Downgrade from 2.4.5 to 2.4.4p3
-
Hello,
I was wondering if it is possible to downgrade pfSense. In the last three days I did three major changes to my firewall
- I upgraded the software to 2.4.5
- I enabled hybrid NAT for my daughter's Nintendo switch, it needs a static NAT mapping for online play.
- I moved the physical equipment into a rack (same hardware)
Since the changes above, my IPTV service no longer works. Prior to all the changes it worked brilliantly.
I have since disabled the NAT change I did, and it did not resolve the issue.
I reviewed all the settings for the IPTV service, and it also looks good, no changes.
Physically moving the box should not break the software.So I am left at looking at the software upgrade as the culprit. I am wondering if there was some changes that affected the IGMPproxy or some other underlying component I was depending on.
I would like to try to downgrade the software to rule out or confirm it is 2.4.5 that has broken my IPTV service. I tried to look for a previous versions of the software on the netgate site, but I was unable to find it. Any direction provided would be helpful.
Thank you for reading this post. I appreciate any and all help.
-
There is no official way, but Google the image filename (for example pfSense-CE-memstick-2.4.4-RELEASE-p3-amd64.img.gz) will show you plenty of FTP servers.
BUT make sure the checksum matches, in this caseSHA-256 ffbb7053d448a673d95e71213dcab68c4813a03b4e4b96fd806601d6e5cd779c-Rico
-
And BTW, you need some 2.4.4 backup.
Taking a 2.4.5 Backup and restore to 2.4.4 will NOT work.-Rico
-
@Rico Is that universally true? 2.4.4.-p3 and 2.4.5 both have a config version of 19.1. I was able to restore, but not recover at install time, a 2.4.5 config to a 2.4.4-p3 install.
Of course having install images AND config's for your install prior to upgrading is smart. Lesson learned for me!
-
With the same configuration version it could work but is not recommended. See https://docs.netgate.com/pfsense/en/latest/backup/restoring-a-pfsense-configuration-to-a-different-version.html
So generally speaking it is not supported.-Rico
-
Thanks everyone for replying. I will try and find an image with that checksum. And I have plenty of backed up configurations, I have a script that backs up the config every night, and had confirmed I had plenty before upgrade.
-
@Rico said in Downgrade from 2.4.5 to 2.4.4p3:
And BTW, you need some 2.4.4 backup.
Taking a 2.4.5 Backup and restore to 2.4.4 will NOT work.-Rico
Hello Rico,
my experience is: it does work.
Because of an unknown issue with 2.4.5 there was no other way for me as downgrading to 2.4.4-P3.
I always used the 2.4.5 backups (without package information) because of configuration changes in this release and all what I can say is: all is working as expected.
Where did you had issues?Here is my roadmap back to 2.4.4-P3:
- boot from USB your preferred live system, e.g. Knoppix, Mint or NomadBSD
- wipe the disks with dd
- reboot
- install 2.4.4-P3
- change the repository to previous release (2.4.4-P3)
- install all necessary packages
- restore the backup (without package information)
- reboot
-
It may work.
There are changed in the config versions and you might find it does not import cleanly.
It will complain in the boot log either way.Steve
-
I used 2.4.5 for 2-3 days until it becomes urgent to go back to 2.4.4-p3...
(Usually I use KVM console on my Cisco UCS but this time I didn't)
So what I did :
-
Make USB with 2.4.4-p3 and boot from it...
-
When it boots and started installation, ask me to point a drive where the existing config file is, so I did it...
-
It completed installation for a few minutes and reboot...
-
After boot complete all was how it is ment to be :)
Whole procedure takes me about 10-15 minutes (from working 2.4.5 to working 2.4.4)
-
-
Make sure you set the update repo to 2.4.4 if you need to pull in packages.
And then set it back to 2.4.5 when you're ready to upgrade again.
Steve
-
I don't have problem with that... On top of that with 2.4.x train packages do update to a newer versions :)
-
If you pull 2.4.5 packages into 2.4.4 it will almost certainly break stuff.
-
@Kartoff said in Downgrade from 2.4.5 to 2.4.4p3:
Whole procedure takes me about 10-15 minutes (from working 2.4.5 to working 2.4.4)
@Kartoff Where did you find the stable version of 2.4.4 p-3 to download from. I am unable to find that version online.
-
Open a ticket with us if you do not have a copy of the image: https://go.netgate.com/
-
@Infective said in Downgrade from 2.4.5 to 2.4.4p3:
@Kartoff said in Downgrade from 2.4.5 to 2.4.4p3:
Whole procedure takes me about 10-15 minutes (from working 2.4.5 to working 2.4.4)
@Kartoff Where did you find the stable version of 2.4.4 p-3 to download from. I am unable to find that version online.
Google "pfSense-CE-memstick-2.4.4-RELEASE-p3-amd64" :) I also had trouble to find it and this is what i search when i manage to find some places where i can download from...
-
@Kartoff said in Downgrade from 2.4.5 to 2.4.4p3:
I used 2.4.5 for 2-3 days until it becomes urgent to go back to 2.4.4-p3...
(Usually I use KVM console on my Cisco UCS but this time I didn't)
So what I did :
-
Make USB with 2.4.4-p3 and boot from it...
-
When it boots and started installation, ask me to point a drive where the existing config file is, so I did it...
-
It completed installation for a few minutes and reboot...
-
After boot complete all was how it is ment to be :)
Whole procedure takes me about 10-15 minutes (from working 2.4.5 to working 2.4.4)
Do NOT forget to change the repo to the 2.4.4 release!
This is necessary to avoid installation of 2.4.5 packages.
If not you will have a lot of fun... -
-
To circle back on the original topic, the cause of my issues was not pfSense 2.4.5. It was a new firmware that took effect on reboot of my 10Gbit Ubiquiti switch. Switching back to the original firmware resolved my issue. pfSense was not blame at all, and I have since upgraded to 2.4.5 and it has been very stable for me. I had forgotten that I had queued the new switch firmware several months ago, user error as usual.
The pfSense support team was proactive in opening a ticket for me, and sending me a link to the 2.4.4-p3 software, along with the very comprehensive downgrade instructions. I was very impressed with the support response.
Thank you everyone for your suggestions.
-
@Squidy
Hello!Can you share the link to the 2.4.4.p3 ISO please?
Jair
-
Open a ticket with us if you need it. https://go.netgate.com/
-
A ticket for older release? https://soft.uclv.edu.cu/pfSense/ Thank you Google for helping us out!
