There error(s) loading the rules: pfctl: DIOCXCOMMIT: Device busy
-
Hmmm, another update. Sorry for appearing to spam this but I'm genuinely not!
Anyway, it appears that after my ISP (O2 UK) made some changes on the network last week, the way that my static IP address is handled has changed. Whereas before I set my static IP address manually, now they say that I have to use DHCP, where I will be assigned a reservation. I guess I've just worked out why.
So, after my 'fix' above of changing to a static IP on the WAN, the connection totally drops out after 30 minutes. A reboot doesn't sort it - the only thing that will sort it is going back to DHCP on the WAN. I guess the ISP is looking for the DHCP lease request, and if it doesn't get it then assumes the connection is down - or other such weirdness.
Anyway, it leads me back around to what started this thread. In DHCP mode on the WAN I'm getting this strange error (thread title).
Any more ideas are gratefully appreciated
Thanks,
Simon
-
Have you tried disabling pfBlocker and see if that fixes it?
-
@ermal:
Have you tried disabling pfBlocker and see if that fixes it?
Yup, I've tried that. Indeed, it disables itself when updating to the new snapshots that are released.
But do you mean just disabling it, or disabling all the aliased rules I have too?
-
Disable the package and the rules that reference aliases from it.
-
@ermal:
Disable the package and the rules that reference aliases from it.
Thanks - I'll try that tonight when I get home.
Is it enough to disable the rules, or do I actually have to delete them?
-
Just disable them.
Though the most important are the aliases content in this case. -
Hi,
Well that's interesting - I've just taken a gamble and done it remotely from the office.
I disabled the rules, then disabled pfBlocker and no error on reboot! Very strange.
So,
IPv6 tunnel ON, pfBlocker OFF, DHCP WAN address = No error
IPv6 tunnel ON, pfBlocker ON, Static WAN address = No error
IPv6 tunnel OFF, pfBlocker On, DHCP WAN address = No error
IPv6 tunnel ON, pfBlocker On, DHCP WAN address = error!So disabling any of pfBlocker, IPv6, or the DHCP address stops the error… I've very confused.
Thanks for your help so far
Simon
-
Me again! :)
OK, done some more testing.
With all the rules used for pfBlocker disabled, I then disabled all the individual lists that I load. Reboot - no error. Then one by one turned them back on, and once we got to the larger lists (then rebooting) it started to get the error again.
So putting together this, along with the post above, it just seems that a combination of things make the 'timeout' get reached, and for the error to occur, including adding larger lists into pfBlocker.
Is there a configurable option somewhere to set this timeout or to see in more detail as to what's 'failing'?
Thanks,
Simon
-
No its a pfblocker fault here on how it does things.
-
Thanks for that :) I'll ask pfBlocker guy to look at it
One last thing - are you sure, considering that I don't get this error just by disabling my IPv6 tunnel?
Many thanks for all your help
Simon
-
For me, this problem went away after I set "Top Spammers" to Disabled. All my other lists are still active.