Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Filter errors on upgrade

    Scheduled Pinned Locked Moved 2.0-RC Snapshot Feedback and Problems - RETIRED
    7 Posts 7 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      rsingh
      last edited by

      i was on a jan 7 build prior and then updated to the latest.

      i got constant errors about every LAN rule as well as IPSEC rules if IPSEC vpn was enabled.

      to resolve this quickly i deleted all LAN rules and all IPSEC rules then manually re-created them. This resolved this.

      I didn't have a backup of my rules prior so I had to fix it and it totally shut down the network so I had to fix it fast. thankfully it's only a little bit after midnight.

      This was my first pfsense upgrade that went bad. i haven't been taking more precautions because they have been smoother. i will next time. now for sweet sweet sleep.

      1 Reply Last reply Reply Quote 0
      • T
        tipycol
        last edited by

        I had a similar issue after upgrading. Any rules that had the protocol set to any (*) before upgrade had no protocol listed (it was blank) on the Firewall: Rules page. Editing and reapplying the any protocol to the rules fixed the filter errors for me.

        1 Reply Last reply Reply Quote 0
        • A
          andyhi
          last edited by

          Had a similar problem after upgrade from beta 5 to RC1… kept getting filer load errors due to unreadable/corrupt line in the config.  Had to do with the default LAN * to WAN outbound rule.  Basically I had no LAN to WAN rules, so no inet from LAN.  inet access from router/console was ok.  Wasn't able to do much with the LAN rule as it kept stating I needed to select a protocol, but wasnt able to do that as the rule was linked to NAT.  Messed around with it for an hour or so and eventually tried restoring configs from 2/19 and from November 2010, same issues with both.  Ended up back reving to beta 5 and loaded the 2/19 conf and everything was happy.  Only change from the 2/19 config was a change in nics.

          1 Reply Last reply Reply Quote 0
          • C
            clarknova
            last edited by

            2.0-RC1 (amd64)
            built on Thu Mar 3 19:27:51 EST 2011

            There were error(s) loading the rules: /tmp/rules.debug:250: syntax error
            /tmp/rules.debug:251: syntax error
            /tmp/rules.debug:252: syntax error
            /tmp/rules.debug:275: syntax error
            /tmp/rules.debug:280: syntax error
            /tmp/rules.debug:282: syntax error
            /tmp/rules.debug:283: syntax error
            pfctl: Syntax error in config file: pf rules not loaded The line in question reads [250]: pass  in  quick  on $LAN  proto  from  $pony to  $link2voip keep state  queue (qVoIP,lan)  label "USER_RULE: link2voip:queue voip"

            Firewall rules with Proto=any throw an error after the latest update. The Proto column on the Firewall: Rules page appears blank for these rules after updating, but if you edit the rule it will appear as Proto=TCP. Change this back to "any" and save, apply, then the warning goes away for that rule.

            db

            1 Reply Last reply Reply Quote 0
            • R
              rpsmith
              last edited by

              +1

              I downgrade to i386 Mar 3 10:56:18 and restore my config.

              Roy…

              1 Reply Last reply Reply Quote 0
              • R
                rubenc
                last edited by

                +1. Really annoying… Edit + apply fixes it as tipycol said.

                Hardware: SC1935 | WAN: em (PCIe) | LAN: bge (onboard) | RAM: 2Gb
                2.0-RC2-IPv6 (i386)
                built on Sat May 21 21:38:32 EDT 2011

                1 Reply Last reply Reply Quote 0
                • jimpJ
                  jimp Rebel Alliance Developer Netgate
                  last edited by

                  Fix here:
                  http://forum.pfsense.org/index.php/topic,33909.msg176091.html#msg176091

                  Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                  Need help fast? Netgate Global Support!

                  Do not Chat/PM for help!

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.