pfsense available packages empty
-
Version pfsense: 2.4.5-p1
The menu System --> Package Manager --> Available Packages is empty. It's a bug?
How resolver?
-
Read some, and pick one : pfsense no packages .
Basically, you need to have a working Internet connection.
Right after you installed pfSense, and you've set up a LAN and WAN (just these two, leaving every possible setting to default !), pfSense can use the (this) internet access to populate the list.
So, do nothing and it works.
What did you do ? -
But the internet is working properly.
The package listing was working normally.
It stopped working unexpectedly.
There is no error status. -
I inform you that the list of available packages has reappeared without any changes to the platform.
Then, I installed a package.
The package has been successfully installed.
After that, the list was empty again.A few minutes passed and the list returned to its normal display again.
Maybe it could be a bug. -
@aldemari said in pfsense available packages empty:
Maybe it could be a bug.
Or work in progress on the server maintained by Netgate ?
(or bad dns - bad connection .... see the list / link with many possible issues ) -
then probably there was some dns error.
Thanks. -
Having same issue today. Trying to install openvpn client but nothing is showing up in available packages.
Trace Route from pfsense
1 * * *
2 acr01gnvlsc-gbe-7-14.gnvl.sc.charter.com (96.34.65.44) 9.835 ms 8.686 ms 8.943 ms
3 crr01spbgsc-bue-201.spbg.sc.charter.com (96.34.67.195) 12.008 ms 11.740 ms 10.987 ms
4 bbr01spbgsc-bue-4.spbg.sc.charter.com (96.34.2.50) 11.985 ms 10.755 ms 16.039 ms
5 bbr02slidla-tge-0-1-0-4.slid.la.charter.com (96.34.0.133) 15.936 ms 19.763 ms 20.014 ms
6 bbr02atlnga-tge-0-2-0-1.atln.ga.charter.com (96.34.3.113) 23.984 ms
prr01snjsca-tge-0-0-0-5.snjs.ca.charter.com (96.34.3.37) 22.698 ms 21.804 ms
7 64.125.15.38 (64.125.15.38) 17.976 ms 21.804 ms 25.939 ms
8 ae8.cs2.atl10.us.zip.zayo.com (64.125.26.236) 37.993 ms 29.738 ms 29.997 ms
9 * * ae21.cs4.iad93.us.zip.zayo.com (64.125.24.240) 34.927 ms
10 ae24.cs2.lga5.us.eth.zayo.com (64.125.28.190) 34.853 ms 32.812 ms 39.937 ms
11 ae14.mpr2.ewr1.us.zip.zayo.com (64.125.26.135) 30.972 ms 30.806 ms 30.987 ms
12 ae3.mpr2.ewr1.us.zip.zayo.com (64.125.31.238) 34.041 ms 31.807 ms 31.989 ms
13 208.184.34.238.IPYX-076763-900-ZYO.zip.zayo.com (208.184.34.238) 34.982 ms 31.829 ms 30.963 ms
14 cs90.cs99new.v.ewr.nyinternet.net (96.47.77.218) 31.960 ms 34.839 ms 32.019 ms
15 * * *
16 * * * -
Hi,
same here:
[2.4.5-RELEASE][root@pfsense]/root: /usr/local/sbin/pkg-static update -f
Updating pfSense-core repository catalogue...
Certificate verification failed for /C=SE/O=AddTrust AB/OU=AddTrust External TTP Network/CN=AddTrust External CA Root
12835124:error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed:/usr/local/poudriere/jails/pfSense_v2_4_5_amd64/usr/src/crypto/openssl/ssl/s3_clnt.c:1269:Unable to update repository pfSense
Error updating repositories!
ERROR: Unable to compare version of pfSense-repoRegards,
fireodo -
Same here, no repo, I can do DNS lookups to files00.netgate.com etc.. so don't seem like a local issue ...
-
--> https://forum.netgate.com/topic/160362/certificate-error-while-running-pkg-update/
-
Yup there was a cert error for a short time. It's fixed now, you should be able to reach the pkg repo.
Steve
-
@stephenw10 Seems to be back again:
Updating pfSense-core repository catalogue...
Certificate verification failed for /C=US/ST=Texas/L=Austin/O=Rubicon Communications, LLC (Netgate)/OU=pfSense Plus/CN=pfsense-plus-pkg00.atx.netgate.com
2202644480:error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed:/var/jenkins/workspace/pfSense-Plus-snapshots-23_05-main/sources/FreeBSD-src-plus-RELENG_23_05/crypto/openssl/ssl/statem/statem_clnt.c:1921:many, many more, all snipped out
pkg-static: https://pfsense-plus-pkg00.atx.netgate.com/pfSense_plus-v23_05_1_aarch64-pfSense_plus_v23_05_1/packagesite.txz: Authentication error
Unable to update repository pfSense
Error updating repositories! -
Much has changed since Jan 2021! And that error is different.
