Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    PFSense 1.2.3 packages not installing

    Scheduled Pinned Locked Moved pfSense Packages
    8 Posts 5 Posters 2.8k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • R
      Rocky519
      last edited by

      I have been trying to install some packages on a couple of older PFSense boxes we have that are still on 1.2.3 and cannot be upgraded. I installed some packages a couple of weeks ago just fine. Today I tried installing several different packages and they all stop at "Loading package configuration…". I have tried on both embedded systems on the ALIX platform, as well as with a system with a hard drive in it. I checked the forum and it looks like there was a change to the packaging servers on March 13. Any idea what might be happening?
      Thanks

      1 Reply Last reply Reply Quote 0
      • P
        phil.davis
        last edited by

        Yes, stuff moved: https://github.com/pfsense/pfsense/commit/dd246dc48d46b5bc356bb96d22ec2845c1525779 but I believe they intended to have redirects of things so it would all work for at least a year - https://forum.pfsense.org/index.php?topic=73657.0 - it would be worth you posting on that thread and you might get quick attention when @cmb wakes up.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • C
          cmb
          last edited by

          Cross-posting this here.
          v1.2.3 packages are no longer supported, that's almost a 5 year old release now, and 6 releases behind current within a few days when 2.1.1 is released. There isn't any reason you can't upgrade them. That said, ones that worked a couple weeks ago should still work now. We're not intentionally breaking them (yet), but some are broken because they now require PHP 5.

          My first guess is maybe something about those systems is preventing them from fetching files via HTTPS. Go to a command prompt and run:

          fetch https://packages.pfsense.org/packages/config/filer/filer.xml

          see if that succeeds. If not, try:
          fetch http://packages.pfsense.org/packages/config/filer/filer.xml

          1 Reply Last reply Reply Quote 0
          • R
            Rocky519
            last edited by

            I understand that this is an older release. But it was fully supported not too long ago. We have many systems in production that cannot be upgraded, for reasons that don't really matter here. None of the production systems can load packages. I am talking about over 100 systems. They are all on different Internet connections from different providers. They could load packages a couple of weeks ago before the "Big change" in the package server.  They can all see the packages that are available for download. They just always stop at the same spot, each and every one of them. They stop at "Loading package configuration…". I was hoping I could quickly be pointed in the right direction but I guess I will have to roll up my sleeves and dive into the package code. I am thinking that the router is looking for 1.2.3 configuration pointers that just aren't there anymore.
            I tried fetching the files as per the last post but ran into read only file system issues and didn't want to start wasting time going down that rat hole. I'd rather just learn about the package system and how it works to get this solved.
            Thanks

            1 Reply Last reply Reply Quote 0
            • D
              doktornotor Banned
              last edited by

              Sounds like "oh noes, Windows XP not supported any more!!!" - moaning about this fact will produce about same results.

              1 Reply Last reply Reply Quote 0
              • C
                cmb
                last edited by

                1.2.3 hasn't been fully supported in going on 3 years now, just because things happen to continue to work doesn't mean they're supported.

                My guess was right on the cause, v1.x systems can't fetch files via HTTPS from servers requiring what's considered strong cryptography by today's standards. I changed the 1.2x package file back to use HTTP instead.

                That will keep it working for the time being, but roughly this time next year, 1.x packages will completely stop working and will not be fixed. Between now and then, any number of packages may break as things are strictly tested on PHP 5 at this point.

                1 Reply Last reply Reply Quote 0
                • B
                  bryan.paradis
                  last edited by

                  @cmb:

                  1.2.3 hasn't been fully supported in going on 3 years now, just because things happen to continue to work doesn't mean they're supported.

                  My guess was right on the cause, v1.x systems can't fetch files via HTTPS from servers requiring what's considered strong cryptography by today's standards. I changed the 1.2x package file back to use HTTP instead.

                  That will keep it working for the time being, but roughly this time next year, 1.x packages will completely stop working and will not be fixed. Between now and then, any number of packages may break as things are strictly tested on PHP 5 at this point.

                  Interesting. That it came down to HTTP vs HTTPS.  It must go a ways back.

                  If I were you Rocky I would be starting to plan an upgrade and I would also maybe look into sticking up your own repository if you don't think you can push through an upgrade in time.

                  @doktornotor:

                  Sounds like "oh noes, Windows XP not supported any more!!!" - moaning about this fact will produce about same results.

                  Yes it is old. It is a large batch of production systems. Maybe you would volunteer your time to plan, test and roll out the upgrade.  ::) Even  though the OP's ask may be a bit long  in the tooth I think he asked it in a fairly reasonably spirited way.

                  1 Reply Last reply Reply Quote 0
                  • R
                    Rocky519
                    last edited by

                    CMB,
                    Thanks for making the change back to HTTP. I surely appreciate it. I haven't tried it yet but I will be getting to this later today.

                    Bryan,
                    Thanks for being understanding. I certainly wasn't moaning and expecting someone else to do the heavy lifting for me. I was simply asking to be pointed in the right direction. I obviously have a very large upgrade project ahead of me. We knew this was coming but as usual, the project wasn't at the top of the list. I had already been looking at setting up our own repository to buy us some time but then the change happened to the package system and it was too late. It looks like I have been given a second chance.

                    Thanks guys.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.