• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

Changing a Lan rule causing errors

2.1 Snapshot Feedback and Problems - RETIRED
4
6
4.4k
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • D
    Daboom
    last edited by Sep 3, 2013, 11:42 PM

    I am seeing a lot of this lately between builds not sure if this has come up for others yet. But it can either knock me offline completely or partially ie no new connections outbound.

    09-03-13 10:51:45 [ There were error(s) loading the rules: /tmp/rules.debug:24: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [24]: table persist file /etc/bogonsv6]

    any thoughts?

    2.1-RC1 (i386)
    built on Fri Aug 30 13:39:32 EDT 2013
    FreeBSD 8.3-RELEASE-p10

    Update available. Click Here to view update.
    Platform nanobsd (4g)
    NanoBSD Boot Slice pfsense0 / ad0s1 (ro)
    CPU Type Geode(TM) Integrated Processor by AMD PCS
    Uptime 3 Days 18 Hours 40 Minutes 27 Seconds
    Current date/time
    Tue Sep 3 19:38:27 EDT 2013

    Also since I upgraded to this recent release my ipv6 gateway was configured to the wrong interface. I had to delete the default ipv6 gateway and add the proper one myself. Which will be fine till i either reboot or have to reconnect again to my isp who uses ipv6cp to setup the ipv6 stuff.

    1 Reply Last reply Reply Quote 0
    • E
      eri--
      last edited by Sep 4, 2013, 7:05 AM

      Do you have low resources on the box?

      1 Reply Last reply Reply Quote 0
      • D
        doktornotor Banned
        last edited by Sep 4, 2013, 8:18 AM

        Yeah, thoughts are to NOT use the bogonv6 thing at all. Way too huge for Alix.

        1 Reply Last reply Reply Quote 0
        • P
          phil.davis
          last edited by Sep 4, 2013, 9:34 AM

          I put a few checks for that in the code a while ago. From my memory, if you do NOT have "Block bogon networks" selected on any interface, then it does NOT implement the bogonsv6 table into pf. And, if System, Advanced, Networking, Allow IPv6 is unchecked, then it also does NOT implement the bogonsv6 table into pf.
          Of course, if you are using IPv6 and want to block bogons, then you get the table. It is huge and I guess that's the way it is, what to do? On 256MB (Alix…) it is 1 more thing that uses up your memory.

          As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
          If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

          1 Reply Last reply Reply Quote 0
          • D
            doktornotor Banned
            last edited by Sep 4, 2013, 1:04 PM Sep 4, 2013, 1:02 PM

            @phil.davis:

            It is huge and I guess that's the way it is, what to do? On 256MB (Alix…) it is 1 more thing that uses up your memory.

            Pretty much nothing to do… I'd like to have the bogonsv6 thing split from the v4 ones if anything (as in, split checkbox in the GUI would make sense on nanobsd at least.)

            Anyway, I created a custom IPv4 bogons list in pfBblocker (alias only, http://files.pfsense.org/lists/fullbogons-ipv4.txt), using it where I need, the bogons checkbox unchecked, problem solved. (AFAIK there still is the insane 8000::/1 entry in there, which includes the link-local addresses and causing bugs mentioned on other threads.)

            1 Reply Last reply Reply Quote 0
            • D
              Daboom
              last edited by Sep 4, 2013, 11:20 PM

              Thanks everyone
              Seems like it's be easier to just disable it on my two outgoing interfaces.  According to dashboard it is sitting at 81% memory used now with that feature on.

              1 Reply Last reply Reply Quote 0
              4 out of 6
              • First post
                4/6
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.