Filter reload locked status , the new rules do not apply



  • Hello everyone and thanks in advance, try to briefly explain my problem
    I had the brilliant idea to upgrade the only 2 package found in recent days on a firewall pfsense Version 2.0.1-RELEASE (i386) (I know you know is 5 years old but it was fine and we never thought to update it) ( lightsquid and squid), for the first seems no problem for the second one from there began the odyssey
    After upgrading I noticed that the package version was no longer supported by the version of FW, tried to remove and replace but nothing
    Now I got to the situation where I have the FW functioning with all its old conf but without packages (making a backup and restore by selecting the option not to backup the package of information) … but the problem is when I try to add new rules to the firewall that does not care and do not apply because I find in filter reload status that is locked with the error "checking for nat pf hooks in package /usr/local/pkg/lightsquid.inc" as if he still below something lightsquid which instead is not present
    If I try to SSH with /etc/rc.filter_configure_sync command gives me the error "Parse error: syntax error, unexpected ':' in /usr/local/pkg/lightsquid.inc on line 455," and then it is as if He never came to recharge the rules
    The same error on line 455 from me even if I try to re-install the package lightsquid
    This I see the offending line

    if (get_pkg_id("squid") !== -1) {
          if (is_array($config['installedpackages']['squidnac']['config'])) {

    $ext_cachemanager = ($config['installedpackages']['squidnac']['config'][0]['ext_cachemanager'] ?: "");

    } else {
            $ext_cachemanager = "";
          }

    The only solution to remedy the problem at the moment is to add the rule in question , making backup and restore without the packages and to restart everything works perfectly
    I note also that after work if reboot is in crisis with the same error above and I have to start from scratch

    Anyone has any ideas , I tried searching online but I find little, it seems that not making up the package is taken by default lightsquid something that sends him into crisis , I try the second FW to update to the latest 2.0.x version see if anything changes

    Thank you


  • Rebel Alliance Developer Netgate

    Remove all of the package files in /usr/local/pkg/ from squid and its related packages (squid, lightsquid, and squidguard if you have it).

    The following command may suffice:

    rm /usr/local/pkg/*squid*
    

    You really need to upgrade to a supported version ASAP. 2.0.x is vulnerable to a large number of security issues that have been fixed over the years, and staying on such an older version is doing yourself a disservice.



  • Thanks a lot, problem solved…
    Now i can upgrade firmware on backup firewall and try to restore configuration


Log in to reply