Error loading the rules



  • Good Morning!

    Ipv6/Ipv4 is working well. But why i have this errors in Status: System logs: System:

    Apr 4 09:26:39 php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:103: cannot define table bogonsv6: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [103]: table <bogonsv6>persist file "/etc/bogonsv6"

    How to remove this error? i try to "touch /etc/bogonsv6" still the errors keep appearing on System logs…

    Thanks,
    jigp</bogonsv6>



  • Out of curiosity, how much RAM do you have in that box?



  • A few weeks ago I ran across the same problem.
    My box is a vm with 2 physical processors and 6 gb ram allocated.
    Manually setting Firewall Maximum Table Entries to 1000000 in system -> advanced -> Firewall / NAT seems to have solved the problem.



  • Hi!

    @wagonza - 3GB RAM and im the only one user connected. No packages installed too. I have NAT enable manually…

    @Floris - Ok ill use your method and test it.

    Thanks,
    jigpe



  • @Floriz - Ive tried that now..then reset states and reboot..Same thing..Error still the same.. Ive tried Firewall Optimization Options set to normal,high latency,aggressive even conservative (reset state and reboot every options) nothing happen still the same error..


  • Rebel Alliance Developer Netgate

    That would be tied to the table space size. It's under System > Advanced on the Firewall/NAT page.

    Do you have any other really large aliases? Or something that loads a bunch of table entries like pfBlocker?

    The bogonsv6 list can be quite large when it's loaded, over 54,000 entries, so it will take quite a bit of table space.

    When you run out of table room you end up in a chicken-and-egg scenario where it needs to load the rules to increase the table size but it can't increase the table size because it can't load the rules. You can sidestep that by running:

    pfctl -F Tables
    

    Then forcing a filter reload (Status > Filter Reload)



  • After making changes on the state and reboot it for 2x, the box freezed :( I saw no errors. I cant even connect to ssh pf menu.. Ill reformat it now and use the latest snapshot http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/i386/pfSense_HEAD/livecd_installer/pfSense-LiveCD-2.1-DEVELOPMENT-i386-20120409-1444.iso.gz


Log in to reply