Access repo file(/var/db/pkg/repo-pfSense.sqlite) failed: No such file or direct

  • Hi all,
    I know there are many threads on the subject but none seem to fix my problem.

    Enter an option: 13
    >>> Updating repositories metadata...
    Updating pfSense-core repository catalogue...
    pkg-static: Repository pfSense-core load error: access repo file(/var/db/pkg/repo-pfSense-core.sqlite) failed: No such file or directory
    pkg-static: Network is unreachable
    repository pfSense-core has no meta file, using default settings
    pkg-static: Network is unreachable
    Unable to update repository pfSense-core
    Updating pfSense repository catalogue...
    pkg-static: Repository pfSense load error: access repo file(/var/db/pkg/repo-pfSense.sqlite) failed: No such file or directory
    pkg-static: Network is unreachable
    repository pfSense has no meta file, using default settings
    pkg-static: Network is unreachable
    Unable to update repository pfSense
    Error updating repositories!
    pfSense - Netgate Device ID: cdff5225c84a915d19fb

    After trying a few solutions, I decided to do a clean install and then restore my config. Sadly, the problem persists. I am able to query the server from the firewall itself and from a host so I'd like to think my DNS is OK.

    : dig SRV
    ; <<>> DiG 9.11.2-P1 <<>> SRV
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5841
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 2, ADDITIONAL: 1
    ; EDNS: version: 0, flags:; udp: 4096
    ;	IN	SRV
    ;; ANSWER SECTION: 52	IN	SRV	10 10 443 52	IN	SRV	10 10 443
    ;; Query time: 0 msec
    ;; SERVER:
    ;; WHEN: Thu May 17 21:09:50 CEST 2018
    ;; MSG SIZE  rcvd: 181

    The file does not exist:

    : ls -ld /var/db/pkg/repo-pfSense-core.sqlite
    ls: /var/db/pkg/repo-pfSense-core.sqlite: No such file or directory

    I'm guessing that's where the problem lies but it still is missing after a clean install so now what?

    Any advice would be welcome.


  • I am still having the same problem so I installed pfsense in a VM to check the differences.

    The VM works fine and can see "available packages". After making sure my DNS resolver was setup identically, I still couldn't see any packages listed.

    After looking at my routing table however, I came accross something that to my noob mind makes no sense.

    I have a WAN (em0), a LAN (em1), a WIFI (em2) and a VPN connection (ovpnc5) through which I try and have all my traffic go through.

    Destination        Gateway            Flags     Netif Expire
    default           UGS         lo0           UGS      ovpnc5           link#10            UH       ovpnc5         link#10            UHS         lo0        link#2             UHS         lo0     link#2             U           em1       link#9             UHS         lo0          link#6             UH          lo0     link#2             U           em1        link#2             UHS         lo0     link#3             U           em2        link#3             UHS         lo0       link#9             UH       pppoe0

    I don't understand why the default gateway tries to go through the lo0 interface and not the ovpnc5 interface. I still get a DNS response when querying from the firewall or clients on the LAN.

    What am I doing wrong? I'm going over each setting comparing a vanilla installation and what I currently have but it will take some time and I am puzzeled by the routing table.

    As always, any advice is welcome! :)

  • So I keep searching for a solution and can't seem to get anyone interested in my issue.

    The Routing issue was fixed by a reboot.

    From the router, I can do DNS queries so I'm going to rule out DNS as being a problem.

    [2.4.3-RELEASE][admin@rtr.lan]/root: dig +short

    It seems however, that I am unable to connect to a remote site from the firewall.

    [2.4.3-RELEASE][admin@rtr.lan]/root: curl -vvv
    * Rebuilt URL to:
    *   Trying
    * TCP_NODELAY set
    * Immediate connect fail for Network is unreachable
    * Closing connection 0
    curl: (7) Couldn't connect to server

    I've tried a bunch of permissive rules in my 'LAN rules' but I just can't seem to get it to work.

