Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upgrade to 2.1.3

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    38 Posts 23 Posters 7.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S Offline
      stephenw10 Netgate Administrator
      last edited by

      @Starko:

      So I guess I have to get in the car and make a two hour ride to that customer.

      Ouch. Was it an old card? Running packages that may have been writing data?

      Steve

      Edit: typo

      1 Reply Last reply Reply Quote 0
      • S Offline
        Starko
        last edited by

        I would say about 4-5 years. No packages as far as I know.

        1 Reply Last reply Reply Quote 0
        • J Offline
          jamesaepp
          last edited by

          When the upgrade changelog refers to the openssl vulnerability, is this referring to the famed "heartbleed" bug?

          If so, is there anything I need to worry about changing? I have self-signed certs for a couple openvpn servers, and am now wondering whether I should be reflecting the changes necessary to ensure my security.

          1 Reply Last reply Reply Quote 0
          • V Offline
            val
            last edited by

            No problem here on amd64 full install

            Intel Xeon E3-1225 V2 @ 3.20Ghz
            Intel S1200KPR server board mini-ITX
            A-data ECC 4GB x 2 1600MHz
            Intel Ethernet Server Adapter I350-T2
            Samsung 840 Pro 120GB
            Lian-Li PC-Q15B

            1 Reply Last reply Reply Quote 0
            • D Offline
              doktornotor Banned
              last edited by

              @jamesaepp:

              When the upgrade changelog refers to the openssl vulnerability, is this referring to the famed "heartbleed" bug?

              No.

              1 Reply Last reply Reply Quote 0
              • K Offline
                kpa
                last edited by

                The Heartbleed vulnerability was already addresses in the 2.1.2 update.

                https://blog.pfsense.org/?p=1253

                1 Reply Last reply Reply Quote 0
                • GertjanG Offline
                  Gertjan
                  last edited by

                  The very first 'doing it remotely' upgrade.
                  Everything came up (back) nicely.

                  No need to take the car  ;)

                  No "help me" PM's please. Use the forum, the community will thank you.
                  Edit : and where are the logs ??

                  1 Reply Last reply Reply Quote 0
                  • swinnS Offline
                    swinn
                    last edited by

                    Anyone having issues with UPnP Port Mapping working? NAT-PMP seems to work but since upgrading to 2.1.3, the XBOXs are not opening ports using UPnP. Reverting back to 2.1.2 fixes it.

                    1 Reply Last reply Reply Quote 0
                    • stephenw10S Offline
                      stephenw10 Netgate Administrator
                      last edited by

                      There has been a change in the upnp behaviour:
                      @https://doc.pfsense.org/index.php/2.1.3_New_Features_and_Changes:

                      Make miniupnpd listen on interface instead of IP

                      Perhaps you simply need to configure it slightly differently.

                      Steve

                      1 Reply Last reply Reply Quote 0
                      • J Offline
                        janek
                        last edited by

                        Mine did not come up after upgrade attempt (from 2.1.2 -> 2.1.3)
                        He is 64bit on esxi 5.1.
                        said "Unable to load kernel"
                        in /boot/loader.conf:
                        autoboot_delay="3"
                        vm.kmem_size="435544320"
                        vm.kmem_size_max="535544320"
                        kern.ipc.nmbclusters="0"
                        kern.hz=100
                        vmblock_load="YES"
                        vmmemct_load="YES"
                        vmhgfs_load="YES"
                        vmxnet_load="YES"
                        legal.intel_ipw.license_ack="1"
                        hw.usb.no_pf="1"

                        file /boot.config is empty

                        directory /kernels has two files
                        kernel_wrap.gz - 8771122
                        kernel_SMP.gz - 10426403

                        Can someone point me to the right direction?

                        1 Reply Last reply Reply Quote 0
                        • swinnS Offline
                          swinn
                          last edited by

                          @stephenw10:

                          Perhaps you simply need to configure it slightly differently.

                          The configuration options haven't changed and the interfaces are set correctly.

                          1 Reply Last reply Reply Quote 0
                          • swinnS Offline
                            swinn
                            last edited by

                            If I edit the miniupnpd.conf manually and set listening_ip=10.1.16.1/20 (like it would be configured in previous versions) then it works correctly. If I change it back to listening_ip=em0_vlan2 then it is broken. Looking at ifconfig, everything for em0_vlan2 is correct. The devices are all on the same vlan and subnet.

