Navigation

    Netgate Discussion Forum
    • Register
    • Login
    • Search
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search

    Firewall rules won't load, freeradius2 package not installing

    2.2 Snapshot Feedback and Problems - RETIRED
    3
    3
    2191
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • A
      athurdent last edited by

      Upgrading my test Linux KVM from 2.1.1 pre-release (Feb8 build) to 2.2 kind of destroyed the system, no HTTP, no SSH after hard resetting it.
      I did not dig into this though, just installed it fresh from the latest 2.2 and restored my configuration.

      The biggest problems I found so far are:

      Firewall ruleset does not load:

      [ There were error(s) loading the rules: /tmp/rules.debug:66: syntax error - The line in question reads [66]: block in log inet all tracker 1000000101 label Default deny rule IPv4]
      

      freeradius2 does not install. Would be bad for my live system as the WLAN depends on it ;)

      Beginning package installation for freeradius2 .
      Downloading package configuration file... done.
      Saving updated package information... done.
      Downloading freeradius2 and its dependencies... 
      Checking for package installation... 
       Downloading https://files.pfsense.org/packages/10/All/freeradius-2.2.3_1-amd64.pbi ...  (extracting)
       ERROR: No digital signature! If you are *SURE* you trust this PBI, re-install with --no-checksig option.
      of freeradius-2.2.3_1-amd64 failed!
      
      Installation aborted.Removing package...
      Starting package deletion for freeradius-2.2.3_1-amd64...done.
      Removing freeradius2 components...
      Tabs items... done.
      Menu items... done.
      Services... done.
      Loading package instructions...
      Include file freeradius.inc could not be found for inclusion.
      Deinstall commands... 
      Not executing custom deinstall hook because an include is missing.
      Removing package instructions...done.
      Auxiliary files... done.
      Package XML... done.
      Configuration... done.
      done.
      Failed to install package.
      
      Installation halted.
      

      Edit:
      Found an option in Avanced settings to turn off the signature check, now freeradius2 installs. Does not run, though:

      Mar 27 10:17:09 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
      Mar 27 10:17:11 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
      Mar 27 10:17:15 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
      Mar 27 10:17:17 	php-fpm[28966]: /pkg.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
      Mar 27 10:17:18 	php-fpm[28966]: /pkg_edit.php: freeRADIUS - No freeradius lib found on /usr/pbi/freeradius-amd64/lib
      
      1 Reply Last reply Reply Quote 0
      • P
        phil.davis last edited by

        tracker 1000000101

        That tracker stuff was only just added, so I would guess it might be the first place to look.
        I looked at http://www.freebsd.org/cgi/man.cgi?pf.conf but cannot see it in the FreeBSD pf man page.
        Maybe it is a feature added to "pf" for pfSense? But I can't see the pfsense-tools repo, so I have no idea and no way to see what the functionality is or to help look into it. This will be the frustrating part of having pfsense-tools repo not publicly available. Guess I better send in an access request and see if it is accepted.

        As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
        If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

        1 Reply Last reply Reply Quote 0
        • E
          eri-- last edited by

          Its a builder issue i fixed.

          The tracker is used to match properly log entries with expected rule.

          And yes its a pfSense only feature.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post