Authentication error
like that implies it's trying to use the wrong server CA cert.The first thing to try here is to resave the update repo branch in System > Updates > Settings and retest.
Steve
-
@stephenw10 Excellent! That fixed it.
-
if you stumbled into this old thread, there is a new bug and a resolution in v2.70:
@SteveITS said in Package Manager wont load Available Packages:
https://docs.netgate.com/pfsense/en/latest/releases/2-7-1.html#troubleshooting
The update from 2.7.0 to 2.7.1 solved for me the "no Available Packages shown / empty list of Available Packages" Problem.
(the command: certctl rehash at 2.7.0 did not helped)
-
-
Hello,
this avaible Package Problem, now appeared suddenly on my pfSense CE aswell :( Very disappointing!!!I did:
sudo certctl rehash
Password:
Scanning /usr/share/certs/untrusted for certificates...
Scanning /usr/share/certs/trusted for certificates...
Scanning /usr/local/share/certs for certificates........ and helped nothing, Internet Connection is OK, using pfSense 2.7.2
What else can I do?? I have already searched here in the Forum, and did all, what people recommended to fix that! HELP please
-
If you're running 2.7.2 then rehashing the certs is done by the system anyway.
Try running:
pkg-static -d update
What error is shown?
-
@stephenw10 said in pfsense available packages empty:
pkg-static -d update
Hello Stephen, Thanks for your reply, I executet your command, result is very long ->
sudo pkg-static -d update
Password:
DBG(1)[78285]> pkg initialized
Updating Unofficial repository catalogue...
DBG(1)[78285]> PkgRepo: verifying update for Unofficial
pkg-static: repository meta has wrong version or wrong format
pkg-static: Repository Unofficial load error: meta file cannot be loaded
DBG(1)[78285]> PkgRepo: need forced update of Unofficial
DBG(1)[78285]> Pkgrepo, begin update of '/var/db/pkg/repo-Unofficial.sqlite'
DBG(1)[78285]> Request to fetch pkg+http://pkg.goxdrive.com.br/repo/FreeBSD:14:amd64/meta.conf
DBG(1)[78285]> curl_open
DBG(1)[78285]> Fetch: fetcher used: pkg+http
DBG(1)[78285]> curl> fetching http://pkg.goxdrive.com.br/repo/FreeBSD:14:amd64/meta.confDBG(1)[78285]> CURL> attempting to fetch from , left retry 3
- Couldn't find host e-sac.siteseguro.ws in the .netrc file; using defaults
- Trying 10.10.10.1:80...
- Connected to e-sac.siteseguro.ws (10.10.10.1) port 80
GET /repo/FreeBSD:14:amd64/meta.conf HTTP/1.1
Host: e-sac.siteseguro.ws
User-Agent: pkg/1.20.8
Accept: /
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT< HTTP/1.1 200 OK
Fetching meta.conf: 0%< Cache-Control: private, no-store, no-cache, must-revalidate, max-age=0
< Cache-Control: post-check=0, pre-check=0
< Pragma: no-cache
< Expires: Sat, 26 Jul 2014 05:00:00 GMT
< Content-Type: image/gif
< Accept-Ranges: bytes
< Content-Length: 43
< Date: Wed, 09 Oct 2024 17:24:32 GMT
< Server: pfBlockerNG DNSBL
<
Fetching meta.conf: 100% 43 B 0.0kB/s 00:01- Connection #0 to host e-sac.siteseguro.ws left intact
pkg-static: Impossible to get the value from Last-Modified HTTP header
pkg-static: cannot parse repository meta: error while parsing <unknown>: line: 1, column: 6 - 'invalid character in a key', character: '0x01'
repository Unofficial has no meta file, using default settings
DBG(1)[78285]> Request to fetch pkg+http://pkg.goxdrive.com.br/repo/FreeBSD:14:amd64/packagesite.pkg
DBG(1)[78285]> curl_open
DBG(1)[78285]> Fetch: fetcher used: pkg+http
DBG(1)[78285]> curl> fetching http://pkg.goxdrive.com.br/repo/FreeBSD:14:amd64/packagesite.pkg
DBG(1)[78285]> CURL> attempting to fetch from , left retry 3
- Couldn't find host e-sac.siteseguro.ws in the .netrc file; using defaults
- Found bundle for host: 0x1cf00663c420 [serially]
- Re-using existing connection with host e-sac.siteseguro.ws
GET /repo/FreeBSD:14:amd64/packagesite.pkg HTTP/1.1
Host: e-sac.siteseguro.ws
User-Agent: pkg/1.20.8
Accept: /
If-Modified-Since: Thu, 01 Jan 1970 00:00:00 GMT< HTTP/1.1 200 OK
Fetching packagesite.pkg: 0%< Cache-Control: private, no-store, no-cache, must-revalidate, max-age=0
< Cache-Control: post-check=0, pre-check=0
< Pragma: no-cache
< Expires: Sat, 26 Jul 2014 05:00:00 GMT
< Content-Type: image/gif
< Accept-Ranges: bytes
< Content-Length: 43
< Date: Wed, 09 Oct 2024 17:24:32 GMT
< Server: pfBlockerNG DNSBL
<
Fetching packagesite.pkg: 100% 43 B 0.0kB/s 00:01- Connection #0 to host e-sac.siteseguro.ws left intact
pkg-static: Impossible to get the value from Last-Modified HTTP header
DBG(1)[78285]> PkgRepo: extracting packagesite.yaml of repo Unofficial
DBG(1)[86680]> PkgRepo: extracting signature of repo in a sandbox
pkg-static: Repo extraction failed
Unable to update repository Unofficial
Updating pfSense-core repository catalogue...
