Upgrade to 2.4.3-RELEASE-p1 issue



  • Hello there,
    I have upgrade from 2.4.3 to 2.4.3_1 and upgrade went okay, i.e I can log in to admin portal and all config looks good, however tit looks that I cannot get to internet from LAN.
    example:
    ping: LAN > GATEWAY [OK]
    ping: LAN > Internet IP [failed]
    Ping: PFSENSE to Internet [OK]
    same thing with traceroute. Traceroute is failing past pfsense.
    Note: everything was working perfectly before the upgrade.

    Please advice
    MM



  • @mrmastii said in Upgrade to 2.4.3-RELEASE-p1 issue:

    PFSENSE to Internet [OK]
    same thing with traceroute. Traceroute is failing past pfsense.
    Note: everything was working perfectly before the upgrade.
    Please advice

    Can you show us your firewall rules

    Firewall>>Rules>>LAN



  • Please see attached screen snap

    also please note that state for all interfaces shows 0/0

    0_1527465010440_2018-05-27 19_45_04-Firewall_ Rules_ LAN.png


  • Netgate

    Pinging from LAN to the LAN address would increase those state counts. As would accessing the portal page from a LAN host. So that is at least an indication that something isn't configured correctly.

    That all looks fine.

    It is probably something else unrelated - but perhaps coincidental - to you upgrading.

    Or something that should not have been working before the upgrade and is now not working as it shouldn't be.

    Could be a million things. Probably best to narrow it down:

    https://doc.pfsense.org/index.php/Connectivity_Troubleshooting



  • There is something that I just saw, an error message about a rule not being loaded correctly. I have a feeling that this might be causing the problem.
    Any idea how to fix it?
    0_1527474071544_2018-05-27 22_02_18-ERROR.png



  • @mrmastii said in Upgrade to 2.4.3-RELEASE-p1 issue:

    There is something that I just saw, an error message about a rule not being loaded correctly. I have a feeling that this might be causing the problem.
    Any idea how to fix it?
    0_1527474071544_2018-05-27 22_02_18-ERROR.png

    I did a search on the forum and found similar issue,not sure if it is the same bug?
    https://forum.netgate.com/topic/127849/notification-of-tmp-rules-debug-syntax-error


  • Netgate

    https://redmine.pfsense.org/issues/8518

    You can install the system patches package and then changeset

    There are system patches available for this issue.
    The patch commit IDs are:
    63b2c4c878655746f903565dec3f34b3d410153f
    c9159949e06cc91f6931bf2326672df7cad706f4
    If you want to test them you can install them using the System Patches package

    Install the System Patches package in System > Package Manager, Available Packages. It will be at System > Patches when you are done.
    Add a new patch
    Enter a description
    Enter 63b2c4c878655746f903565dec3f34b3d410153f as the Commit ID
    Set the path strip count to 1
    Set Base Directory to /
    Check Ignore Whitespace.
    Save

    That should retrieve the patch.

    Then Fetch it then test it. It should say it CAN be applied cleanly and CANNOT be reverted (those test results will flip after it is applied).
    Then you can apply it.
    Repeat for the other patch(es).
    Please let us know if that clears it up and if you see any adverse effects.

    You can simply revert the patches if they cause issues.



  • Hi @Derelict,
    Looks like these patches did it. I manually commented out the line in /tmp/rules.debug and then applied the patches, rebooted and voila, internet came back online.
    I will monitor it closely to see it it has any adverse.
    Thanks for all your help
    MM


 

© Copyright 2002 - 2018 Rubicon Communications, LLC | Privacy Policy