Time schedules + load balancing = syntax errors
-
on 31 march i tried loading latest snapshot then that had timebased rules schedules and tried testing it well my pfsense was running fine with that snapshot until slowly it started not responding to me at all even with no rules using schedules until even after restarting the box i couldnt even ping
so luckly i made a backup before hand and reloaded that from scratch and reloaded my previous snapshot i was using
so now i see the timebased rules is finished and stable so i try it again today with latest snapshot of 27 march build 9 apr
now my box is responding fine
but when i try adding a schedule to a rule…..
i normally use failover(from the load balancing) so when i try to add a schedule to a rule specifying a gateway(with a failover entry or a specific gateway) i get syntax errors
something along the lines of:
with failover gateway:
There were error(s) loading the rules: /tmp/rules.debug:534: syntax errorpfctl: Syntax error in config file: pf rules not loaded - The line in question reads [534]: pass in quick on $Wireless route-to { ( rl0 10.10.101.1 ) } round-robin from any to any keep state ; label "USER_RULE: Airband during work hours"…
same rule with specific(first gateway from failover) gateway:
There were error(s) loading the rules: /tmp/rules.debug:534: syntax errorpfctl: Syntax error in config file: pf rules not loaded - The line in question reads [534]: pass in quick on $Wireless route-to ( rl0 10.10.101.1 ) from any to any keep state ; label "USER_RULE: Airband during work hours"…
thanks
-
Please update to http://snapshots.pfsense.com/FreeBSD6/RELENG_1/updates/pfSense-Full-Update-1.0.1-SNAPSHOT-03-27-2007.tgz which was built on Apr 09.
-
i mentioned above that im running 9 apr (i downloaded today)
system overview tells me:
Version 1.0.1-SNAPSHOT-03-27-2007
built on Sun Apr 8 18:57:04 EDT 2007is what i seem to be running
if that is not the snapshot you recommending then im lost :Dthanks
-
This bug was fixed long ago, I don't understand why you are seeing it.
Might want to reinstall.
-
im coming from 14 feb snapshot and i have never run any other snapshot
now when you say reinstall how do i do the backup of config.xml
surely its contents changes between snapshots
???
-
Diagnostics -> Backup
It will work fine.
-
but the thing is when i first tried timebased snapshots (while it was still work in progress) and my machine stopped responding
i reinstalled with released iso then ran 14feb snapshot(what i was before timebased rules) then restored backup and this weekend i tried time rules again with latest snapshot and you saying i must reinstall again
maybe its better if next weekend i save html copies of each config gui page and reinstall iso(1 with current snapshot inc) and manually restore my config bit by bit page by page
cause surely if i just recently reinstalled then something wrong with my backup :-\
thanks for your time ;)
-
I just reproduced this problem. I'll try to get it fixed.
-
was it something wrong with 14feb :-* snapshot?
-
Yes. But it was not Feb, it was March.
Just fixed it. Will be releasing 1.2 beta soon. You will want to wait until then.
-
Well if anyone is interested how im using all of this (my setup)
i got 3 x WAN
and 2 x failover and 1 x load balance1st wan = ADSL 512kbps/256kbps uncapped(very little bandiwdth supply in south africa) = fixed cost = provided by 'Internet Solutions'
2nd wan = 802.11a/g 4mbps (at its best of times but atm its just tiny bit faster then above mentioned adsl) = 7gb then after that cost per mb = wireless Linked back to local 'Internet Solutions' branch
3rd wan = 1mbps = link to neighbouring company hosting our web servers = cost per mb = from neighboring company laser link back to local 'Internet Solutions' branch1st failover = 1st to 2nd to 3rd
2nd failover = 2nd to 1st to 3rd
balance = 1st and 2nd and 2rdnow normally i have select few take 2nd failover option (faster)
else everyone takes 1st failover (cheaper)
never really use the balancenow surelly it would be a good idea to put a schedule on all rules so that at night everyone can only go out the fixed cost adsl incase people run downloads at night and run our cost per mb bills up
i havent had any problems with the failover feature :) very nice to have