• NanoBSB 4GB VGA Upgrade Process Explained

    6
    0 Votes
    6 Posts
    1k Views
    P

    An enhancement could be for an automatic reboot after 1 hour to the previous slice if the upgraded slice is not confirmed as being successful from either the GUI or a CLI prompt. This would be very useful to anyone supporting remote systems as downtime would be limited to 1 hour following a failed upgrade.

    That would be a nice thing, but would only work if the OS on the new slice is actually bootable. I guess that could still catch some application issues, e.g. if the system booted OK but some firewall rules startup/VPN links/road warrior VPN server… did not come up.
    If it got some issue booting then any process that monitored things checking to see if success is confirmed by someone/something, would not be running. I can think of 2 cases like this that have happened to me - some dev snapshots that were missing a kernel, and hardware that worked with FreeBSD 8.3 + pfSense 2.1.n but did not boot FreeBSD 10.1 + pfSense 2.2.n - in both these cases the system was sitting at a console boot prompt of some sort and unable to proceed. I always have at home or at my local office an example of every hardware combination that is installed somewhere remotely. Then I can do local upgrades first and know that all my hardware combinations are at least bootable.

  • 2.2.2 package reinstall failed to complete - CLI fix

    1
    0 Votes
    1 Posts
    1k Views
    No one has replied
  • System log message kernel: arp: 43:05:43:05:00:00 is multicast

    13
    0 Votes
    13 Posts
    4k Views
    A

    Jim,

    I read what you wrote in the upgrade guide.  There is no mention in what you wrote WHY one would want to add the tunable to their firewall configuration.  What specific symptoms would lead you to needing this tunable?

    With respect to the open mesh access points, the traffic doesn't need to be handled by the firewall at all.  The main issue was messages filling up the system log, making it basically unusable.  Windows NLB is another animal altogether.

    Also, my question of the security ramifications of adding this tunable, thereby reverting the kernel back to its previous behavior, has yet to be answered.  Just for the sake of completeness, I think we should have a discussion of how this impacts security.  Was the behavior changed from FreeBSD 8 to FreeBSD 10 just for the sake of being RFC 1812 compliant, or is there a good sense security reason for the change?

    Is there a possibility that logging this kernel message could be suppressed (in a future version of pfSense), instead of enabling a behavior that violates the RFC?

    Thanks for all you guys do,
    Anthony

  • Migration to low power quiet system with msata?

    7
    0 Votes
    7 Posts
    1k Views
    ?

    That Supermicro system looks a lot like the FW-525B which will not boot FreeBSD 10.1 and thus does not work with pfSense 2.2.n

    The FW-525B is based on:
    Hardware: Intel PineTrail D CPU - ICH8M Express Chipset Motherboard
    Jetway FW-525B
    With CFCard!

    versus a

    And the Supermicro A1SRM-LN5F-2358-O is based on
    Intel® Atom processor C2358, SoC
    (Rangeley), 7W 2-Core, 1.7-2.0GHz
    5x GbE LAN including 4 ports pair LAN
    bypass (SW programmable) ports
    with SoC I354 and I210-AT
    Without CFCard!

    It is a Rangeley 2 Core SoC platform or the little brother of the C2558 and 2758 SoC.

  • MOVED: Upgrade from 2.2.1 to 2.2.2 has broken my squid transparent proxy

    Locked
    1
    0 Votes
    1 Posts
    662 Views
    No one has replied
  • [solved] Alix new install boot problem / serial console outputs garbage

    6
    0 Votes
    6 Posts
    2k Views
    D

    @xbipin:

    @dotdash:

    New versions default to 115200 on the serial console

    i doubt the default speed in freebsd is 115200, atleast it doesnt seem so on my alix

    https://doc.pfsense.org/index.php/2.2_New_Features_and_Changes#OS_Changes

  • Suggested change to upgrade release announcement language

    3
    0 Votes
    3 Posts
    859 Views
    H

    This arena of 'package testing' is, for example, why newcomer Linux Mint has come from nowhere to lead all the others in new installs.  They review every package upgrade, and in their package manger rate them in order of 'disruption danger' from 1 to 5.  It won't even list upgrades from packages level 4 and 5, other than security related.

    These are the sort of touches that make the difference between a lab project and a long term mission critical one.  It would be one thing if PF architecture left every package alone other than its core so the user could decide when to upgrade known working packages or not.  But PF architecture doesn't work that way.  It's all or nothing.

    The only way forward I can see is for the PF upgrade notice system to say 'upgrade available' with no qualification only when the particular packages each install is using have a flag somewhere qualifying they don't have material regressions (only new features buggy / broken).  Who sets does the testing and how that flag is set I don't know.

    I suppose the 'upgrade available, some packages untested' should pop up when there is an upgrade of the usual sort–- for those who want to take a ride on the wild side, or who think of PF as a learning tool or lab project.

