RESOLVED - pfsense 25.11 – "pfb_dnsbl service" (3.2.13_1) not run

SwissSteph

Hello everyone,

I updated pfBlockerNG from version 3.2.13 to version 3.2.13_1, and even after restarting my pfsense, the “pfb_dnsbl service” won't start on its own.

It's also impossible to start it manually.

Am I the only one?

EDIT :
I don't know what this means, I haven't changed anything and I don't know how (or where) to put this missing information.

EDIT 2 :

Old xml file (25.07)
<virtualip>
<vip>
<interface>lo0</interface>
<descr><![CDATA[pfB DNSBL - DO NOT EDIT]]></descr>
<type>single</type>
<subnet_bits>32</subnet_bits>
<subnet>10.10.10.1</subnet>
<mode>ipalias</mode>
</vip>
</virtualip>

Old xml file (25.11)
<virtualip>
<vip>
<interface>lo0</interface>
<descr><![CDATA[pfB DNSBL - DO NOT EDIT]]></descr>
<type>single</type>
<subnet_bits>32</subnet_bits>
<subnet>10.10.10.1</subnet>
<mode>ipalias</mode>
<uniqid>693bc0f9cd258</uniqid>
</vip>
</virtualip>

bigsy

@SwissSteph Starting from 3.2.13 it seems that the Virtual IPs needed for DNSBL have to be created in pfSense itself whereas previously this was handled via pfBlockerNG.

If the VIPs are missing, you can add via 'Firewall > Virtual IPs', adding in the new VIP using the information you have from your old config file.

See this forum post

SwissSteph

@bigsy

Thank you very much for your reply and your help.

I'm stuck at “<interface>lo0</interface>”; I don't have this description in the first field to fill in. Do you have the answer?

I guess I should just choose “WAN”? ---> Locahost

SwissSteph

So I did that, rebooted my Pfsense, checked the XML file to make sure I had the same information as in my old XML files.

But I still couldn't see the service running. Even when I forced it, it wouldn't start.

What else can I do?

EDIT

Even after reinstalling PFblockerNG, the same problem persists: it is impossible to launch it manually.

SwissSteph

RESOLVED

The following information must also be added:

Unoptanio

After upgrade to ver 3.2.13_1

is correct "Table Usage Count NA" ???

pfSense Table Stats
-------------------
table-entries hard limit  6000000
Table Usage Count         NA

 UPDATE PROCESS ENDED [ 12/17/25 14:59:55 ]

------------------------------------------------------------------------
Assembling DNSBL database...... completed [ 12/17/25 14:58:09 ]
TLD:
TLD analysis.................................................... completed [ 12/17/25 14:58:35 ]
TLD finalize...
 ----------------------------------------
 Original    Matches    Removed    Final     
 ----------------------------------------
 5133663     4603380    75039      5058624   
 -----------------------------------------
TLD finalize... completed [ 12/17/25 14:59:13 ]

Saving DNSBL statistics... completed [ 12/17/25 14:59:23 ]
Reloading Unbound Resolver (DNSBL python).
Stopping Unbound Resolver.
Unbound stopped in 2 sec.
Additional mounts (DNSBL python):
  No changes required.
Starting Unbound Resolver... completed [ 12/17/25 14:59:30 ]
Resolver cache restored
DNSBL update [ 5058624 | PASSED  ]... completed [ 12/17/25 14:59:32 ]
------------------------------------------------------------------------

SwissSteph

same result here (I manually restarted an update) !?

marcosm

The "NA" is intended. It was previously reporting an inaccurate value. There's an upstream issue that will need to be fixed first.

SwissSteph

@marcosm
Thank you for the feedback and explanation.