Pi3b not fully updating blocklist due to lack of memory?

blueminerals · 2 May 2026 15:58

pi3b isnot fully updating blocklist due to lack of memory? 600mb is free. Pi3B has 1GB ram, 32MB Micro sd April 20 update

Settings:

Month:		Day:

IP Blocklist

 The following block lists were updated:
    BLOCKLIST_DE: 28 Time(s)
    BOGON_FULL: 4 Time(s)
    CIARMY: 14 Time(s)
    DSHIELD: 13 Time(s)
    SHODAN: 1 Time(s)
    TOR_ALL: 6 Time(s)
    TOR_EXIT: 6 Time(s)

 The following errors were detected:
    <ERROR> Could not update THREATVIEW_IO_IP blocklist - Download error! : 4 Time(s)
    <ERROR> Could not update EMERGING_COMPROMISED blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update BLOCKLIST_DE blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update BOGON_FULL blocklist - Download error! : 29 Time(s)
    <ERROR> Could not update TOR_EXIT blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update DSHIELD blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update BOGON blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update SPAMHAUS_DROP blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update CIARMY blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update TOR_ALL blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update FEODO_RECOMMENDED blocklist - Download error! : 42 Time(s)
    <ERROR> Could not update EMERGING_FWRULE blocklist - Download error! : 42 Time(s)

Kernel and Firewall:

 WARNING:  Out of memory killer killed these executables
    unbound :  1 Time(s)

bonnietwin · 2 May 2026 16:31

1GB ram is the minimum you need. With that you will not be able to use IPS or DNS Firewall. Make sure both of those are disabled.

It might be that the IP Blocklist downloads any updated list to a temp location first and if the download is successful then it will replace the existing file so it might be that you need more ram than you think during the download and checking phase.
To confirm that I would need to check the code but i don’t have time to do that right now.
Will see if i can check that tomorrow morning.

blueminerals · 3 May 2026 10:48

also, may 1 update added this :

WARNING:  Kernel Errors Present
    Error: Driver 'efi-fra ...:  1 Time(s)
    brcmfmac mmc1:0001:1: Direct firmware load for brcm/brcmfmac43430-sdio.raspberrypi,3-model-b.bin failed with error -2 ...:  1 Time(s)

bonnietwin · 3 May 2026 11:54

I checked the code and the update is done in memory.

Each blocklist is checked before downloading to see if it has been updated. If yes then the list is downloaded into a perl variable and checked that the download was successful before moving to the next step.

The next step is that the downloaded list is then parsed and the output placed into the ip set compatible file which is then updated in the firewall rules.

as the ip list is downloaded into a variable then it is in memory until it has been implemented into the firewall rules or ignored if the download was unsuccessful.

So the update will use some extra memory but I don’t know how much.

This is something that will have occurred during a reboot. The firmware loading had a failure.

If this has just happened once and does not repeat when doing a reboot again, then some hiccup happened during the boot that prevented the firmware from loading.

blueminerals · 4 May 2026 22:39

This post seems to address the issue and MAY solve it, but I won’t be trying it anytime soon. I am posting it in case someone has the same problem. Thanks for your help.

https://forums.raspberrypi.com/viewtopic.php?t=314208

blueminerals · 13 May 2026 22:20

It looks like I will have to upgrade. How much memory would you suggests to do dns server malware and some other stuff. Pi4 or something else? thanks

blueminerals · 15 May 2026 18:29

The developers recommend at least 1GB. If various built-in/add-on features are used, the amount of memory required will be much higher. Memory consuming features/add-ons are the web proxy and URL filter as well as the Intrusion Detection/Prevention System and the DNS Firewall. Using all of these could consume closer to 5GB or 6GB depending on the number of categories that are selected in each feature.
Another ( temporarily ) memory consuming function is the upgrading process. Download / decrypt are done in memory.
An IPFire where all the available functions are used would therefore be better with 8GB of memory.

pscar13 · 15 May 2026 21:31

I just tested it on my test Raspberry Pi 4 with 8GB of RAM:

Firewall enabled with a few rules
IP Address BlockLists
GeoIP Block
Enabled all DNS firewall lists
Enabled IPS with a few rules
Loaded the Toulouse URL filter list

The Raspberry Pi handled it with respectable bandwidth.