5. Filter errors on upgrade

Filter errors on upgrade

  • R

    i was on a jan 7 build prior and then updated to the latest.

    i got constant errors about every LAN rule as well as IPSEC rules if IPSEC vpn was enabled.

    to resolve this quickly i deleted all LAN rules and all IPSEC rules then manually re-created them. This resolved this.

    I didn't have a backup of my rules prior so I had to fix it and it totally shut down the network so I had to fix it fast. thankfully it's only a little bit after midnight.

    This was my first pfsense upgrade that went bad. i haven't been taking more precautions because they have been smoother. i will next time. now for sweet sweet sleep.

    0
  • T

    I had a similar issue after upgrading. Any rules that had the protocol set to any (*) before upgrade had no protocol listed (it was blank) on the Firewall: Rules page. Editing and reapplying the any protocol to the rules fixed the filter errors for me.

    0
  • A

    Had a similar problem after upgrade from beta 5 to RC1… kept getting filer load errors due to unreadable/corrupt line in the config.  Had to do with the default LAN * to WAN outbound rule.  Basically I had no LAN to WAN rules, so no inet from LAN.  inet access from router/console was ok.  Wasn't able to do much with the LAN rule as it kept stating I needed to select a protocol, but wasnt able to do that as the rule was linked to NAT.  Messed around with it for an hour or so and eventually tried restoring configs from 2/19 and from November 2010, same issues with both.  Ended up back reving to beta 5 and loaded the 2/19 conf and everything was happy.  Only change from the 2/19 config was a change in nics.

    0
  • C

    2.0-RC1 (amd64)
    built on Thu Mar 3 19:27:51 EST 2011

    There were error(s) loading the rules: /tmp/rules.debug:250: syntax error
    /tmp/rules.debug:251: syntax error
    /tmp/rules.debug:252: syntax error
    /tmp/rules.debug:275: syntax error
    /tmp/rules.debug:280: syntax error
    /tmp/rules.debug:282: syntax error
    /tmp/rules.debug:283: syntax error
    pfctl: Syntax error in config file: pf rules not loaded The line in question reads [250]: pass  in  quick  on $LAN  proto  from  $pony to  $link2voip keep state  queue (qVoIP,lan)  label "USER_RULE: link2voip:queue voip"

    Firewall rules with Proto=any throw an error after the latest update. The Proto column on the Firewall: Rules page appears blank for these rules after updating, but if you edit the rule it will appear as Proto=TCP. Change this back to "any" and save, apply, then the warning goes away for that rule.

    0
  • R

    +1

    I downgrade to i386 Mar 3 10:56:18 and restore my config.

    Roy…

    0
  • R

    +1. Really annoying… Edit + apply fixes it as tipycol said.

    0
  • Rebel Alliance Developer Netgate

    Fix here:
    http://forum.pfsense.org/index.php/topic,33909.msg176091.html#msg176091

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy