pfSense Plus Software Version 23.09 BETA Now Available for Testing
-
@philippe-richard
Hello, I'm responding to myself. It seems that I had a browser issue earlier, as I just tried again and successfully imported the configuration file. I apologize for any inconvenience this may have caused -
@stephenw10 said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
If you send me the NDI from that VM in chat I can check what it should be seeing.
Hello Stephen, can you give advise what to do if I have several pfsenses on proxmox, all for personal use but also not in a final configuration. Is it better to keep them on CE or can I get a token every time one is "needed" again...? Will I get "listed" by netgate?
-
There is a rate limit on the tokens to stop someone scripting something to just pull 1000 tokens in one go! But if you are just registering one new host a day for example I doubt you would ever come close to it.
-
System unpinned this topic on
-
@stephenw10 said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
Open a thread in the 23.09 sub with any details you have: https://forum.netgate.com/category/92/plus-23-09-development-snapshots
I think, that I know what happen now. It was because I use Freeradius for connection. After upgrade, also package was upgraded, but configuration dissapiered! I wasnt able to connect, so I thought that it is broken. I will try again, because I just upgrade package and lost config and wasnt able to login. So now it should be fixed and I assume that also upgrade will be OK.
I think the issue regarding loosing configuration of Freeradius after last package upgrade can cause big issues to others. I use it also for VPN, so I lost access on affected device. I know it is out of this topic. Sorry :)
-
@GeorgeCZ58 said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
Freeradius after last package upgrade can cause big issues to others
An issue that is known for a couple of weeks now.
People started to discover what happens when this Services > FreeRADIUS > Settings isn't set.
and this one is even nastier : there was a bug in FreeRadius itself.
And when you upgrade pfSense, it will re install packages that are found when rebooting after pfSense after the upgrade (common advise is/was : remove packages before pfSense upgrading - but I admit : I'm not doing that neither).At the end you were protected by the last safely net : before upgrading pfSense, take config backups, right after the pre pfSense reboot (the manual reboot before the upgrade).
See Upgrade of FreeRadius3 from 0.15.10 to 0.15.10_1 sets all configuration values to default. in the pfSense Package forum (third thread).
-
@DefenderLLC said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
suricata 7 , HA Proxy, and ntop. upgrade was very successful without issues.
-
I've updated my instance to 23.09-RC (amd64) built on Thu Oct 26 18:51:00 PDT 2023. No issues with the upgrade but I just noticed it broke my e-mail notification. I can always redo it which isn't big of a deal so don't know if something got reset or not.
-
@Darkk said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
don't know if something got reset
not here -- all good. (helpful answer I know)
-
@jrey said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
@Darkk said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
don't know if something got reset
not here -- all good. (helpful answer I know)
Ya, no big deal. I re-entered the e-mail password and it's working fine now.
-
Although for the e-mail SMTP notification it would be cool if it can make use of PGP keys to encrypt these e-mails as some may go through something like gmail which I rather they don't see anything sensitive about my firewall.
-
@Darkk said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
they don't see anything sensitive about my firewall.
They won't. Neither do you.
That is, they could see your pfSense WAN IPv4, but they already knew that.
No passwords or other info like that is transmitted.
I never saw secret stuff in these notification mails.
Notification mails are what they are : they tell you to call home as there is an 'event'.
Up to you to decide to check it out (using for example VPN).@Darkk said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
I re-entered the e-mail password
pfSense doesn't / shouldn't use the gmail password.
I had to generate a 'app password', a password created for an app or device. For every device that uses your gmail account, you have to create an unique password.
The advantage is : you can revoke them in a central place, and no need to put your email credentials in every device, as that would be a big security issue. -
@Darkk How about running your own, local email-server.
-
@Bob-Dig said in pfSense Plus Software Version 23.09 BETA Now Available for Testing:
local email-server.
Was just typing the same thing
Notifications directly from the Netgate are actually rare here, but from the syslog server that that Netgate logs to - that's a whole different kettle of fish.
Still, in some areas the logging to Netgate->syslog needs work. Also depends on what packages are being used.
-
So, I upgraded to 23.0 9RC...first thing I noticed is that the Netmap harmless but ugly messages are gone.
-
@GeorgeCZ58 Re the FreeRadius bug, you can manually edit the config file to recover: https://redmine.pfsense.org/issues/14596
Since it happens on upgrade (which uninstalls/reinstalls) it’s likely to hit anyone who hasn’t saved the default settings page.
-
Now getting this error. I dismissed it the first time thinking it's just a fluke. Now it happened again:
00:00:00 PHP ERROR: Type: 1, File: /usr/local/bin/mail_reports_generate.php, Line: 61, Message: Uncaught ValueError: exec(): Argument #1 ($command) cannot be empty in /usr/local/bin/mail_reports_generate.php:61
Stack trace:
#0 /usr/local/bin/mail_reports_generate.php(61): exec('', '')
#1 {main}
thrown -
Figured out the e-mail issue. Apparently I had the command as being blank. Soon as I removed that it's working ok now.
-
Hmm, that feels like there should some input validation to prevent that. You should probably open a bug for it.
-
Boom!
-
@DefenderLLC Oct 31st? Halloween edition?
