Not sure if bug - pfBlocker - pfctl Cannot allocate memory



  • I'm really not sure if this is a bug, or if this is WAI and the list is actually too large. Here's the log messages:

    Apr 23 18:06:34	php: : The command '/sbin/pfctl -o basic -f /tmp/rules.debug' returned exit code '1', the output was '/tmp/rules.debug:17: cannot define table pfBlockerBluetack_level1: Cannot allocate memory /tmp/rules.debug:23: cannot define table pfBlockerBluetack_badpeers: Cannot allocate memory /tmp/rules.debug:27: cannot define table pfBlockerTBG_PrimaryThreats: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded'
    Apr 23 18:06:41	php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:17: cannot define table pfBlockerBluetack_level1: Cannot allocate memory /tmp/rules.debug:23: cannot define table pfBlockerBluetack_badpeers: Cannot allocate memory /tmp/rules.debug:27: cannot define table pfBlockerTBG_PrimaryThreats: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [17]: table <pfblockerbluetack_level1> persist file "/var/db/aliastables/pfBlockerBluetack_level1.txt"
    Apr 23 18:06:41	php: : There were error(s) loading the rules: /tmp/rules.debug:17: cannot define table pfBlockerBluetack_level1: Cannot allocate memory /tmp/rules.debug:23: cannot define table pfBlockerBluetack_badpeers: Cannot allocate memory /tmp/rules.debug:27: cannot define table pfBlockerTBG_PrimaryThreats: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [17]: table <pfblockerbluetack_level1> persist file "/var/db/aliastables/pfBlockerBluetack_level1.txt"</pfblockerbluetack_level1></pfblockerbluetack_level1>
    

    pfBlockerTBG_PrimaryThreats contains a total 308,602 ranges. pfBlockerBluetack_level1 is also rather large at 231,056 ranges. I'm not indicating any significant memory constraints (<40% utilized, 0% swap) so I'm just not sure if it's actually that much demand, too many entries to handle, or an actual bug.



  • It's not a bug, you need to:

    • empty/disable your lists

    • Increase Firewall Maximum Table Entries on system -> advanced -> firewall/nat

    • re enable pfblocker lists



  • @marcelloc:

    It's not a bug, you need to:

    • empty/disable your lists

    • Increase Firewall Maximum Table Entries on system -> advanced -> firewall/nat

    • re enable pfblocker lists

    Yep, there it was.. config defaulted to 200K and I didn't even notice it.

    There is a bug, though. After deleting lists, the table isn't being updated correctly. Reproducing is pretty easy, but iffy - add 5 lists, delete the 3rd. Aliases update correctly, but file table does not - instead it acts as though list 5 was deleted instead of list 3. Only happens sometimes though.


Log in to reply