https://redmine.pfsense.org/https://redmine.pfsense.org/favicon.ico?16780521162018-03-07T12:07:12ZpfSense bugtrackerpfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=359922018-03-07T12:07:12ZJim Pingle
<ul><li><strong>File</strong> <a href="/attachments/2355">8360.diff</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/2355/8360.diff">8360.diff</a> added</li><li><strong>Subject</strong> changed from <i>pf rules occasionally contain "!/" where the WAN newrork/netmask should be</i> to <i>pf rules occasionally contain "!/" where the WAN network/netmask should be</i></li><li><strong>Status</strong> changed from <i>New</i> to <i>Assigned</i></li><li><strong>Assignee</strong> set to <i>Jim Pingle</i></li><li><strong>Affected Version</strong> set to <i>2.4.2_1</i></li><li><strong>Affected Architecture</strong> <i>All</i> added</li><li><strong>Affected Architecture</strong> deleted (<del><i></i></del>)</li></ul><p>Attached patch should fix it, waiting for confirmation before committing.</p> pfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=360022018-03-08T09:50:08ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Assigned</i> to <i>Feedback</i></li><li><strong>% Done</strong> changed from <i>0</i> to <i>100</i></li></ul><p>Applied in changeset <a class="changeset" title="Add sanity check to rule passing out from host to ensure it does not have a blank destination sub..." href="https://redmine.pfsense.org/projects/pfsense/repository/2/revisions/2e08a64666620c8e0dd28eb7c14393bee7b2bfa8">2e08a64666620c8e0dd28eb7c14393bee7b2bfa8</a>.</p> pfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=360542018-03-10T00:19:42ZPaighton Bisconer
<ul></ul><p>Unable to duplicate after testing most of the day, multiple versions, multiple rule changes and configurations, multiple WAN states. Tested on 2.4.2-REL and 2.4.2_p1-REL, and latest 2.4.3.a.20180309.0738.</p> pfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=360582018-03-12T08:06:22ZJim Pingle
<ul><li><strong>Status</strong> changed from <i>Feedback</i> to <i>Resolved</i></li></ul> pfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=365502018-05-16T11:13:15ZAdam Thompsonathompso@athompso.net
<ul></ul><p>Just got bitten by this, too, during a 2.4.0 -> 2.4.3_p1 upgrade. Problem did not exist prior to upgrade. In my case, it DOES affect traffic through the firewall.<br />In my case, the patch provided at <a class="external" href="https://redmine.pfsense.org/attachments/download/2355/8360.diff">https://redmine.pfsense.org/attachments/download/2355/8360.diff</a> does not appear to solve the problem.</p>
<p>I have the complete backup file from the firewall post-2.4.3_p1 upgrade, and it's using the pfSense OVA (original version unknown), updated to 2.4.3_p1 so you should be able to replicate the problem in an VM, at least?</p>
<p>I don't want to post a customer's XML backup publicly, though...</p>
<p>I will attach /tmp/rules.debug momentarily. The syntax error is at line 162.</p> pfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=365512018-05-16T11:13:58ZAdam Thompsonathompso@athompso.net
<ul><li><strong>File</strong> <a href="/attachments/2439">compusense-rules.debug</a> <a class="icon-only icon-download" title="Download" href="/attachments/download/2439/compusense-rules.debug">compusense-rules.debug</a> added</li></ul> pfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=365542018-05-16T11:41:17ZJim Pingle
<ul></ul><p>This bug is not that same issue. See <a class="issue tracker-1 status-3 priority-4 priority-default closed" title="Bug: Rule Error On Upgrade 2.4.3 -> 2.4.3-p1 (Resolved)" href="https://redmine.pfsense.org/issues/8518">#8518</a> and keep comments there.</p> pfSense - Bug #8360: pf rules occasionally contain "!/" where the WAN network/netmask should behttps://redmine.pfsense.org/issues/8360?journal_id=365572018-05-16T15:02:55ZAdam Thompsonathompso@athompso.net
<ul></ul><p>Ah! I had not found that bug. Thank you.</p>