Error loading rules

jbeez · Dec 1, 2022, 12:00 PM

All my fault, tried a small edit to filter.inc, didnt work, restored filter.inc but ever since I’m getting an error loading one of the rules in /tmp/debug.rules despite replacing original filter.inc file. Its a rule for a 169 network and it has a tracker number listed in there. I’m thinking something got out of sync with that tracker? I’m not even sure how to check that.

fw php-fpm[19282]: /rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:257: syntax error - The line in question reads [257]: block in  quick from 169.254.0.0/16 to any tracker 1000000101 label "Block IPv4 link-local"

What I've tried so far, in order:
Restored original filter.inc
Reverted configuration change to a revision from last night(made this change this morning).
Rebooted.

Please help! This is very puzzling.

jbeez · Dec 1, 2022, 1:10 PM

@jbeez said in Error loading rules:

169.254.0.0/16

This may be a red herring... when I check the /tmp/debug.rules it looks like that rule and everyone after it shows the same, I'm guessing system.log only shows the first error because it stops at that point

pfctl -f /tmp/rules.debug
/tmp/rules.debug:254: syntax error
/tmp/rules.debug:...: syntax error
/tmp/rules.debug:549: syntax error
pfctl: Syntax error in config file: pf rules not loaded

the line directly above this is anchor "ipsec/*"

jbeez · Dec 1, 2022, 1:47 PM

@jbeez fixed... definitely user error. I was restoring a filter.inc from a prior version. Restored the proper one and its good to go.