The actual graphs are rendered in the browser now. So there is no way to (easily) render a graph image back on the system for sending in email. There have been a few discussions about it (probably in the archived 2.3-RC Feedback forum).

This is the general way to remove old package cruft from the config, using bandwidthd as the example: https://forum.pfsense.org/index.php?topic=110096.msg613137#msg613137

Interesting. See if you can enable HPET in BIOS, since it is preferred. kern.timecounter.choice: TSC(800) HPET(950) ACPI-fast(900) i8254(0) dummy(-1000000)

No. The packet capture runs tcpdump in the background separate from the GUI process.

Given that Phil has already written the code I don't see a reason not to use it.

BBcan177, I have not been able to do a print screen. I can capture it and save it as a *.png file, but don't now how to stick in the reply. However this is what I did.     Firewall –> pfBlockerNG --> General --> Country --> Top 20 I added a country in the left part of the screen, IPv4 Countries and clicked on "SAVE". I did not select any of the IPv6 countries. This a different result from the previous. I do not know why? From the dashboard Crash report begins.  Anonymous machine information: amd64 10.3-RELEASE FreeBSD 10.3-RELEASE #6 05adf0a(RELENG_2_3_0): Mon Apr 11 18:52:07 CDT 2016    root@ce23-amd64-builder:/builder/pfsense-230/tmp/obj/builder/pfsense-230/tmp/FreeBSD-src/sys/pfSense Crash report details: PHP Errors: [16-Apr-2016 14:12:54 America/Denver] PHP Stack trace: [16-Apr-2016 14:12:54 America/Denver] PHP  1\. {main}() /usr/local/www/pkg_edit.php:0 [16-Apr-2016 14:12:54 America/Denver] PHP  2\. eval() /usr/local/www/pkg_edit.php:255 [16-Apr-2016 14:12:54 America/Denver] PHP  3\. sync_package_pfblockerng() /usr/local/www/pkg_edit.php(255) : eval()'d code:3 From  PHP_errors.log Message from syslogd@pfSense at Apr 16 13:43:36 ... pfSense php-fpm[94750]: /pkg_edit.php: Successful login for user 'admin' from: 192.168.20.201 [16-Apr-2016 14:12:54 America/Denver] PHP Warning:  Invalid argument supplied for foreach() in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 4290 [16-Apr-2016 14:12:54 America/Denver] PHP Stack trace: [16-Apr-2016 14:12:54 America/Denver] PHP  1\. {main}() /usr/local/www/pkg_edit.php:0 [16-Apr-2016 14:12:54 America/Denver] PHP  2\. eval() /usr/local/www/pkg_edit.php:255 [16-Apr-2016 14:12:54 America/Denver] PHP  3\. sync_package_pfblockerng() /usr/local/www/pkg_edit.php(255) : eval()'d code:3 Here is snapshot of /var/log/pfblockerng: I tried several times. ===[  Continent Process  ]============================================ [ pfB_Top_v4 ]          exists. ===[  IPv4 Process  ]================================================= ===[  IPv6 Process  ]================================================= Warning: Invalid argument supplied for foreach() in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 4290 Call Stack:     0.0013    383816  1\. {main}() /usr/local/www/pfblockerng/pfblockerng.php:0     0.0620  10908952  2\. pfblockerng_sync_cron() /usr/local/www/pfblockerng/pfblockerng.php:94     0.0621  10915416  3\. sync_package_pfblockerng() /usr/local/www/pfblockerng/pfblockerng.php:387 ===[  Aliastables / Rules  ]========================================== No changes to Firewall rules, skipping Filter Reload No Changes to Aliases, Skipping pfctl Update UPDATE PROCESS ENDED **Saving configuration [ 04/16/16 14:12:54 ] ... CRON  PROCESS  START [ 04/16/16 14:15:00 ] UPDATE PROCESS START Clearing all DNSBL Feeds... ** DNSBL Disabled ** ===[  Continent Process  ]============================================ [ pfB_Top_v4 ]          exists. ===[  IPv4 Process  ]================================================= ===[  IPv6 Process  ]================================================= Warning: Invalid argument supplied for foreach() in /usr/local/pkg/pfblockerng/pfblockerng.inc on line 4290 Call Stack:     0.0013    383816  1\. {main}() /usr/local/www/pfblockerng/pfblockerng.php:0     0.0622  10908752  2\. pfblockerng_sync_cron() /usr/local/www/pfblockerng/pfblockerng.php:94     0.0623  10915216  3\. sync_package_pfblockerng() /usr/local/www/pfblockerng/pfblockerng.php:387 ===[  Aliastables / Rules  ]========================================== No changes to Firewall rules, skipping Filter Reload No Changes to Aliases, Skipping pfctl Update UPDATE PROCESS ENDED **Saving configuration [ 04/16/16 14:21:59 ] ...

