Project

General

Profile

Actions

Bug #28

closed

Problems with m0n0wall configuration conversion

Added by Chris Buechler over 15 years ago. Updated over 15 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
07/08/2009
Due date:
% Done:

100%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
2.0
Affected Architecture:

Description

1) ICMP echo rules don't convert properly.
/tmp/rules.debug:122: unknown icmp-type echo
pass in quick on $wan inet proto icmp from any to any icmp-type echo keep state
label "USER_RULE: PING"

2) Rule labels that are too long don't get cut down
/tmp/rules.debug:140: rule label too long (max 63 chars)

3) IPsec rules aren't converted properly because m0n0wall uses <interface>ipsec</interface>
and we use enc0
/tmp/rules.debug:160: macro 'ipsec' not defined
/tmp/rules.debug:160: syntax error
pass in quick on $ipsec from any to any keep state label "USER_RULE: Default IPsec VPN"

Actions #1

Updated by Chris Buechler over 15 years ago

Also one other config conversion issue from cvstrac.

Existing m0n0wall (1.3b3) on WRAP (1E-2); saved config. Removed mini-pci wifi card prior to swaping m0n0wall CF card for pfSense 1.2-RC3 CF card. Configured pfSense through console/webGUI, and restored the m0n0wall config. Existing (up) interfaces are WAN and LAN. Clients connected to the LAN interface cannot pass any traffic through WAN. pfSense shell (via console) can. Removed all references to nonexistant opt2 interface from saved m0n0wall config, reuploaded to restore GUI, and after applying/reboot, LAN clients can now surf.

Actions #2

Updated by Chris Buechler over 15 years ago

Default gateway on static IP WAN also not converted

Actions #3

Updated by Scott Ullrich over 15 years ago

  • Affected Version set to All

Have made a change to reduce the m0n0wall configuration version to 1.0 triggering our upgrade scripts

Actions #4

Updated by Scott Ullrich over 15 years ago

Default gateway is moved correctly. m0n0wall configuration update appears to be working OK now.

Actions #5

Updated by Scott Ullrich over 15 years ago

  • Status changed from New to Resolved
  • Affected Version changed from All to 2.0
Actions #6

Updated by Chris Buechler over 15 years ago

  • Status changed from Resolved to New

one other issue:
<diag/>

has to be replaced with:

<diag>
<ipv6nat/>
</diag>

or the unset on ipv6nat when saving anything on system_advanced.php blows up.

Actions #7

Updated by Scott Ullrich over 15 years ago

  • Status changed from New to Resolved
Actions #8

Updated by Scott Ullrich over 15 years ago

  • % Done changed from 0 to 100
Actions

Also available in: Atom PDF