Post DR package repo not available in 2.7.2
-
I had pfsense 2.6 running virtualized.
Had some hardware issues and decided to go with new hardware and run it bare metal.I installed 2.7.2, set up the LAN interface as a static IP on the temporary LAN I had set up.
I restored a backup from 2.6 after editing the xml file to change the interfaces from the previous device names to the current.
I rebooted and on reboot pfsense went through the startup process as if newly installed -- asking to configure WAN/LAN interfaces all over again.I reset the LAN interface the same, restored the same config and this time opened and saved all 5 interfaces in the config -- almost everything I could find to change, I opened and saved.
This seemed to work for subsequent reboots - no more resetting the config at least so far.The configuration previously running config had vmware guest and kernel modules packages loaded.
They show up on the dashboard as "not running", and the package manager shows no packages loaded.
The package manager will spend a long time "retrieving and formatting" the available package list but will eventually time out and report "Unable to retrieve package information."Is there any way to fix this?
-
Does it have a default route? You only configured LAN?
It sounds it just doesn't have any upstream connectivity. If it didn't when the config was restored then it would not have been able to pull in any packages.
It will ask you to re-assign the interfaces in the console at boot if any assigned interface in the config does not exist in the system (with some exceptions).
Steve
-
It's got a route out of the WAN -- I flipped over to it this morning and I'm using it now.
It was able to check for updates initially but that is no longer working either.
-
Well make sure pfSense itself can ping and resolve from Diag > Ping and Diag > DNS Lookup.
If that looks good try at the command line:
pfSense-repoc
and
pkg-static -d updateSee what errors are reported.
-
pfSense-repoc
pfSense-repoc: failed tp fetch the repo data
failed to read the reapo dataThis one is long, forgive the wall of text:
pkg-static -d update DBG(1)[87356]> pkg initialized Updating pfSense-core repository catalogue... DBG(1)[87356]> PkgRepo: verifying update for pfSense-core DBG(1)[87356]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite' DBG(1)[87356]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf DBG(1)[87356]> curl_open DBG(1)[87356]> Fetch: fetcher used: pkg+https DBG(1)[87356]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf DBG(1)[87356]> CURL> attempting to fetch from , left retry 3 * Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults * Trying 208.123.73.207:443... * Connected to pkg00-atx.netgate.com (208.123.73.207) port 443 * ALPN: curl offers http/1.1 * CAfile: none * CApath: /etc/ssl/certs/ * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN: server accepted http/1.1 * Server certificate: * subject: CN=*.netgate.com * start date: Mar 21 00:00:00 2023 GMT * expire date: Apr 20 23:59:59 2024 GMT * subjectAltName: host "pkg00-atx.netgate.com" matched cert's "*.netgate.com" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA * SSL certificate verify ok. * using HTTP/1.1 > GET /pfSense_v2_7_2_amd64-core/meta.conf HTTP/1.1 Host: pkg00-atx.netgate.com User-Agent: pkg/1.20.8 Accept: */* If-Modified-Since: Wed, 06 Dec 2023 21:23:59 GMT < HTTP/1.1 200 OK Fetching meta.conf: 0%< Server: nginx < Date: Tue, 30 Jan 2024 17:40:11 GMT < Content-Type: application/octet-stream < Content-Length: 163 < Last-Modified: Wed, 06 Dec 2023 21:23:58 GMT < Connection: keep-alive < ETag: "6570e66e-a3" < Strict-Transport-Security: max-age=31536000; preload < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < X-Robots-Tag: all < X-Download-Options: noopen < X-Permitted-Cross-Domain-Policies: none < Accept-Ranges: bytes < * The requested document is not new enough * Simulate an HTTP 304 response * Closing connection DBG(1)[87356]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.pkg DBG(1)[87356]> curl_open DBG(1)[87356]> Fetch: fetcher used: pkg+https DBG(1)[87356]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.pkg DBG(1)[87356]> CURL> attempting to fetch from , left retry 3 * Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults * Hostname pkg00-atx.netgate.com was found in DNS cache * Trying 208.123.73.207:443... * Connected to pkg00-atx.netgate.com (208.123.73.207) port 443 * ALPN: curl offers http/1.1 * CAfile: none * CApath: /etc/ssl/certs/ * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN: server accepted http/1.1 * Server certificate: * subject: CN=*.netgate.com * start date: Mar 21 00:00:00 2023 GMT * expire