Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upgrade to 2.1.3

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    38 Posts 23 Posters 7.4k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • stephenw10S Offline
      stephenw10 Netgate Administrator
      last edited by

      There has been a change in the upnp behaviour:
      @https://doc.pfsense.org/index.php/2.1.3_New_Features_and_Changes:

      Make miniupnpd listen on interface instead of IP

      Perhaps you simply need to configure it slightly differently.

      Steve

      1 Reply Last reply Reply Quote 0
      • J Offline
        janek
        last edited by

        Mine did not come up after upgrade attempt (from 2.1.2 -> 2.1.3)
        He is 64bit on esxi 5.1.
        said "Unable to load kernel"
        in /boot/loader.conf:
        autoboot_delay="3"
        vm.kmem_size="435544320"
        vm.kmem_size_max="535544320"
        kern.ipc.nmbclusters="0"
        kern.hz=100
        vmblock_load="YES"
        vmmemct_load="YES"
        vmhgfs_load="YES"
        vmxnet_load="YES"
        legal.intel_ipw.license_ack="1"
        hw.usb.no_pf="1"

        file /boot.config is empty

        directory /kernels has two files
        kernel_wrap.gz - 8771122
        kernel_SMP.gz - 10426403

        Can someone point me to the right direction?

        1 Reply Last reply Reply Quote 0
        • swinnS Offline
          swinn
          last edited by

          @stephenw10:

          Perhaps you simply need to configure it slightly differently.

          The configuration options haven't changed and the interfaces are set correctly.

          1 Reply Last reply Reply Quote 0
          • swinnS Offline
            swinn
            last edited by

            If I edit the miniupnpd.conf manually and set listening_ip=10.1.16.1/20 (like it would be configured in previous versions) then it works correctly. If I change it back to listening_ip=em0_vlan2 then it is broken. Looking at ifconfig, everything for em0_vlan2 is correct. The devices are all on the same vlan and subnet.

            Watching traffic over the network, I can see the SSDP request being broadcast by the device but pfSense never responds.

            1 Reply Last reply Reply Quote 0
            • T Offline
              T-Monster
              last edited by

              Just adding my voice in here…

              I saw that the upgrade was available - and because 2.1.1 --> 2.1.2 was painless and problem free, I didn't think twice to just kick off the upgrade....

              It completely fubar'd my firewall :(

              (I'm using the 32-bit version)

              I rebooted and the firewall couldn't find a kernel - looked in the relevant folders and no kernels were there. Nothing.

              I looked at the upgrade logfile and there were a raft of errors in there - so my simplistic view is that the upgrade downloaded ok, passed any verifications, but then the upgrade / installation process just ploughed the system.

              I don't have any specific details / logfiles to list here as I just needed to get the firewall back up & running, so I had a clean install of 2.1 lying around and that's what I'm running now, until I can get a clean install of 2.1.3 planned in later this week.

              Anyway... just thought I'd put my story of pain in here, so that others are ready and know how to recover their systems (backup config!!)

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                Just for information, what hardware is that on? Which install type?

                Steve

                1 Reply Last reply Reply Quote 0
                • T Offline
                  T-Monster
                  last edited by

                  This was a 32-bit memstick install on a Neoware CA10 Thin Client, 1GB RAM, 3GB Flash storage

                  From memory, I think this was a clean 2.1(.0) install, then upgraded to each new release as it came out.

                  Once I've finished my Bank Holiday weekend, then I'll spend some more time looking at this - might even try another upgrade to see if it's reproducible so that we can make these upgrades less fearsome :)

                  Put it this way - my home firewall upgrade going wrong is one thing (OMG, no Facebook! ;)), but the 3x pfSense installs at work will NOT be done remotely (although they have significantly better hardware)

                  1 Reply Last reply Reply Quote 0
                  • stephenw10S Offline
                    stephenw10 Netgate Administrator
                    last edited by

                    So a full install onto flash?
                    Any packages? Any swap usage?

                    Steve

                    1 Reply Last reply Reply Quote 0
                    • F Offline
                      foonus
                      last edited by

                      @swinn:

                      Anyone having issues with UPnP Port Mapping working? NAT-PMP seems to work but since upgrading to 2.1.3, the XBOXs are not opening ports using UPnP. Reverting back to 2.1.2 fixes it.

                      Yep. Confirmed.

                      After update to .13 UPnP on multiple machines fails to operate correctly.

                      1 Reply Last reply Reply Quote 0
                      • T Offline
                        T-Monster
                        last edited by

                        @stephenw10:

                        So a full install onto flash?
                        Any packages? Any swap usage?

                        Steve

                        I have these packages installed:

                        • Lightsquid

                        • routed

                        • Sarg

                        • squid

                        • squidGuard

                        As for swap usage… no idea.
                        The 2.1 that I'm currently running is 0%, but that's not to say that the 2.1.2 was the same... but something I'll have a look at if I do the upgrade again.

                        1 Reply Last reply Reply Quote 0
                        • U Offline
                          urop
                          last edited by

                          Janek, the same happened to me…

                          My system didn't boot after the upgrade: The folder /boot/kernel was empty.

