Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PF was wedged/busy and has been reset

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 7.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • panzP
      panz
      last edited by

      I'm using pfSense 2.1.4-RELEASE (amd64) + pfblocker + snort.

      I'm getting the message PF was wedged/busy and has been reset

      when using AirVPN from a Win7-64bit machine inside my LAN network (I'm using the official OpenVPN client v. 2.3.4-I001).

      pfSense stops working and displays that message in the notification area. I didn't setup no other rules beside those automatically created by pfblocker.

      If I look in Services –> Snort --> Blocked tab I can see that Snort isn't blocking anything so, at first glance, the problem seems not related here.

      my setup:
      pfSense firewall 2.1.4-RELEASE (amd64)
      motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ Hard Disk: Western Digital WD10JFCX Red.

      pfSense 2.3.2-RELEASE-p1 (amd64)
      motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

      1 Reply Last reply Reply Quote 0
      • KOMK
        KOM
        last edited by

        The only other forum post I could find related to this error was to do with bad rules.  Do you happen to have anything like [ There were error(s) loading the rules: - The line in question reads…[/b] in your logs?

        1 Reply Last reply Reply Quote 0
        • panzP
          panz
          last edited by

          Yes, there was that message, but I can't remember the exact content. The strange thing is that this setup worked flawlessly for months and no rules are setup except for the "standard" ones.

          pfSense 2.3.2-RELEASE-p1 (amd64)
          motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

          1 Reply Last reply Reply Quote 0
          • KOMK
            KOM
            last edited by

            If I remember, there have been some updates to the Snort site and some strange behaviour with them moving some files around.  I'm wondering if maybe you've got a corrupted ruleset somehow.

            1 Reply Last reply Reply Quote 0
            • BBcan177B
              BBcan177 Moderator
              last edited by

              In filter.inc

              https://github.com/pfsense/pfsense/blob/master/etc/inc/filter.inc

              It contains the code that produced the log message:

              
$_grbg = exec("/sbin/pfctl -o basic -f {$g['tmp_path']}/rules.debug 2>&1", $rules_error, $rules_loading);


              
/* Brutal ugly hack but required -- PF is stuck, unwedge */
		if (strstr("$rules_error[0]", "busy")) {
			exec("/sbin/pfctl -d; /sbin/pfctl -e; /sbin/pfctl -f {$g['tmp_path']}/rules.debug");
			$error_msg = gettext("PF was wedged/busy and has been reset.");
			file_notice("pf_busy", $error_msg, "pf_busy", "");

              pfctl -o basic -f /tmp/rules.debug

              You might want to try running this command in the shell to see if it reports any errors? or look at the /tmp/rules.debug for anything out of the ordinary? As always make a Full Backup of the config file before proceeding.

              "Experience is something you don't get until just after you need it."

              Website: http://pfBlockerNG.com
              Twitter: @BBcan177  #pfBlockerNG
              Reddit: https://www.reddit.com/r/pfBlockerNG/new/

              1 Reply Last reply Reply Quote 0
              • panzP
                panz
                last edited by

                I've just reinstalled Snort keeping the Preferences. Tomorrow I'm going to test it again.

                pfSense 2.3.2-RELEASE-p1 (amd64)
                motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

                1 Reply Last reply Reply Quote 0
                • panzP
                  panz
                  last edited by

                  No luck: received this message today

                  [ There were error(s) loading the rules: pfctl: DIOCXCOMMIT: Device busy - The line in question reads [0]: ]

                  pfSense 2.3.2-RELEASE-p1 (amd64)
                  motherboard: MSI C847MS-E33 Micro ATX (with Intel Celeron CPU 847 @ 1.10 GHz) ~ PSU: Corsair VS350 ~ RAM: Kingston KVR1333D3E9S 4096 MB 240-pin DIMM DDR3 SDRAM 1.5 volt ~ NIC: Intel EXPI9301CTBLK (LAN) ~ NIC: D-Link DFE-528TX (CAM) ~ Hard Disk: Western Digital WD10JFCX Red ~ Case: Cooler Master HAF XB ~ power consumption: 21 Watts.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.