This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Louised
Explorer
‎2023-07-24 07:59 PM

rulebase internal error

Hello everybody
          Some people have reported that they cannot access the internet. There are many alert logs in the firewall logs, which indicate rulebase internal error。View/var/log/message to display fhandle_ Pool_ Add: Table kbufs - All available pools exhausted, FW-1: fwx_ Create_ Xlbuf: error allocating kbuf, FW-1: fwx_ Get_ Xlation: fwxl is NULL.I unable to install policy either.
When I restart the firewall, it returns to normal.What caused this and how I can avoid it next time.
Checkpoint SMC is R81.20,Gateway is 4600,R80.40 TAKE 180.
          Check the /var/log/message微信图片_20230724163209.png微信截图_20230725105052-日志.png微信图片_20230724162717new1.png

0 Kudos
6 Replies
_Val_
Admin
Admin
‎2023-07-25 03:32 AM

If looks like a performance issue that might be address by some tuning. Look into sk149254 for more details and references.

0 Kudos
Louised
Explorer
‎2023-07-25 03:42 AM
In response to _Val_

We noticed that both CPU and memory are very sufficient.It looks like some table is full.微信图片_20230724104132.png

0 Kudos
Chris_Atkinson
Employee Employee
Employee
‎2023-07-25 04:06 AM
In response to Louised

Suggest upgrading the JHF to a more recent recommended one.

What is the current memory population of this appliance?

(Note 4600 are End of support and you should consider upgrading). 

CCSM R77/R80/ELITE
0 Kudos
Louised
Explorer
‎2023-07-25 04:23 AM
In response to Chris_Atkinson

The memory of the appliance is currently 8GB, and we are planning to upgrade the new hardware by the end of the year. Can you help us determine what caused it? There are about 300 computers connected to the internet there.

0 Kudos
CheckPointerXL
Advisor
Advisor
‎2023-07-31 02:04 AM

Take 110

Released on 30 July 2023

PRJ-46113,
PRHF-28489

Security Gateway

In rare scenarios, the Security Gateway may drop the traffic after "Rulebase Internal Error" which occurs during policy installation.
0 Kudos
Alexander_Wilke
Advisor
Thursday
In response to CheckPointerXL

Hello,

I know this is an old issue. However it is still present in R81.10 Jumbo HFA Take 150 in february 2025.
We had this issue in the past and TAC could not find the root cause.

we had it on a 64k and "asg_policy verify -v" should correct policy - however an immediate additional policy Install after the error occured only on 1 of 5 SGMs the issue was solved. And it started immediately after the first Policy Install.

So I suspect a Policy Install mechanism error and to solve it another Policy Install helps.
However this leads to business impact and tells me that this issue is not solved since 2019 undtil 2025.

 

Traffic dropped with message information: "Rulebas... - Check Point CheckMates

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events