I feel that it is the same bug or very similar to the one that was in 0.74 when it first came out. When you create an ipsec tunnel it trashes it also when you add a block rule to the firewall on an optional interface the rules crash.
Just to let you know. I feel sad to this my favourite platform is only second rate.... Sob sob sob -----Original Message----- From: Scott Ullrich [mailto:[EMAIL PROTECTED] Sent: 10 August 2005 15:58 To: alan walters Cc: support@pfsense.com Subject: [pfSense Support] Re: [pfSense-discussion] Security problem while loading rules? I havent tested a Embedded image (remember its second rate citizen in pfSense). The PC version works fine. Scott On 8/10/05, alan walters <[EMAIL PROTECTED]> wrote: > FYI > > This seems to still be an issue on 0.74.6 at least on a wrap board. > I don't notice the error on a standard update on a PC. > > > > -----Original Message----- > From: Scott Ullrich [mailto:[EMAIL PROTECTED] > Sent: 10 August 2005 15:03 > To: Randy B > Cc: M. Kohn; discussion@pfsense.com > Subject: Re: [pfSense-discussion] Security problem while loading rules? > > This should not be a problem any longer in the latest version. I > would suggest upgrading. > > Scott > > > On 8/10/05, Randy B <[EMAIL PROTECTED]> wrote: > > M. Kohn wrote: > > > Hi, > > > > > > I just updated to 0.74.6 and got a problem while loading > > > the rules: (Don't know if the problem was there before...) > > > > > > ----- > > > Aug 10 09:36:07 192.xxx.xxx.xxx php: There were error(s) > > > loading the rules: [...] syntax error pfctl: Syntax error > > > in config file: pf rules not loaded - The line in question > > > reads [175]: pass quick on dc1 proto esp from 212.xxx.xxx.xxx > > > to keep state label "IPSEC: esp proto" > > > ----- > > > > > > > I had this problem horribly on 0.74.4 too - ended up having to comment > > out the entire section of /etc/inc/filter.inc that dealt with IPsec > > before the filters would correctly set up and allow me out of my > > network. That really sucked. > > > > In the GUI, it seems like there's a partial IPsec tunnel defined - the > > entire line is empty except for 'WAN' in the 'Remote Interface GW'. > > When I tried to edit it, I just got a new tunnel. Ergh. > > > > RB > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
