Adaptive Firewall by means of afctl

After running: sudo /Applications/Server.app/Contents/ServerRoot/usr/libexec/afctl -f -v 9

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: ConvertAddress: fe80::aa20:66ff:fe11:6dad ipv6 mask = 0 lo fe116dad:aa2066ff:0:fe800000

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: ConvertAddress: fe80::22c9:d0ff:fe92:b29b ipv6 mask = 0 lo fe92b29b:22c9d0ff:0:fe800000

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: ConvertAddress: 10.0.0.1 ipv4 mask = 0 lo 0:0:0:a000001

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: ConvertAddress: 10.0.0.166 ipv4 mask = 0 lo 0:0:0:a0000a6

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: ConvertAddress: 127.0.0.1 ipv4 mask = 0 lo 0:0:0:7f000001

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: ConvertAddress: fe80::1 ipv6 mask = 0 lo 1:0:0:fe800000

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: ConvertAddress: ::1 ipv6 mask = 0 lo 1:0:0:0

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: Blacklist at 7041a1c0 alloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: processing command 7 with arg (null)

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: Resetting firewall

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: Resetting state file

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: request pf enable

No ALTQ support in kernel

ALTQ related functions disabled

pf enabled

Token : 18446743525104294536

No ALTQ support in kernel

ALTQ related functions disabled

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: token is |18446743525104294536|

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: Enabling the Event Monitor rules

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: Cannot update the Event Monitor config

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 71300260 dealloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 70417fd0 dealloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 70418ac0 dealloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 70419300 dealloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 70419480 dealloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 70419600 dealloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 70419780 dealloc

Dec 28 11:37:12 mail.trxline.ru afctl[52926] <Notice>: WhitelistEntry at 704198d0 dealloc

======

Problem is in Cannot update the Event Monitor config.

I tied to investigate it. and found, that all configs of emons (It means that I hope) are loceted in right place:

sudo ls -la /Applications/Server.app/Contents/ServerRoot/etc/emond.d/rules/

drwxr-xr-x 17 root wheel 578 Dec 28 11:16 .

drwxr-xr-x 4 root wheel 136 Dec 6 09:43 ..

-rw-r--r-- 1 root wheel 3344 Dec 21 00:40 AdaptiveFirewall.plist

-rw-r--r-- 1 root wheel 4674 Dec 21 00:40 DHABlock.plist

-rw-r--r-- 1 root wheel 3278 Dec 21 00:40 DiskStatus.plist

-rw-r--r-- 1 root wheel 4093 Dec 21 00:40 EmondCertificateExpiring.plist

-rw-r--r-- 1 root wheel 2133 Dec 21 00:40 HostBlockingLogic.plist

-rw-r--r-- 1 root wheel 1625 Dec 21 00:40 NetworkAlertControl.plist

-rw-r--r-- 1 root wheel 7235 Dec 21 00:40 com.apple.assetcache.plist

-rw-r--r-- 1 root wheel 1687 Dec 21 00:40 com.apple.disks.disappeared.plist

-rw-r--r-- 1 root wheel 1697 Dec 21 00:40 com.apple.disks.smart.status.plist

-rw-r--r-- 1 root wheel 3687 Dec 21 00:40 com.apple.disks.space.plist

-rw-r--r-- 1 root wheel 3282 Dec 21 00:40 com.apple.dovecot.plist

-rw-r--r-- 1 root wheel 1800 Dec 21 00:40 com.apple.mail.virus.plist

-rw-r--r-- 1 root wheel 10166 Dec 21 00:40 com.apple.network.configurationchange.plist

-rw-r--r-- 1 root wheel 3977 Dec 21 00:40 com.apple.softwareupdate.updateavailable.plist

-rw-r--r-- 1 root wheel 1607 Dec 21 00:40 com.apple.timemachine.alerts.plist

What is the reason of such message? Where is a misstake?