                          I found the reason: If you tick "make full backup" in the update dialog, the whole system will be tared into one file in /root. This file can easily eat up all space of your root-partition... As a result, the update goes terribly wrong, leaving a crippled system.
                          I then tried to recreate the system using the said backup file, but "funny" enough, while booting up, some self destruction took place (like rm -rf /) and the disk was more or less empty (those file with  schg-flag set still existed).
                          Finally I had to reinstall the system.

                          May I suggest that the full-backup feature checks for space?

                          Regards,
                          -Urs

                          1 Reply Last reply Reply Quote 0
                          • S Offline
                            Starko
                            last edited by

                            @Starko:

                            I would say about 4-5 years. No packages as far as I know.

                            I swapped the card. Did a full restore and everything works fine again.

                            1 Reply Last reply Reply Quote 0
                            • stephenw10S Offline
                              stephenw10 Netgate Administrator
                              last edited by

                              @TMonster:

                              I have these packages installed:

                              • squid

                              • squidGuard

                              As for swap usage… no idea.

                              Do you have caching disabled in Squid? If not the Squid will be writing to your flash boot device continuously. Worse Squid will probably use your 1GB of RAM and start  swapping to the flash unless you've taken steps to prevent it. That will burn through the write cycles on the flash in short order, especially if it's cheap flash. You may well have damage on the flash that has caused this.

                              Steve

                              1 Reply Last reply Reply Quote 0
                              • A Offline
                                ashes00
                                last edited by

                                After upgrading from 2.1.2 to 2.1.3, I lost installed packages (SNORT & OpenVPN Client Export).  I am running 2.1.3 Nano-VGA-4GB (With RAM Disks).  I needed to update both of the packages anyway, but was NOT what I expected from upgrade.  :(

                                Ash,

                                1 Reply Last reply Reply Quote 0
                                • B Offline
                                  blewis
                                  last edited by

                                  I can't seem to download the 512mb upgrade… Is the 512mb nanobsd upgrade discontinued from 2.1.3 onward? :(

                                  1 Reply Last reply Reply Quote 0
                                  • ? This user is from outside of this forum
                                    Guest
                                    last edited by

                                    …I see the 512MB image for fresh install as well as upgrade in the pfsense.org mirror selection...

                                    1 Reply Last reply Reply Quote 0
                                    • B Offline
                                      blewis
                                      last edited by

                                      Yeah, when I try to download it, it's missing = 404 Not Found…

                                      1 Reply Last reply Reply Quote 0
                                      • T Offline
                                        T-Monster
                                        last edited by

                                        @stephenw10:

                                        Do you have caching disabled in Squid?

                                        No. Using ~1GB for cache

                                        @stephenw10:

                                        If not the Squid will be writing to your flash boot device continuously.

                                        Hmmm… OK, using:

                                        top -m io
                                        

                                        I get:

                                          PID USERNAME   VCSW  IVCSW   READ  WRITE  FAULT  TOTAL PERCENT COMMAND
                                        90995 proxy         4      0      0      0      0      0   0.00% squid
                                        
                                        

                                        Which looks like squid's hardly doing much (this is a home office firewall)

                                        @stephenw10:

                                        Worse Squid will probably use your 1GB of RAM and start  swapping to the flash unless you've taken steps to prevent it.

                                        OK, back to top, I get:

                                          PID USERNAME  THR PRI NICE   SIZE    RES STATE    TIME   WCPU COMMAND
                                        90995 proxy       1  44    0   154M   149M kqread   7:28  0.00% squid
                                        
                                        

                                        So, it's not eating too much RAM.

                                        @stephenw10:

                                        That will burn through the write cycles on the flash in short order, especially if it's cheap flash. You may well have damage on the flash that has caused this.

                                        Wouldn't the installation continue as normal though, with any bad sectors being caught by the underlying disk controller - just like a mechanical drive having bad sectors?

                                        It's not like 1 or 2 files were corrupt and a quick fsck would fix it… I'm talking about /boot/kernel being completely empty here. From memory, only /boot/kernel/pfsense_kernel.txt existed... no .ko files, no kernel.gz, nothing.

                                        I understand your caution over squid's cache on flash memory, but I can't see how that would cause the problem I'm describing.

                                        1 Reply Last reply Reply Quote 0
                                        • stephenw10S Offline
                                          stephenw10 Netgate Administrator
                                          last edited by

                                          Ok. I was perhaps being a bit alarmist there. You seem to have a good grip on what's actually happening. I was just concerned that you might have been running Squid without understanding the possible consequences.
                                          I agree that a few bad sectors is unlikely to have caused your problem. I wouldn't personally rely on the flash controller to save me in that situation though.

                                          Steve

                                          1 Reply Last reply Reply Quote 0
                                          • G Offline
                                            genic
                                            last edited by

                                            has anyone notice that this upgrade changes the 'Firewall Optimization Options' to 'conservative' ?? wtf?

                                            1 Reply Last reply Reply Quote 0
                                            • First post
                                              Last post
                                            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.