2.2 now Release Candidate
-
And there was much rejoicing (yay)
-
Alix 2D13 with internal WiFi card upgraded fine:
2.2-RC (i386)
built on Tue Dec 09 09:46:19 CST 2014
FreeBSD 10.1-RELEASEAPU also upgraded fine:
2.2-RC (amd64)
built on Tue Dec 09 09:46:36 CST 2014
FreeBSD 10.1-RELEASEand now to test a few things.
But all looks good so far. -
Is there an new link to put in "Firmware Auto Update URL" to make systems look for and find the 2.2-RC?
My 2.2-BETA didn't find this new 2.2-RC automagically.
Or do you want us to download from the mirrors and install with the "Manual Update" tab?Now it's supposed to move automagically from BETA to RC
-
Just update my Alix 2D13 at home from 2.1.5 to 2.2-RC. Everything went well and it seems to be working fine. I had to manually reinstall the OpenVPN Client Export package because it didn't do it automatically, but no big deal.
Maybe it's a placebo effect, but the UI seems way more responsive compared to 2.1.x. I also noticed that ram utilization is a bit lower (went from 60% to 45%) running the same configuration and services. As a Alix user I appreciate that ;)
So far I like what I see and can't wait for 2.2 final to deploy at work.
-
Just update my Alix 2D13 at home from 2.1.5 to 2.2-RC. Everything went well and it seems to be working fine. I had to manually reinstall the OpenVPN Client Export package because it didn't do it automatically, but no big deal.
Maybe it's a placebo effect, but the UI seems way more responsive compared to 2.1.x. I also noticed that ram utilization is a bit lower (went from 60% to 45%) running the same configuration and services. As a Alix user I appreciate that ;)
So far I like what I see and can't wait for 2.2 final to deploy at work.
It's not a placebo effect, it's the result of moving to php-fpm. Good you could feel the positive impact.
-
Ever since I started playing with 2.2 I have noticed the improvement in webGUI performance and memory utilization on Alix 256MB. It is so much better when events happen (WAN up/down failover on multi-WAN systems). It does not run out of memory any more for me, no more "killed: out of swap space" in the log file.
I am so tempted to install this in production now - it will fix a bunch of "glitches" due running out of memory on 256MB systems on 2.1.n. -
Updated from beta to RC. Good job.
-
squidGuard + squid3 still not working for me
-
raclure, I used http://snapshots.pfsense.org/FreeBSD_releng/10.1/i386/pfSense_RELENG_2_2/.updaters/ to update from 2.1 and it worked fine, so I can confirm that it works.
Upgrade went without any apparent issues on a Soekris Net6501 and the interface is indeed snappier. I'm also happy to see a more current FreeBSD used as base. A big thank you to everyone involved!
-
If anyone cares enough, the front-facing page for snapshots could be updated to
s/BETA/RC/
And maybe
s/HIGHLY EXPERIMENTAL/PRETTY GOOD REALLY/
;) -
After more than a day with everything working as expected, I added basic traffic shaper using the wizard and set up the 6rd tunnel to my ISP, and after all this ram utilization never went above 45% and is currently sitting at 38% while the UI is still snappy. All this on a 256MB Alix box!
Not sure if it FreeBSD 10.1 or some kind of magic memory management trickery you guys pulled off, but I am very impressed on how smooth 2.2 runs on such low end hardware. I guess I won't need a new APU board now ;)
Great job.
-
I upgraded my Live system to 2.2 RC1 and so far pretty much all went OK. (incl. auto-install packages and
existing IPSec tunnels both IPv4 and IPv6 came up OK. And also OpenVPN and IPv6overIPv4 GIF bridge
to Tunnelbroker.net)There is only one annoying thing I have found so far and that is an auto-created
GATEWAY "TUNNELBROKER_TUNNELV4" created for my TUNNELBROKER IPv6 interface
(GIF-tunnel) even if I do not not have IPv4 enabled in that interface.
It is not possible to remove (only possible to disable)Don't know if it is a bug or ?
Also FreeBSD 10.1 enabled the driver for my USB-NIC. Thanks for that. Have waited for this. :)
Best regards
Dan Lundqvist
MRZAZ.COM
Stockholm, Sweden
-
squidGuard + squid3 still not working for me
It's working!
Look here: Topic: squid3 can't find libmd5.so.0
And Here: Topic: configure squid & squidguard/dansguardian with SSL $60 -
Great work guys, looking good.
Gotta little problem with Open-VM-Tools package though,
pfSense 2.2-RC / Open-VM-Tools version 1280544_9, fresh installs on ESXi 5.1 and VMWare Workstation 11
Shutdown/restart does not work from VMWare esxi 5.1
Restart and Power on script does not work from VMWare Workstation 11I searched and didn't find anything on my issue.
Also I didn't have this problem in the beta
The message from ESXi restart looks like this:
Call "VirtualMachine.RebootGuest" for object "pfSense 2.2 x64" on ESXi "x.x.x.x" failed.
–---------------------------------
The message from ESXi shutdown looks like:Initiate guest OS shutdown:The request to Power off this virtual machine failed because the corresponding VMware Tools script did not run successfully. If you have configured a custom power-off script in this virtual machine, make sure that it contains no errors. Attempting the operation again will ignore the script failure. You can also submit a support request to report this issue.
