FIX: The value of the "Bytes received" logging field is incorrect when a request is denied by the HTTP Filter

Article translations Article translations
Article ID: 2608155 - View products that this article applies to.
Expand all | Collapse all

SYMPTOMS

Consider the following scenario:
  • You use Microsoft Forefront Threat Management Gateway (TMG) 2010 to publish an intranet server that uses a web publishing rule.
  • You have configured the HTTP filter properties of this rule to deny requests based on specific criteria. For example, you want to deny all requests that exceed a maximum payload length, such as a payload length of 5,000 bytes.
  • You try to upload a file that exceeds the maximum payload length from an external client to the published web server.
In this scenario, the request is correctly denied. However, when you examine the Bytes Received value that is listed in the web proxy log, the value is approximately double the size of the file that you tried to upload. The correct value should be the size of the file plus additional bytes to include the HTTP headers size.

Note This bug can also be observed by using an ISA server.

CAUSE

This problem occurs because TMG 2010 incorrectly doubles the size of a denied HTTP request in the web proxy logs.

RESOLUTION

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840 Microsoft Forefront Threat Management Gateway 2010 Service Pack 2

STATUS

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

MORE INFORMATION

For more information about the Bytes Received web proxy log field, visit the following TechNet website:
Web proxy log fields

REFERENCES

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

Properties

Article ID: 2608155 - Last Review: October 31, 2011 - Revision: 5.0
APPLIES TO
  • Microsoft Forefront Threat Management Gateway 2010 Enterprise
  • Microsoft Forefront Threat Management Gateway 2010 Standard
Keywords: 
kbfix kbbug kbexpertiseinter kbsurveynew KB2608155

Give Feedback

 

Contact us for more help

Contact us for more help
Connect with Answer Desk for expert help.
Get more support from smallbusiness.support.microsoft.com