Community discussions

MikroTik App
 
muadib
just joined
Topic Author
Posts: 8
Joined: Mon Dec 13, 2010 3:49 pm

Layer 7 - regexp too complex - v5.6

Wed Aug 03, 2011 6:39 pm

Hello,

I have used this wiki to make my QoS: http://wiki.mikrotik.com/wiki/Basic_tra ... _protocols

But after upgrade from 5.5 to 5.6:

> log print
16:37:30 firewall,warning layer7 match failed, regexp too complex (^(.?.?\16\03.*\16\03|.?.?\01\03\01?.*\0B))
16:37:30 firewall,warning layer7 match failed, regexp too complex (^(.?.?\16\03.*\16\03|.?.?\01\03\01?.*\0B))
16:37:33 firewall,warning layer7 match failed, regexp too complex (^(.?.?\16\03.*\16\03|.?.?\01\03\01?.*\0B))
16:37:33 firewall,warning layer7 match failed, regexp too complex (^(.?.?\16\03.*\16\03|.?.?\01\03\01?.*\0B))
16:37:34 firewall,warning layer7 match failed, regexp too complex (^(.?.?\16\03.*\16\03|.?.?\01\03\01?.*\0B))
16:37:34 firewall,warning layer7 match failed, regexp too complex (^(.?.?\16\03.*\16\03|.?.?\01\03\01?.*\0B))
16:37:38 firewall,warning layer7 match failed, regexp too complex (http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\t-\r -~]*(connection:|content-type:|content-length:|date:)|post [\t-\r -~]
* http/[01]\.[019])
16:37:38 firewall,warning layer7 match failed, regexp too complex (http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\t-\r -~]*(connection:|content-type:|content-length:|date:)|post [\t-\r -~]
* http/[01]\.[019])
16:37:38 firewall,warning layer7 match failed, regexp too complex (http/(0\.9|1\.0|1\.1) [1-5][0-9][0-9] [\t-\r -~]*(connection:|content-type:|content-length:|date:)|post [\t-\r -~]
* http/[01]\.[019])

Is anyone getting the same? Any thoughts?

Thanks!
 
User avatar
sergejs
MikroTik Support
MikroTik Support
Posts: 6695
Joined: Thu Mar 31, 2005 3:33 pm
Location: Riga, Latvia
Contact:

Re: Layer 7 - regexp too complex - v5.6

Thu Aug 04, 2011 10:05 am

Please see here,
http://forum.mikrotik.com/viewtopic.php?f=2&t=53945
Regarding the L7 problem:

For some time it was known that some specific layer7 filters in combination with specific traffic may cause router to crash.

We were able to narrow down the problem and introduced a first version of the fix - as soon as specific conditions for possible crash was met firewall will add a log entry to inform about situation and will avoid the crash.

The current "fix" actually contained a bug, so it produces unnecessary log entries.

We are still working on final solution, in fact it is already known that version 5.7 will have more precise fix that will significantly reduce blocked regexps as we narrow the problem even more (thanks to your reports)

Who is online

Users browsing this forum: No registered users and 18 guests