Port Forward rules failing, Error "There were error(s) loading the rules: /tmp/rules.debug:201: macro 'pfB_PRI1_v4'..."

SteveITS · Mar 4, 2024, 2:48 AM

@Swami_ Did you run a Force Update though? pfB has to generate the alias.

Swami_ · Mar 5, 2024, 3:29 PM

@SteveITS
I have now run the Force Update. The error message is now gone.

The issue with port forwarding ports not being open still seem to be closed, even though I opened them.

2 out of 10+ ports are open, the rest are closed.

SteveITS · Mar 5, 2024, 5:05 PM

@Swami_ pfBlocker generates the aliases and download any lists only when a force update is run, or the pfBlocker cron/update task you configured runs.

re: open ports, post your NAT rules and we can see what that might be.

Swami_ · Mar 5, 2024, 5:38 PM

This post is deleted!

SteveITS · Mar 5, 2024, 5:47 PM

@Swami_ Is there a firewall on .50 and .40 and does it allow connections from any IP or just the local subnet?

For the Valheim rule there are 7 open states/connections.

Swami_ · Mar 5, 2024, 6:02 PM

@SteveITS
Both servers on .50 and .40 have firewalls disabled (temporarily).

.50 is a Windows Server
.40 is a Linux server

There are no restrictions at present on the local subnet. No VLAN, DMZ (yet), or segmenting. I run a single subnet.

For the Valheim game server on IP .40, I can connect to it locally in the game, but not externally.

And when I test with this IP/Port checker, only 30000 and 1 Minecraft port are open.

Swami_ · Mar 5, 2024, 6:48 PM

Gblenn · Mar 7, 2024, 1:05 PM

@Swami_ Valheim and Shrouded use pretty much the same ports, so perhaps it's better to create an alias with all the relevant ports for both those games. They are anyway running on the same server...
However, I would expect trouble having both of them up and running at the same time... unless they use a range of ports and can select based on availability.

Also, in the picture you provided, it seems that Valheim is actually working. In the first column, States, it sais 7/6.50MiB. This shows that you have or have had traffic related to that rule...

Swami_ · Mar 10, 2024, 6:26 PM

@Gblenn
Couldn't that just be internal traffic, from local PC to Game server? Since the traffic does go by the port even locally and I do have Pure Nat Reflection on.

This unfortunately all became a mute discussion, as a result of repeated power outages (and a failed UPS) my pfSense box is dead. I'm going to have to rebuild it from scratch.
I do have backups but considering the issues I'm having with simple port forwarding, I'd rather start over. I fortunately don't have a complex setup.

Thanks to @SteveITS @johnpoz @Gblenn for the help.

Swami_ · Mar 24, 2024, 6:28 PM

@Swami_

Hello again.

So after my rebuild, it's the same issue with port forwarding not working. The same 2 ports worked fine and after that, nothing works.

I even cloned the first rule I created (that did work) and just changed the port/destination IP and it still failed.

SteveITS · Mar 24, 2024, 7:36 PM

@Swami_ did you remove the conflicting ports forwards? (Try one at a time)