pfBlockerNG-devel 3.2.8 service pfb_dnsbl don't start

jeremyc311

Hello everyone,
I just installed pfBlockerNG. I used the wizard to configure the interfaces. Everything seems to go well, but when I check the status of my services, the pfBlockerNG-devel service won’t start, even when I try to launch it manually.

UPDATE PROCESS ENDED [ 08/5/25 15:00:12 ]
 CRON  PROCESS  START [ v3.2.8 ] [ 08/5/25 16:00:00 ]
[ Abuse_Feodo_C2_v4 ]
  Remote timestamp: Tue, 5 Aug 2025 13:55:03 GMT
  Local  timestamp: Tue, 5 Aug 2025 12:55:03 GMT	Update found
[ Abuse_SSLBL_v4 ]
  Remote timestamp: Fri, 3 Jan 2025 11:40:41 GMT
  Local  timestamp: Fri, 3 Jan 2025 11:40:41 GMT	Update not required
[ CINS_army_v4 ]
  Remote timestamp: Tue, 5 Aug 2025 11:49:59 GMT
  Local  timestamp: Tue, 5 Aug 2025 11:49:59 GMT	Update not required
[ ET_Block_v4 ] [ 08/5/25 16:00:01 ]
  Remote timestamp: Mon, 4 Aug 2025 04:30:02 GMT
  Local  timestamp: Mon, 4 Aug 2025 04:30:02 GMT	Update not required
[ ET_Comp_v4 ] [ 08/5/25 16:00:03 ]
  Remote timestamp: Mon, 4 Aug 2025 22:36:09 GMT
  Local  timestamp: Mon, 4 Aug 2025 22:36:09 GMT	Update not required
[ ISC_Block_v4 ] [ 08/5/25 16:00:08 ]
  Remote timestamp: Tue, 5 Aug 2025 13:45:05 GMT
  Local  timestamp: Tue, 5 Aug 2025 12:00:06 GMT	Update found
[ Spamhaus_Drop_v4 ] [ 08/5/25 16:00:11 ]
  Remote timestamp: Tue, 5 Aug 2025 10:59:32 GMT
  Local  timestamp: Tue, 5 Aug 2025 10:59:32 GMT	Update not required
[ Talos_BL_v4 ]
							Update found
 UPDATE PROCESS START [ v3.2.8 ] [ 08/5/25 16:00:12 ]

===[  DNSBL Process  ]================================================

 Loading DNSBL Statistics... completed
 Loading DNSBL SafeSearch... disabled
 Loading DNSBL Whitelist... completed

[ StevenBlack_ADs ]		 exists.

===[  GeoIP Process  ]============================================


===[  IPv4 Process  ]=================================================

[ Abuse_Feodo_C2_v4 ]		 Downloading update .. 200 OK. completed ..
  Empty file, Adding '127.1.7.7' to avoid download failure.
  ------------------------------
  Original Master     Final     
  ------------------------------
  0        1          1           [ Pass ] 
  -----------------------------------------------------------------

[ Abuse_SSLBL_v4 ]		 exists.
[ CINS_army_v4 ]		 exists.
[ ET_Block_v4 ]			 exists.
[ ET_Comp_v4 ]			 exists.
[ ISC_Block_v4 ]		 Downloading update .. 200 OK. completed ..
  ------------------------------
  Original Master     Final     
  ------------------------------
  20       8          8           [ Pass ] 
  -----------------------------------------------------------------

[ Spamhaus_Drop_v4 ]		 exists. [ 08/5/25 16:00:13 ]
[ Talos_BL_v4 ]			 Downloading update .. 403 Forbidden

 [ pfB_PRI1_v4 - Talos_BL_v4 ] Download FAIL
  DNSBL, Firewall, and IDS (Legacy mode only) are not blocking download.


