@tinfoilmatt said in Failed or invalid Mime Type: [application/SIMH-tape-data|0]: (ASN data is IPinfo, not Maxmind) Thats correct but "GeoLite2-Country" is from Maxmind ... (that confused me) I'm considering simply adding "application/SIMH-tape-data" to the list to test. Thats what i tought too ... I'll try when I have the time for it ... Edit: I can confirm - adding "application/SIMH-tape-data" to the list at line 257 in /usr/local/pkg/pfblockerng/pfblockerng.inc did the trick - no more error! Edit: OK, problem resolved but I would like to know, whats the cause for that error! (SIMH-tape-data sounds like a "blast from the past" ...) Thanks a lot!

@jrey Thank you so much for the detailed explanation and help. I will adapt and apply the patch to move the job timing like suggested at 01:35 Are you just a user or are you also involved in package maintenance on one or more packages?

@jeremyc311 said in pfBlockerNG-devel 3.2.8 service pfb_dnsbl don't start: I’m surprised to see in my logs only one blocked IP, which is related to my TrueNAS I'll decode this one : @jeremyc311 said in pfBlockerNG-devel 3.2.8 service pfb_dnsbl don't start: Aug 5 09:01:14,1770008712,bxe1,LAN,block,4,17,UDP,192.168.2.13,116.147.64.181,51765,51413,out,Unk,pfB_PRI1_v4,116.146.0.0/15,ET_Block_v4,Unknown,truenasr740,null,+ Traffic, coming into LAN, from a LAN device (192.168.2.13 = your TrueNAS) going to a Chinise ( 116.147.64.181 ) Brazilian ( 177.72.195.114 - = next line ) was blocked by the "pfB_PRI1_v4" list. That's probably good thing ? ( ! ). Up to you to discover why your NAS should initiate connections to these countries. A NAS can go outside for maintenance purposes, for example to look for updates of it's system. These could be located anywhere of course. The GeoIP IP created a rule for you. How and where do you use that this rule ?

@andrebrait will you be able to rebase pfblockerng-adblock-clean on top of devel in the foreseeable future? I have been able to make use of patches until I upgraded to 25.07-RELEASE. The conflicts are deep. Oddly the pfblockerNG-devel package is 3.2.7 despite the current refs having 3.2.9 in the Makefile.

I finally got around installing a new pfsense firewall and the first connections I am seeing right of the bat are lets say strange. I don't know what they are: https://otx.alienvault.com/indicator/ip/178.250.1.11 https://www.abuseipdb.com/check/178.250.1.11 https://www.virustotal.com/gui/ip-address/178.250.1.11/community https://viz.greynoise.io/ip/178.250.1.11 Aug 10 11:07:09 WAN Default deny rule IPv4 (1000000103) 178.250.1.11:443 192.168.178.21:18414 TCP:PA Its incoming from WAN trying to get to the firewall. Very mixed results here. Never heard of criteo and it is flagged by some people despite being whitelisted on otx alienvault. I remember seeing the same the first time I installed pfsense on my other machine I think. Any idea what it could be? I also did a packetcapture and there are losts of ACKed Unseen segments. Does this indicate anything? On my other firewall I don't see anything coming from WAN to LAN but on the new one there is so much IPs. What can it be?

So you're using the CARP IP address for the pfBlockerNG redirects? May I ask why that's necessary?

I resolved this by accepting the T+Cs via https://www.maxmind.com/en/accounts/1205389/geolite2/eula

@Gertjan Hello, Thank you. I had exactly the same issue, and your solution helped me fix it. Ask ChatGPT

@SteveITS ...got it, I should have looked in the docs... I do too use Quad9 and have DNSSEC disabled, so I guess my question is pointless.. Thank you for all the help.

@qinn Sent him an email Dan an email to the address on his site.. Not sure what is happening, my Teams stopped working. Disable it/turn it off and the problem went away.

@AlexK-0 said in Can't receive GeoIP databases updates anymore, banned: Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates. You've found a reason to use a VPN.

@Laxarus This worked for me as well. Though I had to search the web how to edit the file (the easiest way). Therefore: Addition for anyone struggling to find where to edit files on your pfsense system. Go to Diagnostics --> Edit File --> insert the location of the file: /usr/local/pkg/pfblockerng/pfblockerng.sh Go to line number 1232 by filling it in the Go to line field. That line should read: s1="$(grep -cv ^${ip_placeholder2}$ ${masterfile})" replace only (leave the rest intact): masterfile to mastercat Then follow the above instructions from @Laxarus https://forum.netgate.com/post/1219635

Thanks everyone. That did it. No more errors!!