Firewall, No file descriptors available

What is the firewall limit? and how can i increase it ? i have 50 firewall rules when adding more i get this error.

Runtime error: Unable to open source file /usr/share/firewall4/templates/zone-match.uc: No file descriptors available
In main(), file /usr/share/firewall4/templates/zone-mssfix.uc, line 3, byte 46:
  called from function include ([C])
  called from function main (/usr/share/firewall4/templates/ruleset.uc:450:67)
  called from function include ([C])
  called from function render_ruleset (/usr/share/firewall4/main.uc:58:72)
  called from anonymous function (/usr/share/firewall4/main.uc:140:28)

 `{%+ include("zone-match.uc", { egress, rule }) -%}`
  Near here -----------------------------------^


/dev/stdin:2082:3-3: Error: syntax error, unexpected end of file

try https://www.reddit.com/r/kubernetes/comments/126slgh/entr_cannot_create_kqueue_no_file_descriptors/

that is the default limit and how can i increase it
thank you in advance

as described in the link ?

do you mean this
/etc/sysctl.conf
fs.inotify.max_user_instances=8192
sysctl -p

or sysctl fs.inotify.max_user_instances=8192, if you don't want to make it permanent.

it is still the same error

Runtime error: Unable to open source file /usr/share/firewall4/templates/zone-match.uc: No file descriptors available
In main(), file /usr/share/firewall4/templates/zone-jump.uc, line 3, byte 83:
  called from function include ([C])
  called from function main (/usr/share/firewall4/templates/ruleset.uc:309:71)
  called from function include ([C])
  called from function render_ruleset (/usr/share/firewall4/main.uc:58:72)
  called from anonymous function (/usr/share/firewall4/main.uc:140:28)

 `{%+ include("zone-match.uc", { egress: (direction in ["output", "srcnat"]), rule }) -%}`
  Near here ------------------------------------------------------------------------^


/dev/stdin:2247:3-3: Error: syntax error, unexpected end of file```

there were more settings in there, not just one.

do you mean this

fs.inotify.max_user_watches = 524288
fs.inotify.max_user_instances=8192
fs.file-max = 65536

it is thesame error

Runtime error: Unable to open source file /usr/share/firewall4/templates/zone-match.uc: No file descriptors available
In main(), file /usr/share/firewall4/templates/zone-jump.uc, line 3, byte 83:
  called from function include ([C])
  called from function main (/usr/share/firewall4/templates/ruleset.uc:309:71)
  called from function include ([C])
  called from function render_ruleset (/usr/share/firewall4/main.uc:58:72)
  called from anonymous function (/usr/share/firewall4/main.uc:143:29)

 `{%+ include("zone-match.uc", { egress: (direction in ["output", "srcnat"]), rule }) -%}`
  Near here ------------------------------------------------------------------------^


/dev/stdin:2247:3-3: Error: syntax error, unexpected end of file

then make the settings persistent, and reboot

It’s a bug, will look into it.

1 Like

i have reboot it but i lost luci. i think it is a bug.

good. How soon will it be fixed. thank you.