There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy
-
@stephenw10 I have 3 locations. 3 6100, 2 of them are nearly identical configuration, most of the same components on the LAN. The 6100 that is throwing off these errors was replaced due to hardware at one time and so the config was restored. It's also the least configured of the 3 in terms of rules. I really wish I could give you more details but that location is pretty quiet..
-
@stephenw10 I forgot to mention that I have Tac Pro on this device, I plan to open a ticket
-
Yes, open a ticket if you haven't already. Link to this thread so TAC have the details here.
-
Just to be clear when this happens it just logs that and continues? It doesn't require manual intervention?
-
@stephenw10 It's crashed and I had to hire someone to go onsite and manually power cycle it
-
I assume not every time that error is shown though?
-
@stephenw10 No, just 2x
-
Hmm, OK. 2x too many!
Do you know if it remains responsive at the console when that happens?
-
@stephenw10 I wish I could say, but its a remote location and has only acted this way when I'm not on site... last time was 24 hours after I left...frustrating
-
Are you able to upload a status file to us to review?
-
@stephenw10 of course, pls tell me what to do =)
-
Great, you can pull the status_output file from the GUI. See:
https://docs.netgate.com/pfsense/en/latest/recipes/diagnostic-data.html#view-and-download-diagnostic-data-in-the-guiThen upload it here:
https://nc.netgate.com/nextcloud/s/YfciQktBin7fLEM -
@stephenw10 All done sir
-
Great I see that. Checking....
-
Mmm, OK nothing obvious there. I'm going to consult developers on this.
-
Ok, the likely cause here is a race condition between filter reloads triggered close to simultaneously.
That obviously shouldn't happen but you can probably mitigate it by tuning your gateway parameters for the WG_VPN_HQ gateway. Currently that is continually throwing alarms and reloading the filter every time it does. I suspect when you see this error it ends up thowing several alarms and queing up reloads.
I would try either setting the monitoring values to far higher numbers, say 50% and 500ms, or disabling monitoring action on the gateway. If that prevents or reduces the errors you're seeing that would prove the theory.
Steve
-
@stephenw10 From a troubleshooting standpoint, it makes sense since these overseas vpn can have spotty connection from time to time. I already made those adjustments... waiting to see what happened :D Thanks @stephenw10 much appreciated!
-
I’m also seeing this message pop up a lot recently on one of my 23.09.1 firewalls. I’m counting 8 messages between 4/15 to today (4/28).
It’s always an alert saying:
There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:Followed by another alert saying:
PF was wedged/busy and has been reset. -
Same question as the OP here. Anything logged? Any 'exotic' rules? Anything else unusual?
-
Same issue here, almost every day (some times twice a day)
06:30:00 PF was wedged/busy and has been reset.
06:30:00 There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:system general log
Aug 26 06:30:00 php-cgi 51879 rc.filter_configure_sync: New alert found: There were error(s) loading the rules: pfctl: DIOCADDRULENV: Device busy - The line in question reads [0]:
Aug 26 06:30:00 php-cgi 51879 rc.filter_configure_sync: New alert found: PF was wedged/busy and has been reset.
Aug 26 06:28:00 sshguard 54936 Now monitoring attacks.
Aug 26 06:28:00 sshguard 55063 Exiting on signal.
