4. errors loading rules after enabling pfblocker

errors loading rules after enabling pfblocker

  • J

    Running latest version

    Version 2.4.4-RELEASE-p2 (amd64)
    built on Wed Dec 12 07:40:18 EST 2018
    FreeBSD 11.2-RELEASE-p6

    When enabling pfblocker I keep getting the following error message. I have already increased the Firewall Maximum Table Entries to 400000 which is more than enough. see below output. any other ideas please?

    error:
    There were error(s) loading the rules: /tmp/rules.debug:25: cannot define table pfB_Top_v4: Cannot allocate memory - The line in question reads [25]: table <pfB_Top_v4> persist file "/var/db/aliastables/pfB_Top_v4.txt"
    @ 2019-05-09 14:22:25

    output of reload:
    UPDATE PROCESS START [ 05/09/19 14:23:10 ]

    ===[ DNSBL Process ]================================================

    Clearing all DNSBL Feeds
    ** DNSBL Disabled **

    ===[ GeoIP Process ]============================================

    [ pfB_Top_v4 ] Changes found... Updating

    [ pfB_Europe_v4 ] Changes found... Updating

    ===[ Aliastables / Rules ]==========================================

    No changes to Firewall rules, skipping Filter Reload

    Updating: pfB_Top_v4
    no changes.
    Updating: pfB_Europe_v4
    no changes.

    ===[ FINAL Processing ]=====================================

    [ Original IP count ] [ 159649 ]

    ===[ Deny List IP Counts ]===========================

    159649 total
    142161 /var/db/pfblockerng/deny/pfB_Top_v4.txt
    17488 /var/db/pfblockerng/deny/pfB_Europe_v4.txt

    ====================[ IPv4/6 Last Updated List Summary ]==============

    May 9 14:23 pfB_Top_v4
    May 9 14:23 pfB_Europe_v4

    ====================[ DNSBL Last Updated List Summary ]==============

    Jan 20 2018 Adaway
    Mar 18 2018 Cameleon
    Oct 26 2018 hpHosts_ads
    Nov 12 08:30 yoyo

    Alias table IP Counts

    159649 total
    142161 /var/db/aliastables/pfB_Top_v4.txt
    17488 /var/db/aliastables/pfB_Europe_v4.txt

    pfSense Table Stats

    table-entries hard limit 400000
    Table Usage Count 265803

    UPDATE PROCESS ENDED [ 05/09/19 14:23:15 ]

    0
    S
     1 Reply
  • S

    @jsbsmd I'd be concerned that it says "Cannot allocate memory". Do you have enough RAM free?

    0
  • J

    only using 36% of 1gb ram.

    0
  • S

    @jsbsmd said in errors loading rules after enabling pfblocker:

    Cannot allocate memory

    Perhaps it's insufficient Table States? Have a look at this thread.

    System > Advanced > Firewall & NAT
    Set Firewall Maximum Table Entries to 400000 (or just double the default value)

    0
    J
     1 Reply
  • J

    @Stewart , As you can see by my initial post I have set the setting to 400000 and according to the reload, the table is only 265803 in size.

    0
  • Moderator

    That limit needs to be approx 2.5X the size of all alias tables (pfB and any other pfSense / packages included)
    Just set it to 2M and forget about it.

    1
  • J

    That may have done the trick. I will keep monitoring. thanks.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2019 Rubicon Communications, LLC | Privacy Policy