Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Upgrade to 2.4.3-RELEASE-p1 issue

    Scheduled Pinned Locked Moved Problems Installing or Upgrading pfSense Software
    8 Posts 3 Posters 1.3k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M
      mrmastii
      last edited by

      Hello there,
      I have upgrade from 2.4.3 to 2.4.3_1 and upgrade went okay, i.e I can log in to admin portal and all config looks good, however tit looks that I cannot get to internet from LAN.
      example:
      ping: LAN > GATEWAY [OK]
      ping: LAN > Internet IP [failed]
      Ping: PFSENSE to Internet [OK]
      same thing with traceroute. Traceroute is failing past pfsense.
      Note: everything was working perfectly before the upgrade.

      Please advice
      MM

      x2rlX 1 Reply Last reply Reply Quote 0
      • x2rlX
        x2rl @mrmastii
        last edited by

        @mrmastii said in Upgrade to 2.4.3-RELEASE-p1 issue:

        PFSENSE to Internet [OK]
        same thing with traceroute. Traceroute is failing past pfsense.
        Note: everything was working perfectly before the upgrade.
        Please advice

        Can you show us your firewall rules

        Firewall>>Rules>>LAN

        1 Reply Last reply Reply Quote 0
        • M
          mrmastii
          last edited by

          Please see attached screen snap

          also please note that state for all interfaces shows 0/0

          0_1527465010440_2018-05-27 19_45_04-Firewall_ Rules_ LAN.png

          1 Reply Last reply Reply Quote 0
          • DerelictD
            Derelict LAYER 8 Netgate
            last edited by Derelict

            Pinging from LAN to the LAN address would increase those state counts. As would accessing the portal page from a LAN host. So that is at least an indication that something isn't configured correctly.

            That all looks fine.

            It is probably something else unrelated - but perhaps coincidental - to you upgrading.

            Or something that should not have been working before the upgrade and is now not working as it shouldn't be.

            Could be a million things. Probably best to narrow it down:

            https://doc.pfsense.org/index.php/Connectivity_Troubleshooting

            Chattanooga, Tennessee, USA
            A comprehensive network diagram is worth 10,000 words and 15 conference calls.
            DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
            Do Not Chat For Help! NO_WAN_EGRESS(TM)

            1 Reply Last reply Reply Quote 0
            • M
              mrmastii
              last edited by

              There is something that I just saw, an error message about a rule not being loaded correctly. I have a feeling that this might be causing the problem.
              Any idea how to fix it?
              0_1527474071544_2018-05-27 22_02_18-ERROR.png

              M 1 Reply Last reply Reply Quote 0
              • M
                mrmastii @mrmastii
                last edited by

                @mrmastii said in Upgrade to 2.4.3-RELEASE-p1 issue:

                There is something that I just saw, an error message about a rule not being loaded correctly. I have a feeling that this might be causing the problem.
                Any idea how to fix it?
                0_1527474071544_2018-05-27 22_02_18-ERROR.png

                I did a search on the forum and found similar issue,not sure if it is the same bug?
                https://forum.netgate.com/topic/127849/notification-of-tmp-rules-debug-syntax-error

                1 Reply Last reply Reply Quote 0
                • DerelictD
                  Derelict LAYER 8 Netgate
                  last edited by

                  https://redmine.pfsense.org/issues/8518

                  You can install the system patches package and then changeset

                  There are system patches available for this issue.
                  The patch commit IDs are:
                  63b2c4c878655746f903565dec3f34b3d410153f
                  c9159949e06cc91f6931bf2326672df7cad706f4
                  If you want to test them you can install them using the System Patches package

                  Install the System Patches package in System > Package Manager, Available Packages. It will be at System > Patches when you are done.
                  Add a new patch
                  Enter a description
                  Enter 63b2c4c878655746f903565dec3f34b3d410153f as the Commit ID
                  Set the path strip count to 1
                  Set Base Directory to /
                  Check Ignore Whitespace.
                  Save

                  That should retrieve the patch.

                  Then Fetch it then test it. It should say it CAN be applied cleanly and CANNOT be reverted (those test results will flip after it is applied).
                  Then you can apply it.
                  Repeat for the other patch(es).
                  Please let us know if that clears it up and if you see any adverse effects.

                  You can simply revert the patches if they cause issues.

                  Chattanooga, Tennessee, USA
                  A comprehensive network diagram is worth 10,000 words and 15 conference calls.
                  DO NOT set a source address/port in a port forward or firewall rule unless you KNOW you need it!
                  Do Not Chat For Help! NO_WAN_EGRESS(TM)

                  1 Reply Last reply Reply Quote 0
                  • M
                    mrmastii
                    last edited by

                    Hi @Derelict,
                    Looks like these patches did it. I manually commented out the line in /tmp/rules.debug and then applied the patches, rebooted and voila, internet came back online.
                    I will monitor it closely to see it it has any adverse.
                    Thanks for all your help
                    MM

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.