There were error(s) loading the rules: pfctl: pfctl_rules - The line in question reads [0]:

kirrn6100 · Jul 6, 2022, 5:57 PM

hello everyone, my firewall just recently started spamming messages about not being able to load rules! (There were error(s) loading the rules: pfctl: pfctl_rules - The line in question reads [0]:)

zatexev · Jul 8, 2022, 7:22 AM

Same here

w0w · Jul 8, 2022, 7:24 AM

Same here. 22.05
Filter Reload

There were error(s) loading the rules: pfctl: pfctl_rules - The line in question reads [0]: @ 2022-07-08 10:19:55

pfBlockerNG and snort are installed

pwt-safonso · Jul 18, 2022, 10:32 AM

Got hit with this over the weekend, resulted in 800 warning emails.

See also this thread.

@jimp Running

# egrep -v '^#|^[[:blank:]]*$' /tmp/rules.debug | sort | uniq -c | grep -v '^   1 '

Results in:

2 table <negate_networks> { 10.8.65.0/24 }

How can I diagnose where this duplicated rule comes from? Why does rebooting solves the problem for some days?

jimp · Jul 18, 2022, 2:02 PM

The duplicate rule thing you mention there was ONE possible cause of ruleset errors during development that was fixed a long time ago. It is NOT the only source of them nor does seeing two table definitions constitute a problem.

There is something else causing a ruleset error in your case that is unrelated to there being two lines for negate_networks.

Most likely the current problem is coming from a package (e.g. pfBlockerNG) but without more information it's hard to say. Usually it would print the failing line in the error message but for some reason it doesn't do that here. So check the system log and see what turns up, and also try manually running pfctl -vf /tmp/rules.debug and see if it mentions a specific line. If it does, then look in /tmp/rules.debug to find what is on that line.

pwt-safonso · Jul 18, 2022, 2:02 PM

@jimp Thanks for the clarification.

I don't have pfBlockerNG, I'll troubleshoot it once the problem appears again.

mardacs27 · Jul 28, 2022, 6:22 PM

@jimp also experiencing the same problem with 22.05. When inputting the command pfctl -vf /tmp/rules.debug this is what it shows

What do I need to look in /tmp/rules.debug?

Also, these are the only packages installed

vbjp · Aug 3, 2022, 3:50 PM

Had this problem today, reboot fixed it, and it was first time, but I'm afraid it may return again, when this happened internet connection got broken, so it is serious service interruption.
No pfblockerng installed. Have only OpenVPN client export plugin, nut and watchdog plugins installed.
Version 22.05