Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Oddity with Firewall Rule

    Firewalling
    1
    2
    36
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      jlw52761
      last edited by

      I have an interface with a Allow All rule (IPv4+IPv6 *) but it seems like multicast and ICMP traffic is still being matched to the Default deny rule IPv4 according to the logs, even if I do an easy rule. Can't figure out why the Allow All isn't matching, or really any other allow rules on the interface for that matter.
      Any thoughts on what I'm missing? It is a Routed VTI interface, not sure that matters though.

      J 1 Reply Last reply Reply Quote 0
      • J
        jlw52761 @jlw52761
        last edited by

        Found this in the logs

        There were error(s) loading the rules: /tmp/rules.debug:57: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [57]: table <bogonsv6> persist file "/etc/bogonsv6"

        Increased the Firewall Maximum Table Entries from 400000 to 800000 and was able to do a full filter reload. So apparently I couldn't load all the firewall filters was the root issue.

        1 Reply Last reply Reply Quote 1
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.