 users are complaining. And this will probably again build up to the situation where everybody is going to be complaining again.

I couldn't find any information about Web Gateway 7 time quota settings. Cache files, how it is stored, where it is, how does the system actually work? I think this shouldn't be such a big secret also. Can't solve anything when we don't know how the system is actually working. Which files, and partition these system files are kept etc..

Also how do i reset someone's time quota, or clear this cache totally for everybody? is this impossible? And if so why?

Thanks in advance,

0 Kudos
9 Replies
execnight
Level 7

Re: Time Quota Problems

Opened case,

Problem seems to be generating from the cluster topology. Stopped MWG services

/etc/init.d/mwg stop

Deleted files

/opt/mwg/plugin/data/quota/quota.db

Started services

/etc/init.d/mwg start

Verified db files are generated anew. Issue seems to be solved. Testing in production.

Thanks.

0 Kudos
tayboy
Level 7

Re: Time Quota Problems

Hi ExecNight,

I'm having the same issue.  I have around 2500 users running through our MWG.  2 of them running in a HA.  We're on 7.1.0 and all has been running just fine until now.  We have a buildup of around 30 users of which the quotas throughout the day completely disappears.  If i test with a dummy user all is fine.  Nightmare.

I'm not really a linux guy but can you tell me your process on how to get the DB flushed.  did you use putty, if so what commands.

Many thanks

0 Kudos
sharpers
Level 7

Re: Time Quota Problems

Hi,

this is a known bug and has been fixed for MWG 7.2.0. To reset the quotas please log in into every MWG appliance and do following steps:

- First stop MWG on all appliances with following command:

               /etc/init.d/mwg stop

- After stopping MWG on all applicances log in with ssh into every applicance and do following steps:

          - Delete the quota databases with command:

                    rm -rf /opt/mwg/plugin/data/quota/*.db

          - Start again MWG services with command:

                    /etc/init.d/mwg start

Regards

tayboy
Level 7

Re: Time Quota Problems

Hi Shapers, many thanks for your reply in this matter...

i tried the stopping of service on only one appliance last night and recreated the db, started the service back up and quota policy's do not apply at all now.

one this i didn't do is recreate on both appliances and i also only used rm quotas.db and not rm -rt quotas.db to delete the file.  do i need to use the rm -rt.

its woth noting that all our traffic goes out through the master appliance but the appliances are still in a HA.  would this still mean i need to recreate the quota.db still on both appliances.

Many thanks for your help on this

0 Kudos
sharpers
Level 7

Re: Time Quota Problems

Hi,

It's important to stop MWG on all appliances first. After stopping you can delete the quota databases with the command :

     rm /opt/mwg/plugin/data/quota/*.db

You don't need the options -rf . There are 2 databases for quotas: quotas.db and diffquotas.db

You also can execute following commands:

     rm /opt/mwg/plugin/data/quota/quotas.db

     rm /opt/mwg/plugin/data/quota/diffquotas.db

Both databases have to be deleted, before starting again MWG. If this problem still occurs , please try to increase the

interval setting for quota synchronisation. For example set this setting to 1 day for sending updates and sending full updates.

You can do this with followin steps:

- Log in into Konfigurator

- Select Configuration->Appliances

- For every appliance do following steps:

     - Select Coaching

     - Set setting 'Interval for sending updates between runtime group nodes' to 86400 (= 1 day).

     - Set setting 'Interval for sending full updates between runtime group nodes' to 86400 (= 1 day).

     - Save changes.

Regards

0 Kudos
tayboy
Level 7

Re: Time Quota Problems

Great stuff.... I'll give this a go and report back with my progress.

Thanks again

0 Kudos
execnight
Level 7

Re: Time Quota Problems

Hey tayboy,

I did exactly what sharpers said. Including increasing Update Intervals through coaching to extreme numbers.

There is a problem with quota.db syncronization between nodes, and as he said seems they will be fixing it.

0 Kudos
tayboy
Level 7

Re: Time Quota Problems

Great news guys! My db's are completely refreshed and all is working.  I'm holding back for now on the upgrade to the appliances but this quick fix will do for now.  (going to test the upgrade in a virtual environment)

Thanks again guys for the info.  This will close alot of our service desk calls

Many thanks

James Taylor

0 Kudos
kbolt
Level 10

Re: Time Quota Problems

Is there anyway to automate this deletion of the quota.db file? Or to set it so that the quota auto resets at a specific time?

0 Kudos