Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    unknown port b

    Scheduled Pinned Locked Moved Firewalling
    6 Posts 3 Posters 901 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C Offline
      cpsintl
      last edited by

      Hello

      I have just freshly installed pfsense on a reasonably good hardware (i7 processor with 16GB RAM, zfs mirror, 32GB Swap (unnecessary, I know, couldn't resist :D)). And I am constantly receiving this error

      There were error(s) loading the rules: /tmp/rules.debug:101: unknown port b - The line in question reads [101]: block in log quick proto tcp from <sshguard> to (self) port b tracker 1000000301 label "sshguard"
      @ 2018-11-01 14:32:35

      My system details
      Version:
      2.4.4-RELEASE (amd64)
      built on Thu Sep 20 09:03:12 EDT 2018
      FreeBSD 11.2-RELEASE-p3

      Google search indicated people had good result when they changed Firewall Maximum Table Entries size to 400000, but I have not had much luck even after multiplying that to quite extreme (and not sure why should that have any effect whatsoever). The offending rule in question from /tmp/rules.debug reads

      # SSH lockout
      block in log quick proto tcp from <sshguard> to (self) port b tracker 1000000301 label "sshguard"

      this looks very much like a rule generation script hiccup than table entry size issue. Would appreciate if someone could please suggest a solution, or anything I can try out for testing

      Thanks and regards
      SK

      1 Reply Last reply Reply Quote 0
      • johnpozJ Offline
        johnpoz LAYER 8 Global Moderator
        last edited by johnpoz

        No idea where the b came from the rule would look like this

        [2.4.4-RELEASE][root@sg4860.local.lan]/: pfctl -sr | grep sshguard
block drop in quick proto tcp from <sshguard> to (self) port = ssh label "sshguard"
[2.4.4-RELEASE][root@sg4860.local.lan]/:

        Or if you want to view it in the debug file

        [2.4.4-RELEASE][root@sg4860.local.lan]/: cat /tmp/rules.debug | grep sshguard
table <sshguard> persist
block in  quick proto tcp from <sshguard> to (self) port 22 tracker 1000000301 label "sshguard"
[2.4.4-RELEASE][root@sg4860.local.lan]/:

        Did you put a "b" in for the port of your ssh server? I wouldn't think that would be allowed ;)

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

        1 Reply Last reply Reply Quote 0
        • C Offline
          cpsintl
          last edited by

          Thank you for your response.

          Yes, I know how it should look like, and I did change it (manually, over ssh). But every time the system reloads/restarts/regenerates the rules it is broken again. As you may very well understand, it is not always practical to try and fix it over ssh -- so trying to figure out if this is a big and should wait for a fix, or write a cron job to periodically check and update/delete that line.

          Thanks and regards.
          SK

          1 Reply Last reply Reply Quote 0
          • johnpozJ Offline
            johnpoz LAYER 8 Global Moderator
            last edited by

            Not sure where that gets parsed from.. But something corrupted would be my guess.. Your not running any packages?

            An intelligent man is sometimes forced to be drunk to spend time with his fools
            If you get confused: Listen to the Music Play
            Please don't Chat/PM me for help, unless mod related
            SG-4860 25.07.1 | Lab VMs 2.8, 25.07.1

            1 Reply Last reply Reply Quote 0
            • jimpJ Offline
              jimp Rebel Alliance Developer Netgate
              last edited by

              That's a known bug in the ssh settings. It's fixed on 2.4.5 snapshots and will be in 2.4.4-p1

              https://redmine.pfsense.org/issues/8974

              You can apply the commits from that issue with the system patches package in the meantime.

              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

              Need help fast? Netgate Global Support!

              Do not Chat/PM for help!

              1 Reply Last reply Reply Quote 0
              • C Offline
                cpsintl
                last edited by

                Thanks jimp, that makes sense. I will try the patch and hope it will go alright.

                Regards
                SK

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.