Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Import from m0n0wall breaks pfSense if dashes are in an alias

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    3 Posts 2 Posters 1.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      SteveITS Rebel Alliance
      last edited by

      We just tried to upgrade from m0n0wall 1.33 to pfSense 2.01.  We installed, configured the LAN IP, and restored the m0n0wall configuration file.  We could ping the WAN from pfSense but not from the LAN.

      It turns out, in m0n0wall, "The name of the alias may only consist of the characters a-z, A-Z, 0-9 and '-' (dash)."  pfSense does not allow dashes.  pfSense did do a search/replace on the string "m0n0wall" in the configuration file, however, it did not search/replace the dashes out.  As a result I believe the firewall was not loading and thus NAT/routing was not functioning.

      Unfortunately since we had a few rules with such an alias, and the log file entry did not display the entire error message, it took a long time to figure out.  Eventually we saw a longer partial message that had an extra couple lines referring to an unrecognized macro "$Server-1".  We tried renaming that alias and pfSense kind of ran off the rails, with further attempts to edit that alias displaying a completely different page.

      Eventually we used the Edit File feature to edit /cf/conf/config.xml, search/replace ourselves, and reboot.

      I suggest that pfSense remove dashes or perhaps replace them with a different character when importing aliases.

      Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
      When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
      Upvote 👍 helpful posts!

      1 Reply Last reply Reply Quote 0
      • jimpJ Offline
        jimp Rebel Alliance Developer Netgate
        last edited by

        Can you open a ticket on http://redmine.pfsense.org for that? We do allow "_" in alias names, but not dash (pf doesn't like dashes in table/macro names).

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • S Offline
          SteveITS Rebel Alliance
          last edited by

          Wasn't sure where the bug tracker was, thanks.  Bug 2564.

          Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
          When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
          Upvote 👍 helpful posts!

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.