Control Web Panel

Security => CSF Firewall => Topic started by: Namaste on November 16, 2020, 05:56:50 PM

Title: Strange error after csf restart
Post by: Namaste on November 16, 2020, 05:56:50 PM

*ERROR* IPSET: [ipset v7.1: Error in line 65537: Hash is full, cannot add more elements]

Any ideas why thats happening?

Not sure who set the value to "1" but it wasnt me  :)

Title: Re: Strange error after csf restart
Post by: cinique on November 16, 2020, 06:35:21 PM

I have 10s of thousands of blocks and never had an issue with ipset (which is a "good thing" to use).
Try googling?
You should be looking at your CSF blocklists/config etc.

Title: Re: Strange error after csf restart
Post by: Namaste on November 16, 2020, 11:01:15 PM

yea I think the default is 200.  Theres no way I enabled that ipset because I never used it or knew what it was for.  Disabling cleared the error.

Title: Re: Strange error after csf restart
Post by: cinique on November 17, 2020, 01:13:27 AM

Quote

yea I think the default is 200

There you are talking about the internal CSF block table - I normally have that set at 800, and 1000 on my main servers. I ALWAYS turn on ipset (ensure it is installed though normally is by default). I uncomment most of the lists in csf.blocklists and add about 8 country blocks. This is on VPS with 1GB to 4GB RAM, on 4 different control panels.

Code: [Select]

ipset list -o save | wc -l
66297
That's the number of entries, of which some are network blocks, not just individual IPs. I think I should reduce that number on that particular VPS; others are around 55k entries.
In short, it looks as though you have something amiss with your environment.