DBG(1)[78285]> PkgRepo: verifying update for pfSense-core
DBG(1)[78285]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense-core.sqlite'
DBG(1)[78285]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf
DBG(1)[78285]> curl_open
DBG(1)[78285]> Fetch: fetcher used: pkg+https
DBG(1)[78285]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/meta.conf
DBG(1)[78285]> CURL> attempting to fetch from , left retry 3
- Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
- Trying 208.123.73.207:443...
- Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
- ALPN: curl offers http/1.1
- CAfile: none
- CApath: /etc/ssl/certs/
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN: server accepted http/1.1
- Server certificate:
- subject: CN=*.netgate.com
- start date: Mar 28 00:00:00 2024 GMT
- expire date: Apr 28 23:59:59 2025 GMT
- subjectAltName: host "pkg00-atx.netgate.com" matched cert's "*.netgate.com"
- issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
- SSL certificate verify ok.
- using HTTP/1.1
GET /pfSense_v2_7_2_amd64-core/meta.conf HTTP/1.1
Host: pkg00-atx.netgate.com
User-Agent: pkg/1.20.8
Accept: /
If-Modified-Since: Wed, 06 Dec 2023 21:23:59 GMT< HTTP/1.1 200 OK
Fetching meta.conf: 0%< Server: nginx
< Date: Wed, 09 Oct 2024 17:24:34 GMT
< Content-Type: application/octet-stream
< Content-Length: 163
< Last-Modified: Wed, 06 Dec 2023 21:23:58 GMT
< Connection: keep-alive
< ETag: "6570e66e-a3"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<- The requested document is not new enough
- Simulate an HTTP 304 response
- Closing connection
DBG(1)[78285]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.pkg
DBG(1)[78285]> curl_open
DBG(1)[78285]> Fetch: fetcher used: pkg+https
DBG(1)[78285]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-core/packagesite.pkgDBG(1)[78285]> CURL> attempting to fetch from , left retry 3
- Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
- Hostname pkg00-atx.netgate.com was found in DNS cache
- Trying 208.123.73.207:443...
- Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
- ALPN: curl offers http/1.1
- CAfile: none
- CApath: /etc/ssl/certs/
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN: server accepted http/1.1
- Server certificate:
- subject: CN=*.netgate.com
- start date: Mar 28 00:00:00 2024 GMT
- expire date: Apr 28 23:59:59 2025 GMT
- subjectAltName: host "pkg00-atx.netgate.com" matched cert's "*.netgate.com"
- issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
- SSL certificate verify ok.
- using HTTP/1.1
GET /pfSense_v2_7_2_amd64-core/packagesite.pkg HTTP/1.1
Host: pkg00-atx.netgate.com
User-Agent: pkg/1.20.8
Accept: /
If-Modified-Since: Wed, 06 Dec 2023 21:23:59 GMT< HTTP/1.1 200 OK
Fetching packagesite.pkg: 0%< Server: nginx
< Date: Wed, 09 Oct 2024 17:24:34 GMT
< Content-Type: application/octet-stream
< Content-Length: 1496
< Last-Modified: Wed, 06 Dec 2023 21:23:59 GMT
< Connection: keep-alive
< ETag: "6570e66f-5d8"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<- The requested document is not new enough
- Simulate an HTTP 304 response
- Closing connection
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
DBG(1)[78285]> PkgRepo: verifying update for pfSense
DBG(1)[78285]> Pkgrepo, begin update of '/var/db/pkg/repo-pfSense.sqlite'
DBG(1)[78285]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.conf
DBG(1)[78285]> curl_open
DBG(1)[78285]> Fetch: fetcher used: pkg+https
DBG(1)[78285]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.confDBG(1)[78285]> CURL> attempting to fetch from , left retry 3
- Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
- Trying 208.123.73.207:443...
- Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
- ALPN: curl offers http/1.1
- CAfile: none
- CApath: /etc/ssl/certs/
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN: server accepted http/1.1
- Server certificate:
- subject: CN=*.netgate.com
- start date: Mar 28 00:00:00 2024 GMT
- expire date: Apr 28 23:59:59 2025 GMT
- subjectAltName: host "pkg00-atx.netgate.com" matched cert's "*.netgate.com"
- issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
- SSL certificate verify ok.
- using HTTP/1.1
GET /pfSense_v2_7_2_amd64-pfSense_v2_7_2/meta.conf HTTP/1.1
Host: pkg00-atx.netgate.com
User-Agent: pkg/1.20.8
Accept: /
If-Modified-Since: Wed, 02 Oct 2024 19:28:18 GMT< HTTP/1.1 200 OK
Fetching meta.conf: 0%< Server: nginx
< Date: Wed, 09 Oct 2024 17:24:35 GMT
< Content-Type: application/octet-stream
< Content-Length: 178
< Last-Modified: Wed, 02 Oct 2024 19:28:18 GMT
< Connection: keep-alive
< ETag: "66fd9ed2-b2"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<- The requested document is not new enough
- Simulate an HTTP 304 response
- Closing connection
DBG(1)[78285]> Request to fetch pkg+https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg
DBG(1)[78285]> curl_open
DBG(1)[78285]> Fetch: fetcher used: pkg+https
DBG(1)[78285]> curl> fetching https://pkg.pfsense.org/pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkgDBG(1)[78285]> CURL> attempting to fetch from , left retry 3
- Couldn't find host pkg00-atx.netgate.com in the .netrc file; using defaults
- Hostname pkg00-atx.netgate.com was found in DNS cache
- Trying 208.123.73.207:443...
- Connected to pkg00-atx.netgate.com (208.123.73.207) port 443
- ALPN: curl offers http/1.1
- CAfile: none
- CApath: /etc/ssl/certs/
- SSL connection using TLSv1.2 / ECDHE-RSA-AES256-GCM-SHA384
- ALPN: server accepted http/1.1
- Server certificate:
- subject: CN=*.netgate.com
- start date: Mar 28 00:00:00 2024 GMT
- expire date: Apr 28 23:59:59 2025 GMT
- subjectAltName: host "pkg00-atx.netgate.com" matched cert's "*.netgate.com"
- issuer: C=GB; ST=Greater Manchester; L=Salford; O=Sectigo Limited; CN=Sectigo RSA Domain Validation Secure Server CA
- SSL certificate verify ok.
- using HTTP/1.1
GET /pfSense_v2_7_2_amd64-pfSense_v2_7_2/packagesite.pkg HTTP/1.1
Host: pkg00-atx.netgate.com
User-Agent: pkg/1.20.8
Accept: /
If-Modified-Since: Wed, 02 Oct 2024 19:28:18 GMT< HTTP/1.1 200 OK
Fetching packagesite.pkg: 0%< Server: nginx
< Date: Wed, 09 Oct 2024 17:24:36 GMT
< Content-Type: application/octet-stream
< Content-Length: 160456
< Last-Modified: Wed, 02 Oct 2024 19:28:18 GMT
< Connection: keep-alive
< ETag: "66fd9ed2-272c8"
< Strict-Transport-Security: max-age=31536000; preload
< X-Content-Type-Options: nosniff
< X-XSS-Protection: 1; mode=block
< X-Robots-Tag: all
< X-Download-Options: noopen
< X-Permitted-Cross-Domain-Policies: none
< Accept-Ranges: bytes
<- The requested document is not new enough
- Simulate an HTTP 304 response
- Closing connection
pfSense repository is up to date.
Error updating repositories!
So strange, as few days ago, it still worked... will read now also the output and trying to understand what happened and how I can fix it...
-
Im sorry, looks like pfBlocker blocked someting, as I looked the protocoll result, I saw it went to 10.10.10.1 pf blocker...I switched off pfblocker, and now packages appear again!
Must find out now, why pfBlocker is causing this, at less, I now know, what to look for! Thank you very much!!
-
@TommyMoo said in pfsense available packages empty:
pkg+http://pkg.goxdrive.com.br/repo/FreeBSD:14:amd64/packagesite.pkg
That should not be there. It's some other pkg repo that could be pulling in conflicting pkgs.
That must have been added manually at some point. You should remove it or at least comment it out if you still see problems.
Steve