There were error(s) loading the rules: pfctl: pfctl_rules - The line in question reads [0]:
-
hello everyone, my firewall just recently started spamming messages about not being able to load rules!
(There were error(s) loading the rules: pfctl: pfctl_rules - The line in question reads [0]:) -
Same here
-
Same here. 22.05
Filter ReloadThere were error(s) loading the rules: pfctl: pfctl_rules - The line in question reads [0]: @ 2022-07-08 10:19:55pfBlockerNG and snort are installed
-
Got hit with this over the weekend, resulted in 800 warning emails.
See also this thread.
@jimp Running
# egrep -v '^#|^[[:blank:]]*$' /tmp/rules.debug | sort | uniq -c | grep -v '^ 1 'Results in:
2 table <negate_networks> { 10.8.65.0/24 }How can I diagnose where this duplicated rule comes from? Why does rebooting solves the problem for some days?
-
The duplicate rule thing you mention there was ONE possible cause of ruleset errors during development that was fixed a long time ago. It is NOT the only source of them nor does seeing two table definitions constitute a problem.
There is something else causing a ruleset error in your case that is unrelated to there being two lines for
negate_networks.Most likely the current problem is coming from a package (e.g. pfBlockerNG) but without more information it's hard to say. Usually it would print the failing line in the error message but for some reason it doesn't do that here. So check the system log and see what turns up, and also try manually running
pfctl -vf /tmp/rules.debugand see if it mentions a specific line. If it does, then look in/tmp/rules.debugto find what is on that line.Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
-
@jimp Thanks for the clarification.
I don't have
pfBlockerNG, I'll troubleshoot it once the problem appears again. -
@jimp also experiencing the same problem with 22.05. When inputting the command pfctl -vf /tmp/rules.debug this is what it shows
What do I need to look in /tmp/rules.debug?
Also, these are the only packages installed
-
S SteveITS referenced this topic on
-
Had this problem today, reboot fixed it, and it was first time, but I'm afraid it may return again, when this happened internet connection got broken, so it is serious service interruption.
No pfblockerng installed. Have only OpenVPN client export plugin, nut and watchdog plugins installed.
Version 22.05 -
S stephenw10 referenced this topic on
