Pfsense Error - pflockerng

I am getting this error in my webUI:

There were error(s) loading the rules: /tmp/rules.debug:42: cannot define table pfB_Oceania_v4: Cannot allocate memory - The line in question reads [42]: table <pfB_Oceania_v4> persist file “/var/db/aliastables/pfB_Oceania_v4.txt”

I assume this is related to pfblockerNG… but I am trying to understand “why” I am getting this. Anyone know if there was a change to how this package functions that would cause, this, or anything I should try and chase down to diagnose?

I am a home user, so I block most incoming simply because I do not expect to get anything inbound except for my seldom VPN use which is all within the US:

I assume I can likely just turn off oceana to stop this issue, but that doesn’t’ really answer my question of “why”, or how to fix it.

“Cannot allocate memory” means you have run out of memory to keep adding more tables. Also pfsense blocks ALL inbound by default, even without pfblocker.

That’s curious, and seems incorrect. My pfsense box has plenty of RAM to spare:

This is running as a VM, but I doubt that is the issue. I am only getting errors for Oceana, if it was a true memory issue I would expect errors with other tables as well.

I do know pfsense is default block, but again, since I am a home user and don’t really leave North America often, I figure it can’t hurt anything to outright block many geographic locations, I also realize plenty of threat actors originate with North American IP’s, but hey, it can’t hurt.

Still would like to figure out why it’s throwing this error.

I should have been more clear, you are not out of memory in terms of the total ram, just how it’s allocated in pfsense. This might fix that issue.

Configuration — Advanced Configuration Options — Firewall/NAT Tab | pfSense Documentation.

Aaaahhh. Ok. That makes more sense.

Checking on my settings, default was 600k, I went ahead and upped it to 1M… I have more RAM I could dedicate to this VM if I end up needing to, but all I really run in pfblockerNG, wireguard, avahi, and haproxy for a few internal domains, I can’t see 2 GB being not sufficient.

I will see if this fixes the issue, as well as keep an eye on RAM usage to see if I need to give it more.

Thanks for the help :slight_smile:

1 Like