@LowKnee Just out of curiosity are you referring to the Database Sanity Check reporting that "these two counts should match" it the count is off by 1 (which I suspect is your case) there was a fix (manual code change) to change masterfile to mastercat in pfblolckerng.sh you want to change this change the line from s1="$(grep -cv ^${ip_placeholder2}$ ${masterfile})" to s1="$(grep -cv ^${ip_placeholder2}$ ${mastercat})" There is also an edge case if the count is greater than one, here is how that goes if in the deny directory you have say two flies (because of the list / file selection you have and they have repeat addresses file 1 has say 100 lines file 2 has say 10 lines (but those 10 lines are also in file 1, file 2 is a subset) you get two uniquely named deny files and then when the "count" is calculated on the deny directory it sees 110 entries when the "count:" is calculated on the "mastercat" file it only contains 100 entries the count doesn't match in my case the issue was caused by full list I had selected, also having an available subset lists (I had inadvertently selected one of) this causing two deny files with some of the same (overlapping data) I unselected the subset and bingo matched again, was a "my bad" selection. Edit: this applied to 25.07 (and 25.07.1) and pfblockerng 3.2.7 as it is labelled on those versions of pfSense

@tinfoilmatt said in Failed or invalid Mime Type: [application/SIMH-tape-data|0]: (ASN data is IPinfo, not Maxmind) Thats correct but "GeoLite2-Country" is from Maxmind ... (that confused me) I'm considering simply adding "application/SIMH-tape-data" to the list to test. Thats what i tought too ... I'll try when I have the time for it ... Edit: I can confirm - adding "application/SIMH-tape-data" to the list at line 257 in /usr/local/pkg/pfblockerng/pfblockerng.inc did the trick - no more error! Edit: OK, problem resolved but I would like to know, whats the cause for that error! (SIMH-tape-data sounds like a "blast from the past" ...) Thanks a lot!

@jrey Thank you so much for the detailed explanation and help. I will adapt and apply the patch to move the job timing like suggested at 01:35 Are you just a user or are you also involved in package maintenance on one or more packages?

@andrebrait will you be able to rebase pfblockerng-adblock-clean on top of devel in the foreseeable future? I have been able to make use of patches until I upgraded to 25.07-RELEASE. The conflicts are deep. Oddly the pfblockerNG-devel package is 3.2.7 despite the current refs having 3.2.9 in the Makefile.

I finally got around installing a new pfsense firewall and the first connections I am seeing right of the bat are lets say strange. I don't know what they are: https://otx.alienvault.com/indicator/ip/178.250.1.11 https://www.abuseipdb.com/check/178.250.1.11 https://www.virustotal.com/gui/ip-address/178.250.1.11/community https://viz.greynoise.io/ip/178.250.1.11 Aug 10 11:07:09 WAN Default deny rule IPv4 (1000000103) 178.250.1.11:443 192.168.178.21:18414 TCP:PA Its incoming from WAN trying to get to the firewall. Very mixed results here. Never heard of criteo and it is flagged by some people despite being whitelisted on otx alienvault. I remember seeing the same the first time I installed pfsense on my other machine I think. Any idea what it could be? I also did a packetcapture and there are losts of ACKed Unseen segments. Does this indicate anything? On my other firewall I don't see anything coming from WAN to LAN but on the new one there is so much IPs. What can it be?

So you're using the CARP IP address for the pfBlockerNG redirects? May I ask why that's necessary?

I resolved this by accepting the T+Cs via https://www.maxmind.com/en/accounts/1205389/geolite2/eula

@Gertjan Hello, Thank you. I had exactly the same issue, and your solution helped me fix it. Ask ChatGPT

@SteveITS ...got it, I should have looked in the docs... I do too use Quad9 and have DNSSEC disabled, so I guess my question is pointless.. Thank you for all the help.

@qinn Sent him an email Dan an email to the address on his site.. Not sure what is happening, my Teams stopped working. Disable it/turn it off and the problem went away.

@AlexK-0 said in Can't receive GeoIP databases updates anymore, banned: Days ago, I received from MaxMind an email, notifying me that my country has been banned to receive GeoLite City database updates. You've found a reason to use a VPN.

Thanks everyone. That did it. No more errors!!

@Qinn said in Feed issue on SWC: Got a reply from Dan and here it is solved. Thanks for feedback!

You can download it here now: https://raw.githubusercontent.com/ianb/alexa-sites/refs/heads/master/top-1m.csv

@The-Party-of-Hell-No excellent. I’m glad some experimentation proved successful.

@mikekoke You should just set Null Block in the DNSBL Groups Summary section. As @gertjan clearly explained, HTTPS traffic cannot be intercepted and redirected like HTTP. This means showing a block page when accessing a blocked HTTPS domain (like stats.g.doubleclick.net) won’t work — your browser will flag a certificate error, because pfBlockerNG cannot present a valid certificate for those domains. ️ The recommended solution is to switch to Null blocking (logging), which silently blocks access without trying to show a redirect page. This way, users won’t see certificate errors, and the block is still effective. Let me know if you need help finding where to set this.

@Gertjan Thanks for the thoughts!! I find that most Windows PCs generate more traffic in general. There is lots of app and utilities that cause the traffic.

@Uglybrian said in LibreWolf: Block Applications from Connecting to a IP (*.googleusercontent.com): I myself just used a blocking method. Yes, I've done this before myself in another system but keep putting it off for my current, I used pfSense pfBlockerNG configuration guide. So I decided today to get this back working. Its much easeir using granular control then generic. My system diagram is like: [image: 1749937554772-bond0-diagram.jpg] I will be using the above quide for the Lab-pfSense. I was trying to get blocking working just using pfBlocker alone, but unsuccessful. This guide and pfSense baseline guide with VPN, Guest and VLAN support for the Bare-bone pfSense. What do you think, any inputs and additions?