Import from m0n0wall breaks pfSense if dashes are in an alias
|Affected version:||2.0.1||Affected Architecture:|
We just tried to upgrade from m0n0wall 1.33 to pfSense 2.01. We booted (live CD), configured the LAN IP, and restored the m0n0wall configuration file. No connectivity to the Internet. We could ping the WAN from pfSense but not from the LAN.
It turns out, in m0n0wall, "The name of the alias may only consist of the characters a-z, A-Z, 0-9 and '-' (dash)." pfSense does not allow dashes. pfSense did do a search/replace on the string "m0n0wall" in the configuration file, however, it did not search/replace the dashes out. As a result I believe the firewall was not loading and thus NAT/routing was not functioning.
Unfortunately since we had a few rules with such an alias, and the log file entry did not display the entire error message (the actual error was longer than what was displayed), it took a long time to figure out. Eventually we saw a page that displayed a longer partial message that had an extra couple lines referring to an unrecognized macro "$Server-1". We tried renaming that alias and pfSense kind of ran off the rails, with further attempts to edit that alias displaying a completely different page.
Eventually we used the Edit File feature to edit /cf/conf/config.xml, did a search/replace ourselves to remove dashes, and rebooted, and have been fine since.
I suggest that pfSense remove dashes or perhaps replace them with a different character when importing aliases.