Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    [SOLVED] Error notice for a deleted NAT that had a RULE

    Firewalling
    2
    3
    1923
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • C
      captdragon
      last edited by

      I crated a NAT entry and pfSense created a default RULE for it. I saw that the rule was basically useless because I had another rule that covered it. So I deleted the rule. Ever since then I've been getting a notice/error generate almost every 10 seconds.

      These are what the notices/errors look like:

      
There were error(s) loading the rules: /tmp/rules.debug:208: rule expands to no valid combination - The line in question reads [208]: pass in quick on $LAN inet6 from 192.168.1.0/24 to any tracker 0100000102 keep state label "USER_RULE: Default allow LAN IPv6 to any rule" @ 2016-04-19 19:46:43
There were error(s) loading the rules: /tmp/rules.debug:208: rule expands to no valid combination - The line in question reads [208]: pass in quick on $LAN inet6 from 192.168.1.0/24 to any tracker 0100000102 keep state label "USER_RULE: Default allow LAN IPv6 to any rule" @ 2016-04-19 19:46:44
There were error(s) loading the rules: /tmp/rules.debug:208: rule expands to no valid combination - The line in question reads [208]: pass in quick on $LAN inet6 from 192.168.1.0/24 to any tracker 0100000102 keep state label "USER_RULE: Default allow LAN IPv6 to any rule" @ 2016-04-19 19:47:42
There were error(s) loading the rules: /tmp/rules.debug:208: rule expands to no valid combination - The line in question reads [208]: pass in quick on $LAN inet6 from 192.168.1.0/24 to any tracker 0100000102 keep state label "USER_RULE: Default allow LAN IPv6 to any rule" @ 2016-04-19 19:47:43
There were error(s) loading the rules: /tmp/rules.debug:216: rule expands to no valid combination - The line in question reads [216]: pass in quick on $LAN inet6 from 192.168.1.0/24 to any tracker 0100000102 keep state label "USER_RULE: Default allow LAN IPv6 to any rule" @ 2016-04-19 19:48:20

      I tried deleting the NAT entry and recreating it but these errors are still being generated. Anyone know how I can fix this?

      1 Reply Last reply Reply Quote 0
      • C
        captdragon
        last edited by

        SOLVED. I re-entered all my rules.

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          You configured an IPv6 rule with an IPv4 subnet. Which we shouldn't allow. I fixed the input validation to prohibit such configs, thanks for the report.
          https://redmine.pfsense.org/issues/6211

          1 Reply Last reply Reply Quote 0
          • First post
            Last post