Firewall Error Loading Rules
-
Hi Ladies and Gents,
I have a strange issue which prevented me from pinging or using PFSense as a DNS Server. I have a VPN which is connected to a dedicated cloud hosted server using OpenVPN. When I create a rule for allow any to any within the Firewall (local network) under OpenVPN and use Aliases to restrict traffic then I get lots of the following errors;
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:26
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:34
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:38
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:42
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:48
There were error(s) loading the rules: /tmp/rules.debug:159: syntax error - The line in question reads [159]: pass in quick on $OpenVPN inet proto icmp from 172.26.0.0/24 to $VPN_Home icmp-type { any,echorep,echoreq } tracker 1596740590 keep state label "USER_RULE"
@ 2020-08-06 20:07:53When these errors are showing in the notifications icon I am not able to ping the Firewall nor am I able to access web sites.
When I remove the rule and replace it with a any any rule everything starts working again.
Has anyone seen this before?
PFSense Version 2.4.5-RELEASE
Regards,
Tom -
i'm guessing somehow the alias is corrupted. illegal characters in the name or the content of the alias that aren't handled/catched by the gui
remove the alias, create a new one, try to find the problem