Can not delete alias

xbipin

i am having this issue of unable to delete an empty alias, when i try to delete it, it keeps saying, cannot delete rule, currently in use by dns pass where as i have no rules currently using that alias and no hosts in that alias even.

******UPDATE **********
The only way i could get rid of it was to rename the alias to something else then delete it so seems like a bug i guess

cmb

What is the rule you labeled "dns pass" using? Looks like from your screenshot maybe it's not matching specifically enough, but I created similarly named aliases and didn't see any problems.

xbipin

there is no such rule ever i created called dns pass nor is there anything at all called dns pass, no idea y but i always had this issue of not being able to delete alias groups untill i rename them and then delete it.

jimp

Sure it isn't used in a NAT rule or firewall rule?

Perhaps it's used on a rule that is on an interface that is inactive/deleted (IPsec, pptp, openvpn, etc)

xbipin

i never had a dns pass rule or anything named by that ever till date since 1.2.3, i never used any other interface nor ever tired to configure pptp, ipsec or openvpn ever coz most i have no experience with nor did i ever get curios enough to test it out. just have one lan, one wan and one opt and wan is pppoe, thats about it, using the same since 1.2.3, i always though that pfsense was using something inside itself called dns pass.

jimp

If you download a backup of your config, is there anything in there with that label?

xbipin

as a matter of fact it shows this

        <rule><type>pass</type>
            <max-src-nodes><max-src-states><statetimeout><statetype>keep state</statetype>
            <os><protocol>tcp/udp</protocol>
            <source>

<address>3rdfloor23</address>

            <destination><any><port>53</port></any></destination></os></statetimeout></max-src-states></max-src-nodes></rule> 

xbipin

it seems there r many such entries which never show up in the gui

jimp

The rule has no interface, which means it was associated with an interface that is no longer present on your system. As I said before it could be IPsec, PPTP, OpenVPN, the PPPoE server, etc.

We may need to delete those rules instead of leaving them orphaned in the XML. If the interface association is lost there's no way to get back to them in the GUI.

xbipin

i have deleted them and corrected a lot more xml coz i have been using this config since 1.2.3 but only upgraded to 2.0 when upgrade kept things functional.
i guess ill have to sit and setup a new system from scratch just to make sure such orphaned xml is not present which affects other functionality as well. i wish there is a utility to fix such messed up xml config or at least correct it.

jimp

There is no utility, but I suppose it might be possible to whip up a GUI tab to at least list/delete orphaned rules if we don't just delete them.

xbipin

bytheway i also get this on boot in the recent snaps

Configuring CRON…No matching processes were found
done.

jimp

That looks familiar, like there is already a ticket or thread about it. Either way it's a separate problem so I'd search on that error and start a new thread to see if anyone else gets it.

jimp

I opened a ticket for the alias (really a rule) bug.

http://redmine.pfsense.org/issues/906