Fresh install pfblockerNG on pfSense 25.11 RC a lot problems

Antibiotic

Fresh installation of pfblokerNG , WHEN SET TO UNBOUNT PYTHON MODE GET THIS ERROR:
Saving new DNSBL web server configuration to port [ 8081 and 4443 ]
Restarting DNSBL Service
Stopping Unbound Resolver..
Unbound stopped in 3 sec.
Additional mounts (DNSBL python):
No changes required.
Starting Unbound Resolver.
DNSBL enabled FAIL *** Fix error(s) and a Force Reload required! ***

====================

[1763652679] unbound[55760:0] warning: setsockopt(..., SO_SNDBUF, ...) was not granted: No buffer space available
[1763652679] unbound[55760:0] warning: so-sndbuf 4194304 was not granted. Got 57344. To fix: start with root permissions(linux) or sysctl bigger net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set so-sndbuf: 0 (use system value).
[1763652679] unbound[55760:0] warning: setsockopt(..., SO_SNDBUF, ...) was not granted: No buffer space available
[1763652679] unbound[55760:0] warning: so-sndbuf 4194304 was not granted. Got 57344. To fix: start with root permissions(linux) or sysctl bigger net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set so-sndbuf: 0 (use system value).
[1763652679] unbound[55760:0] warning: setsockopt(..., SO_SNDBUF, ...) was not granted: No buffer space available
[1763652679] unbound[55760:0] warning: so-sndbuf 4194304 was not granted. Got 57344. To fix: start with root permissions(linux) or sysctl bigger net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set so-sndbuf: 0 (use system value).
[1763652679] unbound[55760:0] error: Unknown value in module-config, module: 'python'. This module is not present (not compiled in); see the list of linked modules with unbound -V
[1763652679] unbound[55760:0] fatal error: failed to startup modules

Second TOP1M excluding not working at all. Wneh i chhose to exclude ( ca,, org and etc) this settings not saved:
[PFB_FILTER - 17] Failed or invalid Mime Type: [application/octet-stream|0]
TOP1M: No TLD Inclusions found.

tinfoilmatt

@Antibiotic This implicates a configuration issue well beyond that of only pfBlockerNG's. It'd be helpful for you to describe how DNS is configured on this system/your LAN. Screenshots will be even better.

tinfoilmatt

@Antibiotic Might be interesting to see your Advanced Resolver Options under Services / DNS Resolver / Advanced Settings in particular.

Antibiotic

@tinfoilmatt Hello my friend:

Unbound interfaces:
1.Network interfaces: LAN1 LAN2 LAN 3 AND localhost only
2.Outgoing Network Interfaces: OpenVPN interface only

tinfoilmatt

@Antibiotic Set Message Cache Size back to default (i.e., 4 MB) and try updating pfB again.

tinfoilmatt

@Antibiotic A full reboot in-between DNS Resolver config change and pfB update wouldn't hurt either.

Antibiotic

@tinfoilmatt Did back cache size to default , reboot pfsense and adjust pfblocker to unbound python mode. This problem still the same:
Stopping Unbound Resolver
Unbound stopped in 1 sec.
Additional mounts (DNSBL python):
Starting Unbound Resolver Not completed.
[1763657162] unbound[25597:0] warning: setsockopt(..., SO_SNDBUF, ...) was not granted: No buffer space available
[1763657162] unbound[25597:0] warning: so-sndbuf 4194304 was not granted. Got 57344. To fix: start with root permissions(linux) or sysctl bigger net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set so-sndbuf: 0 (use system value).
[1763657162] unbound[25597:0] warning: setsockopt(..., SO_SNDBUF, ...) was not granted: No buffer space available
[1763657162] unbound[25597:0] warning: so-sndbuf 4194304 was not granted. Got 57344. To fix: start with root permissions(linux) or sysctl bigger net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set so-sndbuf: 0 (use system value).
[1763657162] unbound[25597:0] warning: setsockopt(..., SO_SNDBUF, ...) was not granted: No buffer space available
[1763657162] unbound[25597:0] warning: so-sndbuf 4194304 was not granted. Got 57344. To fix: start with root permissions(linux) or sysctl bigger net.core.wmem_max(linux) or kern.ipc.maxsockbuf(bsd) values. or set so-sndbuf: 0 (use system value).
[1763657162] unbound[25597:0] error: Unknown value in module-config, module: 'python'. This module is not present (not compiled in); see the list of linked modules with unbound -V
[1763657162] unbound[25597:0] fatal error: failed to startup modules

Will set back to unbound mode in pfblockerNG. sECOND PROBLEM STILL EXIST AS WELL (Loading TOP1M Whitelist...
TOP1M Database downloading ( approx 21MB ) ... Please wait ...

Failed
TOP1M: No TLD Inclusions found.

DNSBL - TOP1M changes found - Rebuilding!
completed)

Can not even restart unbound ( he is simply stopped and didn't react on restart) from main menu during pfblockerNG unbound python mode ON.

Antibiotic

@tinfoilmatt Nothing changes. The same error and unbound stopped and didnt react in this mode.

tinfoilmatt

@Antibiotic You never followed-up in this thread. Has your pfBlockerNG install been broken since then? Or did you do something at some point to resolve that issue?

Antibiotic

Btw the cron schedule missing as well

tinfoilmatt

@Antibiotic This feels like package reinstall (without saving settings) at a minimum.

You could try for the less drastic procedure described under Firewall / pfBlockerNG / General / Keep Settings—but it doesn't seem like that would resolve issue you're now seeing with Unbound.

Antibiotic

@tinfoilmatt Please read name of post. This is fresh installation of 25.11 RC and fresh installation of pfblockerNG. From scratch

tinfoilmatt

@Antibiotic Not so fresh if you (at least) made ill-advised Unbound configuration changes.

Antibiotic

@tinfoilmatt I think this soft should work at any way. Doesn't matter what we will change in unbound. But anyway this is RC not stable version, time to correct bugs still to go.

tinfoilmatt

@Antibiotic Or it's an issue with your system configuration. I would personally have to troubleshoot your system myself to develop a hunch one way or the other.

Wolf666

@Antibiotic you should enable python module on general settings.

Antibiotic

@Wolf666 The pictures were made in unbound mode not a python mode. That why this is option not ticked. When unbound python mode enabled in pfblockerNG this settings going ON by auto.

Gertjan

@Antibiotic said in Fresh install pfblockerNG on pfSense 25.11 RC a lot problems:

When unbound python mode enabled in pfblockerNG this settings going ON by auto.

I was somewhat surprised to read this, but is is the case.
Settings in a package (pfBlockerng) will modify pfSense 'core' (unbound) settings.

warning: so-sndbuf 4194304 was not granted. Got 57344

I translate :
I want 4 million, only got 50k ..... that's some ressource missing, and you need 80 (!!) times more.
This can't be a simple RAM, you should have enough of it.
Some "buffer size", see pfSense advanced settings ?

tinfoilmatt

@Gertjan said in Fresh install pfblockerNG on pfSense 25.11 RC a lot problems:

see pfSense advanced settings

Services / DNS Resolver / Advanced Settings / Advanced Resolver Options / Message Cache Size

Gertjan

@tinfoilmatt

This :

is some internal unbound cache.

The errors, imho, talks about something else.
I have this "kern.ipc.maxsockbuf(bsd) value" set to :

a bit more as 4 million ^^
Under System > Advanced >System Tunables

Btw : I'm just making noise here, as I didn't install the RC yet (as it is less candidate as release to me ^^).