Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Now Available: pfSense® Plus 25.07-RELEASE

    Scheduled Pinned Locked Moved Messages from the pfSense Team
    72 Posts 29 Posters 8.3k Views 22 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S Offline
      stephenw10 Netgate Administrator
      last edited by

      Aha! Ok let me do some digging here....

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        Ah, already reported in 2.8: https://redmine.pfsense.org/issues/16232

        Looks like an easy enough fix though. Patch incoming....

        1 Reply Last reply Reply Quote 0
        • stephenw10S Offline
          stephenw10 Netgate Administrator
          last edited by

          Ok this works for me: 175.diff

          It's a very simple (one character!) change so you might just manually edit the file. Let us know if you're able to test that.

          J 2 Replies Last reply Reply Quote 0
          • J Offline
            jos-andel @stephenw10
            last edited by

            @stephenw10

            Just tested the patched pfSense-rc on our spare unit.

            /etc: diff pfSense-rc.org pfSense-rc
            590c590
            < SWAPDEVICE=/bin/cat /etc/fstab | /usr/bin/grep swap | /usr/bin/awk '{ printf $1 }' | /usr/bin/head -n 1

            SWAPDEVICE=/bin/cat /etc/fstab | /usr/bin/grep swap | /usr/bin/awk '{ print $1 }' | /usr/bin/head -n 1

            Works like a charm:
            : swapinfo
            Device 1K-blocks Used Avail Capacity
            /dev/ada0p2 1048576 0 1048576 0%
            /dev/ada1p2 1048576 0 1048576 0%
            Total 2097152 0 2097152 0%

            : cat /tmp/fstab.swap

            Device Mountpoint FStype Options Dump Pass#

            /dev/ada0p2 none swap sw 0 0
            /dev/ada1p2 none swap sw 0 0
            [25.07-RELEASE][admin@arn1-ops-vpnspare.mgmt.sidn.nl]/etc:

            1 Reply Last reply Reply Quote 1
            • M Offline
              mvikman
              last edited by

              @stephenw10

              I'm planning to upgrade, but still on 24.11 and I have ZFS mirror with GEOM mirrored swap, would this problem affect my system or is it just for systems with multiple separate (non-mirrored) swap partitions on the both drives?

              pfSense Plus 25.07.1-RELEASE (amd64)
              Dell Optiplex 7040 SFF
              Core i5-6500, 24GB RAM, 2x 240GB SSD (ZFS Mirror)
              HPE 561T (X540-AT2), 2-port 10Gb RJ45
              HPE 562SFP+ (X710-DA2), 2-port 10Gb SFP+

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                Try running the new command in 24.11: /bin/cat /etc/fstab | /usr/bin/grep swap | /usr/bin/awk '{ printf $1 }' | /usr/bin/head -n 1

                If that returns a valid device it will be fine in 25.07.

                Either way it won't prevent you upgrading. And you should just be able to apply the patch afterwards to regain SWAP. If you need it.

                M 1 Reply Last reply Reply Quote 0
                • M Offline
                  mvikman @stephenw10
                  last edited by

                  @stephenw10
                  It returns "/dev/mirror/swap" so guessing it should be ok.
                  Never had pfSense using any swap, but better safe than sorry... :)

                  pfSense Plus 25.07.1-RELEASE (amd64)
                  Dell Optiplex 7040 SFF
                  Core i5-6500, 24GB RAM, 2x 240GB SSD (ZFS Mirror)
                  HPE 561T (X540-AT2), 2-port 10Gb RJ45
                  HPE 562SFP+ (X710-DA2), 2-port 10Gb SFP+

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    Yup should be fine. 👍

                    1 Reply Last reply Reply Quote 0
                    • J Offline
                      jos-andel @stephenw10
                      last edited by

                      @stephenw10

                      As expected, also works just fine on 25.07.1-RELEASE.

                      1 Reply Last reply Reply Quote 1
                      • M Offline
                        matsan
                        last edited by

                        Is the SG-3100 a still supported device? Just bricked one of ours updating 24.11 -> 25.07.1 - notice the "unsupported platform" message from the update log.

