I'd be happy to test anything that implements this. Previously, I (judging from the forum, I'm not the only one) using this EdgeOS-BL-Mgmt with 1.3.x.

Thanks for the pointer, but I think it should still be considered a "bug" that you can no longer use an empty group (I'm just going to assume that this would apply to any kind of group, but most are probably using this for host/network groups, as this is where it would be most useful). Judging from the comments in T4147, I'm clearly not the only one who was taking advantage of managing sets outside of the system. Alas, my boot times for 1.4 (what this discussion is about) are not really valid, as my configuration didn't really get migrated from 1.3.1->1.4, or better said, it doesn't actually commit, and I actually ended up with a mostly empty firewall config on boot, which is perhaps why its booting so quickly now.

Indeed, I figured that out. I also found that my openvpn config was not migrated properly (T3642?); all of the tls configuration stuff (previously kept under /config/auth somewhere) was gone. After doing run import pki for all of the necessary bits it was able at least to commit openvpn properly.

Sorry its taken me so long to follow up on this

This vm started out with 4G of memory and 2CPUs; I doubled quickly everything when I hit the out of memory error the first time, but that didn't help. I can quickly install the latest rolling and test

I've debugged this further, by breaking up my configuration into various sections (system, interfaces, firewall,nat,service,vpn etc) and running them on a new VM.

Still not much luck here. But I've let the boot run a bit longer, and notice the following:

Okay, thats the only rule where I was using a port-group combined with protocol all; the others that use protocol all dont have a port or port group in the rule, so they are okay?

1.4 rolling does not help me, so there must be something "wrong" with my configuration. I've attached the private config, it would be awesome if someone might find what's broken.

I'm still having issues moving past anything higher than 1.2.8. Booting 1.2.8 looks thusly:

Sorry, but I dont think this is fixed; I just attempted to upgrade my working 1.2.8 configuration to 1.3.

I'm also affected by this, but even with a relatively "small" configuration (2662 lines, at present, where more than half are firewall rules, 5 interfaces).

Just updated to build from 20180821, and its still stopping; I'm glad that I'm not the only one seeing this, so it probably is some kind of bug. Again, nothing in the log at all, just the startup:

Sure. The "best" way to visualize flow data is to install nfdump/nfsen: