Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available!

    Scheduled Pinned Locked Moved Messages from the pfSense Team
    28 Posts 20 Posters 27.6k Views 21 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • S Offline
      skogs @gnordoff
      last edited by

      @gnordoff I noted about an 80% increase in memory usage also, but it seems to have returned to normal after running for a little while.
      Guessing it isn't a 'hard' increase and may only be a few lingering post install cache things.

      1 Reply Last reply Reply Quote 0
      • occamsrazorO Offline
        occamsrazor
        last edited by

        Upgraded 2.5.2 CE to 2.6 and all went smoothly so far. It took a long time to download some of the packages, "appearing" to be stuck on some. I just mention that to anyone upgrading to just sit tight.
        The only thing was at the end of the process I got this, which may be no issue and the system seems to be working, but looked a bit odd....

        The process will require 98 MiB more space.
        [1/1] Upgrading pfSense-kernel-pfSense from 2.5.2 to 2.6.0...
        [1/1] Extracting pfSense-kernel-pfSense-2.6.0: .......... done
        ===> Keeping a copy of current kernel in /boot/kernel.old
        cp: /boot/kernel/.pkgtemp.fuse.ko.XlEg8vpsQuvv: No such file or directory
        cp: /boot/kernel/.pkgtemp.if_tun.ko.Lt0bFuqEiOK0: No such file or directory
        cp: /boot/kernel/.pkgtemp.if_igb.ko.QuxZvbFyEDZd: No such file or directory
        cp: /boot/kernel/.pkgtemp.if_ixlv.ko.r7T3rOyFZyBn: No such file or directory
        cp: /boot/kernel/.pkgtemp.if_tap.ko.eCXM6IY0M4M6: No such file or directory
        pkg-static: DEINSTALL script failed
        >>> Removing unnecessary packages... done.
        System is going to be upgraded.  Rebooting in 10 seconds.
        Success
        

        pfSense CE on Qotom Q355G4 8GB RAM/60GB SSD
        Ubiquiti Unifi wired and wireless network, APC UPSs
        Mac OSX and IOS devices, QNAP NAS

        1 Reply Last reply Reply Quote 1
        • P Offline
          pfsjap @SteveITS
          last edited by

          @steveits Removed only Netgate_Firmware_Upgrade package, upgraded to 22.01, reinstalled Netgate_Firmware_Upgrade. Upgrade went smoothly except for the seemingly cosmetic message "pkg-static: DEINSTALL script failed" before rebooting.

          Then I upgraded firmware to CORDOBA-02.02.00.00t, this went smoothly, too.

          Good work by the Netgate folks.

          1 Reply Last reply Reply Quote 0
          • C Offline
            churchtechguy
            last edited by

            First of all thanks for all your hard work!!
            I did encounter an issue after upgrading from 2.5.2 to 2.6.0. It appears that any rules I had set to match "Diffserve Code Point" values started erroring out when the ruleset is loaded. I tried several combinations and it seems that the only ones that were causing errors were ones set with csX markings (I was matching on cs7).

            Here's my exact error message:

            There were error(s) loading the rules: /tmp/rules.debug:278: illegal tos value 56 - The line in question reads [278]: match log on { WAN_Group } inet proto udp from any to any port $Zoom_UDP tos "56" ridentifier 1589829693 queue (qLowDelay) label "USER_RULE: Zoom Uploads (match CS7 audio dscp)
            

            I'm not sure where I should request help or post about this on the forums... I didn't have this issue prior to the upgrade.

            C 1 Reply Last reply Reply Quote 0
            • C Offline
              churchtechguy @churchtechguy
              last edited by

              I was able to reproduce and correct this error by manually editing my config.xml file. I filed a bug report here....

              https://redmine.pfsense.org/issues/12803

              1 Reply Last reply Reply Quote 0
              • W Offline
                Waqar.UK
                last edited by

                Great update - went smoothly. Took under 15 minutes: Qotom i5-5250U, 8GB RAM and 120 GB SSD (circa 2% used). ISP: VM 200Mbit down, get 200.

