Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    errors loading rules after enabling pfblocker

    General pfSense Questions
    3
    7
    427
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jsbsmd last edited by jsbsmd

      Running latest version

      Version 2.4.4-RELEASE-p2 (amd64)
      built on Wed Dec 12 07:40:18 EST 2018
      FreeBSD 11.2-RELEASE-p6

      When enabling pfblocker I keep getting the following error message. I have already increased the Firewall Maximum Table Entries to 400000 which is more than enough. see below output. any other ideas please?

      error:
      There were error(s) loading the rules: /tmp/rules.debug:25: cannot define table pfB_Top_v4: Cannot allocate memory - The line in question reads [25]: table <pfB_Top_v4> persist file "/var/db/aliastables/pfB_Top_v4.txt"
      @ 2019-05-09 14:22:25

      output of reload:
      UPDATE PROCESS START [ 05/09/19 14:23:10 ]

      ===[ DNSBL Process ]================================================

      Clearing all DNSBL Feeds
      ** DNSBL Disabled **

      ===[ GeoIP Process ]============================================

      [ pfB_Top_v4 ] Changes found... Updating

      [ pfB_Europe_v4 ] Changes found... Updating

      ===[ Aliastables / Rules ]==========================================

      No changes to Firewall rules, skipping Filter Reload

      Updating: pfB_Top_v4
      no changes.
      Updating: pfB_Europe_v4
      no changes.

      ===[ FINAL Processing ]=====================================

      [ Original IP count ] [ 159649 ]

      ===[ Deny List IP Counts ]===========================

      159649 total
      142161 /var/db/pfblockerng/deny/pfB_Top_v4.txt
      17488 /var/db/pfblockerng/deny/pfB_Europe_v4.txt

      ====================[ IPv4/6 Last Updated List Summary ]==============

      May 9 14:23 pfB_Top_v4
      May 9 14:23 pfB_Europe_v4

      ====================[ DNSBL Last Updated List Summary ]==============

      Jan 20 2018 Adaway
      Mar 18 2018 Cameleon
      Oct 26 2018 hpHosts_ads
      Nov 12 08:30 yoyo

      Alias table IP Counts

      159649 total
      142161 /var/db/aliastables/pfB_Top_v4.txt
      17488 /var/db/aliastables/pfB_Europe_v4.txt

      pfSense Table Stats

      table-entries hard limit 400000
      Table Usage Count 265803

      UPDATE PROCESS ENDED [ 05/09/19 14:23:15 ]

      S 1 Reply Last reply Reply Quote 0
      • S
        Stewart @jsbsmd last edited by

        @jsbsmd I'd be concerned that it says "Cannot allocate memory". Do you have enough RAM free?

        1 Reply Last reply Reply Quote 0
        • J
          jsbsmd last edited by

          only using 36% of 1gb ram.

          1 Reply Last reply Reply Quote 0
          • S
            Stewart last edited by Stewart

            @jsbsmd said in errors loading rules after enabling pfblocker:

            Cannot allocate memory

            Perhaps it's insufficient Table States? Have a look at this thread.

            System > Advanced > Firewall & NAT
            Set Firewall Maximum Table Entries to 400000 (or just double the default value)

            J 1 Reply Last reply Reply Quote 0
            • J
              jsbsmd @Stewart last edited by

              @Stewart , As you can see by my initial post I have set the setting to 400000 and according to the reload, the table is only 265803 in size.

              1 Reply Last reply Reply Quote 0
              • BBcan177
                BBcan177 Moderator last edited by

                That limit needs to be approx 2.5X the size of all alias tables (pfB and any other pfSense / packages included)
                Just set it to 2M and forget about it.

                1 Reply Last reply Reply Quote 1
                • J
                  jsbsmd last edited by

                  That may have done the trick. I will keep monitoring. thanks.

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post

                  Products

                  • Platform Overview
                  • TNSR
                  • pfSense
                  • Appliances

                  Services

                  • Training
                  • Professional Services

                  Support

                  • Subscription Plans
                  • Contact Support
                  • Product Lifecycle
                  • Documentation

                  News

                  • Media Coverage
                  • Press
                  • Events

                  Resources

                  • Blog
                  • FAQ
                  • Find a Partner
                  • Resource Library
                  • Security Information

                  Company

                  • About Us
                  • Careers
                  • Partners
                  • Contact Us
                  • Legal
                  Our Mission

                  We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

                  Subscribe to our Newsletter

                  Product information, software announcements, and special offers. See our newsletter archive to sign up for future newsletters and to read past announcements.

                  © 2021 Rubicon Communications, LLC | Privacy Policy