    I'd bet there is a paid subscription business out there for someone to offer an add-on that requires a subscription fee, but will delay the upgrade process until regression testing they do has completed.

    But for

  • Really big problem to go to 2.2.2 from 2.2.1

    Locked
    88
    0 Votes
    88 Posts
    25k Views
    C

    For the first time ever, we went ahead and updated the 2.2.2 full update files (only thing affected) to include only this change:
    https://github.com/pfsense/pfsense/commit/cc1f655f8e88ccda837e21d0646bbc71781198b9

    So no one will need to do any of the work arounds anymore.

  • Firmware Update URL / Settings for Netgate RCC-VE 2440?

    3
    0 Votes
    3 Posts
    1k Views
    M

    https://firmware.netgate.com/auto-update/ADI/amd64/

  • Open-VM-Tools 1280544_11 reported as not running/installed on ESXI 6

    2
    0 Votes
    2 Posts
    2k Views
    G

    Starting /usr/local/etc/rc.d/vmware-guestd.sh…done.
    Starting /usr/local/etc/rc.d/vmware-kmod.sh...done.

    Seems like the execute bits are set to off in my install. Running returns permission denied. Need to chmod +x to get it running properly.

  • 2.2.1 to 2.2.2 Trouble Free Upgrade

    12
    0 Votes
    12 Posts
    2k Views
    iorxI

    No problems here either.

    2.2.1 (newinstall) x64, hyper-v guest
    LAN, WAN, GUESTLAN(VLAN), OpenVPN-server and IPSEC lines, Squid, Squidfilter, Sarg, Lightsquid
    Went smooth to up to 2.2.2 (gambled and did it remotely connected with VPN…)  :o

    Brgs,

  • 0 Votes
    1 Posts
    384 Views
    No one has replied
  • 2.2.2 question

    6
    0 Votes
    6 Posts
    1k Views
    J

    @cmb:

    ah, I tend to assume Viscosity==Mac.

    That log describes the root issue, it's not able to assign an IP or route. It shouldn't end up with a 169.254.x.x IP though, that indicates you have DHCP enabled on Viscosity's interface.

    Nothing in that regard would change by upgrading, something else changed related to your Viscosity or Windows system if that worked previously. There should be a lengthier log from Viscosity somewhere (not familiar with the Windows client). Compare your Viscosity config with the working OpenVPN client config.  Check the interface and Viscosity config. If Viscosity's adapter was screwed up in Windows and that's the only root cause, uninstall and reinstall of Viscosity might fix tha.t

    strange behaivor.
    just did reinstall but the issue still exist.

    i've reinstalled the VMware tools on my VM i use to connect from.
    et voila everything starts working.
    thank you for your help

  • Upgrade from 2.2.1 to 2.2.2 - rrdtool libpng errors

    7
    0 Votes
    7 Posts
    1k Views
    S

    Found it =) Thanks

  • PfSense Issues on Comcast Internet

    4
    0 Votes
    4 Posts
    727 Views
    H

    Have you tried by-passing PFSense to see if the problem continues?

  • [Feedback] fresh install + config restore = mess

    7
    0 Votes
    7 Posts
    866 Views
    V

    Yes, I agree (2) is a risk but if you have a test box hardware related problems should be found during proper use case acceptance testing. I learned this the hard way upgrading from 2.2RC to 2.2 Release without adequate use case testing.

    In the event of an unpatchable hardware specific vulnerability, second hand kit capable of running pfSense is both cheap and abundant.

  • 2.1.5 Upgrade issues

    3
    0 Votes
    3 Posts
    739 Views
    B

    @phil.davis:

    The bandwidthd issue is bug https://redmine.pfsense.org/issues/3986
    If anyone can work out what is causing that interaction with PHP-FPM and even better, how to fix it, you will be a hero!
    I would live without bandwidthd, and maybe your troubles will all og away.

    Yeah I saw that last night, lots of error messages in the syslog, I thought I had everything working but the DHCP service tanking, not sure what the heck is going on.  I could get on the web gui but restarting DHCP service didnt appear to be working, was just acting funky.  Kind of like BandwidthD but something is not happy with my configuration, so I might uninstall most of the packages and just get back to the basics and see what that does, when things have been stable for so long kind of a bummer to have things not like they were….

    I will be poking around when I get home and see if its still working...

  • Just upgraded from 2.2.1 to 2.2.2

    15
    0 Votes
    15 Posts
    2k Views
    T

    And yes

    100% tested ok now  just switch off the BIOS com serial comport and it will boot

  • Copy settings of System -> tunables???

    1
    0 Votes
    1 Posts
    447 Views
    No one has replied
  • Restoring backup config not working

    5
    0 Votes
    5 Posts
    2k Views
    H

    I tried it again and it worked.
    Not sure how long it took since I left the room.

    Its the 3rd time I posted about this and you are the first one mentioning this.
    I really appreciate it.

    Thanks.

Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.