The Following List has been REMOVED [ Talos_BL_v4 ]


===[  Aliastables / Rules  ]==========================================

No changes to Firewall rules, skipping Filter Reload

 Updating: pfB_PRI1_v4
no changes.

===[ FINAL Processing ]=====================================

   [ Original IP count   ]  [ 18651 ]

   [ Final IP Count  ]  [ 16446 ]


===[ Deny List IP Counts ]===========================

   16447 total
   14490 /var/db/pfblockerng/deny/CINS_army_v4.txt
    1613 /var/db/pfblockerng/deny/ET_Block_v4.txt
     325 /var/db/pfblockerng/deny/ET_Comp_v4.txt
       9 /var/db/pfblockerng/deny/Spamhaus_Drop_v4.txt
       8 /var/db/pfblockerng/deny/ISC_Block_v4.txt
       1 /var/db/pfblockerng/deny/Abuse_SSLBL_v4.txt
       1 /var/db/pfblockerng/deny/Abuse_Feodo_C2_v4.txt

====================[ Empty Lists w/127.1.7.7 ]==================

Abuse_Feodo_C2_v4.txt
Abuse_SSLBL_v4.txt

===[ DNSBL Domain/IP Counts ] ===================================

  227972 /var/db/pfblockerng/dnsbl/StevenBlack_ADs.txt

====================[ IPv4/6 Last Updated List Summary ]==============

Jan 3	2025	Abuse_SSLBL_v4
Aug 4	06:30	ET_Block_v4
Aug 5	00:36	ET_Comp_v4
Aug 5	12:59	Spamhaus_Drop_v4
Aug 5	13:49	CINS_army_v4
Aug 5	15:00	ISC_Block_v4
Aug 5	15:55	Abuse_Feodo_C2_v4

====================[ DNSBL Last Updated List Summary ]==============

Aug 5	13:09	StevenBlack_ADs
===============================================================

Database Sanity check [  FAILED  ] ** These two counts should match! **
------------
Masterfile Count    [ 16446 ]
Deny folder Count   [ 16445 ]

Duplication sanity check (Pass=No IPs reported)
------------------------
Masterfile/Deny folder uniq check
Deny folder/Masterfile uniq check

Sync check (Pass=No IPs reported)
----------

Alias table IP Counts
-----------------------------
   16447 /var/db/aliastables/pfB_PRI1_v4.txt

pfSense Table Stats
-------------------
table-entries hard limit   400000
Table Usage Count         171866

 UPDATE PROCESS ENDED [ 08/5/25 16:00:14 ]

Thks for your help ! Capture d’écran 2025-08-05 162532.png

Gertjan

@jeremyc311 said in pfBlockerNG-devel 3.2.8 service pfb_dnsbl don't start:

===[ DNSBL Process ]================================================

Loading DNSBL Statistics... completed
Loading DNSBL SafeSearch... disabled
Loading DNSBL Whitelist... completed

... and the rest is "IP" stuff , not DNSBL.
Do you have DNSBL lists ?
I mean, if you gave none, the "pfb_dnsbl - pfBlockerNG DNSBL service" doesn't need to run.

@jeremyc311 said in pfBlockerNG-devel 3.2.8 service pfb_dnsbl don't start:

[ Talos_BL_v4 ] Downloading update .. 403 Forbidden

Better put this one on a hold for now - or call the guy who host the file and ask him to repair the situation ^^

@jeremyc311 said in pfBlockerNG-devel 3.2.8 service pfb_dnsbl don't start:

Masterfile Count [ 16446 ]
Deny folder Count [ 16445 ]

Euh ..... one is awol. Not sure what to say : disable one by one your lists and when things start to work again, you'll know which one to disable.

anthonys

@Gertjan said in pfBlockerNG-devel 3.2.8 service pfb_dnsbl don't start:

Masterfile Count [ 16446 ]
Deny folder Count [ 16445 ]

This sanity check failure might be the issue as discussed here:
pfblockerNG Database Sanity check Failed