Text only | Text with Images

OPNsense Forum

English Forums => 26.1 Series => Topic started by: opn_minded on January 30, 2026, 11:35:23 AM

Title: Rules [new] - empty rule automatically created, can't edit or delete
Post by: opn_minded on January 30, 2026, 11:35:23 AM
Hi,

I started to (manually) migrate my "old" firewall-rules to the "new" firewall-rules. There's now an automatically created rule on the top, that I can't edit, delete, re-order or deactivate.

Screenshot 2026-01-30 112938.jpg

After pressing "enable logging" I get the following error;

Code Select
[30-Jan-2026 11:32:42 <REDACTED>] Error: Class "OPNsense\Firewall\Api\UserException" not found in /usr/local/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterBaseController.php:379
Stack trace:
#0 /usr/local/opnsense/mvc/app/controllers/OPNsense/Firewall/Api/FilterController.php(270): OPNsense\Firewall\Api\FilterBaseController->toggleRuleLogBase('f42dbecd-d93b-4...', '1', 'rules.rule')
#1 /usr/local/opnsense/mvc/app/library/OPNsense/Mvc/Dispatcher.php(166): OPNsense\Firewall\Api\FilterController->toggleRuleLogAction('f42dbecd-d93b-4...', '1')
#2 /usr/local/opnsense/mvc/app/library/OPNsense/Mvc/Router.php(156): OPNsense\Mvc\Dispatcher->dispatch(Object(OPNsense\Mvc\Request), Object(OPNsense\Mvc\Response), Object(OPNsense\Mvc\Session))
#3 /usr/local/opnsense/mvc/app/library/OPNsense/Mvc/Router.php(139): OPNsense\Mvc\Router->performRequest(Object(OPNsense\Mvc\Dispatcher))
#4 /usr/local/opnsense/www/api.php(36): OPNsense\Mvc\Router->routeRequest('/api/firewall/f...', Array)
#5 {main}
Title: Re: Rules [new] - empty rule automatically created, can't edit or delete
Post by: OPNenthu on January 30, 2026, 11:38:48 AM
Well at least it's a Floating pass all rule, so now you can never blame your firewall if something appeared blocked :P
Title: Re: Rules [new] - empty rule automatically created, can't edit or delete
Post by: opn_minded on January 30, 2026, 11:41:13 AM
Yeah that definitely makes sense :D!
Title: Re: Rules [new] - empty rule automatically created, can't edit or delete
Post by: Monviech (Cedrik) on January 30, 2026, 11:42:46 AM
https://github.com/opnsense/core/pull/9669

That will fix the missing user exception, but we have to find out what's so special about this rule.

Can you do an export at the bottom of the page and share the csv file contents?
Title: Re: Rules [new] - empty rule automatically created, can't edit or delete
Post by: opn_minded on January 30, 2026, 12:43:50 PM
Code Select
opnsense-patch 8ecd344 based on https://github.com/opnsense/core/pull/9669/commits done and working - thanks for that.

Unfortunately I'm not able to provide the .csv from the export as I've rolled back the config to a previous state.

But... before doing so, I had a look at the two different config.xml's (PRE-new rules and POST-new rules). What I found is, that the corresponding XML-node to the shown rule above in my screenshot had the config options written in the <rule uuid=""> tag.

Let me explain...

correct would be;
Code Select
<rule uuid="<UNIQUE-RULE-ID>">
the faulty rule had something like(what I remember);
Code Select
<rule uuid="<UNIQUE-RULE-ID>,setting1,setting2,setting3,,,,">
Title: Re: Rules [new] - empty rule automatically created, can't edit or delete
Post by: Monviech (Cedrik) on January 30, 2026, 12:51:56 PM
That makes perfect sense, we have fixed that in master already it was a faulty import that could happen in very specific conditions:

https://github.com/opnsense/core/issues/9661
Text only | Text with Images