Firewall Error Loading Rules

tompark

Hi Ladies and Gents,

I have a strange issue which prevented me from pinging or using PFSense as a DNS Server. I have a VPN which is connected to a dedicated cloud hosted server using OpenVPN. When I create a rule for allow any to any within the Firewall (local network) under OpenVPN and use Aliases to restrict traffic then I get lots of the following errors;

There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:26
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:34
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:38
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:42
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:48
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:53

When these errors are showing in the notifications icon I am not able to ping the Firewall nor am I able to access web sites.

When I remove the rule and replace it with a any any rule everything starts working again.

Has anyone seen this before?

PFSense Version 2.4.5-RELEASE

Regards,
Tom

heper

i'm guessing somehow the alias is corrupted. illegal characters in the name or the content of the alias that aren't handled/catched by the gui

remove the alias, create a new one, try to find the problem