@kdillen:

But I do know that some things get corrupt when importing a 2.1.x file into 2.2

In my case I had the following problems with corrupt files:

ssh host key files unbound: root.key  (auto-trust-anchor-file)

That's absolutely not true. Those two things don't even exist in the config.

It's always safe to restore the full config from an older version to a newer version (but going backwards, say restoring 2.2 to 2.1, is not possible).

Trying to snip out pieces of an old config backup and paste them into a new config isn't a good idea unless you really know what you're doing, as those pieces may require config upgrades when migrating to a new version that they won't get if you're pulling in partial config bits.

2.2 omits localhost from resolv.conf if you aren't binding on it, to prevent that from being an issue. That'll cause a timeout in earlier versions if you have the system configured to use localhost as a DNS server, but aren't actually binding it there. Make sure if you're selectively binding DNS Forwarder, localhost is one of the selections unless you disable its use under System>General Setup.

Ha!

I'm all about Easy Editing. I've been stuck in some obscure vi mode too many times.  ::)

Steve

Thanks for the suggestion to restore from the config backup.  :)
I wasn't aware I could selectively restore stuff, but then chose to restore only the rrd data. I was logged in through ssh during the whole process and it was actually fun to watch it upload the data, incorporate it into config.xml, then write out the /var/db/rrd, and remove it from the config file. Before rebooting, it saved the /var/db/rrd data into rrd.tgz, and unpacked it again after the reboot. So, my data is back, with only a short missing piece during the upgrade process.

Roman

I see how that isn't the expected behaviour from your point of view.  :-\  A box showing the current update URL would perhaps help there.
That's the correct behaviour though, there's nothing wrong with your install.

Steve

Sorry, was clearly too late last night when I replied!  ::)

Your WAN is receiving an address in the 192.168.1.0/24 subnet but that is the same subnet that the pfSense LAN interface uses by default. You cannot have two interfaces in the same subnet, it breaks routing.

Change the LAN interface to use a different subnet, for example: 192.168.100.1/24. You should then be able to connect to the webgui on that address from a client connected to the LAN interface.

Steve

see https://forum.pfsense.org/index.php?topic=87269.0
and https://redmine.pfsense.org/issues/4270

None include fixes (yet). just figured I'd share.

are you running i386 too? or amd64?

粪 - Fen - pronounced "fun" - Loose translation "crap"

Squid logs locally to its own log, not syslog, so the remote syslog options do not affect squid's logging or reporting for sarg/lightsquid.

I prefer lightsquid myself, but sarg can generate some more interesting reports. Careful with sarg though, as I have seen it fill up hard drives on numerous occasions when customers had it configured to keep many old reports.

Thanks,that fixed the error.  I had been sure that those prompts came up in the opposite order (hence my confusion).

Thanks for both of the tips! I have cloned my up to date slice to the other slice and moved settings to /boot/loader.conf.local.

I don't think installing a nano version on a flash drive larger than 4GB yields any benefit.

hi,
I followed these steps..
/http://www.yawarra.com.au/tutorials/how-to-install-pfsense-on-an-apu

The most common cause of this going from 1.2.X to 2.X if I recall was a restriction in the character set being used that meant the config file is seen as corrupt. See:
https://doc.pfsense.org/index.php/Upgrade_Guide#International.2FSpecial_Characters_in_1.2.x_Configurations

Steve

The difficulty here is capturing the traffic you want to prioritise, particularly Skype traffic which can be on any random high port. Even if you've set it to use a static port that only counts for incoming traffic. If your clients are using dynamic IPs then you can't use that to direct traffic either.
I believe you can do it using the Layer7 filter but I've not tried that myself. For example:
https://forum.pfsense.org/index.php?topic=78092.0

Steve

Post your WAN firewall rules.  It works fine if you configure it correctly.

@stephenw10:

It should boot that Nano image from an SD card but that won't allow you to install the SSD if that's what you're trying to do. Searching here the common cause of that is I corretly written card.
What OS are you using to write the image? It looks like you're writing to a slice on the card rather than the entire card. Try using:

dd if=/Users/me/Downloads/pfSense-2.1.5-RELEASE-1g-amd64-nanobsd-20140825-0744.img of=/dev/rdisk1 obs=64k

Assuming /dev/rdisk1 is your sd card.

Steve

@Derelict:

You have an SSD.  You should be installing the full image.  The only question is how you boot the installer.

USB thumbdrive is the obvious choice, USB CD is probably second.

USB thumbdrive:

After recreating the USB boot drive with something else that isn't dd it worked. So that seemed to be the issue. Thanks for the ideas.