                            Watching traffic over the network, I can see the SSDP request being broadcast by the device but pfSense never responds.

                            1 Reply Last reply Reply Quote 0
                            • T Offline
                              T-Monster
                              last edited by

                              Just adding my voice in here…

                              I saw that the upgrade was available - and because 2.1.1 --> 2.1.2 was painless and problem free, I didn't think twice to just kick off the upgrade....

                              It completely fubar'd my firewall :(

                              (I'm using the 32-bit version)

                              I rebooted and the firewall couldn't find a kernel - looked in the relevant folders and no kernels were there. Nothing.

                              I looked at the upgrade logfile and there were a raft of errors in there - so my simplistic view is that the upgrade downloaded ok, passed any verifications, but then the upgrade / installation process just ploughed the system.

                              I don't have any specific details / logfiles to list here as I just needed to get the firewall back up & running, so I had a clean install of 2.1 lying around and that's what I'm running now, until I can get a clean install of 2.1.3 planned in later this week.

                              Anyway... just thought I'd put my story of pain in here, so that others are ready and know how to recover their systems (backup config!!)

                              1 Reply Last reply Reply Quote 0
                              • stephenw10S Offline
                                stephenw10 Netgate Administrator
                                last edited by

                                Just for information, what hardware is that on? Which install type?

                                Steve

                                1 Reply Last reply Reply Quote 0
                                • T Offline
                                  T-Monster
                                  last edited by

                                  This was a 32-bit memstick install on a Neoware CA10 Thin Client, 1GB RAM, 3GB Flash storage

                                  From memory, I think this was a clean 2.1(.0) install, then upgraded to each new release as it came out.

                                  Once I've finished my Bank Holiday weekend, then I'll spend some more time looking at this - might even try another upgrade to see if it's reproducible so that we can make these upgrades less fearsome :)

                                  Put it this way - my home firewall upgrade going wrong is one thing (OMG, no Facebook! ;)), but the 3x pfSense installs at work will NOT be done remotely (although they have significantly better hardware)

                                  1 Reply Last reply Reply Quote 0
                                  • stephenw10S Offline
                                    stephenw10 Netgate Administrator
                                    last edited by

                                    So a full install onto flash?
                                    Any packages? Any swap usage?

                                    Steve

                                    1 Reply Last reply Reply Quote 0
                                    • F Offline
                                      foonus
                                      last edited by

                                      @swinn:

                                      Anyone having issues with UPnP Port Mapping working? NAT-PMP seems to work but since upgrading to 2.1.3, the XBOXs are not opening ports using UPnP. Reverting back to 2.1.2 fixes it.

                                      Yep. Confirmed.

                                      After update to .13 UPnP on multiple machines fails to operate correctly.

                                      1 Reply Last reply Reply Quote 0
                                      • T Offline
                                        T-Monster
                                        last edited by

                                        @stephenw10:

                                        So a full install onto flash?
                                        Any packages? Any swap usage?

                                        Steve

                                        I have these packages installed:

                                        • Lightsquid

                                        • routed

                                        • Sarg

                                        • squid

                                        • squidGuard

                                        As for swap usage… no idea.
                                        The 2.1 that I'm currently running is 0%, but that's not to say that the 2.1.2 was the same... but something I'll have a look at if I do the upgrade again.

                                        1 Reply Last reply Reply Quote 0
                                        • U Offline
                                          urop
                                          last edited by

                                          Janek, the same happened to me…

                                          My system didn't boot after the upgrade: The folder /boot/kernel was empty.

                                          I found the reason: If you tick "make full backup" in the update dialog, the whole system will be tared into one file in /root. This file can easily eat up all space of your root-partition... As a result, the update goes terribly wrong, leaving a crippled system.
                                          I then tried to recreate the system using the said backup file, but "funny" enough, while booting up, some self destruction took place (like rm -rf /) and the disk was more or less empty (those file with  schg-flag set still existed).
                                          Finally I had to reinstall the system.

                                          May I suggest that the full-backup feature checks for space?

                                          Regards,
                                          -Urs

                                          1 Reply Last reply Reply Quote 0
                                          • S Offline
                                            Starko
                                            last edited by

                                            @Starko:

                                            I would say about 4-5 years. No packages as far as I know.

                                            I swapped the card. Did a full restore and everything works fine again.

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.