Did anyone receive this error:
opnsense: /usr/local/etc/rc.filter_configure: New alert found: There were error(s) loading the rules:
/tmp/rules.debug:191: interface name too long - The line in question reads [191]: pass in quick on
envALLexcINTPROD inet proto tcp from {any} to {(vmx2_vlan630:network)} port $p_jaso_service keep
state label "USER_RULE: allow jaso service from every env excluding prod ..."
I created a InterfaceGroup "envALLexcINTPROD" and applied the rule to that interace. Does anyone have an idee which part is restricted in size?
Er, this is weird:
vmx2_vlan630:network
An interface maximum is 15 readable characters, but it counts ":network" which is just an pf.conf alias.
There is no quick fix for this, I need to find the problem in the kernel... I'll add a ticket.
Cheers,
Franco
Oh, envALLexcINTPROD seems too long as well (1 character)... maybe that is the issue instead?
Cheers,
Franco
Let me investigate a little bit more.
I'll try to find out. But I'm in the middle of creating a HA Firewall with at the moment roughly 20 Interface, CARP and so on.. have to test some other stuff :)
I'll try to come back soon with further informations.