date: Apr 20 23:59:59 2024 GMT * subjectAltName: host "pkg00-atx.netgate.com" matched cert's "*.netgate.com" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA * SSL certificate verify ok. * using HTTP/1.1 > GET /pfSense_v2_7_2_amd64-core/packagesite.pkg HTTP/1.1 Host: pkg00-atx.netgate.com User-Agent: pkg/1.20.8 Accept: */* If-Modified-Since: Wed, 06 Dec 2023 21:23:59 GMT < HTTP/1.1 200 OK Fetching packagesite.pkg: 0%< Server: nginx < Date: Tue, 30 Jan 2024 17:40:11 GMT < Content-Type: application/octet-stream < Content-Length: 1496 < Last-Modified: Wed, 06 Dec 2023 21:23:59 GMT < Connection: keep-alive < ETag: "6570e66f-5d8" < Strict-Transport-Security: max-age=31536000; preload < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < X-Robots-Tag: all < X-Download-Options: noopen < X-Permitted-Cross-Domain-Policies: none < Accept-Ranges: bytes < * The requested document is not new enough * Simulate an HTTP 304 response * Closing connection pfSense-core repository is up to date. Updating pfSense repository catalogue... DBG(1)[87356]> PkgRepo: verifying update for pfSense DBG(1)[87356]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite' DBG(1)[87356]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.conf DBG(1)[87356]> curl_open DBG(1)[87356]> Fetch: fetcher used: pkg+https DBG(1)[87356]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.conf DBG(1)[87356]> CURL> attempting to fetch from , left retry 3 * Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults * Trying 208.123.73.209:443... * Connected to pkg01-atx.netgate.com (208.123.73.209) port 443 * ALPN: curl offers http/1.1 * CAfile: none * CApath: /etc/ssl/certs/ * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN: server accepted http/1.1 * Server certificate: * subject: CN=*.netgate.com * start date: Mar 21 00:00:00 2023 GMT * expire date: Apr 20 23:59:59 2024 GMT * subjectAltName: host "pkg01-atx.netgate.com" matched cert's "*.netgate.com" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA * SSL certificate verify ok. * using HTTP/1.1 > GET /pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.conf HTTP/1.1 Host: pkg01-atx.netgate.com User-Agent: pkg/1.20.8 Accept: */* If-Modified-Since: Wed, 10 Jan 2024 15:56:06 GMT < HTTP/1.1 200 OK Fetching meta.conf: 0%< Server: nginx < Date: Tue, 30 Jan 2024 17:40:11 GMT < Content-Type: application/octet-stream < Content-Length: 163 < Last-Modified: Wed, 10 Jan 2024 15:56:05 GMT < Connection: keep-alive < ETag: "659ebe15-a3" < Strict-Transport-Security: max-age=31536000; preload < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < X-Robots-Tag: all < X-Download-Options: noopen < X-Permitted-Cross-Domain-Policies: none < Accept-Ranges: bytes < * The requested document is not new enough * Simulate an HTTP 304 response * Closing connection DBG(1)[87356]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg DBG(1)[87356]> curl_open DBG(1)[87356]> Fetch: fetcher used: pkg+https DBG(1)[87356]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg DBG(1)[87356]> CURL> attempting to fetch from , left retry 3 * Couldn't find host pkg01-atx.netgate.com in the .netrc file; using defaults * Hostname pkg01-atx.netgate.com was found in DNS cache * Trying 208.123.73.209:443... * Connected to pkg01-atx.netgate.com (208.123.73.209) port 443 * ALPN: curl offers http/1.1 * CAfile: none * CApath: /etc/ssl/certs/ * SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384 * ALPN: server accepted http/1.1 * Server certificate: * subject: CN=*.netgate.com * start date: Mar 21 00:00:00 2023 GMT * expire date: Apr 20 23:59:59 2024 GMT * subjectAltName: host "pkg01-atx.netgate.com" matched cert's "*.netgate.com" * issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA * SSL certificate verify ok. * using HTTP/1.1 > GET /pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg HTTP/1.1 Host: pkg01-atx.netgate.com User-Agent: pkg/1.20.8 Accept: */* If-Modified-Since: Wed, 10 Jan 2024 15:56:06 GMT < HTTP/1.1 200 OK Fetching packagesite.pkg: 0%< Server: nginx < Date: Tue, 30 Jan 2024 17:40:11 GMT < Content-Type: application/octet-stream < Content-Length: 160644 < Last-Modified: Wed, 10 Jan 2024 15:56:06 GMT < Connection: keep-alive < ETag: "659ebe16-27384" < Strict-Transport-Security: max-age=31536000; preload < X-Content-Type-Options: nosniff < X-XSS-Protection: 1; mode=block < X-Robots-Tag: all < X-Download-Options: noopen < X-Permitted-Cross-Domain-Policies: none < Accept-Ranges: bytes < * The requested document is not new enough * Simulate an HTTP 304 response * Closing connection pfSense repository is up to date. All repositories are up to date. -
After doing that on the cli, it's working in the GUI ...
But trying to add a package is ... .s..l..l..o...o...w..w...
Slow as in I think the login session timed out while it was in "Please wait while the update system initializes".
-
@stephenw10 said in Post DR package repo not available in 2.7.2:
pkg-static -d update
How long did it take for that to return?
There are no actual errors shown in that output. Nothing I'd expect to stop it completing at least.
-
Very quickly, with no output at all.
-
@stephenw10
Any suggestions on how to get apcupsd (or any other packages) installed?
Using the package manager just times out. -
Since it returns as up to date there you can try installing it at the command line:
pkg-static install pfSense-pkg-apcupsdIf it returns an error it may at least be more useful.
-
@stephenw10
that worked.
quickly.GUI is slower than molasses loading, but does show it's installed and has an update available.
I'm guessing the installed packages are out of whack because of the restore of the backup from the VM -- it had vmtools packages installed, but so far as I'm aware the packages themselves were never included in backups.
Here you can see in the services widget apcupsd is now installed and the two vmtools packages still show up even though they are not installed.
Would making a backup, locating those package entries in the backup, removing them then restoring resolve this?
-
Yes you can just removed the service tags from the config if you only want to remove them.
Or you can install and then remove the vmware tools pkg.
-
@stephenw10
in the GUI it just freezes up still...
When this eventually times out the session I'll install from the cli and try removing in the gui. -
Where can I find help on the pkg command?
I see things in the command list like "clean" but "pkg help clean" just shows: pkg help clean sh: /usr/bin/man: not foundI had to install from the cli.
Once I installed the open-vm-tools package the kernel mods package was no longer visible in available packages to install.
I made a few guesses at the name but no luck.I don't see an obvious way to list available pkgs from the command line.
BUT, the page that shows currently installed packages will now eventually populate.
Haven't seen anything that slow since 300baud dialup.removing the open-vm-tools package just gets stuck back here:
The GUI just locks up.
Can't navigate away from that screen.
Have to kill that tab and login again. -
Hmmm.. what is "libdnet"?
Any danger in removing it?: pkg autoremove Checking integrity... done (0 conflicting) Deinstallation has been requested for the following 2 packages: Installed packages to be REMOVED: libdnet: 1.13_4 open-vm-tools-nox11: 12.3.5,2 Number of packages to be removed: 2 The operation will free 4 MiB. Proceed with deinstalling packages? [y/N]: -
See: https://man.freebsd.org/cgi/man.cgi?query=pkg
[2.7.2-RELEASE][admin@t70.stevew.lan]/root: pkg search vm-tools open-vm-tools-nox11-12.3.5,2 Open VMware tools for FreeBSD VMware guests (without X11) pfSense-pkg-Open-VM-Tools-10.1.0_5,1 pfSense package Open-VM-Toolslibdnet is not installed by default:
[2.7.2-RELEASE][admin@t70.stevew.lan]/root: pkg info libdnet pkg: No package(s) matching libdnet [2.7.2-RELEASE][admin@t70.stevew.lan]/root: pkg search libdnet libdnet-1.13_4 Simple interface to low level networking routines -
I'll wait until after business hours to uninstall that just in case ...
What's the difference between pkg and pkg-static commands?
Is there an documentation I can review about the package manager?
Is this a standard BSD package manager or something unique to pfsense?I want to install PFBlocker and using the CLI is magnitudes faster than the GUI ...
-
pkg-static uses static linked libs. It's needed udring upgrade. The pfSense scripts always use it to be sure.
It's the standard FreeBSD package manager. See the man page I linked above.
There's something broken with the gui on your install. It should not be significantly slower.
-
@stephenw10
Best approach would be to ensure all packages are removed, run the auto remove command and create a fresh backup, re install the restore?I have run the restore previously via the GUI after configuring the LAN interface.
That was so I could run a temporary setup and not interrupt local network access.Is that a potential source for these issues?
I boot the installation media from DVD drive.
How would the backup file be presented during the initial boot process?
USB stick?
Will the installer search for mount point or does that have to be done manually? -
If you put the backup on the root of a fat32 formatted USB driev and name it config.xml it will be found by the installer.
For backwards compatibility it also looks in /conf on the USB drive.
https://docs.netgate.com/pfsense/en/latest/backup/restore-during-install.html#restore-configuration-from-usb-during-installRemember to remove the USB drive because it will also look for configs there at every boot via the ECL:
https://docs.netgate.com/pfsense/en/latest/backup/restore-during-install.html#restore-using-the-external-configuration-locator-ecl
