PfBlocker broke my pfsense
-
I was so excited to run pfsense. I bought the gear, downloaded and installed pfsense and pfblocker, ran the wizard and I was off to the races. My box has 8Gb ram and 64Gb storage. I thought it could handle enabling TLD blocking. saved, reloaded, then it died. The console reported "Swap pager out of swap space" What did I do wrong? Is it that easy to blow up a PFsense box? It would only boot to a # prompt at which point I was at a loss on how to troubleshoot.
-
@mikep-0
With Unbound Mode, and TLD Enabled, Unbound will create a pointer in memory for each domain.
So more domains == more memory.
Click on the blue infoblock for the TLD option for more details.
There is code to try and reduce this issue, but there is no easy way to stop Unbound OOM.
With the new Python mode, it uses considerable less memory and is faster.
You should do a reboot following that OOM issue.
-
@mikep-0 said in PfBlocker broke my pfsense:
The console reported "Swap pager out of swap space"
Re-read your post. What else is using memory in your box?
Run a "top -aSH" to see
-
@bbcan177 Thanks for your reply. My kid had e-learning and I had to get something working. Unfortunately I blew it away and installed Untangle 14 day trial. I might reinstall and try again afterwards. Do I need more than 8 gigs of ram? The only packages I was running were suricata and pfblocker. Pfsense ought to have a "Safe-mode" choice of some kind where you can boot without loading packages. I would have tried restoring to factory defaults and attempt to reconfigure.
-
@mikep-0 said in PfBlocker broke my pfsense:
@bbcan177 Thanks for your reply. My kid had e-learning and I had to get something working. Unfortunately I blew it away and installed Untangle 14 day trial. I might reinstall and try again afterwards. Do I need more than 8 gigs of ram? The only packages I was running were suricata and pfblocker. Pfsense ought to have a "Safe-mode" choice of some kind where you can boot without loading packages. I would have tried restoring to factory defaults and attempt to reconfigure.
The wizard doesn't add that many domains, so if you just enabled TLD with the default wizard, 8GB of memory is more than enough. I suspect that you had some other issue that caused a lack of memory in your install.
Start with basic settings, see how it goes, ensure that its working for a bit, then add one things at a time, rinse and repeat...
-
@mikep-0 said in PfBlocker broke my pfsense:
Pfsense ought to have a "Safe-mode" choice of some kind where you can boot without loading packages
Did you not get the console menu during boot?
https://docs.netgate.com/pfsense/en/latest/config/factory-defaults.html -
@teamits I did not. It halted during boot and led me to a "#" prompt