@SteveITS : Thank you for the link.

@rehtael Hmm, I had a similar sounding error during pfBlocker (not -devel) installation, but it seems to be working fine. This was a bit of an odd scenario, I installed 22.05 new, restored the config (which had pfB in it), pfSense said it had installed the packages, I upgraded to 23.01 (forgetting to uninstall pfB as I usually do), and found neither pfB nor apcupsd were installed. After installing I got: Executing custom_php_install_command()... Rebuilding GeoIP tabs...grep: /usr/local/share/GeoIP/cc/Africa_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Africa_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Antarctica_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Antarctica_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Asia_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Asia_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Europe_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Europe_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/North_America_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/North_America_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Oceania_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Oceania_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/South_America_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/South_America_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Proxy_and_Satellite_v4.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Proxy_and_Satellite_v6.txt: No such file or directory grep: /usr/local/share/GeoIP/cc/Top_Spammers_v4.info: No such file or directory grep: /usr/local/share/GeoIP/cc/Top_Spammers_v6.info: No such file or directory Fatal error: Uncaught TypeError: sort(): Argument #1 ($array) must be of type array, null given in /usr/local/www/pfblockerng/pfblockerng.php:1980 Stack trace: #0 /usr/local/www/pfblockerng/pfblockerng.php(1980): sort(NULL, 2) #1 /usr/local/pkg/pfblockerng/pfblockerng_install.inc(40): pfblockerng_get_countries() #2 /etc/inc/pkg-utils.inc(781) : eval()'d code(1): include_once('/usr/local/pkg/...') #3 /etc/inc/pkg-utils.inc(781): eval() #4 /etc/inc/pkg-utils.inc(899): eval_once('include_once('/...') #5 /etc/rc.packages(76): install_package_xml('pfBlockerNG') #6 {main} thrown in /usr/local/www/pfblockerng/pfblockerng.php on line 1980 PHP ERROR: Type: 1, File: /usr/local/www/pfblockerng/pfblockerng.php, Line: 1980, Message: Uncaught TypeError: sort(): Argument #1 ($array) must be of type array, null given in /usr/local/www/pfblockerng/pfblockerng.php:1980 Stack trace: #0 /usr/local/www/pfblockerng/pfblockerng.php(1980): sort(NULL, 2) #1 /usr/local/pkg/pfblockerng/pfblockerng_install.inc(40): pfblockerng_get_countries() #2 /etc/inc/pkg-utils.inc(781) : eval()'d code(1): include_once('/usr/local/pkg/...') #3 /etc/inc/pkg-utils.inc(781): eval() #4 /etc/inc/pkg-utils.inc(899): eval_once('include_once('/...') #5 /etc/rc.packages(76): install_package_xml('pfBlockerNG') #6 {main} thrownpkg-static: POST-INSTALL script failed ===== ...so maybe because the files didn't exist yet/I hadn't run an update yet? There is a 3.2.0_2 version on the way, per other posts.

@bbcan177 Ah thanks, I misunderstood the way it worked, thanks! :)

@thebear said in [23.01-RELEASE] pfBlockerNG v3.2.0_1 not ready for DHCP registration with Python mode?: a the text on the pfSense website confuses me Yep I agree. The documentation got ahead of the fix. Its causing confusion. It should be removed until the fix is merged and available for download, imo.

@SteveITS Fixed. For future readers: This is what I did, I do not know if every step was necessary. I am using pfBlockerNG-devel 3.2.0_1 In pfB logs page, I deleted py_error.log and the error.log I then deleted the pfB widget from the dashboard and saved new dashboard. Did a force update of pfB dnsbl. Then reinstalled the pfB widget and it is ok so far.

@mzeid said in need help: pfBlockerNG with L3 switch with multiple subnets on LAN: everything was working fine, but pfBlockerNG is only working with LAN subnet Glad you got it sorted, but this points to design problem to be honest. You should not connect downstream router via "lan" if there are other devices on the lan. Downstream routers should be connected via a transit network (no hosts) or you can run into an issue with asymmetrical traffic flow. Unless you do host routing on the devices on the lan network. Or you downstream router is natting, etc. Unless none of the devices on the lan never talk to downstream devices. [image: 1676544824693-as.jpg] Downstream sends Syn to client on the lan network, the device sends it syn,ack to its default gateway because it has no route to this network. Pfsense never saw the syn, so there is no state.. And traffic is denied. This is a better setup when you have a downstream router [image: 1676545013221-setup.jpg] Maybe devices on lan and your downstream never talk to each other? But whenever you connect routers together, it should be a transit network (no hosts on it only routers) or you can have issue, especially when a stateful firewall is doing the routing.

I am having the same error after the 23.01 upgrade. The pfBlockerNG is not visible in the Firewall tab.

@steveits I use 22.05 with 3.1.0_11. The cron process is not stuck but the pfbkockerng.php comes up randomly. I can kill it via console and later it's back on again - before the cron time. I removed my MaxMind key. For now I haven't experienced cpu spikes.

@gertjan oh wow, awesome, that's exactly what I wanted! Works perfectly! Thank you!

@keyser oh thank you very much for helping! now I feel really dumb, I swear I've looked at that page a dozen times!

Ended up working in this thread https://forum.netgate.com/topic/177212/pfblockerng-devel-v3-1-0_19-10/76 To get resolution and there was a hung upgrade between 23.01 Beta and 23.01 RC that held back the unbound version which kept me on the old python version. Running pkg upgrade via shell and rebooting fixed all of my issues.

@johnpoz Thank you for the quick response, understood, OK, can squid transparent proxy and pfblocker coexist? Would you advise using squid guard or just regular squid? I've never installed the packages before but will try get them to co-exist.

@steveits said in Geoblocking the world except for home: @nogbadthebad Since you showed "alias permit" just be aware that reportedly de-dupes across other permit or deny lists. There was a thread last year sometime where someone pointed out IPs were being removed. Alias Native will leave the lists unchanged. Cheers I've changed them :)

@freph533 @freph533 I think I figured it out after reading some other posts. I was using a "real" domain name in System>General Setup and that was somehow causing this issue. I set it back to "home.apra" and it works fine now. I'm not sure how to get a "real" domain to work. Maybe I need a "Domain Override" or something in the DNS Resolver to get a real domain to work? Anyways, for now, setting back to something like arpa, localdomain, etc worked to resolve this issue. [image: 1675218804211-screenshot.jpg] Hope that helps!