ProxySG is intercepting SOCKS protocol and SOCKS traffic is no problem.
But the SOCKS's accesslog is indicating many FAILED log in s-action fields per 5 seconds.
The load balancer's health check of tcp 3 way hand shake is no problem.
Why ProxySG treat as FAILED the load balancer's health check traffic?
Release : SGOS6.7.x.x
Component : accesslog
ProxySG not classify normal SOCKS traffic and health check traffic.
The health check traffic is finished when the tcp 3 way hand shake successfully finish but ProxySG wait next SOCKS traffic so ProxySG thought that traffic unexpectedly finish.
ProxySG is able to disable to write specific traffic for accesslog by policy in web access layer.
define condition __PROTO_1
end condition __PROTO_1
;; Tab: [Web Access Layer (1)]
client.address=XXX.XXX.XXX.XXX/32 condition=__PROTO_1 access_log(no) ; Rule 1
The XXX.XXX.XXX.XXX is load balancer IP address.