Testing core 165 - iptables ERROR on console during boot

I used pakfire to upgrade my testing box
Core Update 164 Development Build: master/b69659af
Core Update 165 Development Build: master/6b10e08a

I did a retore from my last test 164 backup.

On bootup, the console displays the following after
“Setting up firewall”

“Use of uninitialized value $destination … /rules.pl line 427”
“iptables v1.8.7 (legacy): invalid mask ‘’ specified.”
“Try iptables -h or iptabls --help”
“ERROR: iptables …”

I seem to get an error for every firewall rule that I created.

The verbose above was taken from a video I was recording of the console screen, as I could not locate the specific log file.

I’ll create a bug report once someone can tell me which specific log file to look at.


thank you for testing upcoming Core Updates, and report your findings! :slight_smile:

Do these messages also appear if you conduct a

/etc/init.d/firewall restart

on the console or via SSH? If so, please file a new bug with the output of that command.

Thanks, and best regards,
Peter Müller

Hi @pmueller

Yes, the restart creaates the same.

Please let me know where I can find the log files so I can go through them and trace.

This may or may not be self inflicted, so I want to trace before any submitting any official bug.

Hi @pmueller

The problem may be self inflicted.
I have just done full install of test core 165 master/38f5bc99 and no console errors for iptables. However, I have not yet loaded any local rulesets.

I’m starting to think that I maybe did a restore from a wrong ipf file, one which came from a RED/GREEN/BLUE box backup, and restored onto my RED/GREEN test box. I suspected that any rules I had for BLUE may have been causing the errors seeing that my test box did not have a BLUE interface. Will check further.

1 Like


I can confirm that the issue was caused by mistakingly restoring a RED/GREEN box with a ipf backup originating from RED/GREEN/BLUE box.

When I removed all the rules that related to ‘BLUE’, and ‘All Interfaces’, the errors did not appear when I preformed a
/etc/init.d/firewall restart
at the console.

Case closed. Sorry for the false alarm.