pfBlockerNG Cannot Allocate Memory errors

Networking & Firewalls
1

Hi all. New to the forums, but have been enjoying Tom’s videos for the last year+. I have a Netgate SG3100 running pfSense with pfBlockerNG. I periodically get errors like this one:

There were error(s) loading the rules: /tmp/rules.debug:31: cannot define table pfB_Europe_v4: Cannot allocate memory - The line in question reads [31]: table <pfB_Europe_v4> persist file “/var/db/aliastables/pfB_Europe_v4.txt”

Googling this, I found people recommend increasing “Firewall Maximum Table Entries” in System > Advanced > Firewall & NAT from its default to 400000 (or more). I’ve tried this. I even went as high as 900000 but the error still persists. Any ideas? Did I do something wrong?

Thanks in advance,
Mike

2

Try increasing it more, sounds like it is still exceeding the table size.

3

I’ve increased it 10x over the previous setting (its now 4000000). No difference. I would think at the very least, that this would change which file and line the system has a problem loading, but it still reports the same file and line. The problem has to be elsewhere, I would think. Or there is some kind of problem in that pfB_Europe_v4.txt file? I wonder if uninstalling and then reinstalling pfBlocker would delete that file?

4

The file should get updated automatically, but in case something is stuck you can try that.

1 Like
5

I had this same issue the other day after added 1 new rule manually. It appeared to have broken a lot of my things until I doubled the maximum table entries. I also increased the maximum states.

Finally, I ended up disabling all pfBlockerRules under the firewall section, applying, and then rebooting. Once it booted back up I turned them back on, applied, and rebooted again. Error went away.

Hope this helps you because it was driving me nuts that adding only one rule broke a bunch of my rules.

2 Likes
6

Thanks Mike. I will be giving this a try. The problem started for me after either adding or editing a rule. I can’t remember which. But it sounds like a similar issue. I will report back what I find out.

2 Likes
7

Sorry for the late update. I wanted to report back that this has been resolved per @itsmikeboyd suggestion.

Disabling, then restarting and then re-enabling did the trick for me. Pfblocker now loads without errors.

Thanks again.

2 Likes
8

Awesome. Glad to hear that worked for you.

9

I am having the same issue, even after I tried what @itsmikeboyd suggested; also have the SG-3100.

My Firewall Maximum Table Entries is currently at 500000. How high can I safely go?

10

First I need to tell you I am new at this. I have the same issue, I have done the uncheck/reload/recheck/reload a few times, I have even taken a TON of blocked IPs out of the GEOip lists. I keep getting random errors There were error(s) loading the rules: /tmp/rules.debug:18: cannot define table bogonsv6: Cannot allocate memory - The line in question reads [18]: table <bogonsv6> persist file "/etc/bogonsv6"
@ 2020-04-11 04:22:35 can not figure it out. I have set the Logging file area. to like 60000 on all fields. what am i missing. Thanks

11

So, after several months of giving up on pfBlocker in favor of using piHole (worked great) I decided to give pfBlocker another try after watching Tom’s video on the latest 2.2.5 release. After upgrading to it, I started encountering the same error (Europe_v4 in my case). Thinking that to be odd, I decided to uninstall the package after unchecking the “Keep Settings” option to wipe out any existing config figuring that something was just mucked up in my install. I then did a clean install of the package and started anew. I’m happy to say that eliminated the error and I’m happily running without several alerts every day about that problem. If you are still having the problem, this may be worth a try.