Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    URLs Aliases causing system (or rather network) downtime

    Scheduled Pinned Locked Moved General pfSense Questions
    3 Posts 3 Posters 426 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • 0
      0tt0
      last edited by

      Been troubleshooting and recovering from downtime this morning.

      In GUI I had some 600 (!) errors stating stuff like:

      There were error(s) loading the rules: /tmp/rules.debug:65: cannot define table IP_CINSscore_badguys_list: Cannot allocate memory - The line in question reads [65]: table <IP_CINSscore_badguys_list> persist file "/var/db/aliastables/IP_CINSscore_badguys_list.txt"

      Nothing behind pfS could surf through to the Internet. Traffic from outside seemed also to be blocked.
      However, from the fw itself, I could use both hostnames and IPs, in outbound pings for instance.
      This probably due to the fact that do not enter on any interface but produce the traffic from within the system itself and hence do not trigger the fw rules that are set up.

      I'm guessing that this URL: http://cinsscore.com/list/ci-badguys.txt

      for some reason made the alias that it fills with IPs incorrect. That alias is used in one of a number of a floating rules that exists in the system and blocks anything emanating or going to IPs on those lists.

      I guess that somehow shit went in that alias to make it always hit and hence block all traffic.

      I did a reboot and it seems that cleared what was to clear.

      Similar experiences are reported, this one seems quite similar, at leeast when it comes to the error msg:
      https://forum.pfsense.org/index.php?topic=112268.msg625417#msg625417

      So, downtime is bad, users gets annoyed. Anything I could do to lessen the impact for the future? What kind of error checks are done?
      How often are the aliases re-filled?

      CORRECTION, during the last 20 min I have gotten 2 new errors like above in GUI.

      I do have a vague recollection of perhaps some time in the past changing a mem value somewhere, but I don't remember exactly where that was.

      This system is on: 2.3.4-RELEASE (i386)

      Ideas/comments???

      TIA,

      1 Reply Last reply Reply Quote 0
      • dragoangelD
        dragoangel
        last edited by

        You find the trouble point?

        Latest stable pfSense on 2x XG-7100 and 1x Intel Xeon Server, running mutiWAN, he.net IPv6, pfBlockerNG-devel, HAProxy-devel, Syslog-ng, Zabbix-agent, OpenVPN, IPsec site-to-site, DNS-over-TLS...
        Unifi AP-AC-LR with EAP RADIUS, US-24

        1 Reply Last reply Reply Quote 0
        • KOMK
          KOM
          last edited by

          Start a new thread if you have a problem instead of digging up this zombie.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.