                1 Reply Last reply Reply Quote 0
                • K Offline
                  kaj
                  last edited by

                  The update from version 2.5.2-RELEASE (amd64) to 2.6.0-RELEASE (amd64) with the following hardware: Qotom Q878GE Intel(R) Core(TM) i7-8550U CPU 16 GByte RAM and 256 Gbyte mSata SSD took smoothly within 5 to 10 minutes. The following packages have been updated: acme, apcupsd, Cron, freeradius3, iperf, Lightsquid, mailreport,nut, openvpn-client-export, pfBlockerNG-devel, squid, squidguard. It doesn't get any better than that. Thank you for the successful update process and greetings from Germany

                  Thank you very much for the great work

                  kaj

                  1 Reply Last reply Reply Quote 0
                  • G Offline
                    guardian Rebel Alliance
                    last edited by

                    I just upgraded from 2.5.2 to 2.6.0, and it appeared to go well, except that I can no longer access the serial console by logging in as root. I can still login with ssh, to the user id that I use with the webgui, but I don't get the menu.

                    Is this expected behavior, or a bug?
                    How can I access the serial menu over ssh?

                    If you find my post useful, please give it a thumbs up!
                    pfSense 2.8.0-RELEASE

                    S R 2 Replies Last reply Reply Quote 0
                    • S Offline
                      skogs @guardian
                      last edited by

                      @guardian sounds like you made a legitimate login at some point that isn't admin/root. Might need to re-create it (even though it is there) to get the login script and such back for the 'new' user.
                      Guessing have to install sudo and stuff, as normal user wouldn't have root access.
                      I think the textual menu is provided by /etc/rc.initial

                      1 Reply Last reply Reply Quote 0
                      • R Offline
                        rcoleman-netgate Netgate @guardian
                        last edited by rcoleman-netgate

                        @guardian try running

                        /etc/rc.initial
                        

                        to get the menu. Only 'admin' gets the menu by default. If you have disabled this account it is now reflective in the SSH connection with the 2.6 update.

                        Ryan
                        Repeat, after me: MESH IS THE DEVIL! MESH IS THE DEVIL!
                        Requesting firmware for your Netgate device? https://go.netgate.com
                        Switching: Mikrotik, Netgear, Extreme
                        Wireless: Aruba, Ubiquiti

                        1 Reply Last reply Reply Quote 0
                        • R Offline
                          robbyjhons540
                          last edited by

                          This post is deleted!
                          1 Reply Last reply Reply Quote 0
                          • J Offline
                            jwg014
                            last edited by

                            HI,

                            any Idea how to deal with CVE-2022-0778 in the case e.g. HaProxy use inside pfSense?
                            BR Johannes

                            jimpJ 1 Reply Last reply Reply Quote 0
                            • jimpJ Offline
                              jimp Rebel Alliance Developer Netgate @jwg014
                              last edited by

                              @jwg014 said in pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available!:

                              any Idea how to deal with CVE-2022-0778 in the case e.g. HaProxy use inside pfSense?

                              HAProxy would only be affected if you have it configured to accept client certificates as a form of authentication. Which is possible, but rare in practice. If you have concerns about that, move the service inside a VPN where it's much more protected. As far as we can tell so far, VPNs are not likely to be as much of an issue as there are other hurdles attackers would have to overcome before the certificates come into play (e.g. TLS key protecting OpenVPN in addition to certificate auth.), and several VPN types and configs don't use certificates at all (e.g. WireGuard). We're still checking into it and keeping an eye on what people find, though.

                              Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                              Need help fast? Netgate Global Support!

                              Do not Chat/PM for help!

                              1 Reply Last reply Reply Quote 2
                              • D Offline
                                doppyforever79
                                last edited by

                                This post is deleted!
                                1 Reply Last reply Reply Quote 1
                                • D Offline
                                  doppyforever79
                                  last edited by

                                  This post is deleted!
                                  1 Reply Last reply Reply Quote 0
                                  • M mleighton unpinned this topic on
                                  • U Offline
                                    urbanovits @mleighton
                                    last edited by

                                    @mleighton Were to report a security issue ?
                                    Need a contact info, I'm not going to put on public.

                                    jimpJ 1 Reply Last reply Reply Quote 0
                                    • jimpJ Offline
                                      jimp Rebel Alliance Developer Netgate @urbanovits
                                      last edited by

                                      @urbanovits said in pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available!:

                                      @mleighton Were to report a security issue ?
                                      Need a contact info, I'm not going to put on public.

                                      https://www.netgate.com/security has the relevant contact information and procedures for reporting security issues.

                                      Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                                      Need help fast? Netgate Global Support!

                                      Do not Chat/PM for help!

                                      1 Reply Last reply Reply Quote 0
                                      • First post
                                        Last post
                                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.