Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    BUG: 1.2.1-RC2 - Logs full of PHP errors when rules updated

    Scheduled Pinned Locked Moved 1.2.1-RC Snapshot Feedback and Problems-RETIRED
    7 Posts 4 Posters 3.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      cwadge
      last edited by

      On build 1.2.1-RC2 built on Fri Nov 7 10:06:44 EST 2008, a change in the ruleset triggers log flooding with PHP errors such as follows, one per rule:

      php: : The command '/sbin/ipfw -f add 38 set 9 allow ip from 192.168.25.0/24 to any in recv re0 ' returned exit code '69', the output was 'ipfw: getsockopt(IP_FW_ADD): Protocol not available'

      Additionally, new rules which were not pre-existing are never applied at the FW level, though the GUI reflects that they were.

      1 Reply Last reply Reply Quote 0
      • T
        t3rmin
        last edited by

        Looking at the CVS commits, I think they just added some debugging to that effect.

        1 Reply Last reply Reply Quote 0
        • S
          sullrich
          last edited by

          http://forum.pfsense.org/index.php/topic,12493.0.html

          1 Reply Last reply Reply Quote 0
          • C
            cmb
            last edited by

            What you're seeing is cosmetic, though I'm not sure how you would get an ipfw rule like that trying to load when ipfw isn't loaded. That isn't related to any of your firewall rules, as none of those are ipfw. You using captive portal or time based rules?

            There are likely extraneous commands being run that will be cleaned up with time, though 1.2.1 has no known problems and fixes several issues in 1.2, so we're moving ahead with the 1.2.1 release without cleaning up all of this stuff. The logging was primarily to fix a couple bugs that have been resolved.

            1 Reply Last reply Reply Quote 0
            • C
              cwadge
              last edited by

              @cmb:

              You using captive portal or time based rules?

              Neither, though this box is using load balanced pools.

              1 Reply Last reply Reply Quote 0
              • C
                cmb
                last edited by

                Found the cause, the load balancer tries to add ipfw rules even in scenarios where they aren't needed. That won't hurt anything though, opened a ticket to come back and resolve later.

                1 Reply Last reply Reply Quote 0
                • C
                  cwadge
                  last edited by

                  Thanks for creating the ticket on that. As for the new PAT rules not acting as expected, it seems to be working again in 1.2.1-RC2 Sun Nov 9 09:51:34 EST 2008, though looking at CVS, I can't figure out why.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.