Welcome, Guest. Please login or register.
Did you miss your activation email?
+  pfSense Forum
|-+  Retired» 2.0-RC Snapshot Feedback and Problems - RETIRED» error(s) loading the rules // after yesterdays update // 2.0-RC2 (i386) // 26.05
Username:
Password:
 
Home Help Search Login Register
 

Pages: [1]   Go Down
« previous next »
  Print  
Author Topic: error(s) loading the rules // after yesterdays update // 2.0-RC2 (i386) // 26.05  (Read 1492 times)
0 Members and 1 Guest are viewing this topic.
cirmler
Newbie
*
Offline Offline

Posts: 3


View Profile
« on: May 27, 2011, 06:17:24 am »
After yesterdays update we get the following error:

There were error(s) loading the rules: /tmp/rules.debug:8: syntax error/tmp/rules.debug:37: macro '' not defined /tmp/rules.debug:37: syntax error pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [8]: = "{ }" ...

Here are the 2 lines:

Line 8:
 = "{  }"

Line 37:
scrub in on $ all    fragment reassemble

---

Does anyone have any idea, please?  Cry

Regards,
Chris
Logged
ermal
Administrator
Hero Member
*****
Offline Offline

Posts: 3097


View Profile
« Reply #1 on: May 27, 2011, 08:10:07 am »
Upgrade to a new one.
Just unlucky and got a snapshot with some wrong code that was committed and fixed after.
Logged
mxx
Full Member
***
Offline Offline

Posts: 246


View Profile
« Reply #2 on: May 27, 2011, 08:45:23 am »
Hi,

I've got the exact same problem.
Just did an upgrade 2 hours ago to the latest snapshot (i386,full).

scrub in on $WAN all    fragment reassemble
scrub in on $LAN all    fragment reassemble
scrub in on $AON all    fragment reassemble
scrub in on $ all    fragment reassemble

#System aliases

loopback = "{ lo0 }"
WAN = "{ pppoe0 }"
LAN = "{ em0 }"
AON = "{ em1 }"
 = "{  }"
OpenVPN = "{ openvpn }"

I then reverted back snapshot by snapshot and found the latest one that works for me is 20110524-1226. The problem starts with 20110524-1717 and isn't fixed by the snapshot which was the latest one 2 hours ago (20110527-0112)
Logged
jimp
Administrator
Hero Member
*****
Offline Offline

Posts: 12863



View Profile
« Reply #3 on: May 27, 2011, 10:19:03 am »
When that file is correct, what shows up on that line?
Logged
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Donate to the project | My Wish List
mxx
Full Member
***
Offline Offline

Posts: 246


View Profile
« Reply #4 on: May 27, 2011, 10:29:57 am »
loopback = "{ lo0 }"
WAN = "{ pppoe0 }"
LAN = "{ em0 }"
AON = "{ em1 }"
OpenVPN = "{ openvpn }"


..

scrub in on $WAN all    fragment reassemble
scrub in on $LAN all    fragment reassemble
scrub in on $AON all    fragment reassemble

so.. nothing Wink
« Last Edit: May 27, 2011, 10:34:42 am by mxx » Logged
jimp
Administrator
Hero Member
*****
Offline Offline

Posts: 12863



View Profile
« Reply #5 on: May 27, 2011, 10:37:36 am »
If someone is still getting this, we'll need to see the output of this then:
Code:
global $FilterIflist;
include "filter.inc";
include "shaper.inc";
filter_generate_optcfg_array();
var_dump($FilterIflist);

You can paste that into the PHP execute box under Diagnostics > Command.

Somehow an empty entry must be sneaking in there, would be nice to know what it is in order to track it down.
Logged
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Donate to the project | My Wish List
jimp
Administrator
Hero Member
*****
Offline Offline

Posts: 12863



View Profile
« Reply #6 on: May 27, 2011, 10:47:45 am »
It would also help to know if you have any of the following enabled: PPTP server, L2TP server, PPPoE server, or IPsec.
Logged
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Donate to the project | My Wish List
mxx
Full Member
***
Offline Offline