                        ...
                        Installed packages to be UPGRADED:
                        	pfSense-boot: 24.11 -> 25.07.1 [pfSense-core]
                        
                        Number of packages to be upgraded: 1
                        [1/1] Upgrading pfSense-boot from 24.11 to 25.07.1...
                        [1/1] Extracting pfSense-boot-25.07.1: .......... done
                        >>> Upgrading pfSense kernel...
                        Checking integrity... done (0 conflicting)
                        The following 1 package(s) will be affected (of 0 checked):
                        
                        Installed packages to be UPGRADED:
                        	pfSense-kernel-pfSense-3100: 24.11 -> 25.07.1 [pfSense-core]
                        
                        Number of packages to be upgraded: 1
                        [1/1] Upgrading pfSense-kernel-pfSense-3100 from 24.11 to 25.07.1...
                        [1/1] Extracting pfSense-kernel-pfSense-3100-25.07.1: .......... done
                        ===> Keeping a copy of current kernel in /boot/kernel.old
                        >>> Removing unnecessary packages...done.
                        >>> Upgrading boot code...
                        Unsupported platform.
                        System is going to be upgraded.  Rebooting in 10 seconds.
                        Success
                        
                        
                        M 1 Reply Last reply Reply Quote 0
                        • M Offline
                          matsan @matsan
                          last edited by

                          Scratch that last post. The problem was related to +30k backup config files as noted in other posts.
                          Problem solved unit on 25.07.1 now. Will clear the directory before doing our other units.

                          1 Reply Last reply Reply Quote 1
                          • stephenw10S Offline
                            stephenw10 Netgate Administrator
                            last edited by

                            Yup it's only the boot code update script reporting that there. The 3100 is EoL but 25.07(.1) does still support it.

                            1 Reply Last reply Reply Quote 1
                            • PhizixP Offline
                              Phizix
                              last edited by

                              All,

                              On my SG5100 just upated to 25.07.1 over the weekend. No issues. It uninstalled and re-installed one package automatically. Otherwise I did nothing else.

                              To be clear, my setup is fairly simple.

                              Phizix

                              1 Reply Last reply Reply Quote 1
                              • J Offline
                                johan333
                                last edited by

                                Unsuccessful upgrade from 24.11 => 25.07.1 on an SG2100.

                                Things to Note:

                                • Performed upgrade from console using option 13
                                • All went smooth with packages updated, boot code updated, and rebooted into 25.07
                                • Got to Updating Configuration and abruptly stated "Shutdown Now!"
                                • Rebooted itself into 24.11

                                Sincerely welcome any ideas on what might be causing this and/or any diagnostic steps I should take.

                                Thanks!

                                Relevant Console Log Output:

                                Welcome to Netgate pfSense Plus 25.07.1-RELEASE...
                                
                                ...ELF ldconfig path: /lib /usr/lib /usr/lib/compat /usr/local/lib /usr/local/lib/compat/pkg /usr/local/lib/compat/pkg /usr/local/lib/ipsec /usr/local/lib/mysql /usr/local/lib/perl5/5.36/mach/CORE
                                32-bit compatibility ldconfig path:
                                done.
                                External config loader 1.0 is now starting... mmcsd0s1 mmcsd0s2 mmcsd0s3 mmcsd0s3a
                                Launching the init system... done.
                                Initializing.................... done.
                                Starting device manager (devd)...done.
                                Loading configuration...done.
                                Updating configuration...2025-09-23T23:33:14.237019-07:00 - php-fpm 597 - - /rc.linkup: Ignoring link event during boot sequence.
                                ....2025-09-23T23:33:14.562014-07:00 - php-fpm 597 - - /rc.linkup: Ignoring link event during boot sequence.
                                2025-09-23T23:33:14.754643-07:00 - php-fpm 598 - - /rc.linkup: Ignoring link event during boot sequence.
                                2025-09-23T23:33:14.755108-07:00 - php-fpm 1206 - - /rc.linkup: Ignoring link event during boot sequence.
                                2025-09-23T23:33:14.888755-07:00 - php-fpm 597 - - /rc.linkup: Ignoring link event during boot sequence.
                                2025-09-23T23:33:14.931626-07:00 - php-fpm 1203 - - /rc.linkup: Ignoring link event during boot sequence.
                                2025-09-23T23:33:15.026406-07:00 - php-fpm 598 - - /rc.linkup: Ignoring link event during boot sequence.
                                Shutdown NOW!
                                shutdown: [pid 2086]
                                2025-09-23T23:48:09.690216-07:00Waiting (max 60 seconds) for system process `vnlru' to stop... done
                                Waiting (max 60 seconds) for system process `syncer' to stop... 
                                Syncing disks, vnodes remaining... 0 done
                                All buffers synced.
                                

