Error every 15 minutes - /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory
-
Hi,
Running on my Sg-3100 with latest 22.01 release.
Additional 120Gb m.2 SSD mounted.Every 15 minute I got error messages in my log and under notices saying:
There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6"
@ 2022-04-02 15:30:02I've searched through the forum and tried to increase System->Advanced->Firewall&NAT->Firewall Maximum Table Entries in steps up to 1250000 .. Also did Filter Reload after each change but still no differences...
Do someone have an idea?
Last hour in System log/General:
Apr 2 15:30:02 php 43856 rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" Apr 2 15:23:43 php-fpm 20290 /rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" Apr 2 15:23:40 check_reload_status 75016 Reloading filter Apr 2 15:23:29 php-fpm 68623 /rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" Apr 2 15:23:27 check_reload_status 75016 Reloading filter Apr 2 15:23:26 check_reload_status 75016 Syncing firewall Apr 2 15:23:26 php-fpm 20290 /system_advanced_firewall.php: Configuration Change: admin@192.168.1.105 (Local Database): Changed Advanced Firewall/NAT settings. Apr 2 15:22:00 sshguard 3942 Now monitoring attacks. Apr 2 15:22:00 sshguard 37664 Exiting on signal. Apr 2 15:19:43 php-fpm 20290 /index.php: Successful login for user 'admin' from: 192.168.1.105 (Local Database) Apr 2 15:15:02 php 18764 rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" Apr 2 15:11:04 arpwatch 92501 bogon 0.0.0.0 98:09:cf:73:b5:c9 Apr 2 15:11:03 arpwatch 92501 bogon 0.0.0.0 98:09:cf:73:b5:c9 Apr 2 15:11:03 arpwatch 92501 bogon 0.0.0.0 98:09:cf:73:b5:c9 Apr 2 15:00:02 php 89520 rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" Apr 2 14:45:02 php 56885 rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" Apr 2 14:30:02 php 36306 rc.filter_configure_sync: New alert found: There were error(s) loading the rules: /tmp/rules.debug:19: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [19]: table <bogonsv6> persist file "/etc/bogonsv6" Apr 2 14:30:00 sshguard 37664 Now monitoring attacks. Apr 2 14:30:00 sshguard 84721 Exiting on signal.
-
Is it exhausting the memory completely? Check the Status > Monitoring graphs.
Steve
-
@tpalsson There was a similar thread a few weeks ago about the IPv6 bogons on a 3100. I don't recall if the person ever figured it out. However, there's nothing about the 3100 that says it won't work, in fact we have one with it enabled. It's basically either a memory or table entries size question.
If you don't have IPv6 consider not loading the IPv6 bogons.
-
This post is deleted! -
@stephenw10 Seem to be very good.. 75% free, low usage
-
@steveits Unchecking "Allow IPv6" under System->Advanced->Networking seems to stop the errors... However, it should work with IPv6 enabled ?!
edit** Enabled it back again, and now I don't have any errors in my log...
Thank you for your help!
//T