Filters keep reloading.
-
My filters seems to keep reloading all of the time.
Feb 15 21:37:20 php: : filter_generate_address: is not a valid source port. Feb 15 21:37:20 php: : filter_generate_address: is not a valid source port. Feb 15 21:37:13 check_reload_status: Reloading filter Feb 15 21:35:32 check_reload_status: Syncing firewall Feb 15 21:34:39 php: : filter_generate_address: is not a valid source port. Feb 15 21:34:39 php: : filter_generate_address: is not a valid source port. Feb 15 21:34:32 check_reload_status: Reloading filter Feb 15 21:34:29 check_reload_status: Syncing firewall Feb 15 21:33:38 php: : filter_generate_address: is not a valid source port. Feb 15 21:33:38 php: : filter_generate_address: is not a valid source port. Feb 15 21:33:22 check_reload_status: Reloading filter Feb 15 21:32:32 check_reload_status: Syncing firewall Feb 15 21:31:44 php: : filter_generate_address: is not a valid source port. Feb 15 21:31:44 php: : filter_generate_address: is not a valid source port. Feb 15 21:31:23 check_reload_status: Reloading filter Feb 15 21:31:20 check_reload_status: Syncing firewall Feb 15 21:30:39 php: : filter_generate_address: is not a valid source port. Feb 15 21:30:39 php: : filter_generate_address: is not a valid source port. Feb 15 21:30:24 check_reload_status: Reloading filter Feb 15 21:30:16 check_reload_status: Syncing firewall
I've checked all aliases and all the NAT and firewall without finding anything that looks like a problem.
Does anyone ha a suggestion on what to look for?
Oh, and if it's normal behavior… let me know gently ;) -
You have a rule That has a problem.
You need to find What rule and Fix.
run /tmp/rules.debug to try to find out What is wrong.
-
you have a rule somewhere that has something defined as the source port that doesn't exist. My guess is you used an alias there and then deleted the alias. Whether that's triggering the filter reloads though I'm not sure. I would find and fix it regardless and see if that continues.
-
Thank you both.
It was useful to have a look in /tmp/rules.debug
I think i probably read the thing about twenty times before I noticed that two user rules where missing the target ports.There was two NAT-rules where I had missed to fill in the value of Redirect target port in the NAT-rule.
However, the rules seems to have been working anyway.I'll keep an eye on the log to see if the problem has gone away. At the moment it looks like it.
Thanks again, it's really appreciated. :D
-
Hello,
Just wanted to add my experience to the topic as it shows up in google.
I was also seeing the "php: : filter_generate_address: is not a valid source port" message in my system log for 2.0.1-RELEASE (i386)
I found that I was getting the error for each NAT rule that covered a port range forwarding. Creating an alias for the port ranges and updating the NAT rules stopped the message from being logged.