Microsoft KB Archive Search

Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

  1. Home
  2. FIX: The value of the "Bytes received" logging field is incorrect when a request is denied by the HTTP Filter

FIX: The value of the "Bytes received" logging field is incorrect when a request is denied by the HTTP Filter

View products that this article applies to.

Symptoms

Consider the following scenario:
  • You use Microsoft Forefront Threat Management Gateway (TMG) 2010 to publish an intranet server that uses a web publishing rule.
  • You have configured the HTTP filter properties of this rule to deny requests based on specific criteria. For example, you want to deny all requests that exceed a maximum payload length, such as a payload length of 5,000 bytes.
  • You try to upload a file that exceeds the maximum payload length from an external client to the published web server.
In this scenario, the request is correctly denied. However, when you examine the Bytes Received value that is listed in the web proxy log, the value is approximately double the size of the file that you tried to upload. The correct value should be the size of the file plus additional bytes to include the HTTP headers size.

Note This bug can also be observed by using an ISA server.

↑ Back to the top

Cause

This problem occurs because TMG 2010 incorrectly doubles the size of a denied HTTP request in the web proxy logs.

↑ Back to the top

Resolution

To resolve this problem, install the service pack that is described in the following Microsoft Knowledge Base article:
2555840  Microsoft Forefront Threat Management Gateway 2010 Service Pack 2

↑ Back to the top

Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top

More Information

For more information about the Bytes Received web proxy log field, visit the following TechNet website:
Web proxy log fields

↑ Back to the top

References

For more information about software update terminology, click the following article number to view the article in the Microsoft Knowledge Base:
824684 Description of the standard terminology that is used to describe Microsoft software updates

↑ Back to the top

Keywords: kbfix, kbbug, kbexpertiseinter, kbsurveynew, kb

↑ Back to the top

Article Info
Article ID : 2608155
Revision : 1
Created on : 1/7/2017
Published on : 10/31/2011
Exists online : False
Views : 369