Error loading rules
-
Hi there
I have encountered an error while loading my pfsense webinterface that says the following:There were error(s) loading the rules: /tmp/rules.debug:20: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [20]: table <bogonsv6> persist file "/etc/bogonsv6"
I tried to fix the problem using these links:
- https://forum.netgate.com/topic/129127/ruleerror-there-were-errors-loading-the-rules-tmp-rules-debug-18-cannot-alloc/5
- https://justinho.com/blog/2018/03/15/pfSense-Bogons.html
I have set Firewall Maximum Table Entries from 400000 to 800000 and yet I still get the error messages when restarting my pfsense router.
Any advice or comment about fixing this issue will be appreciated.
-
400000 is enough. 800000 is double enough.
Something else is going on.
How much RAM in the unit?
Running anything like pfBlockerNG or anything else that likes to create massive tables?
What does this output in Diagnostics > Command prompt?
pfctl -smAnd this:
wc -l /etc/bogonsv6and this:
ls -l /etc/bogonsv6and this:
for table in `pfctl -sT`; do echo -n $table; pfctl -T show -t $table | wc -l ; done -
Here are the details:
This is a screenshot of my system interface at the moment.Yes, I run pfBlockerNG. I also run squid and Snort.
Here are the results after executing the following commands:
-
pfctl -sm
states hard limit 20000
src-nodes hard limit 20000
frags hard limit 5000
table-entries hard limit 800000 -
wc -l /etc/bogonsv6
107666 /etc/bogonsv6 -
ls -l /etc/bogonsv6
-rw-r--r-- 1 root wheel 1733644 Apr 16 10:30 /etc/bogonsv6 -
for table in
pfctl -sT; do echo -n $table; pfctl -T show -t $table | wc -l ; done
bogons 3040
bogonsv6 107665
snort2c 0
sshguard 0
tonatsubnets 5
virusprot 0
webConfiguratorlockout 0
-
-
That all looks fine. You should not be receiving any errors.
I question that your swap is almost half full though.
209MB RAM? That's practically nothing. I give the smallest of my test VMs 512MB. That is likely your problem.