Dear all, Removing freeradius, haproxy, NRPE, NUT and Quagga packages before the upgrade did solve the issues on my three futher machines. Reinstalling freeradius and haproxy did work after the futhre upgrades. Looking at the packages, I very much welcome freeradius2-2.2.9, as that can do WLAN EAP-TLS with all recent Windows and Android devices. I had side-stepped to a dockerized version outside pfSense for five months, which is now no longer needed. I severely miss NUT and I do somewhat miss NRPE. The only package that did continue to give me trouble was Quagga. I have an OpenVPN Site-to-Site with Dual-WAN like in chapter 20.13.4 in the pfSense book but plus CARP. That required start / stop commands in /etc/rc.carpmaster and /etc/rc.carpbackup which do not seem to work anymore. As I did notice before that the setup does work without Quagga/OPSF, I am runing it without Quagga for the time being. Huge thanks to CMB!! Regards, Michael

Thank you.  this worked!.

Are you maybe accidentally setting WAN and LAN to be in the same subnet? That fits the symptoms you describe and it wouldn't function. Try setting LAN to a different subnet as a test.

@phil.davis: There have been a few threads with this style of traceback, like: https://forum.pfsense.org/index.php?topic=105760.0 https://forum.pfsense.org/index.php?topic=104273.0 If you can reproduce how to make this happen, or point out the special thing you have on your system that is the edge case that causes this (special network connection type, unusual settings on something…) then you win a prize :) It seams that the error does not occur anymore, but I don't exacly know what fixed it. I think it was after I solved the problem with my squid installation using the information from these threads: https://forum.pfsense.org/index.php?topic=109128 https://forum.pfsense.org/index.php?topic=105399

You have a problem with no shit??  Really are you 6 and your mommy told you was shit a bad word?? ;)  I quite often would use no fuck as well… How about is the pope catholic ;)  Would of you had a problem with..  It is a common phrase use to express that what is being discussed is obvious.. As in that sort of setup is fubar.. Would you like me to expand that acronym? hehehheeh As to how you should it set it up comes down to what your wanting to accomplish.  Pfsense is best to replace the router your using from your isp..  Common these days for isp to hand out a gateway device where its modem/router combo.  If you can turn that into just modem (bridge mode) and pfsense wan gets public on its wan that is most often first choice. if you can not turn off the nat on your isp device and give pfsense a public on its wan, then you would go with a double nat setup where your isp network is now your transit network to your pfsense wan.. No other devices would be on this transit other than routers.  If any devices are put on this transit network that are not routers you would need to do host routing on these devices. All your devices would be put on the network(s) behind pfsense. Only restriction here would be that your transit network is not the same as your networks behind pfsense. Another option would be to maintain a network on your isp device, and then create a transit network to pfsense so be able to get to those networks.  So devices on your isp device would use the isp device as their gateway, and the router would route to pfsense via this new transit network to pfsense wan.  If you were going to go this route pfsense would not need to nat. There are many a way to skin the cat.. Your attempt is not the right way to skin the cat ;)

I ran into this problem again when I upgraded to 2.3. When the installation succeeded and pfSense rebooted, my OpenVPN clients were up (according to sockets and the fact that traffic was flowing) despite the dashboard showing "Can't connect, daemon running?" for each OpenVPN instance. Logs were also showing the tap/tun device busy errors. I had to manually kill the OpenVPN processes shown in states and restart the clients. After that, everything appears to be working correctly.

