pfBlockerNG memory
-
I implemented pfBlockerNG on two firewall I manage. One has 8 GB of RAM and works fine but the other has only 4 GB (SG-2100) and is generating the following alerts:
There were error(s) loading the rules: /tmp/rules.debug:27: cannot define table pfB_Europe_v4: Cannot allocate memory - The line in question reads [27]: table <pfB_Europe_v4> persist file "/var/db/aliastables/pfB_Europe_v4.txt"Looking at RAM utilization now shows only 15% used. I did not see what that was while the error was generated but wouldn't imagine that is what I'm coming up against. Is there some setting I can tune to allow pfBlocker to use more memory?
-
RAM utilization was only 15% before and after the alert so it must be some other limit. Is there some setting I can tune to allow pfBlocker to use more memory?
-
Hi,
The firewall uses its own 'fixed size' memory block for rules, definitions aliases etc.
What is the value of System > Advanced > Firewall & NAT > Firewall Maximum Table Entries
What is the size of the file "/var/db/aliastables/pfB_Europe_v4.txt" (or better : number of lines ) ? -
@gertjan
400000 (default) -
But not enough for pfl, it can't load what it found in the file /var/db/aliastables/pfB_Europe_v4.txt
-
@gertjan
Thank you for pointing that setting out. I added a "1" in front to make it a million and a half. No more alerts.
