Bug #2605
closed
Filter rule are not created correctly
100%
Description
After upgrading to the latest snapshot, the filter rules refuse to load due to an error:
----
There were error(s) loading the rules: /tmp/rules.debug:109: syntax errorpfctl: Syntax error in config file: pf rules not loaded - The line in question reads [109]: nat on gif0 inet from ...0/ to any -> () ...
The bad rule from line 109 of /tmp/rules.debug:nat on gif0 inet from ...0/ to any -> ()
The issue went away after I edited filter.inc line 3169:
if($int)
$lines .= "nat on {$int} inet from {$ipnet} to any -> ({$carp_int}) \n";
changed to
if ($int!='gif0')
this isn't the "correct" patch, but should help locate the issue. I am using manual outbound NAT rules.
Updated by Jim Pingle about 12 years ago
If you change the test to this:
if ($int && $carp_int)
Does that work?
Updated by Johannes Ullrich about 12 years ago
yes. This patch works. Thanks for the quick turn around!
(tested with 2.1-BETA0 (amd64)
built on Mon Aug 27 14:57:37 EDT 2012
FreeBSD 8.3-RELEASE-p4 )
Updated by Jim Pingle about 12 years ago
- Status changed from New to Feedback
- % Done changed from 0 to 100
Applied in changeset 0d0558195ed9a0df50e8bce1fd52419921b0e30e.
Updated by Ermal Luçi about 12 years ago
- Status changed from Feedback to Resolved