There error(s) loading the rules: pfctl: DIOCXCOMMIT: Device busy

eri--

Have you tried disabling pfBlocker and see if that fixes it?

S_D

@ermal:

Have you tried disabling pfBlocker and see if that fixes it?

Yup, I've tried that. Indeed, it disables itself when updating to the new snapshots that are released.

But do you mean just disabling it, or disabling all the aliased rules I have too?

eri--

Disable the package and the rules that reference aliases from it.

S_D

@ermal:

Disable the package and the rules that reference aliases from it.

Thanks - I'll try that tonight when I get home.

Is it enough to disable the rules, or do I actually have to delete them?

eri--

Just disable them.
Though the most important are the aliases content in this case.

S_D

Hi,

Well that's interesting - I've just taken a gamble and done it remotely from the office.
I disabled the rules, then disabled pfBlocker and no error on reboot! Very strange.
So,
IPv6 tunnel ON, pfBlocker OFF, DHCP WAN address = No error
IPv6 tunnel ON, pfBlocker ON, Static WAN address = No error
IPv6 tunnel OFF, pfBlocker On, DHCP WAN address = No error
IPv6 tunnel ON, pfBlocker On, DHCP WAN address = error!

So disabling any of pfBlocker, IPv6, or the DHCP address stops the error… I've very confused.

Thanks for your help so far

Simon

S_D

Me again! :)

OK, done some more testing.

With all the rules used for pfBlocker disabled, I then disabled all the individual lists that I load. Reboot - no error. Then one by one turned them back on, and once we got to the larger lists (then rebooting) it started to get the error again.

So putting together this, along with the post above, it just seems that a combination of things make the 'timeout' get reached, and for the error to occur, including adding larger lists into pfBlocker.

Is there a configurable option somewhere to set this timeout or to see in more detail as to what's 'failing'?

Thanks,

Simon

eri--

No its a pfblocker fault here on how it does things.

S_D

Thanks for that :) I'll ask pfBlocker guy to look at it

One last thing - are you sure, considering that I don't get this error just by disabling my IPv6 tunnel?

Many thanks for all your help

Simon

priller

For me, this problem went away after I set "Top Spammers" to Disabled.  All my other lists are still active.