Little confused - is 24.11 not available for SG-1100? Says at latest revision 24.03 RELEASE
-
Deleted pfBlockerNG and tried again. Failed again. Bus error.
I noted this error in the top of the GUI (message indicator):
pkg: "Upgrading packages in cloned boot environment default" returned error code 138 @ 2025-05-22 10:56:47 -
Ah, it could be out of space. It should give a more helpful error though.
But check System > Boot Environments and remove any older snapshots you're not using.
-
@stephenw10 There's only one boot environment (the current one).
Here's the vitals (right after a reboot, CPU usage tends to diminish after a bit):
-
I'd expect that to be OK.
You could check Diag > System Activity to see what is using RAM.
-
@stephenw10 if the update "BUS error - core dumps" is that indicating it's running out of memory?
When I removed pfBlocker earlier, using the package manager, it asked for confirmation and then says it removed it. However I later realized it was still there and still active. Do I need to reboot the device after removing a package, in order to free up the memory it was using?
-
Hmm, no you should not need to reboot.
Do you have a more complete log showing that error in context?
-
@stephenw10 Where in the system can I pull the upgrade log, I didn't see anything. I guess I can try again and try to capture it.
It fails at random places during the process, so I don't think it's related to one single library that it's downloading. Also the farthest it gets is the integrity check. If it makes it that far, that's about as far as it gets.
-
You should be able to copy/paste it from the GUI.
But you could also run the upgrade using option 13 from the console menu. Then you get the full output and easily copy it out.
-
@stephenw10 I'll run it from the console once I get back home and post it.
-
@NGUSER6947 Well here's the console output:
-
@stephenw10 I suspect, that since the Dashboard doesn't recognize that 24.03 isn't the newest release, that from the console it just tries to update 24.03 and of course it's already on the latest. Possible?
-
Yes it looks like it's still set to the 24.03 branch. You should be able to set it to use the 24.11 branch in the gui then run the upgrade from the console.
Also one of the main advantages of using the serial console (or ssh) for this is that you can easily copy and paste the actual text output rather than use screenshots. That is much easier to read through for diagnosis.
-
@stephenw10 I set it to 24.11 in the web gui, then launched the update from the console.
It first did a 24.03 update to Patch 1 (but faulted in the middle then continued), then I repeated and it started (downloaded the 24.11 libraries) but then faulted. It kept going but at reboot shows it's still at 24.03.
Attached is the log from the console, for the 2nd round.putty.zip
-
Hmm so it did appear to upgrade to 24.03 patch 1?
You might have a filesystem issue that cannot be fixed by the normal processes that run at boot. It's also possible you have an issue with the eMMC drive.
Try checking the eMMC status: https://docs.netgate.com/pfsense/en/latest/troubleshooting/disk-lifetime.html#emmc
If that looks OK then I'd try backing up the config and re-installing 24.11 clean: https://docs.netgate.com/pfsense/en/latest/solutions/sg-1100/reinstall-pfsense.html
-
@stephenw10 Tried checking the eMMC status (and it displayed a lot if information), but it appears my unit doesn't support the EOL information. No output when I tried that last command (the one with egrep) and scanning the output manually shows nothing regarding EOL.
-
@stephenw10 So, I decided to fire up my spare SG-1100 (let's call it device B) and update it and get it working before messing any further with the original SG-1100 that is stuck on 24.03, but functions fully. Let's call the original, on 24.03, device A.
On device B (again, the spare) I went ahead and did a full reinstall to 24.11. Before doing so, I made a config backup from device A. After I reinstalled pfSense on device B, I restored the configuration file.
Seems to be running perfectly, everything works fine except one thing. My Nextcloud server cannot be found via my custom domain. The Nextcloud server is online, with the static IP I have assigned in pfSense, and it can browse the internet. If I connect directly to itself in the browser (i.e. 192.168.2.252) the Apache "Success!" page displays, meaning the Nextcoud server is up and running. But I cannot get to it (the application) from any device.
If I plug device A back in, everything comes up and is accessible including the Nextcloud server.
I have combed through the NAT settings (I'm using port forwarding) for the OPT port (where the Nextcloud server is plugged into) but I can't see anything that is out of whack. I also checked and the NAT reflection is set up correctly. So I'm not seeing any differences between the setup of the two devices. I don't expect to, since I restored the same configuration into device B that came this morning from device A.
Is there anything significantly between 24.03 and 24.11 as far as the configuration that would cause this issue?
I know the topis has shifted here. But I'd really like to get this device B fully functional and then go back and reinstall on device A.
-
Hmm, nothing significant changed between 24.03 and 24.11.
https://docs.netgate.com/pfsense/en/latest/releases/24-11.html#new-features-and-changesSo clients are resolving your nextcloud server to the external address?
Check the states when you try to connect to it. You should see two NAT states created if reflection is working correctly.
-
@stephenw10 I'm seeing a bunch of States listed. Here's a few (filtered for OPT, since that's the interface where the Nextcloud server is plugged into. It's the only device on that interface):
192.168.2.252 is the IP of the Nextcloud server. I checked my domain provider settings and the IP address I have configured is unchanged and matches my WAN address.
I'm currently on a laptop at 192.168.1.150 and I can get to the Apache "Success" page by hitting 192.168.2.252 on the browser on this machine.
I refreshed the States list and I do see two states at the bottom which appear to tie the 192.168.2.252 address to the WAN address. Both have this status:
Refreshed again and I see 3 now tying the two together, status SINGLE:MULTIPLE -
@stephenw10 So I went in and did a Certbot renewal dry run on my NC server. The dry run ran successfully. I did it twice to confirm.
That tells me that port 80 is accessible. So maybe something is wrong with how I have port 443 forwarded?
FIlter rule:
-
@stephenw10 Update: it's working now. Tested on multiple devices
Appreciate you help and assistance, as always.
Tomorrow I'll try a clean install on my original device and see if that works. I have a feeling it's hardware-failing, since it restarted several times early this AM.