    Can anyone offer some advice?

    ![Screen Shot 2018-05-21 at 15.50.48.png](/public/imported_attachments/1/Screen Shot 2018-05-21 at 15.50.48.png)
    ![Screen Shot 2018-05-21 at 15.50.48.png_thumb](/public/imported_attachments/1/Screen Shot 2018-05-21 at 15.50.48.png_thumb)

  • Hi.

    I guess rebooting ones more won't help you.

    What will help is ditching your setup.

    A clean pfSense does :

    [2.4.3-RELEASE][]/root: curl -vvv
    * Rebuilt URL to:
    *   Trying 2a00:1450:4007:80c::200e...
    * TCP_NODELAY set
    * Connected to (2a00:1450:4007:80c::200e) port 443 (#0)
    * ALPN, offering h2
    * ALPN, offering http/1.1
    * Cipher selection: ALL:!EXPORT:!EXPORT40:!EXPORT56:!aNULL:!LOW:!RC4:@STRENGTH
    * successfully set certificate verify locations:
    *   CAfile: /usr/local/share/certs/ca-root-nss.crt
      CApath: none
    * TLSv1.2 (OUT), TLS header, Certificate Status (22):
    * TLSv1.2 (OUT), TLS handshake, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Server hello (2):
    * TLSv1.2 (IN), TLS handshake, Certificate (11):
    * TLSv1.2 (IN), TLS handshake, Server key exchange (12):
    * TLSv1.2 (IN), TLS handshake, Server finished (14):
    * TLSv1.2 (OUT), TLS handshake, Client key exchange (16):
    * TLSv1.2 (OUT), TLS change cipher, Client hello (1):
    * TLSv1.2 (OUT), TLS handshake, Finished (20):
    * TLSv1.2 (IN), TLS change cipher, Client hello (1):
    * TLSv1.2 (IN), TLS handshake, Finished (20):
    * SSL connection using TLSv1.2 / ECDHE-ECDSA-AES128-GCM-SHA256
    * ALPN, server accepted to use h2
    * Server certificate:
    *  subject: C=US; ST=California; L=Mountain View; O=Google Inc; CN=*
    *  start date: Apr 17 14:02:11 2018 GMT
    *  expire date: Jul 10 12:40:00 2018 GMT
    *  subjectAltName: host "" matched cert's ""
    *  issuer: C=US; O=Google Trust Services; CN=Google Internet Authority G3
    *  SSL certificate verify ok.
    * Using HTTP2, server supports multi-use
    * Connection state changed (HTTP/2 confirmed)
    * Copying HTTP/2 data in stream buffer to connection buffer after upgrade: len=0
    * Using Stream ID: 1 (easy handle 0x803a94580)
    > GET / HTTP/2
    > Host:
    > User-Agent: curl/7.58.0
    > Accept: */*
    * Connection state changed (MAX_CONCURRENT_STREAMS updated)!
    < HTTP/2 301
    < location:
    < content-type: text/html; charset=UTF-8
    < date: Mon, 21 May 2018 17:02:36 GMT
    < expires: Wed, 20 Jun 2018 17:02:36 GMT
    < cache-control: public, max-age=2592000
    < server: gws
    < content-length: 220
    < x-xss-protection: 1; mode=block
    < x-frame-options: SAMEORIGIN
    < alt-svc: hq=":443"; ma=2592000; quic=51303433; quic=51303432; quic=51303431; quic=51303339; quic=51303335,quic=":443"; ma=2592000; v="43,42,41,39,35"
    <title>301 Moved</title>
    # 301 Moved
    The document has moved
    * Connection #0 to host left intact

    so consider your system broke. Clean it up and you'll be fine  ;)

  • Thanks for the reply Gertjan,
    I was doing my best not to have any down time. My wife hates it when I tinker and block access to instagram! ;)

    Thanks for your advice.