Ok. Solved it. I switched to the second boot slice, booted up the old system again. Then i removed all packages and startet the upgrade to 2.3 again. Then after a reboot the new system had no packages and i tried to install freeradius. The first time i installed the package was a strange one because it said "Success" in the log but "failed" in the GUI. Here is the log of the first failed attempt: >>> Installing pfSense-pkg-freeradius2... Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. Checking integrity... done (0 conflicting) The following 6 package(s) will be affected (of 0 checked): New packages to be INSTALLED: pfSense-pkg-freeradius2: 1.7.3_1 [pfSense] bash: 4.3.42_1 [pfSense] freeradius: 2.2.9 [pfSense] mysql56-client: 5.6.27 [pfSense] gdbm: 1.11_2 [pfSense] postgresql93-client: 9.3.11 [pfSense] The process will require 61 MiB more space. [1/6] Installing mysql56-client-5.6.27... [1/6] Extracting mysql56-client-5.6.27: .......... done [2/6] Installing gdbm-1.11_2... [2/6] Extracting gdbm-1.11_2: .......... done [3/6] Installing postgresql93-client-9.3.11... [3/6] Extracting postgresql93-client-9.3.11: .......... done [4/6] Installing bash-4.3.42_1... [4/6] Extracting bash-4.3.42_1: .......... done [5/6] Installing freeradius-2.2.9... ===> Creating users and/or groups. Using existing group 'freeradius'. Using existing user 'freeradius'. ===> Setting user and group in radiusd.conf [5/6] Extracting freeradius-2.2.9: .......... done ===> Adjusting ownership of directory /usr/local/etc/raddb ===> Adjusting ownership of directory /var/log/radacct ===> Adjusting ownership of directory /var/run/radiusd ===> Adjusting ownership of /var/log/radius.log ===> Adjusting ownership of /var/log/radutmp ===> Adjusting ownership of /var/log/radwtmp ===> Updating libdir in /usr/local/etc/raddb/radiusd.conf [6/6] Installing pfSense-pkg-freeradius2-1.7.3_1... [6/6] Extracting pfSense-pkg-freeradius2-1.7.3_1: .......... done Saving updated package information... overwrite! Loading package configuration... done. Configuring package components... Loading package instructions... Custom commands... Success The second try went ok and installed the package correctly: >>> Installing pfSense-pkg-freeradius2... Updating pfSense-core repository catalogue... pfSense-core repository is up-to-date. Updating pfSense repository catalogue... pfSense repository is up-to-date. All repositories are up-to-date. Updating database digests format: ..... done The following 8 package(s) will be affected (of 0 checked): New packages to be INSTALLED: pfSense-pkg-freeradius2: 1.7.3_1 [pfSense] bash: 4.3.42_1 [pfSense] freeradius: 2.2.9 [pfSense] mysql56-client: 5.6.27 [pfSense] gdbm: 1.11_2 [pfSense] krb5: 1.14 [pfSense] pkgconf: 0.9.12_1 [pfSense] postgresql93-client: 9.3.11 [pfSense] The process will require 64 MiB more space. 7 MiB to be downloaded. Fetching pfSense-pkg-freeradius2-1.7.3_1.txz: ...... done Fetching bash-4.3.42_1.txz: .......... done Fetching freeradius-2.2.9.txz: .......... done Fetching mysql56-client-5.6.27.txz: .......... done Fetching gdbm-1.11_2.txz: .......... done Fetching krb5-1.14.txz: .......... done Fetching pkgconf-0.9.12_1.txz: ... done Fetching postgresql93-client-9.3.11.txz: .......... done Checking integrity... done (0 conflicting) [1/8] Installing pkgconf-0.9.12_1... [1/8] Extracting pkgconf-0.9.12_1: ....... done [2/8] Installing mysql56-client-5.6.27... [2/8] Extracting mysql56-client-5.6.27: .......... done [3/8] Installing gdbm-1.11_2... [3/8] Extracting gdbm-1.11_2: .......... done [4/8] Installing krb5-1.14... [4/8] Extracting krb5-1.14: .......... done [5/8] Installing postgresql93-client-9.3.11... [5/8] Extracting postgresql93-client-9.3.11: .......... done [6/8] Installing bash-4.3.42_1... [6/8] Extracting bash-4.3.42_1: .......... done [7/8] Installing freeradius-2.2.9... ===> Creating users and/or groups. Creating group 'freeradius' with gid '133'. Creating user 'freeradius' with uid '133'. ===> Setting user and group in radiusd.conf [7/8] Extracting freeradius-2.2.9: .......... done ===> Bootstrapping default certificates, please wait... ===> Adjusting ownership of directory /usr/local/etc/raddb ===> Adjusting ownership of directory /var/log/radacct ===> Adjusting ownership of directory /var/run/radiusd ===> Adjusting ownership of /var/log/radius.log ===> Adjusting ownership of /var/log/radutmp ===> Adjusting ownership of /var/log/radwtmp ===> Updating libdir in /usr/local/etc/raddb/radiusd.conf [8/8] Installing pfSense-pkg-freeradius2-1.7.3_1... [8/8] Extracting pfSense-pkg-freeradius2-1.7.3_1: .......... done Saving updated package information... done. Loading package configuration... done. Configuring package components... Loading package instructions... Custom commands... Executing custom_php_install_command()...Generating DH parameters, 1024 bit long safe prime, generator 2 This is going to take a long time .....................................