Netgate 3100 RuleError:There were errors loading the rules: /tmp/rules.debug:18: cannot load

  • RuleError:There were errors loading the rules: /tmp/rules.debug:18: cannot load "/etc/bogonsv6": Invalid argument - The line in question reads [18]: table <bogonsv6> persist file "/etc/bogonsv6"

    I have already googled around about this error, and found many people saying its an old "update glitch". In order to fix it you need to increase the default Firewall Maximum Table Entries to 400,000. Well thats what my default value already was. And it even says in the description for that entry that "this devices default value is 400000". So I tried deleting the value completely so that it would be blank, which according to the description, would result in using the Default value, which SHOULD be 400000. But when I delete the entry, save, and reload, the default value is now 200,000. And the description has also changed itself to say that the "default value for this device is 200000". So after playing with it, the description just sets itself to w/e number you put in, so theres no real way of knowing what the default value is supposed to be. I have tried 200,000, this number causes filters to not even try to load...I think?.... I have tried 400,000. I have tried 500,000 (this requires a reboot). None of these numbers is the "magic number" to make this error stop.

    For reference I purchased a Netgate SG-3100-US.

    Can anyone help me with this?

  • First off, make sure your SG-3100 has the latest 2.4.5_p1 version (and not just plain vanilla 2.4.5).

    However, being on the latest release will not necessarily stop the error. From some things I recall reading in the past, this error will occur on the initial boot, but then later the rules will actually load if you make a firewall change that results in reloading of the rules.

    But the real root problem is the IPv6 Bogons table is just too stinking large. It is orders and orders of magnitude larger than the IPv4 Bogons table. If I were in your shoes, I would turn off the IPv6 Bogons table -- especially if you are not using any IPv6 in your network.

  • I am on 2.4.5-RELEASE-p1.

    I tried a tables entry of 1,000,000. it still was not working. so i have turned ipv6 off. even though I would really like to use ipv6.

  • LAYER 8 Netgate

    While the error is similar, "Invalid argument" is a different error than the out of memory, cannot allocate memory errors. Did /etc/bogonsv6 exist?

  • I have no idea. Nor do I know how to check that? Can you direct me?

  • LAYER 8 Netgate

    Diagnostics > Command Prompt

    Execute this:

    ls -l /etc/bogonsv6

    Please paste the output here.

  • -rw-r--r-- 1 root wheel 1860301 Jul 12 23:38 /etc/bogonsv6

  • LAYER 8 Netgate

    Hmm. I wonder if something is wrong with that file. You could try:

    mv /etc/bogonsv6 /root
    sh /etc/ force

  • first command output was blank. so i ran it a second time and got this:

    mv: /etc/bogonsv6: No such file or directory

    second command upon "execution" the output was again blank. running the command a second time returns this:

    wc: /tmp/bogons: open: No such file or directory
    egrep: /tmp/bogons: No such file or directory
    rm: /tmp/bogons: No such file or directory
    wc: /tmp/bogonsv6: open: No such file or directory
    egrep: /tmp/bogonsv6: No such file or directory
    rm: /tmp/bogonsv6: No such file or directory

    me thinks i need to just Reinstall with a fresh iso?

  • LAYER 8 Netgate

    Always an option.

  • @GunerX Try to temporary disable "Block bogon networks":
    Screenshot from 2020-07-20 08-18-10.png
    and run /etc/ (without force) again

Log in to reply