Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Lot's of Chinese networks getting through.

    Scheduled Pinned Locked Moved pfBlockerNG
    5 Posts 3 Posters 949 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S
      STEMApps
      last edited by STEMApps

      I love this add on!! It's is pretty well THE reason I abandoned my old homebuilt pfSense firewal and bought an SG-5100 ready to go.

      It has worked brilliantly until this week. As I said in the last post, having trouble loading files as indicated.
      11:19:20 There were error(s) loading the rules: /tmp/rules.debug:25: cannot define table pfB_Top_v6: Cannot allocate memory - The line in question reads [25]: table <pfB_Top_v6> persist file "/var/db/aliastables/pfB_Top_v6.txt"

      Today I have caught multiple blocks of Chinese IPs (that should be blocked) getting through to my SMTP server and running dictionary attacks.
      211.91.58.92, 60.19.64.6, 122.228.136.174, 183.240.55.115

      For now I'm adding them to the rules by hand but they were previosly blocked as I remember.

      johnpozJ GertjanG 2 Replies Last reply Reply Quote 0
      • johnpozJ
        johnpoz LAYER 8 Global Moderator @STEMApps
        last edited by johnpoz

        @stemapps well up the memory.. This has been a known issue for like couple of years when using stuff that large tables like IPv6 and lots of pfblocker tables..

        pfSense Advanced / Firewall-NAT / Firewall Maximum Table Entries

        An intelligent man is sometimes forced to be drunk to spend time with his fools
        If you get confused: Listen to the Music Play
        Please don't Chat/PM me for help, unless mod related
        SG-4860 24.11 | Lab VMs 2.8, 24.11

        S 1 Reply Last reply Reply Quote 0
        • S
          STEMApps @johnpoz
          last edited by

          @johnpoz

          At this point I'm only using IPV4 on the router. IPV6 is turned off.

          Would you say I do or don't have a memory issue?

          afd03051-d2af-4046-9844-c88bb3a15bd0-image.png

          1 Reply Last reply Reply Quote 0
          • GertjanG
            Gertjan @STEMApps
            last edited by

            @stemapps said in Lot's of Chinese networks getting through.:

            The line in question reads [25]: table <pfB_Top_v6> persist file "/var/db/aliastables/pfB_Top_v6.txt"

            IPv6 alias files while your not using IPv6 ?

            @stemapps said in Lot's of Chinese networks getting through.:

            /tmp/rules.debug:25: cannot define table

            See here : [SOLVED] /tmp/rules.debug:42 Cannot allocate memory

            @stemapps said in Lot's of Chinese networks getting through.:

            211.91.x.92, 60.19.64.6, 122.228.y.174, 183.240.a.115

            If you use a 'linux' based mail solution (= postfix) go for fail2ban on the mail server. That will take care of things.
            GEOIP based filtering never really was what it concept promised. This will not get better when IPv6 starts to ramp up.

            No "help me" PM's please. Use the forum, the community will thank you.
            Edit : and where are the logs ??

            S 1 Reply Last reply Reply Quote 1
            • S
              STEMApps @Gertjan
              last edited by

              @gertjan

              Thank you. Adjusted as recommended and no further problems. Reminds of the DOS days when you had to define the number of file handles.

              Never crossed my mind that there was the same thing for tables.

              1 Reply Last reply Reply Quote 0
              • First post
                Last post
              Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.