SG-2100 factory reset does not remove packages
-
Hi, I will note here that doing a factory reset does not wipe out packages that were previously installed. I got a new SG-2100 that came with (factory installed)
aws-wizard, WireGuard, ipsec-profile-wizard.
I installed pfblockerng, nmap, mail_report, status_traffic_totals, and system_patches during configuration. Then I f'ed it up, locked myself out,
and had to do a factory reset. The packages I installed were still there, but
the pfblockerng wizard had to be rerun.I would have figured that a factory reset would wipe out packages that I installed. Surprise!
-
@beerguzzle said in SG-2100 factory reset does not remove packages:
and had to do a factory reset
With help of this : Factory Reset Procedure
You saw :
If this procedure fails, connect to the console and perform a factory reset there.
IMHO, a factory reset will not actually remove package files files, but just the package related settings in the one and only /conf/config.xml.
Better : your current /conf/config.xml will be overwritten by a default (kept somewhere in a safe place) new bare bone config.xml file.
Because in that file there are no package settings what so ever, there can't be any package config files created, and thus packages can 'start' (or do something).But you saw them still listed in the GUI menus. And you were thinking they would be removed from there also. I get it, and even somewhat agree with you, but this is not the case.
To really clean out the system : use the "get a fresh copy of pfSense, burn a key, and boot and install from usb key" method.
This will do a low level system disk rebuild, this will clean up things for sure.Btw : bare in mind : I'm looking at the "manual" here, I never actually used the 'factory reset' procedure myself.
-
It should remove the package config. Did you reset it using the reset button? There was an open bug for that....
-
I've gone through two factory resets tonight (I'm getting my ass kicked trying to set up VLANs and keep locking myself out), once via the "factory reset" option from the console, and once via the tiny button on the back. BTW, the factory reset from the console did its thing, rebooted... and just gave back a root shell prompt, no menu. The second poke via the button cured that and gave me a menu again.
I did notice that the reset via console did say that it would remove packages (and it did remove pfblockerng on me), but other packages like nmap remained. Since it wiped out pfblockerng, I am inclined to delete and reinstall all the packages I want. I don't trust what it doing here...
-
Hmm, yup there's definitely a bug there. If in doubt you can always reflash it to be sure it's in a clean state.
-
Ok, i was reading chapter 8 of the Security Gateway Manual, SG-2100 (pdf version, not online), about reflashing the system. See page 38. There is a link in the middle of the page, "Writing Flash Drives" that does not go anywhere.
I went to the online version, https://docs.netgate.com/reference/create-flash-media.html and got the info, so the pdf download of the doc is missing something. I like to download pdf versions of manuals and keep them local in case I totally f up and loose my network.
I don't find bugs, they find me.
-
@beerguzzle said in SG-2100 factory reset does not remove packages:
I don't find bugs, they find me.
Ha, yup I know that feeling!