Posts: 246


View Profile
« Reply #7 on: May 27, 2011, 10:56:12 am »
Here it is:
Code:
array(5) {
  ["wan"]=>
  array(14) {
    ["if"]=>
    string(6) "pppoe0"
    ["ip"]=>
    string(13) "[PubIP_ofWAN]"
    ["type"]=>
    string(5) "pppoe"
    ["sn"]=>
    int(32)
    ["mtu"]=>
    string(4) "1492"
    ["mss"]=>
    string(0) ""
    ["descr"]=>
    string(3) "WAN"
    ["sa"]=>
    string(13) "[PubIP_ofWAN]"
    ["nonat"]=>
    NULL
    ["alias-address"]=>
    string(0) ""
    ["alias-subnet"]=>
    string(2) "32"
    ["gateway"]=>
    NULL
    ["spoofcheck"]=>
    string(3) "yes"
    ["bridge"]=>
    NULL
  }
  ["lan"]=>
  array(13) {
    ["if"]=>
    string(3) "em0"
    ["ip"]=>
    string(11) "192.168.1.1"
    ["sn"]=>
    int(24)
    ["mtu"]=>
    int(1500)
    ["mss"]=>
    string(0) ""
    ["descr"]=>
    string(3) "LAN"
    ["sa"]=>
    string(11) "192.168.1.0"
    ["nonat"]=>
    NULL
    ["alias-address"]=>
    NULL
    ["alias-subnet"]=>
    NULL
    ["gateway"]=>
    NULL
    ["spoofcheck"]=>
    string(3) "yes"
    ["bridge"]=>
    NULL
  }
  ["opt1"]=>
  array(13) {
    ["if"]=>
    string(3) "em1"
    ["ip"]=>
    string(14) "[PubIP_ofOpt1]"
    ["sn"]=>
    int(30)
    ["mtu"]=>
    int(1500)
    ["mss"]=>
    string(0) ""
    ["descr"]=>
    string(3) "AON"
    ["sa"]=>
    string(14) "[IPofNETAddressofOpt1]"
    ["nonat"]=>
    NULL
    ["alias-address"]=>
    NULL
    ["alias-subnet"]=>
    NULL
    ["gateway"]=>
    string(5) "AONGW"
    ["spoofcheck"]=>
    string(3) "yes"
    ["bridge"]=>
    NULL
  }
  ["pppoe"]=>
  array(0) {
  }
  ["openvpn"]=>
  array(4) {
    ["if"]=>
    string(7) "openvpn"
    ["descr"]=>
    string(7) "OpenVPN"
    ["type"]=>
    string(4) "none"
    ["virtual"]=>
    bool(true)
  }
}

I have an ipsec tunnel configured, but it's inactive (enable ipsec is not checked)
Logged
jimp
Administrator
Hero Member
*****
Offline Offline

Posts: 12863



View Profile
« Reply #8 on: May 27, 2011, 11:06:23 am »
Looks like you have a pppoe server entry that's empty.

I added some protections against that just now. Should be fixed in the next snapshot, or you can gitsync now and pull in the change

https://github.com/bsdperimeter/pfsense/compare/a1b86994a0...f40a03a45c
Logged
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Donate to the project | My Wish List
mxx
Full Member
***
Offline Offline

Posts: 246


View Profile
« Reply #9 on: May 27, 2011, 11:14:34 am »
Very strange.. never set one up.

I'll gitsync and report back

thank you very much Smiley
Logged
mxx
Full Member
***
Offline Offline

Posts: 246


View Profile
« Reply #10 on: May 27, 2011, 11:29:39 am »
GREAT!
Your commit did it Wink

Thank you very much!
Logged
jimp
Administrator
Hero Member
*****
Offline Offline

Posts: 12863



View Profile
« Reply #11 on: May 27, 2011, 11:31:34 am »
new snap is building now that has those commits in it, so it should be OK once it uploads later this evening.
Logged
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Donate to the project | My Wish List
px
Newbie
*
Offline Offline

Posts: 4


View Profile
« Reply #12 on: May 27, 2011, 02:39:11 pm »
Quote from: jimp on May 27, 2011, 11:31:34 am
new snap is building now that has those commits in it, so it should be OK once it uploads later this evening.

Awesome, thanks!
This issue creeped up on me Monday's daily build.  Decided to come post about it today. Been trying new dailies all week waiting for a fix. Each time after a rule change, manually editing out the empty or erred rules in /tmp/rules.debug
and reloading the rules from the shell.
Code:
pfctl -f /tmp/rules.debug
Logged
Pages: [1]   Go Up
  Print  
« previous next »
 
Jump to:  

 

Powered by SMF 1.1.18 | SMF © 2013, Simple Machines
Page created in 0.031 seconds with 20 queries.