                                Full Console Output: pfsense-console.zip

                                GertjanG S 2 Replies Last reply Reply Quote 0
                                • GertjanG Offline
                                  Gertjan @johan333
                                  last edited by

                                  @johan333 said in Now Available: pfSense® Plus 25.07-RELEASE:

                                  Performed upgrade from console using option 13

                                  ... and you've logged the console output.
                                  That's just 👍
                                  At least, you've put all changes on your side. If the upgrade goes well, you have the details, and you can forget about them.
                                  If it didn't, something went wrong, changes are high you know what happened, and why.

                                  Now for the bad news : about the shutdown.
                                  It happens in the very early boot sequence of the kernel.
                                  It's the kernel itself that bails out - or the kernel calls /sbin/shutdown - as this executable contains this exact text string "Shutdown NOW!" but afaik, the file system isn't even mounted yet, so the kernel can't even use "/sbin/shutdown" at that moment.
                                  The thing is, nothing, the why part, was logged.
                                  A work around could be : intercept the boot sequence, and activate verbose kernel logging ?

                                  There is a solution, and keep in mind : your pfSense works. So you have a backup of your pfSense config.
                                  Worse case situation : get the installer, and wipe clean / reinstall completely from scratch.
                                  This will take 10 minutes of your time. Success is guaranteed.
                                  ... and it will take the 'why this this happened' with it :(

                                  I hope you'll receive more helpful info from other forum readers.

                                  No "help me" PM's please. Use the forum, the community will thank you.
                                  Edit : and where are the logs ??

                                  1 Reply Last reply Reply Quote 0
                                  • stephenw10S Offline
                                    stephenw10 Netgate Administrator
                                    last edited by

                                    Hmm, nothing obviously wrong there. Do you see an alert after it reboots into 24.11?

                                    Check System > Boot Environments. Do you see the new 25.07.1 BE marked as failed?

                                    1 Reply Last reply Reply Quote 0
                                    • S Offline
                                      SteveITS Rebel Alliance @johan333
                                      last edited by

                                      @johan333 Based on other posts…

                                      see if /cf/conf/backup is full. If so delete files or visit Diagnostics >Backup> Configuration history until it doesn’t time out. There was a bug where they weren’t automatically deleted.

                                      Delete old/unnecessary boot environments. (Ignore the “size” shown)

                                      Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                                      When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
                                      Upvote 👍 helpful posts!

                                      1 Reply Last reply Reply Quote 1
                                      • stephenw10S Offline
                                        stephenw10 Netgate Administrator
                                        last edited by

                                        Yup, very good point. Since it appears to be failing at 'updating configuration' check for far too many backups.

                                        1 Reply Last reply Reply Quote 0
                                        • J Offline
                                          johan333
                                          last edited by

                                          Thank you for the help.

                                          @stephenw10 - I would've expected to see some type of kernel panic notice based on this behavior, but no alerts whatsoever. I have the SG2100 console port connected via USB to a RaspberryPi device and logging the console output via screen. Yes, as per the screenshots, it states the BE failed to verify.

                                          675af835-8b12-4dc1-b9b9-19d63d69f1c8-image.png

                                          5b0c24d1-c9bc-46c5-ad5e-3e92bec5ed8e-image.png

                                          @SteveITS - Interesting...I'll give the GUI diagnostic screen a try. Here's what /cf/conf/backup has:

                                          [24.11-RELEASE][root@pfSense.home.lan]/: du -sh /cf/conf/backup
                                          2.0G    /cf/conf/backup
                                          [24.11-RELEASE][root@pfSense.home.lan]/: ls -l /cf/conf/backup | wc -l
                                             12318
                                          
                                          
                                          S 1 Reply Last reply Reply Quote 0
                                          • S Offline
                                            SteveITS Rebel Alliance @johan333
                                            last edited by

                                            @johan333 said in Now Available: pfSense® Plus 25.07-RELEASE:

                                            12318

                                            That's it, then. Should be ~30 files by default.

                                            There were a couple bugs at play, pfBlocker updates a timestamp in the file every cron run, and the backups were not being pruned automatically. So every hour for a year or more... I've seen a few posts here and on Reddit with similar update failure.

                                            Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
                                            When upgrading, allow 10-15 minutes to reboot, or more depending on packages, and device or disk speed.
                                            Upvote 👍 helpful posts!

                                            M J 2 Replies Last reply Reply Quote 3
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.