DIOCADDRULENV Error
-
@stephenw10 FreeBSD pfSense.localdomain 15.0-CURRENT FreeBSD 15.0-CURRENT #0 plus-RELENG_24_03-n256311-e71f834dd81: Fri Apr 19 00:28:14 UTC 2024 root@freebsd:/var/jenkins/workspace/pfSense-Plus-snapshots-24_03-main/obj/amd64/Y4MAEJ2R/var/jenkins/workspace/pfSense-Plus-snapshots-24_03-main/sources/FreeBSD-src-plus-RELENG_24_03/amd64.amd64/sys/pfSense amd64
-
May 29 10:35:44 miniupnpd 94484 ioctl(dev, DIOCCHANGERULE, ...) PF_CHANGE_ADD_TAIL: File exists
Hi
I don't know if this will help or not
But, judging by the code in the kernel, this error (in fact, this is not even a global error) suggests that some program is trying to add a rule identical to the one that has already been loaded into the kernel .
in this way,in my opinion, this is not a system error, but an application that is trying to make changes to a certain ruleset -
@Konstanti conflict between pfblocker and suricata or my current rules conflicting with either of them?
-
More like a UPnP application in some downstream client trying to open the same port forward repeatedly.
However I would have thought miniupnpd would know that and not try to open it. Some more useful error in that situation seems likely.
-
@stephenw10 anyway to troubleshoot this?
-
Well first I'd try disabling upnp just be sure it stops.
Then try blocking individual hosts from opening upnp forwards and see if that can be narrowed down to a single host opening conflicting ports. Though as I say I'd expect miniupnpd to see that the port is already open and just reject the request....
-
@stephenw10 I'm away for a couple of days, I'll look into it when I get back. Thanks for your help.
