WireGuard lives!
-
Having no success upgrading to 0.1.1 from 0.0.9 on pfSense 2.6.0-DEVELOPMENT.
Have tried the following with result:
[2.6.0-DEVELOPMENT][admin@pfSense.localdomain]/root: pkg upgrade pfSense-pkg-WireGuard-0.1.1_1.txz
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
pkg: pfSense-pkg-WireGuard-0.1.1_1.txz is not installed, therefore upgrade is impossible
Checking integrity... done (0 conflicting)
Your packages are up to date.[2.6.0-DEVELOPMENT][admin@pfSense.localdomain]/root: pkg install pfSense-pkg-WireGuard-0.1.1_1.txz
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
pkg: No packages available to install matching 'pfSense-pkg-WireGuard-0.1.1_1.txz' have been found in the repositories[2.6.0-DEVELOPMENT][admin@pfSense.localdomain]/root: pkg add https://github.com/theonemcdonald/pfSense-pkg-WireGuard/releases/download/v0.1.1/pfSense-pkg-WireGuard-0.1.1_1.txz
Fetching pfSense-pkg-WireGuard-0.1.1_1.txz: 100% 26 KiB 26.6kB/s 00:01
Installing pfSense-pkg-WireGuard-0.1.1_1...
the most recent version of pfSense-pkg-WireGuard-0.0.9 is already installedI'm out of ideas.
Ted Quade -
pkg remove 0.0.9 and then pkg install 0.1.1_1
I think the issue is that you cannot upgrade a _1 (REVISION) package when you dont have 0.1.1 package installed.
remove should not lose your configuration.
-
Thanks for the pointers.
I had to run pkg add ...........-0.1.1_1
instead of pkg install ..........-0.1.1_1Ted Quade
-
Just a best practice. when using the command line, always remove and install new versions.
Eventually when we move to a gui installer (Package Manager) it will do this anyway. this way no files are left around because of an upgrade.
-
-
@theonemcdonald
@vajonam I leave a little wiser. Thanks to both of you.Ted
-
Hi. I have version 0.0.8 installed on pfsense 2.6 using the package manager in pfsense. But it does not show me the newer version so I can upgrade. Is this normal (for now at least)?
-
@vjizzle yes. There is open pull request to include it into the 2.6.0 ports repository once that happens it will show up.
Likely to be sometime next week.
-
Just to be clear on changes
If you are on 0.0.8 or 0.0.9. Here is list of major changes for 0.1.1
- unbound ACL creation for non assigned interfaces
- service daemonization, reliable startup shutdown eliminate zombie process/services.
- enables smooth upgrade of the kmod when the upstream kmod is updated. because stopping the service unloads the kernel module so it can be upgraded.
- redone status page with show/hide peers
- bug fixes / better validation for initial peer / tunnel setup.
- move away from wg-quick and dependency on bash. better response for enabling / disabling peers and tunnels.
If you are using for just private internet access and there aren't very many changes that affect you.
more importantly on the wiregurad-kmod side
- upgrading to wireguard-kmod-0.0.20210503.txz fixes a kernel panic that I had reported and this was fixed upstream.
@theonemcdonald please feel free to add anything if missed anything.
-
Installed it in Version 2.5.1
works great - thank you for yor work
regards
-
Upgrade to 0.1.1 worked great! Thanks.
But i'm encountering high errors out on the tun_wg interface:
WG_DSHOME Interface (opt3, tun_wg0) Status up IPv4 Address 192.168.166.1 Subnet mask IPv4 255.255.255.240 IPv6 Address fdac:ce55::1 Subnet mask IPv6 64 MTU 1420 In/out packets 2287708/3201934 (486.02 MiB/555.38 MiB) In/out packets (pass) 2287708/3201934 (486.02 MiB/555.38 MiB) In/out packets (block) 1444/0 (208 KiB/0 B) In/out errors 0/3512 Collisions 0
i have no idea why and what could be the cause. Any idea or hint what could produce that errors?
-
Not really sure why that happens. I am running this with very few errors maybe 1 or 0. I will keep an eye on it. Just a thought maybe try adjusting the MTU depending on your WAN uplink.
-
@vajonam Its pretty strange. but i'm not using the wan for peers. So it shouldn't be related?
-
@dersch, sorry I just assumed it was over a WAN link. then I am out of ideas sorry.
-
Just upgraded to 2.6.0.a.20210524.0100-DEV:
Crash report details:
PHP Errors:
[24-May-2021 18:48:49 Europe/Rome] PHP Warning: flock() expects parameter 1 to be resource, null given in /usr/local/pkg/wireguard/wg_service.inc on line 324
[24-May-2021 18:48:49 Europe/Rome] PHP Warning: fclose() expects parameter 1 to be resource, null given in /usr/local/pkg/wireguard/wg_service.inc on line 327Installed pfSense v2.6.0-DEV from scratch and configured WG by hand (i.e. no import from old config.xml) after added pkg.
WG is properly working though.
-
@psp I caught this a few days ago. Fix will be in the next release. It is cosmetic.
-
Does this currently, or in future, work on official Netgate hardware eg. SG-5100?
-
@brians update to Pfsense version 21.05 RC and you will have access to the package. Unfortunately it's version 0.0.8 instead of the more current 0.1.1. Unsure why that is.
-
@gabacho4 just manually removed the older package versions and manually reinstalled and all is well. Not as convenient as having a package to select in the package manager, but easy enough still and nice to be on current.
-
@gabacho4 Thanks, I will just wait until official release. Was just curious because the different version numbers with PfSense + and CE.
Having said that, wonder if will support the ARM devices eg. SG3100.