Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Openvpn rules: /tmp/rules.debug: syntax error, 2.4.5-RELEASE-p1

    Scheduled Pinned Locked Moved OpenVPN
    3 Posts 2 Posters 381 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      ramadieu
      last edited by

      Hello everyone,

      I have setup openvpn on my pfsense and I got this error when rules a reloaded :

      There were error(s) loading the rules: /tmp/rules.debug:1076: syntax error - The line in question reads [1076]: pass in quick on $OpenVPN inet proto { tcp udp } from any to $PRIVATE_NETWORK tracker 1600794344 keep state label "USER_RULE"
      @ 2020-11-04 16:36:10
      

      The openvpn wizard created a rule automatically to allow traffic to my network on the openvpn tab in rules section. The rule is pretty simple.

      I have read somewhere that was a bug fixed in 2.4.5-RELEASE-p1 so I upgraded to this version. But I always have this error.

      I compared the syntax between other rules and the syntax seems to be good.
      Maybe its the $OpenVPN variable that cause the filter reload to throw that error ?

      Do you know how I can check known pfsense variables ?

      And does anybody already encountered this kind of error ?

      Oh, another thing : vpn seems to work fine if I just ignore the error but if I do so, I got some strange problem like outgoing NAT rules not loading anymore ...

      Thanks,

      Romain

      1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8
        last edited by kiokoman

        try to edit the rule and remove or change or add a label
        idk how you ended up with -- & quot; USER_RULE & quot; --
        maybe there is something wrong with the wizard ...
        it should be
        label "USER_RULE: USER_RULE"

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        1 Reply Last reply Reply Quote 0
        • R
          ramadieu
          last edited by

          Hello,

          I found what was the problem. When we migrated to pfsense from checkpoint firewall, we imported an alias named "OpenVPN" which pointed to openvpn port number...

          This caused the "syntax error" on the rule because $OpenVPN was a port number and not the interface name of openvpn.

          But I guess wizard could tel us that OpenVPN variable is already used when validating installation but anyway :)

          Bye

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.