Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Firewall Error Loading Rules

    Firewalling
    2
    2
    113
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • T
      tompark
      last edited by

      Hi Ladies and Gents,

      I have a strange issue which prevented me from pinging or using PFSense as a DNS Server. I have a VPN which is connected to a dedicated cloud hosted server using OpenVPN. When I create a rule for allow any to any within the Firewall (local network) under OpenVPN and use Aliases to restrict traffic then I get lots of the following errors;

      There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
      @ 2020-08-06 20:07:26
      There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
      @ 2020-08-06 20:07:34
      There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
      @ 2020-08-06 20:07:38
      There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
      @ 2020-08-06 20:07:42
      There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
      @ 2020-08-06 20:07:48
      There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
      @ 2020-08-06 20:07:53

      When these errors are showing in the notifications icon I am not able to ping the Firewall nor am I able to access web sites.

      When I remove the rule and replace it with a any any rule everything starts working again.

      Has anyone seen this before?

      PFSense Version 2.4.5-RELEASE

      Regards,
      Tom

      1 Reply Last reply Reply Quote 0
      • H
        heper
        last edited by

        i'm guessing somehow the alias is corrupted. illegal characters in the name or the content of the alias that aren't handled/catched by the gui

        remove the alias, create a new one, try to find the problem

        1 Reply Last reply Reply Quote 0
        • First post
          Last post