Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Issue loading "syntax" generated by the GUO related to limiters

    Scheduled Pinned Locked Moved Traffic Shaping
    2 Posts 1 Posters 497 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      bigtfromaz
      last edited by

      I had a working traffic limiter on our Netgate SG-5100 and disabled the limiter a couple of upgrades ago. We had to enable it today because we need it again. Now, whenever we apply changes, we receive this somewhat useless message:

      There were error(s) loading the rules: /tmp/rules.debug:294: syntax error - The line in question reads [294]: pass in quick on $VLAN176 inet from $UploadingMachines to any tracker 1554664625 keep state dnpipe ( 1,) label "USER_RULE: Traffic limiter for VMServ01"
      @ 2021-03-26 17:33:40
      

      This smells like a bug. I am finding the message a difficult to understand. It's reporting a syntax error but I don't see anything that looks like syntax. In that I am using the GUI it would appear the GUI is either doing something incorrectly, or the firewall has a bug.

      I recommended this router to management and it's not helping my career. We lost a lot of time fixing IKEv2 site-to-site issues that came with the latest upgrade to 21.02-RELEASE-p1, and now this. We had to roll back one site yesterday and it appears I now need to do that at this site, our hub, as well.

      How do we determine the root cause and get this limiter working? At the moment the upload task is stopped due to user complaints about performance.

      B 1 Reply Last reply Reply Quote 0
      • B
        bigtfromaz @bigtfromaz
        last edited by bigtfromaz

        @bigtfromaz After further investigation this appears to be an upgrade issue. The Rule in question was disabled during the upgrade. Apparently there was a breaking change somewhere along the way and the upgrade process did not fix up this rule. I made an innocuous change to the rule and saved it. The syntax errors stopped.

        To be sure, quality has suffered recently, especially with IKEv2 tunnels. It's causing us concern.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.