pfBlockerNG with RAM Disk on 25.03 beta
-
I switched to ram disk yesterday as a test (since writes on ssd are a bit high)
In the morning pfblocker ng failed miserably, due to disk full, which led to no internet due to dns.
Apart that this should not occur (but its more of a feature than a bug)
Tried increasing ram disk up to 12 gigs and rerun cron.
System recovered but I would get strange errors likecat: /var/db/pfblockerng/dnsbl/UT1_malware.txt write error (but no indication where cat goes)
df -h shows disks are far from full.
Switching back to hdd resolves everything.
Before digging any further, is pfblockerng supposed to work with ram disks?
And if yes, how much space does it need? e.g. more than say, 16gigs?
Current df shows that everything fits in 12G.Filesystem Size Used Avail Capacity Mounted on pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456 13G 1.4G 11G 11% / devfs 1.0K 0B 1.0K 0% /dev pfSense/home 11G 168K 11G 0% /home pfSense 11G 96K 11G 0% /pfSense pfSense/tmp 11G 420K 11G 0% /tmp pfSense/var 11G 21M 11G 0% /var pfSense/reservation 13G 96K 13G 0% /pfSense/reservation pfSense/var/log 11G 51M 11G 0% /var/log pfSense/var/empty 11G 96K 11G 0% /var/empty pfSense/var/cache 11G 96K 11G 0% /var/cache pfSense/var/db 12G 155M 11G 1% /var/db pfSense/var/tmp 11G 840K 11G 0% /var/tmp pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456/cf 11G 4.9M 11G 0% /cf pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456/var_cache_pkg 12G 223M 11G 2% /var/cache/pkg pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456/var_db_pkg 11G 7.9M 11G 0% /var/db/pkg tmpfs 4.0M 200K 3.8M 5% /var/run /lib 13G 1.4G 11G 11% /var/unbound/lib devfs 1.0K 0B 1.0K 0% /var/unbound/dev /var/log/pfblockerng 11G 51M 11G 0% /var/unbound/var/log/pfblockerng /usr/local/share/GeoIP 13G 1.4G 11G 11% /var/unbound/usr/local/share/GeoIP /usr/local/bin 13G 1.4G 11G 11% /var/unbound/usr/local/bin /usr/local/lib 13G 1.4G 11G 11% /var/unbound/usr/local/lib -
@netblues Yes, pfB works with RAM disks.
And the required RAM disk size depends on a number of factors relative to total system RAM that's left over and not reserved for the RAM disk. The more feeds you have configured, for example, the more system RAM (not RAM disk) the system needs available to process a feed update. So if you've created a RAM disk which takes away from total system RAM, now your system may be lacking enough memory to process a pfB update.
You're missing some key troubleshooting information to pinpoint exactly why pfB might've crashed and then started throwing errors once you got it restarted. But, assuming you're sure your system still has enough available memory after creation of the RAM disk, you might try increasing the maximum table size (
System / Advanced / Firewall & NAT>Firewall Maximum Table Entries).https://docs.netgate.com/pfsense/en/latest/packages/pfblocker.html#faq
(Also... no DNS ≠no internet. Nothing about a bug or a feature there. You were simply without a local operational DNS resolver but presumably maintained internet connectivity.)
-
@tinfoilmatt said in pfBlockerNG with RAM Disk on 25.03 beta:
still has enough available memory after creation of the RAM disk, you might try increasing the maximum table size (System / Advanced / Firewall & NAT > Firewall Maximum Table Entries).
This would be the case if the errors surfaced when applying the rules.
This is quite different. Errors appear when creating lists.
And its far from loading much anyway.
System is a vm with 20 gigs with ram, and never consumes more than 16, even with a 10 gig ram disk.And it didn't crash. It just can't update itself anymore.
Connectivity is one thing. Internet is another. And without dns, the latter is not possible, but we all know this anyways.
So I guess is some corner situation.
I'll try removing package, switch to ram disk, and reinstall and see what happens. -
@netblues You got this.
-
@netblues pfB is just fine with a RAM disk. The UT1 list is massive. Tried it once to help someone and it overran the 1GB RAM disk while extracting IIRC. Had to delete its files to recover. Did not pursue. Try to check space during an update?
-
Removed and reinstalled while on ramdisk (with keep settings)
2 gigs tmp + 2 gigs of var. is enough.
Now everything updates at it should
Also worked with 6G+6GFilesystem Size Used Avail Capacity Mounted on pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456 13G 1.4G 11G 11% / devfs 1.0K 0B 1.0K 0% /dev pfSense 11G 96K 11G 0% /pfSense pfSense/home 11G 168K 11G 0% /home pfSense/reservation 13G 96K 13G 0% /pfSense/reservation tmpfs 2.0G 580K 2.0G 0% /tmp tmpfs 2.0G 664M 1.3G 33% /var pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456/cf 11G 54M 11G 0% /cf pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456/var_cache_pkg 12G 223M 11G 2% /var/cache/pkg pfSense/ROOT/default_20240714144502_20250329075912_20250329082412_20250329142348_20250401180456/var_db_pkg 11G 7.9M 11G 0% /var/db/pkg /lib 13G 1.4G 11G 11% /var/unbound/lib devfs 1.0K 0B 1.0K 0% /var/unbound/dev /var/log/pfblockerng 2.0G 664M 1.3G 33% /var/unbound/var/log/pfblockerng /usr/local/share/GeoIP 13G 1.4G 11G 11% /var/unbound/usr/local/share/GeoIP /usr/local/bin 13G 1.4G 11G 11% /var/unbound/usr/local/bin /usr/local/lib 13G 1.4G 11G 11% /var/unbound/usr/local/lib -
@netblues And you didn't even need to waste your time with this thread. Good job.
