4. There were error(s) loading the rule

There were error(s) loading the rule

  • A

    Hi Guys,

    I have been having this problem for quite some time, but unable to figure out the nature of the problem.

    If anyone could help it would be greatly appreciated...

    There were error(s) loading the rules: /tmp/rules.debug:34: could not parse host specification - The line in question reads [34]: table <app_link_live_com> { fukui-6180.herokussl.com./32 }

    0

  • I have the same problem.
    http://fukui-6180.herokussl.com can not be resolved.
    So it stays non-resolved in the table and the firewall 'pf' yells at you because it only accepts IP's, not URL's.

    0
  • Netgate Administrator

    Indeed that is not resolvable. You should remove it from the alias.

    Though it should not end up in the ruleset if it's unresolvable...

    Steve

    0
    A
     1 Reply
  • A

    @stephenw10
    Thanks for Stephenw10 for your feedback.. Really appreciate you taking your time to respond to my inquiry.

    Looks like the Alias was created by the system due to a conflict in DNS lookup.

    Alias "Description" States:
    Created from Diagnostics-> DNS Lookup

    I was thinking about removing this, but wonder whether there's any impact on the system?

    Of course, I'll back it up before removing, but wanted to note I have 28 units connected through this firewall, hence, the outage can be catastrophic I'm afraid.... Hence, the reason for being chicken shit to make these changes....

    Why the hell is my Diagnostic System creating this anyways....
    Any Thoughts......

    Thanks again for taking the time to respond to my query.

    0
  • Netgate Administrator

    An alias with the description has been created by hitting the button in Diag > DNS Lookup after running the lookup:

    Selection_758.png

    It could have been a mis-click perhaps?
    I'm not aware of any system process that would add an alias like that automatically.

    If it's not in use in any firewall rules then remove it. A risk there is that the actual running ruleset may be different to the generated ruleset. It will not have been updated since that error was introduced. Resolving the error will update the running ruleset with all the changes that may have been made since then.
    However a bigger risk IMO is that if you're forced to reboot with a bad ruleset you may end up with not rules loaded at all.

    Steve

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy