• Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login
Netgate Discussion Forum
  • Categories
  • Recent
  • Tags
  • Popular
  • Users
  • Search
  • Register
  • Login

pfBlocker error in pfSense: There were error(s) loading the rules: /tmp/rules.debug:56:

Scheduled Pinned Locked Moved pfBlockerNG
4 Posts 3 Posters 728 Views
Loading More Posts
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • V
    VMlabman
    last edited by May 18, 2024, 10:05 PM

    I keep getting this error and am unable to find the source. I am not sure what list to remove from my feeds in pfBlocker.

    There were error(s) loading the rules: /tmp/rules.debug:56: cannot define table pfB_PRI5_v4: Cannot allocate memory - The line in question reads [56]: table <pfB_PRI5_v4> persist file "/var/db/aliastables/pfB_PRI5_v4.txt"
    @ 2024-05-18 10:06:59

    Any help would be great.

    G 1 Reply Last reply May 21, 2024, 2:54 PM Reply Quote 0
    • G
      Gertjan @VMlabman
      last edited by May 21, 2024, 2:54 PM

      @VMlabman said in pfBlocker error in pfSense: There were error(s) loading the rules: /tmp/rules.debug:56::

      "/var/db/aliastables/pfB_PRI5_v4.txt"

      SSH, or Console into your pfSense (do not use Diagnostics > Command Prompt ! ) and have a look at that file.

      If your fast enough :

      cat /var/db/aliastables/pfB_PRI5_v4.txt

      😊

      wc -l /var/db/aliastables/pfB_PRI5_v4.txt

      will count the number of lines = the number of networks / DNSBL
      The error was : all this can't be read into 'pf', the firewall.
      Solution : reduce your ... whatever you've selected.

      No "help me" PM's please. Use the forum, the community will thank you.
      Edit : and where are the logs ??

      V 1 Reply Last reply May 21, 2024, 7:41 PM Reply Quote 0
      • V
        VMlabman @Gertjan
        last edited by May 21, 2024, 7:41 PM

        @Gertjan

        Could it be that I have too many lists enabled in pfBlocker and just need to reduce my list? I will try to cat it and see what I get as well.

        J 1 Reply Last reply May 22, 2024, 10:31 AM Reply Quote 0
        • J
          jrey @VMlabman
          last edited by May 22, 2024, 10:31 AM

          @VMlabman said in pfBlocker error in pfSense: There were error(s) loading the rules: /tmp/rules.debug:56::

          Could it be that I have too many lists enabled

          yes,

          Could also be that the default "Firewall Maximum Table Entries" setting is too low.
          You will find this entry here: System -> Advanced -> Firewall & Nat

          A lot of people select far too many lists - generally not needed.
          the setting should generally be twice the value actually required. When the lists are processed to the firewall, the entire new set is created, then swapped into place.

          Look for this log entry in the pfbockerng.log. That will give you some guidance to the setting best suited for your case. In my case it is deliberately higher than the 2x referenced.

          pfSense Table Stats
-------------------
table-entries hard limit   600000
Table Usage Count         135911

          Just above that in the log you should see the summary, like this:

          Alias table IP Counts
-----------------------------
  134581 total
  107656 /var/db/aliastables/pfB_???_v4.txt
   11244 /var/db/aliastables/pfB_???_v4.txt
    6505 /var/db/aliastables/pfB_???_v4.txt
    6208 /var/db/aliastables/pfB_???_v4.txt
    2608 /var/db/aliastables/pfB_???_v4.txt
     228 /var/db/aliastables/pfB_???_v4.txt
     132 /var/db/aliastables/pfB_???_v4.txt

          the ??? will be the name of the list

          1 Reply Last reply Reply Quote 0
          4 out of 4
          • First post
            4/4
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.
            This community forum collects and processes your personal information.
            consent.not_received