some services show can't start
-
For example, I am giving an example. In this pfsense version, when I enter the IP or alias of the firewall rule, the firewall cannot correctly display the correct value I set.
I think this kind of error should not happen. After the design and development is completed, we must repeat various checks and it is impossible to let such an obvious error happen. So what I mean is that there is a serious problem with our quality control. Ordinary users should not be expected to find problems, and users should be required to submit technical information to report. Many users do not understand any technical code at all. We should establish a strict quality control process and should not bring errors out of the factory.
23.09-BETA (amd64)
built on Thu Oct 12 14:00:00 CST 2023
FreeBSD 14.0-CURRENTi setup alias is b1, but show is single/0
-
https://docs.netgate.com/pfsense/en/latest/development/bug-reports.html
And another thing - if your using "development" code there almost for sure going to be issues with it.. Which should be discussed in the specific forum section for that development version..
I don't know what else to tell you..
-
There are also many problems with the official version. I have been following you for many years and your quality control has always been problematic. I still have many problems that I have not reported. It is not that there are no problems. There are too many problems and I am too tired.. I use the development version to solve the official problem. A problem with the version, but new problems have arisen in development.
Let me give you a vivid example. I am driving a car. When my car is driving at high speed, your system shows that the car has not started driving, causing various brake failures. Do you mean to let this user repeat this danger again?
I use wiregaurd and all the tools show that they are running normally, but pfsense shows that it is not running. I don't know what detection pfsense relies on.
/root: wg interface: tun_wg0 public key: vA7WbNQBYfyMPaeI6hwt2XnO4w2mIDA= private key: (hidden) listening port: 51820 peer: 01Qz7+akq9Xj2YS7JdKABGI8m6v6C8ic= preshared key: (hidden) endpoint: 10.50.1.254:62115 allowed ips: 0.0.0.0/0, ::/0 latest handshake: 1 minute, 3 seconds ago transfer: 303.88 MiB received, 86.84 MiB sent persistent keepalive: every 20 seconds interface: tun_wg1 public key: MLxvaU4yhGRW4Ufwoa2UxlZpkyk= private key: (hidden) listening port: 56388 peer: Y2EP0vQL4vTozsCagl/LY0ADSNg3flU= preshared key: (hidden) endpoint: [2602:fed5:7020::1]:56280 allowed ips: 0.0.0.0/0, ::/0 latest handshake: 1 minute, 52 seconds ago transfer: 60.87 MiB received, 65.46 MiB sent persistent keepalive: every 36 seconds
-
@yon-0 said in some services show can't start:
and your quality control has always been problematic
My quality control? I have zero to do with the development or quality testing of pfsense - I am just a user..
If you have some specific issue with the development version, I suggest you create a thread in the dev section, with details and hopefully instructions on how to reproduce it.
-
I didn't specify you, I was saying that the pfsense development team needs to improve.
-
-
UPnP & NAT-PMP service can't start also. this my setup.
-
@yon-0 said in some services show can't start:
I didn't specify you
Maybe your not a native english speaker? But the use of "your" when you set the reply directed at me.. with the @johnpoz seems pretty directed at me ;)
Prob should of worded that more like this
I have been following pfsense for many years and Its quality control has always been problematic
Anywho - moving this to the development section. You are more likely to get others using 23.09 to chime in there, and maybe they have seen the same sort of issue your having..
-
-
Wireguard tunnels can be up but the servcie that manages them may not be running. Look for
php_wg
.Unfortunately there is very little logging from wireguard. However when you start the service and it fails to start there should be something logged in the main system log.
You clearly have quite a complex and unusual config and some part of it is causing a problem. It's not simply that WG and UPnP don't work in 23.09. We need to know a lot more to try to replicate and fix it.
-
@yon-0 said in some services show can't start:
i setup alias is b1, but show is single/0
Ok, that is a bug I can easily replicate that.
-
Yes, my native language is not English.
I'm talking about things, not targeting anyone. I want pfsense to be better, that's why I say so much. I found that the development team may have different philosophies, so there may be differences in how to do things. My philosophy is to use the most advanced technology, but the development is suitable for strict technical quality control. Every change developed must be tested in different internal environments, especially some that may cause serious problems and cannot be taken outside at all.
