I have a v2.2 64-bit config running on a Core2 Duo system. The config uses a number of aliases (including aliases that include other aliases, etc.). Rules are based upon the aliases (du-oh!).
PROBLEM: if I change the name of 1 of the IP aliases, the name of the corresponding table doesn't change ... and, if I reboot, there's a complete failure in that NO tables get created (should be 100ish tables). Reload the config without the change and all is OK. Compare the config...xml files and there's only the expected changes (i.e., no structure corruption, only the name and change-management entries change). The only error message I've seen is one that indicates something like "ipsec_starter ... routing con (1000) failed" and that doesn't appear to be consistent. I've duplicated this failure on a second identical system, so it's unlikely to be hardware-related corruption. None of the alias names are over 30 characters in length and the change that breaks things doesn't create a name that's unusual or as long as many others (it's simply adding "On" within the name). I tried to create a minimal config that would fail in a similar way, but the same kind of thing no longer fails when other aliases/rules/whatever are not present. Mr. Google hasn't helped me find anything similar that's been discussed (but I just may not have asked Mr. G. correctly). I can and have made lots of changes to other aliases without issues, including additions and other name changes so it shouldn't be any size-limit boundary. I have also seen some "flakey" behavior with the tables generated from some of the "mixed" aliases, where the table's reported content (via the GUI) will change as other alias name/content changes are made, but I haven't identified a pattern to this flakiness REQUEST: can anyone suggest: - ways I can troubleshoot this - anything I should be looking for + are there some unstated/unchecked limits/rules w.r.t. aliases + can one not freely create aliases that include other aliases + can aliases of type hosts not include aliases of networks type _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold
