Problem after upgrading to 24.11-RC
-
So far all roads lead to Rome .. My best end case scenario is on 24.11-RC with all packages installed and functional (as far as I can determine), but with the "artifact" present.
I would like to try a CLEAN install of 24.11-RC from an USB-device, such that I can eliminate the first update-round up to 24.11-RC .. This would eliminate any "spill over" from the older 24.03-STABLE (only ISO I have).
Could you possibly provide a "newest" ISO ?
-
@m-d-frederiksen
Could you possibly provide a "newest" ISO ?
netgate-installer-v1.0-RC-amd64-20240919-1435.imghttps://docs.netgate.com/pfsense/en/latest/install/download-installer-image.html
-
Using netgate-installer-v1.0-RC-amd64-20240919-1435.img (Thanks @Antibiotic), - I end up exactly same place .. Everything working as expected (AFAIK), but "artifact" is still present.
Either my fairly new NetGate 4200 is developing a very local problem, or some issue exists in the XML-file exported by the version prior the new 24.11-RC
Or my combo of packages trigger some very hidden bug, when the combo includes pfBlockerNG and Zeke .. And once the bug was triggered, and fixed (by removing Zeke and pfBlockerNG), NO other package may be installed, or the bug will return, even if Zeke and pfBlockerNG remains un-installed .. Wierd science.
This will take a better man than me. I will ignore the issue until another update release tempts me :-)
-
About the only thing I could imagine being an issue in the config is the pkg branch setting.
However in the new dynamic repo system the firewall cannot pull in older pkgs. The reo tree presented to 24.11-RC systems does not have the older branches available.
And when we checked your pkgs they all looked like the correct versions...
-
Remote access for your tech staff is offered (again).
I am pretty positive one of the devs (wizards) could trace into the failing "pkg info" command, and tell us whats up in 90 seconds flat :-)
In any case .. I am stuck as of now.
-
A thought has struck me ..
Remember at the beginning of this thread, that I tested the offending command without the "2>&1" redirect,
and it complets with NO errors, and correctly generates the expected list directly to the console ..But it fails when the redirect is present ..
Suppose this problem is not sourcing the list, but rather that target denies "entry" ?
A priviledge-issue, insufficient rights to some ressource (the redirect target) ?Tried this in CLI:
pkg clean -y
pkg upgrade -fNo change .. :-)
-
@m-d-frederiksen said in Problem after upgrading to 24.11-RC:
Remote access for your tech staff is offered (again).
Yes, thank you. I believe they plan to do so on Monday if you're able to do that.
-
BRILLIANT !
Please instruct me on what environment you need / expect ?
Do you need a workstation running specific host-software on LAN, .. and so on.
Thanks in advance.
-
@m-d-frederiksen said in Problem after upgrading to 24.11-RC:
Suppose this problem is not sourcing the list, but rather that target denies "entry" ?
A priviledge-issue, insufficient rights to some ressource (the redirect target) ?Are you not logged in as admin/root when you tried this?
The redirect is not expected to work at the CLI directly but it should work fine when called by repoc.
-
Yes, in my simple attempt to fathom the issue, I claim that the "2>&1" is the part that is the culprit.
The recieving end is unable to parse the generated list.
The same list that looks perfectly valid when NOT redirected, - in the console.And yes, I am root ..
-
UPDATE:
Zeek has left the equation .. apparently felt the heat.
Now pfBlockerNG alone is keeping up the shenanigans. -
@m-d-frederiksen send me an email cmcdonald<at>netgate.com so we can setup a remote access session. Thanks
-
Mail has been sent. Thank you.
-
We've worked it out, root cause identified and a fix proposed. Unsure yet how this will impact the 24.11-RELEASE.
If you are impacted by this, make sure to uninstall any packages that you are not actively using.
-
The fix will land in 24.11 after all :)
-
@m-d-frederiksen Thank you for preserving and helping Netgate track this bug down. You've helped make pfSense better for all of us!!
-
I hit this with 24.11 final build.
Everything seemed to go fine until the reboot. 1.5 hours later system still offline. Had to power cycle to get back up then saw upgrade didn't happen.
Ended up having to remove 4 packages before update would work:
pfBlockerNG
WireGuard
Zeek
Ntopng -
Hmm, it still failed with that same pkg error from repoc?
-
I'm afraid so, but at least this post was first hit on Google so if others hit, it's easy enough to fix / workaround.
Those packages I listed need updates anyway it seems, as they all give PHP errors too.
I noticed they all had updates prior to the 24.11 upgrade. Meant to mention I tried that first, updating all packages, rebooting, then trying the upgrade, but same issue. It only worked after I uninstalled all four packages. Hell Ntopng was not working at all anymore, no error but the site on port 3000 never loaded, but that is a project for another day.
-
I had this issue too at one point.
I finally ended up making a LAN-firewall-rule for port 3000 (HBCI) and the specific destination (this firewall), and an alias as Source. The alias holds the machines I want to allow access ..
Hope it helps 🥺
