Netgate m1n1wall

Author Topic: Error loading the rules  (Read 3071 times)

0 Members and 1 Guest are viewing this topic.

Offline jigpe

  • Sr. Member
  • ****
  • Posts: 371
  • Karma: +0/-0
    • View Profile
Error loading the rules
« on: April 03, 2012, 08:32:36 pm »
Good Morning!

Ipv6/Ipv4 is working well. But why i have this errors in Status: System logs: System:

Apr 4 09:26:39   php: : New alert found: There were error(s) loading the rules: /tmp/rules.debug:103: cannot define table bogonsv6: Cannot allocate memory pfctl: Syntax error in config file: pf rules not loaded - The line in question reads [103]: table <bogonsv6> persist file "/etc/bogonsv6"

How to remove this error? i try to "touch /etc/bogonsv6" still the errors keep appearing on System logs...

Thanks,
jigp

Offline wagonza

  • Sr. Member
  • ****
  • Posts: 361
  • Karma: +0/-0
    • View Profile
    • The Packet Hub
Re: Error loading the rules
« Reply #1 on: April 04, 2012, 06:21:02 am »
Out of curiosity, how much RAM do you have in that box?

Offline iFloris

  • Full Member
  • ***
  • Posts: 169
  • Karma: +0/-0
  • one layer of information removed
    • View Profile
    • Small personal site
Re: Error loading the rules
« Reply #2 on: April 04, 2012, 06:35:15 am »
A few weeks ago I ran across the same problem.
My box is a vm with 2 physical processors and 6 gb ram allocated.
Manually setting Firewall Maximum Table Entries to 1000000 in system -> advanced -> Firewall / NAT seems to have solved the problem.
one layer of information
removed

Offline jigpe

  • Sr. Member
  • ****
  • Posts: 371
  • Karma: +0/-0
    • View Profile
Re: Error loading the rules
« Reply #3 on: April 04, 2012, 08:49:50 am »
Hi!

@wagonza - 3GB RAM and im the only one user connected. No packages installed too. I have NAT enable manually...

@Floris - Ok ill use your method and test it.

Thanks,
jigpe

Offline jigpe

  • Sr. Member
  • ****
  • Posts: 371
  • Karma: +0/-0
    • View Profile
Re: Error loading the rules
« Reply #4 on: April 04, 2012, 09:02:21 am »
@Floriz - Ive tried that now..then reset states and reboot..Same thing..Error still the same.. Ive tried Firewall Optimization Options set to normal,high latency,aggressive even conservative (reset state and reboot every options) nothing happen still the same error..

Offline jimp

  • Administrator
  • Hero Member
  • *****
  • Posts: 14994
  • Karma: +4/-0
    • View Profile
Re: Error loading the rules
« Reply #5 on: April 04, 2012, 09:56:03 am »
That would be tied to the table space size. It's under System > Advanced on the Firewall/NAT page.

Do you have any other really large aliases? Or something that loads a bunch of table entries like pfBlocker?

The bogonsv6 list can be quite large when it's loaded, over 54,000 entries, so it will take quite a bit of table space.

When you run out of table room you end up in a chicken-and-egg scenario where it needs to load the rules to increase the table size but it can't increase the table size because it can't load the rules. You can sidestep that by running:

Code: [Select]
pfctl -F Tables
Then forcing a filter reload (Status > Filter Reload)
Need help fast? Commercial Support!

Co-Author of pfSense: The Definitive Guide. - Check the Doc Wiki for FAQs.

Do not PM for help!

Offline jigpe

  • Sr. Member
  • ****
  • Posts: 371
  • Karma: +0/-0
    • View Profile
Re: Error loading the rules
« Reply #6 on: April 10, 2012, 12:11:08 am »
After making changes on the state and reboot it for 2x, the box freezed :( I saw no errors. I cant even connect to ssh pf menu.. Ill reformat it now and use the latest snapshot http://snapshots.pfsense.org/FreeBSD_RELENG_8_3/i386/pfSense_HEAD/livecd_installer/pfSense-LiveCD-2.1-DEVELOPMENT-i386-20120409-1444.iso.gz