[Bug 260406] pfctl: Cannot allocate memory (after a time)

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 260406] pfctl: Cannot allocate memory (after a time)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Fri, 24 Dec 2021 15:41:35 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=260406

--- Comment #49 from Diego Linke <diego@bsd.com.br> ---
(In reply to Kristof Provost from comment #47)

Yes, this is small EC2 Virtual Machine. This used to work fine with FreeBSD 12
and pf. 

# top -b | head -8
last pid: 22974;  load averages:  0.81,  0.81,  0.76  up 16+01:51:17   
12:33:44
66 processes:  2 running, 63 sleeping, 1 zombie
CPU:  0.8% user,  0.0% nice,  0.2% system,  0.0% interrupt, 99.0% idle
Mem: 42M Active, 179M Inact, 15M Laundry, 609M Wired, 103M Buf, 79M Free
ARC: 98M Total, 4310K MFU, 32M MRU, 1824K Anon, 2034K Header, 57M Other
     7726K Compressed, 31M Uncompressed, 4.12:1 Ratio
Swap: 512M Total, 38M Used, 474M Free, 7% Inuse

# vmstat
 procs    memory    page                      disks     faults       cpu
 r  b  w  avm  fre  flt  re  pi  po   fr   sr ad0 xb5   in   sy   cs us sy id
 1  0  0 1.0G  79M  237   1   0   0  286   39   0   0   41  377  215  1  0 99

# swapinfo 
Device          1K-blocks     Used    Avail Capacity
/dev/md99          524288    39088   485200     7%


Please find below the output with the latest dtrace script. I think there is a
syntax error on it:

# dtrace -s dtrace.script -c "pfctl -f /etc/pf.conf"
dtrace: failed to compile script dtrace.script: line 1: probe description
fbt:kernel:zone_alloc_limit_hard:return does not match any probes
/etc/pf.conf:21: cannot define table fireholL1: Cannot allocate memory
/etc/pf.conf:22: cannot define table fireholL2: Cannot allocate memory
/etc/pf.conf:23: cannot define table fireholL3: Cannot allocate memory
/etc/pf.conf:24: cannot define table fireholWEB: Cannot allocate memory
/etc/pf.conf:25: cannot define table normshield: Cannot allocate memory
/etc/pf.conf:26: cannot define table ipblacklistcloud: Cannot allocate memory
/etc/pf.conf:27: cannot define table Webbots: Cannot allocate memory
/etc/pf.conf:28: cannot define table haley_ssh: Cannot allocate memory
/etc/pf.conf:29: cannot define table bi_any_1_7d: Cannot allocate memory
pfctl: Syntax error in config file: pf rules not loaded

-- 
You are receiving this mail because:
You are the assignee for the bug.