Delete alias. Currently in use by filter rule id 91
-
Greetings,
I would like to delete the alias "cancellare" but I can't find in which rule it is used. I checked them all and it's not there.How can I find the rule that uses this alias with ID 91?
Trying to delete the alias displays the message:
Cannot delete alias. Currently in use by filter rule id 91.I've always had this problem since version 2.6
-
@Unoptanio
Never seen such a short ID.
But you can go to Diagnostic > command prompt and execute "cat /tmp/rules.debug" to list all the rules with their IDs.You should be able to find the responsible rule in the list.
-
That's the actual rule number not the tracking ID, which is much longer.
You can see it in the running ruleset using:
pfctl -vvsr | grep @91Or you can see it in the Rules view in Diag > pfTop
Or you can open the config file and just search it for 'cancellare'
-
@stephenw10 said in Delete alias. Currently in use by filter rule id 91:
pfctl -vvsr | grep @91return:
@91 block drop in log on ! ovpns1 inet from 10.10.94.0/24 to any ridentifier 1000011970
There is not here:
-
It looks like it's on the assigned interface from ovpns1 not the group OpenVPN interface. Burt also there are no ports defined there so no ports alias.....
I'd check the config file directly.
-
-
I'd also try running Status > Filter Reload and make sure it's rebuilding the ruleset correctly.
-
@stephenw10 said in Delete alias. Currently in use by filter rule id 91:
status > Filter Reload
done
The problem persists
-
Then look in the config directly. Or try running:
cat /cf/conf/config.xml | grep cancellare -
pfSensePlus24.03 2U BareMetal Asrock Industrial IMB-X1314MicroATX
CPU: i7-13700@5.2GHz, RAM:32GB ECC, n°2 Samsung 870EVO SATA 2.5” SSD 1TB (ZFS) Raid1
n°3 Intel i225-LM 2500/1000/100Mbps, n°1 NIC Intel i350-T4V2 10/100/1000 Mbps 4*GLAN, n°1 Intel X520-DA2 -
OK there we go. What interface is opt9?
-
@Unoptanio Look for opt9 in Status / Interfaces
-
-
@Unoptanio Okay, now you know. The rule is on the interface named "WAN_AMPERSAND". Look at Firewall / Rules / WAN_AMPERSAND and you should be able to find it.
-
It may be disabled? Though if it was I wouldn't expect to see it in Status > Interfaces
-
yes is disabled
-
The enable it, remove the rule, then disable it again.
-
I'll try on Monday because now I'm connected remotely and I'm afraid of going to block.
I'll update you then, thanks -
I did as you said. It worked well. After re-enabling the interface I managed to eliminate the "cancellare" alias that was in a rule of this interface, thanks
