"Reset to factory defaults" at console doesn't work (solution)

stephenw10

Hmm, odd. What pfSense version was that?

I wouldn't expect any connectivity to be required for that. It copies in the default config and reboots into it. Or it should at least!

I tested that on the 2100 in 21.05.1 and it worked as expected.
Did you see any errors logged?

Steve

SteveITS

@stephenw10 23.05, the forum code tag makes the pane scrollable but it’s there. I didn’t upgrade first, the public IPs are for our data center so it couldn’t connect out. I wanted to get it back to being online. (This was a temp backup router for a week)

Yes I could have changed IPs on my laptop but figured it wasn’t necessary, then beat my head against the wall a bit before realizing I had gotten into a state where I couldn’t connect over the LAN ports so had to finish.

You can see in the code output it just stops after the y/n question. No error at that point. One thing I didn’t try was wait a long time. Maybe it eventually times out.

I have one 4860 to restore tomorrow after a reinstall, will try again though a different situation.

Is changing WAN to DHCP supposed to remove the static IP? I would have thought so…(the 64.x.x.x and 2607: x: :x IPs)

stephenw10

Yes I would expect it to remove the IP on the interface. It wouldn't remove VIPs.

It sounds like that unit might have had other issues and it never completed the reset. That definitely worked in 23.05 on the 2100.

Steve

SteveITS

@stephenw10 Ah some of those were VIPs and it had CARP for them. Still the default gw/route ought to be tied to the primary WAN. Will see for the next one.

FYI I didn’t receive an email for either of your posts, not in quarantine either.

SteveITS

@SteveITS never mind just got the email for the second one.

SteveITS

@stephenw10 OK so it appears I was not patient enough. Since I was wiping the HA pair anyway (the 4860) I tried console option 4 on it. It did work but it took about 4-5 minutes. I timed it but not exactly just using the PC clock.

One other notable thing on at least the first boot was this long pause. It might have been around the same 4-5 minutes:

Starting CRON... done.
 Starting package bandwidthd...done.
 Starting package OpenVPN Client Export Utility...done.
 Starting package System Patches...done.
 Starting package IPsec Profile Wizard...done.
 Starting package freeradius3...done.
			[<-- long delay and blank line here]
 Starting package suricata...done.
 Starting package pfBlockerNG...done.
 Starting /usr/local/etc/rc.d/pfb_dnsbl.sh...done.
 Starting /usr/local/etc/rc.d/pfb_filter.sh...done.
Netgate pfSense Plus 23.05-RELEASE amd64 Mon May 22 15:04:36 UTC 2023
Bootup complete

After the config reset those are still there but without the delay or blank line, in a different order:

Starting CRON... done.
 Starting package bandwidthd...done.
 Starting package freeradius3...done.
 Starting package IPsec Profile Wizard...done.
 Starting package OpenVPN Client Export Utility...done.
 Starting package pfBlockerNG...done.
 Starting package suricata...done.
 Starting package System Patches...done.
 Starting /usr/local/etc/rc.d/pfb_dnsbl.sh...done.
 Starting /usr/local/etc/rc.d/pfb_filter.sh...done.
Netgate pfSense Plus 23.05-RELEASE amd64 Mon May 22 15:04:36 UTC 2023

That may just be random, I confess I don't watch the console much. :)

Interestingly System/Packages shows all previously installed packages are still installed, though unconfigured. Option 4 specifically says "All additional packages installed will be removed." Sounds either like incorrect advice or a bug there?

stephenw10

Yeah, the actual packages may remain but I would not expect to see them in the menus, is that right?

That does seem like a bug though, the packages should be uninstalled.

stephenw10

Ha, like this: https://redmine.pfsense.org/issues/14378

Though there I only saw it when using the button. Which is odd since that should run the same scripts.

SteveITS

@stephenw10 :) I added my note.

They were in the menus because I could click and verify they were unconfigured as if they were newly installed (or the config removed, which was the goal).

I'm going to work with the 2100 some more when I have time. I think there are a couple of issues w/r/t restores and interfaces but want to understand/replicate.

stephenw10

Do you also see the packages get re-installed in the logs?

SteveITS

@stephenw10 Last night I was only looking at the console, and then when done testing I reinstalled to get ZFS. I did not notice it installing packages but it doesn't mean it didn't. I can look on the 2100. Where would it show?

stephenw10

You can see it in the boot log I attached on that ticket: https://redmine.pfsense.org/attachments/5025

It loads the default config but then reinstalls all the previous packages.

Steve

SteveITS

@stephenw10 I see it, will look.

I wonder if it's tied to the "reinstall all packages after an upgrade" code which was new in 22.01.

SteveITS

I tried the console factory default on the same 2100, with a valid Internet connection. It had no delay.

I then installed apcupsd via the GUI, and reset to defaults again. Afterwards the package was not installed. So, not sure what the difference was between yesterday and today.

I doubt the hardware (and hence ADI vs Arm) matters. Possibly, is an Internet connection required to remove a package? (callback to my 4m delay above) Or "many" packages or certain packages are handled differently than one package (seems unlikely)?