+.......................+...........................+.......+...................................+............+...+.+.....+....+..............................................+...+..............+................+.......................+............+.......................+........................................+.......................+.......................................+........+.............+................................................................+................................+......................................................................+...........................................+.....................+..+....................................+..............................................+.........+.........+.............+.........................................................................+.....+.................................................................................+...+...............+...................................+..................................................+....................+...+......................+..................................++*++*++* 10+0 records in 10+0 records out 5120 bytes transferred in 0.034827 secs (147012 bytes/sec) done. Executing custom_php_resync_config_command()...done. Menu items... done. Services... done. Writing configuration... done. Message from mysql56-client-5.6.27: * * * * * * * * * * * * * * * * * * * * * * * * Please be aware the database client is vulnerable to CVE-2015-3152 - SSL Downgrade aka "BACKRONYM". You may find more information at the following URL: http://www.vuxml.org/freebsd/36bd352d-299b-11e5-86ff-14dae9d210b8.html Although this database client is not listed as "affected", it is vulnerable and will not be receiving a patch. Please take note of this when deploying this software. * * * * * * * * * * * * * * * * * * * * * * * * Message from postgresql93-client-9.3.11: The PostgreSQL port has a collection of "side orders": postgresql-docs   For all of the html documentation p5-Pg   A perl5 API for client access to PostgreSQL databases. postgresql-tcltk   If you want tcl/tk client support. postgresql-jdbc   For Java JDBC support. postgresql-odbc   For client access from unix applications using ODBC as access   method. Not needed to access unix PostgreSQL servers from Win32   using ODBC. See below. ruby-postgres, py-PyGreSQL   For client access to PostgreSQL databases using the ruby & python   languages. postgresql-plperl, postgresql-pltcl & postgresql-plruby   For using perl5, tcl & ruby as procedural languages. postgresql-contrib   Lots of contributed utilities, postgresql functions and   datatypes. There you find pg_standby, pgcrypto and many other cool   things. etc... Message from bash-4.3.42_1: ====================================================================== bash requires fdescfs(5) mounted on /dev/fd If you have not done it yet, please do the following: mount -t fdescfs fdesc /dev/fd To make it permanent, you need the following lines in /etc/fstab: fdesc /dev/fd fdescfs rw 0 0 ====================================================================== Message from freeradius-2.2.9: =============================================================================== To enable FreeRADIUS, put the following line in /etc/rc.conf radiusd_enable="YES" The sample configuration can be found at /usr/local/share/examples/freeradius/raddb If you are upgrading FreeRADIUS, you are advised to use this as a reference for updating your configuration. FreeRADIUS will look for its configuration directory at /usr/local/etc/raddb by default. If you did not already have a configuration at this location, the sample configuration has been copied to this location and has been bootstrapped. If you wish to point FreeRADIUS to a configuration at a different location, put the following line in /etc/rc.conf radiusd_flags="-d /path/to/raddb" To start the server in normal (daemon) mode, run: /usr/local/etc/rc.d/radiusd start and to stop the server, run: /usr/local/etc/rc.d/radiusd stop To start the server in debugging mode, run: /usr/local/etc/rc.d/radiusd debug You are advised to make cautious changes to the configuration, and to test frequently, using debugging mode where necessary. Try to resist the temptation to disable or delete things that you don't understand - you may well break things! Useful configuration advice can be found in the FreeRADIUS Wiki at http://wiki.freeradius.org =============================================================================== Message from pfSense-pkg-freeradius2-1.7.3_1: Please visit Services - FreeRADIUS menu to configure the package. >>> Cleaning up cache... done. Success So something seems to be quite buggy there with this package in particular. But i am happy it works now.  ;D

Thanks, all fixed now.  :)

That is in /cf/conf/config.xml