pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available!
-
We are excited to announce the release of pfSense Plus software version 22.01 and pfSense Community Edition (CE) software version 2.6.0, now available for new installations and upgrades! Read our blog post for more information.
This version of pfSense CE software includes new functionality allowing CE installations to upgrade to pfSense Plus. See HERE for more details!
For more details, see the release notes and Redmine.
Always take a backup of the firewall configuration prior to any major change to the firewall, such as an upgrade.
Do not update packages before upgrading! Either remove all packages or do not update packages before running the upgrade.
The upgrade will take several minutes to complete. The exact time varies based on download speed, hardware speed, and other factors such as installed packages. Be patient during the upgrade and allow the firewall enough time to complete the entire process. After the update packages finish downloading it could take 10-20 minutes or more until the upgrade process ends. The firewall may reboot several times during the upgrade process. Monitor the upgrade from the firewall console for the most accurate view.
Consult the Upgrade Guide for additional information about performing upgrades to pfSense software.
-
Pinned by M mleighton
-
Running pfSense 2.5.2 on Protectli FW4B with Coreboot BIOS v4.12.0.7 with these packages installed:
pfBlockerNG-devel v3.1.0_1 (Tons of blocking lists)
Service_Watchdog v1.8.7_1
Snort v4.1.5
Squid v0.4.45_8
System_Patches v1.2_7- Performed config backup, and manually rebooted unit before update.
- Started 2.6.0 update, 5 minutes later unit rebooted automatically.
System up and running with zero issues.
Thank you.
-
@mleighton hmmm
Maybe I Missed it in the release notes - or just something glitching in reinstall of my packages. But just did a clean install of 22.01 on a sg4860 with recover of config.. And while its reinstalling packages in the background.. I got this
Package radiusd does not exist in current Netgate pfSense Plus version and it has been removed. @ 2022-02-14 11:51:36
But I don't see that mentioned in the release notes? Maybe I am blind? maybe the name changed?
edit: hmm seems to have finished but its saying many of my packages no longer exist?
Package radiusd does not exist in current Netgate pfSense Plus version and it has been removed. @ 2022-02-14 11:51:36 Package named does not exist in current Netgate pfSense Plus version and it has been removed. @ 2022-02-14 11:56:03 Package avahi-daemon does not exist in current Netgate pfSense Plus version and it has been removed. @ 2022-02-14 11:56:07 Package reinstall process finished successfully @ 2022-02-14 11:56:08edit: maybe just some package name changes. I was able to install these packages, so seems to be all working now..
An intelligent man is sometimes forced to be drunk to spend time with his fools
If you get confused: Listen to the Music Play
Please don't Chat/PM me for help, unless mod related
SG-4860 23.01 | Lab VMs CE 2.6, 2.7 -
@johnpoz That's a known issue with a couple specific packages:
Remember: Upvote with the ๐ button for any user/post you find to be helpful, informative, or deserving of recognition!
Need help fast? Netgate Global Support!
Do not Chat/PM for help!
-
@jimp thanks! yeah wasn't anything couldn't work through - but it make for a less smooth experience is all.. Overall pretty happy with the whole process..
Not like I was currently using those packages anyway ;) But once I installed freerad for example - all my previous configurations were there, even if not currently running the package.
Looks like I am fully back to what I had, just on shiny new 22.01 and with the new zfs layout as well ;)
Some strangeness with pfblocker but expected maybe some issues with aliases I had until those were refreshed etc on just running an update in pfblocker..
Good work guys! as always - thanks!!
-
I read an article that for home users pfsense plus is free, and they recommend upgrading from CE to Plus.
What's the difference between them both?
What advantage of CE does Plus have?
If we move to Plus, how can we be sure that Plus will not be chargeable in the future? -
@gwaitsi Right now I'm not sure there are many differences. In the announcements a year ago Netgate talked about a future new internal architecture for Plus, so presumably at some point there will be major differences. Plus runs on Netgate ARM hardware.
re: chargeable (for home users, presumably), I can't answer that but as long as they are similar and the config files are compatible then it seems like installing CE and restoring a config file is an easy path back to CE.
-
Every time I use the traffic shaper the connection (limiters) falls off. will it be a bug in version 2.6.0?
-
If you have the captive portal enabled you're probably hitting this:
https://redmine.pfsense.org/issues/12954Steve
-
Just did a reinstall of pfSense using latest 2.6.0. First backed up config on 2.5.2 then did a reinstall on a new machine (old machine plan to retire).
All systems look to be OK except for the rate limiters. One of the VLANs has a firewall rule to rate limit the connections using source address. After troubleshooting why devices on that particular VLAN could not access the internet I figured the only difference with this particular VLAN was it had a rule utilizing rate limiters in the firewall rules. Disabled the rule and the devices on the VLAN could finally access the internet. There were no problems using this rule under 2.5.2.
I tried to use different queue types but all of them didn't work. For now I have disabled the rule but would like to have the rate limiters working.
-
Do you have the captive portal enabled on any interface?
See the above linked bug report.
Steve
-
yes. but not on the VLAN which has the traffic shaping rate limiter.
the captive portal VLAN has rate limited in the captive portal page itself and which doesn't require firewall rules and which works correctly. The VLAN which has no captive portal but instead uses traffic shaping firewall rules to rate limit blocks clients from accessing the internet.
-
ok...I could get around the bug by enabling captive portal on the VLAN that doesn't have CP enabled and use the rate limiter in the captive portal config page and disabled the rate limiter in the firewall. All works well and actually prefer it this way as it is consistent with my other VLANs which use the CP.
Since I don't want the login page to appear for this VLAN I configured to allow 100 pass through credits and 1 hour to restore the credits. Seems to work just as well.
-
Yeah, that would do it.
The bug is as described there. If you have the captive portal enabled on any interface then ipfw is active. And if ipfw is active then traffic sent to dummynet pipes (Limiters) by pf will fail. So to use Limiters outside of captive portal, captive portal must be disabled entirely on all interfaces.
Steve
-
Another problem discovered with my 2.6.0 upgrade. I have configured my ppp connection to reset each day at 3am. I noticed in the logs from 3am - 4am every minute the ppp will reset itself over and over again 59 times then stop at 4am and remain stable until the next ppp reset at 3am the following day. It repeats this connect/disconnect pattern everyday for exactly 1 hour.
-
Hmm, interesting. Does it connect successfully, repeatedly during that time?
-
yes. I get 59 new IP addresses over the course of 1 hour.
I have disabled the option to reset the ppp connection for now.
-
@papdee said in pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available!:
yes. I get 59 new IP addresses over the course of 1 hour.
I have disabled the option to reset the ppp connection for now.
What is your selection for the Periodic Reset option? It sounds like you have a bad custom option set. Daily at 3am would be Hour:
3, Minute:0. If you put*in minute it would run at every minute during 3:00am-3:59am. -
OK, I need to force it to "0" . It defaults to * so I missed that.
-
the pppoe reset option will ignore all user input and enter * into CRON for minutes. The only to get around this is to manually edit the CRON job which I don't want to do.
Another bug came up with the captive portal. If you click on Enable custom page and upload your own custom page then click save then go back and click live view it will always show the default netgate page.
Another bug with captive portal: if custom page is already clicked to enable and you try to unclick enable custom page and then try to save it doesn't unclick enable custom page. Once you have clicked custom page it us always enabled.
-
Looks like it just doesn't like
0. If you enter a non-zero value such as1or30it takes it. But if you enter0then on save it changes to*. -
I created a Redmine issue to have the issue corrected:
https://redmine.pfsense.org/issues/13307 -
not sure this is coincident with the new release but after a ISP outage I found that dhcp service stopped handing out default gateway assignments. I had to go to each one and give the default default gateway value even though it wasn't required before.
-
@nrf said in pfSense Plus version 22.01 and pfSense CE version 2.6.0 Software are Now Available!:
not sure this is coincident with the new release but after a ISP outage I found that dhcp service stopped handing out default gateway assignments. I had to go to each one and give the default default gateway value even though it wasn't required before.
That is unrelated. That can happen if your upstream/WAN doesn't provide you with a gateway via DHCP. Some have also seen it if DHCP starts while a WAN is down. We're looking into ways to improve that behavior.
-
@jimp quick response!
ok, started while wan was down would explain.
but 192.168.xx.1 can be a perfectly good default gateway ip whether there is a wan or not so kind of curious behavior. now that I have populated the default default I won't be bothered by it again but it cost me in down time after ISP was restored. it makes the advertised behavior on that page no longer a certainty, maybe add 'might' or 'should' there?
-
This post is deleted!
