WF-500 - Issues with special characters in the filenames

WF-500 - Issues with special characters in the filenames

529
Created On 11/10/22 17:11 PM - Last Modified 01/29/26 10:16 AM


Symptom


The firewall gets response code: 500 from WF-500 when the filename contains a special character. 

There is a 500 error code which caused the file count to be bigger than the limit in the firewall. And, the firewall canceled the uploads to WF-500 because of the concurrent file limit PRIV.

 

2022-10-18 15:26:29.986 +0100 debug: pan_fbd_fwd_msg_process(pan_fbd_fwd.c:7444): Get upload response 500 in handlers[4] for fbfile Despacho n.º 3069-2012.pdf.
2022-10-18 15:26:29.986 +0100 debug: pan_fbd_cloud_post_upload_file(pan_fbd_fwd.c:5056): cloud response code: 500, curl return No error
2022-10-18 15:26:29.986 +0100 Error:  pan_fbd_cloud_post_upload_file(pan_fbd_fwd.c:5080): upload curl return No error and cloud response code: 500
2022-10-18 15:26:29.986 +0100 debug: pan_fbd_fwd_get_srczone_by_id(pan_fbd_fwd.c:2901): Before Strip namebuf = vsys1+Internet
2022-10-18 15:26:29.986 +0100 debug: pan_fbd_fwd_get_srczone_by_id(pan_fbd_fwd.c:2904): After Strip namebuf = Internet
2022-10-18 15:26:29.986 +0100 Error:  pan_fbd_cloud_post_upload_file(pan_fbd_fwd.c:5147): pan_fbd_cloud_upload error response code 500
2022-10-18 15:26:29.986 +0100 debug: pan_fbd_fwd_single_curl_fail_handler(pan_fbd_fwd.c:385): Private Cloud fwd handlers[4] conn fail. Reset conn in progress...
2022-10-18 15:26:29.989 +0100 debug: pan_fbd_set_ssl_curl_ctx(pan_fbd_fwd.c:3523): Use orig client cert
2022-10-18 15:26:30.717 +0100 debug: pan_fbd_fmg_quota_process(pan_fbd_fmg.c:1051): concurrent file cnt: 1572447611 (total), 1572447611 (channel) is bigger than the limit: 1572864000 (global), 1572864000 (channel)
2022-10-18 15:26:30.717 +0100 debug: pan_fbd_fmg_cancel_file(pan_fbd_fmg.c:687): File cancelled before file end and not a duplicate. Session: 3201319, Filename: RST-Decreto Regulamentar 22-A-98.pdf, File_type: pdf, , (Partial) SHA256: 05793e24764dc6ba41b849f3df712dd81f678635406e34dc7da6c14beb371d51.
2022-10-18 15:26:30.717 +0100 debug: pan_fbd_fmg_session_end_fbfile(pan_fbd_fmg.c:3191): No post-precessing is done for session 3201319 of pdf type.
2022-10-18 15:26:30.717 +0100 debug: pan_fbd_fmg_session_end_fbfile(pan_fbd_fmg.c:3202): Destructed session 3201319 as fbfile ends.


Environment


WF-500
PanOS 10.2.x

Cause


WF-500 does not handle special characters in the filename well while processing. Some of these special characters are alphabets from different European languages. Samples of the some filenames are shown below.

 

fbfile CÓDIGO DA ESTRADA 147.2.pdf
NE_Nº 3_DNB_2014.pdf
MAIORES 65 ANOS - CONDUÇÃO MOBILIDADE E SEGURANÇA.pdf
F306 - Identificação de Condutor.docx
F305 - Apresentação de Defesa.docx

 

The detail log entries can be found as below.

 

mp        varrcvr.log                        2022-10-18 15:26:41   2022-10-18 15:26:41.004 +0100 debug: pan_fbd_fwd_msg_process(pan_fbd_fwd.c:7444): Get upload response 500 in handlers[12] for fbfile CÓDIGO DA ESTRADA 147.2.pdf.
mp        varrcvr.log                        2022-10-18 15:26:53   2022-10-18 15:26:53.033 +0100 debug: pan_fbd_fwd_msg_process(pan_fbd_fwd.c:7444): Get upload response 500 in handlers[1] for fbfile NE_Nº 3_DNB_2014.pdf.
mp        varrcvr.log                        2022-10-18 15:27:04   2022-10-18 15:27:04.043 +0100 debug: pan_fbd_fwd_msg_process(pan_fbd_fwd.c:7444): Get upload response 500 in handlers[5] for fbfile MAIORES 65 ANOS - CONDUÇÃO MOBILIDADE E SEGURANÇA.pdf.
mp        varrcvr.log                        2022-10-18 15:27:15   2022-10-18 15:27:15.058 +0100 debug: pan_fbd_fwd_msg_process(pan_fbd_fwd.c:7444): Get upload response 500 in handlers[14] for fbfile Ata n.º 4 - AT - 30-04-2022 - CDOS Castelo Branco_signed_signe.
mp        varrcvr.log                        2022-10-18 15:27:26   2022-10-18 15:27:26.077 +0100 debug: pan_fbd_fwd_msg_process(pan_fbd_fwd.c:7444): Get upload response 500 in handlers[11] for fbfile F306 - Identificação de Condutor.docx.
mp        varrcvr.log                        2022-10-18 15:27:26   2022-10-18 15:27:26.080 +0100 debug: pan_fbd_fwd_msg_process(pan_fbd_fwd.c:7444): Get upload response 500 in handlers[10] for fbfile F305 - Apresentação de Defesa.docx.


 

Resolution


Downgrade to 10.1 maintenance release.
Target Fixed Version: 10.2.5 and 11.0.1
 

Additional Information


From the varrcvr.log, the 500 error code is also causing an infinite loop between the cloud and varrcvr since there is no logic of handling error code 500 from varrcvr. It would keep trying to re-upload the file to the cloud and gets a 500 error code again.
 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000sZsfCAE&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail