Pfsense update really really broken for two years now.



  • I'm also looking for some help on a particular box but wanted to at least make that statement.
    I've had nothing but trouble with PFsense and automatic updates across the board for nearly
    Two years.
    Before that time never had issues.
    Ever since the "Community Edition" "flavor" was introduced and a short time before it..
    Updates have just been broken.
    And now being forced to click on "consent to collect information" before being allowed to access
    the forum.
    Whatever you people just whatever.
    Let's make America Communist again.
    This is not a complaint but an observation.
    Take it how you like.

    Anyhow as if I'm actually going to get any help here making a statement like that right? :)
    Please and thank you for listening.

    I have a particular box out there with broken updates.
    I usually get around this just by reselecting which update channel to be on or running it at the command menu or rebooting or all of the above and it eventually works again.

    This time it's not working.

    In the webui I get "unable to check for updates"
    In update settings Branch: is now blank and nothing can be selected.

    Running option 13 at the command menu does nothing and just returns to the command menu.

    Enter an option: 13

    pfSense - Netgate Device ID: 981XXXXXXXXXXXXXXXXXX

    *** Welcome to pfSense 2.4.1-RELEASE (amd64) on ***************** ***

    WAN (wan) -> em0 -> v4: .../29
    LAN (lan) -> em1 -> v4: 192.168.1.1/24

    1. Logout (SSH only) 9) pfTop
    2. Assign Interfaces 10) Filter Logs
    3. Set interface(s) IP address 11) Restart webConfigurator
    4. Reset webConfigurator password 12) PHP shell + pfSense tools
    5. Reset to factory defaults 13) Update from console
    6. Reboot system 14) Disable Secure Shell (sshd)
    7. Halt system 15) Restore recent configuration
    8. Ping host 16) Restart PHP-FPM
    9. Shell

    Enter an option:

    Any pointers?

    Thanks!!!

    Steve


  • Rebel Alliance Developer Netgate



  • I've had nothing but trouble with PFsense and automatic updates across the board for nearly Two years.

    That seems like a long time to have a problem and not do anything to actually find and fix it.

    Before that time never had issues.

    Everything works until it breaks.

    Ever since the "Community Edition" "flavor" was introduced and a short time before it. Updates have just been broken.

    I've been upgrading since the 2.1.x days without any problems whatsoever. pfSense has literally hundreds of thousands of deployments. I very much doubt they all have these same problems.

    And now being forced to click on "consent to collect information" before being allowed to access the forum.

    Netgate serves the entire world, not just the US, and they have brand new GDPR regulations to comply with.

    Let's make America Communist again.

    Not sure how a message telling you that using the forums requires some data collection is Communism.

    This is not a complaint but an observation. Take it how you like.

    It looks like a complaint to me.

    Have you tried:

    Creating a config.xml backup of your configuration
    Installing a fresh image
    Restoring your config

    You may have some cruft left over from various package upgrades or what have you. Start fresh with a clean config and see if your problems persist.



  • @kom Thanks for the reply and help.
    I will give these things a look and report back with results.
    I'm on site today ready to boot a CD and reinstall if needed.

    It's the only case I was not able to figure out quickly an d get updates working again on.
    But in general they have been a bit problematic the past two years or so.

    I'm done complaining and got it out.
    Thanks!



  • It's somehow falling on itself.
    Get segfaults when trying to run any of the pkg utilities.
    RE-install time.



  • pkg help
    Child process pid=1022 terminated abnormally: Segmentation fault



  • I would bet you have bad hardware somewhere. Check the RAM and the disk. Make sure you are running the latest BIOS of whatever device you're trying to install on.



  • Hardware is fine. (tested it throughly) before reinstalling.
    Reinstalled and restored from backup.
    Switched it to a little SSD in the process.
    Golden.



  • @n8lbv said in Pfsense update really really broken for two years now.:

    Hardware is fine. (tested it throughly) before reinstalling.
    Reinstalled and restored from backup.
    Switched it to a little SSD in the process.
    Golden.

    Yes, the Micro$oft way works well.
    Except one has to be there physically to do it.
    Sadly, makes pfsense no longer suitable for remote administration and therefore not suitable for anything at all.



  • OK then. See you.


  • Rebel Alliance Developer Netgate

    I do remote upgrades all the time and these kinds of errors are not normal or common.

    You only see the complaints because that's how forums work. People rarely post that things worked well for them.



  • @jimp said in Pfsense update really really broken for two years now.:

    I do remote upgrades all the time and these kinds of errors are not normal or common.

    You only see the complaints because that's how forums work. People rarely post that things worked well for them.

    Granted, that's true, complaints are posted and success stories are not.
    However, I can assure you I'm not complaining just for the heck of it.
    I'm way too busy to spend time on that.
    But this trend with pfsense updates, last couple of years, is not hard to notice.
    It saddens me because I like pfsense and up until around 2.2 it was a wonderful system with updates working reliably.
    And even though I never got ipsec working - like they say "nothing is perfect" - I learned to live with it, and accepted it.
    Pfsense said "User Openvpn" "it's better anyway", Ipsec is a work in progress.
    But this week Openvpn setup was such a bust, that it was simply the straw that broke the camel's back.
    When I notice a clear pattern of update failures and other deficiencies (Openvpn wizard not working), and know it's not my doing, and not my hardware, and see others having same issues and posting about it in the forums, then it's time to voice the concern.



  • @shapeshifter910 said in Pfsense update really really broken for two years now.:

    However, I can assure you I'm not complaining just for the heck of it.
    I'm way too busy to spend time on that.

    Sure: https://forum.netgate.com/topic/138862/new-forum-software-and-old-accounts 😜



  • @shapeshifter910
    Yep, I've experienced a number of issues that are similar and did not voice them here.
    I'm at the point now where there have been enough and I'm starting to mention them.
    There was a time in 2015 where I GOT really busy.
    Too busy to build PFSense systems on PC hardware for people so I recommended they buy a netgate box for around $515US at the time and a year of PFsense support.
    This was a big mistake.
    There are around 30 of these in the field per my 2015 recommendations.
    Some I manage other s are managed by the customer.
    At least 15 of them have failed in such a way that they required on site reinstallations or local console access to fix a failing bootup process.

    I am now stuck with a number of them out there that were sold to us by PFSense that are nanobsd (bought in 2014-2015)
    and are "no longer supported" and will not update..

    The local system admins have given up on updating them and have asked me to either sell them something that
    is up to date and supported or reinstall pfsense 2.4 on them and it is questionable if 2.4 will run on them and
    if the CPUs are AES-NI capable which 2.5 is requiring now.

    Yes, PFSense used to be fabulous.
    Now it is becoming incredibly annoying.



  • @n8lbv
    Yeah, exactly!
    Gee, I didn't even know Netgate bought PfSense.
    That explains everything.
    Looking the website I see the first item is called Tnsr - Advanced open source-based Firewall, Router, and VPN platform with breakthrough enterprise-class performance, management, and service expansion flexibility.
    Well here we go. Now we know what the devs have been working on.
    Sigh, with such a confict of interest, pfsense' days are numbered.

    I've seen this before.
    I started with Monowall when it was a one floppy distro.
    Internet was in its infancy back then.
    Then I jumped onto Smoothwall, and that was when I first found out how open source is being exploited for corporate profit.
    Nothing wrong with making money - just don't pretend you're doing it for the "community".
    Smoothwall got forked into IPCoP and I used to use IPCop for quite a while until it started to be neglected and got forked to IPFire, which is still thriving to this day.
    Smoothwall is still around but it's a gosttown.
    After IPCop I tried pfsense and been using it ever since.
    Too bad it's days are numbers now. Hence the OPNSense.
    Thanks for all the fish, pfsense. Been fun. Bye.


  • Rebel Alliance Netgate Administrator

    You had 3 senior community members attempt to help you.

    I'm seeing complaining, but nothing of substance from you for fixing your issues.

    I'm locking this thread.


Locked