I found that the current philosophy of the Pfsense team is that they are afraid to use advanced technologies, especially some new technologies that they dare not try and need to wait for a long time. Technology is advancing with the times, and many technologies are time-sensitive and cannot be used for a long time. We must be brave enough to try the latest Instead of avoiding things for fear of problems, it is best to control the quality of every detail is crucial. If you don’t try new technologies and find problems, users are likely to use them in conjunction with various new technologies or new equipment. If the team has not used new technologies, it will be difficult to integrate them with user needs. Computer technology relies heavily on innovation. The change in one year can be huge and it is impossible to wait until a year later to use it.There is a difference between opnsense and pfsense in adopting new technologies. OP is more willing to try new technologies or new things. I am used to various settings of pfsense, so it is difficult for me to change.
-
I recently used DTLS technology for udp tunnel, I contacted the developer directly to provide various suggestions and improvements were quickly implemented. He is a Ukrainian developer and I think he is very patient.
So if pfsense can consider adding new technology features, I recommend it.
The website of his works is this
https://github.com/Snawoot/dtlspipe
-
This is an example. These could have been discovered through internal review. It's too obvious. So why am I tired of reporting bugs? I'm not a technical developer and I don't know the specific details of the code. I can only report from the superficial phenomenon. Regarding the specific details, Technical issues require investigation and judgment by your technical staff. It is too difficult to leave it to ordinary users to investigate.
-
I use DTLS to protect wireguard, Wiregaurd has obvious characteristic shortcomings. The handshake part of the data packet is too easy to be detected and blocked by DPI.
Tested using DTLS and the result is that there are obvious benefits. It is currently not blocked by DPI and reduces interference. I worked with this developer to improve it.
-
@stephenw10 said in some services show can't start:
Ok, that is a bug I can easily replicate that.
-
when i input network 2602:fed6:7021::/48, it is show network/0 in firewall rule
-
This should actually be fixed in todays build (
23.09.b.20231013.0600
) are you testing that?Existing rules will need to be resaved to populate the aliases correctly.
Steve
-
@stephenw10 JFC Steve - you need these developers working on the latest and greatest to up their quality testing and make sure every possible thing works before you release the snapshots ;)
hahaah
-
Mmmm. We should have caught that one but.... that's what dev builds are for.
But in all seriousness we cannot possibly test every possible config and, especially for complex and unusual configs, we expect to see more bugs reported at each stage in the release.
If you have such a config I encourage you take part in the release testing process to find those bugs as early s possible.
Steve
-
There are so many mistakes that I can’t even count them on two hands. Upgrading is not that easy.
pfSense-upgrade -dy ERROR: It was not possible to determine pkg remote version >>> Updating repositories metadata... Updating pfSense-core repository catalogue... pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header repository pfSense-core has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header repository pfSense has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header Unable to update repository pfSense Error updating repositories! ERROR: It was not possible to determine pfSense-upgrade remote version ERROR: It was not possible to determine pfSense-upgrade remote version >>> Upgrading pfSense-upgrade... Updating pfSense-core repository catalogue... pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header repository pfSense-core has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header Unable to update repository pfSense-core Updating pfSense repository catalogue... pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header repository pfSense has no meta file, using default settings pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header pkg-static: An error occured while fetching package pkg-static: Impossible to get the value from Last-Modified HTTP header Unable to update repository pfSense Error updating repositories! [23.09-BETA][admin@]/root: pkg update Updating pfSense-core repository catalogue... Fetching meta.conf: 100% 163 B 0.2kB/s 00:01 Fetching packagesite.pkg: 100% 2 KiB 1.6kB/s 00:01 Processing entries: 100% pfSense-core repository update completed. 5 packages processed. Updating pfSense repository catalogue... Fetching meta.conf: 100% 163 B 0.2kB/s 00:01 Fetching packagesite.pkg: 100% 191 KiB 17.8kB/s 00:11 Processing entries: 100% pfSense repository update completed. 727 packages processed. All repositories are up to date.