See the error stack for details on the cause of this problem.
Time: 12/14/2014 6:59:01 AM
Target: pfSense 2.2 x64
ESXi: x.x.x.x
Error Stack
The request to Power off this virtual machine failed because the corresponding VMware Tools script did not run successfully. If you have configured a custom power-off script in this virtual machine, make sure that it contains no errors. Attempting the operation again will ignore the script failure. You can also submit a support request to report this issue.additional dialogue:
Call "VirtualMachine.ShutdownGuest" for object "pfSense 2.2 x64" on ESXi "x.x.x.x" failed.The message from VMWare Workstation 11 for power on looks like:
The VMware Tools power-on script did not run successfully in this virtual machine. If you have configured a custom power-on script in this virtual machine, make sure that it contains no errors. You can also submit a support request to report this issue.The message from VMWare Workstation 11 for restart looks like:
The request to Reset this virtual machine failed because the corresponding VMware Tools script did not run successfully. If you have configured a custom reset script in this virtual machine, make sure that it contains no errors. Attempting the operation again will ignore the script failure. You can also submit a support request to report this issue.
-
Upgraded my APU with no issues. Everything seems to be working fine except for my IPsec vpn connection. I'm not sure what the issues other than it does not like the new IPsec. I was hoping someone could look over the logs. Thanks, Jim
Dec 14 19:32:04 ipsec_starter[47482]: 'con1' routed
Dec 14 19:32:04 ipsec_starter[47482]:
Dec 14 19:32:13 charon: 08[NET] received packet: from 216.235.xxx.194[500] to 71.204.15.119[500] (404 bytes)
Dec 14 19:32:13 charon: 08[ENC] parsed AGGRESSIVE request 0 [ SA KE No ID V V V V V V V V V ]
Dec 14 19:32:13 charon: 08[ENC] received unknown vendor ID: 40:4b:f4:39:52:2c:a3:f6
Dec 14 19:32:13 charon: 08[ENC] received unknown vendor ID: 5b:36:2b:c8:20:f6:00:07
Dec 14 19:32:13 charon: 08[IKE] <25> received NAT-T (RFC 3947) vendor ID
Dec 14 19:32:13 charon: 08[IKE] received NAT-T (RFC 3947) vendor ID
Dec 14 19:32:13 charon: 08[IKE] <25> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Dec 14 19:32:13 charon: 08[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Dec 14 19:32:13 charon: 08[IKE] <25> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Dec 14 19:32:13 charon: 08[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Dec 14 19:32:13 charon: 08[IKE] <25> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
Dec 14 19:32:13 charon: 08[IKE] received draft-ietf-ipsec-nat-t-ike-00 vendor ID
Dec 14 19:32:13 charon: 08[ENC] received unknown vendor ID: da:8e:93:78:80:01:00:00
Dec 14 19:32:13 charon: 08[IKE] <25> received DPD vendor ID
Dec 14 19:32:13 charon: 08[IKE] received DPD vendor ID
Dec 14 19:32:13 charon: 08[IKE] <25> received XAuth vendor ID
Dec 14 19:32:13 charon: 08[IKE] received XAuth vendor ID
Dec 14 19:32:13 charon: 08[IKE] <25> 216.235.148.194 is initiating a Aggressive Mode IKE_SA
Dec 14 19:32:13 charon: 08[IKE] 216.235.148.194 is initiating a Aggressive Mode IKE_SA
Dec 14 19:32:13 charon: 08[CFG] looking for pre-shared key peer configs matching 71.204.15.119…216.235.148.194[0006B10ECFF0]
Dec 14 19:32:13 charon: 08[IKE] <25> no peer config found
Dec 14 19:32:13 charon: 08[IKE] no peer config found
Dec 14 19:32:13 charon: 08[ENC] generating INFORMATIONAL_V1 request 2478717834 [ N(AUTH_FAILED) ]
Dec 14 19:32:13 charon: 08[NET] sending packet: from 71.204.15.119[500] to 216.235.xxx.194[500] (56 bytes)
Dec 14 19:32:19 charon: 08[NET] received packet: from 216.235.xxx.194[500] to 71.204.15.119[500] (404 bytes)
Dec 14 19:32:19 charon: 08[ENC] parsed AGGRESSIVE request 0 [ SA KE No ID V V V V V V V V V ]
Dec 14 19:32:19 charon: 08[ENC] received unknown vendor ID: 40:4b:f4:39:52:2c:a3:f6
Dec 14 19:32:19 charon: 08[ENC] received unknown vendor ID: 5b:36:2b:c8:20:f6:00:07
Dec 14 19:32:19 charon: 08[IKE] <26> received NAT-T (RFC 3947) vendor ID
Dec 14 19:32:19 charon: 08[IKE] received NAT-T (RFC 3947) vendor ID
Dec 14 19:32:19 charon: 08[IKE] <26> received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Dec 14 19:32:19 charon: 08[IKE] received draft-ietf-ipsec-nat-t-ike-03 vendor ID
Dec 14 19:32:19 charon: 08[IKE] <26> received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Dec 14 19:32:19 charon: 08[IKE] received draft-ietf-ipsec-nat-t-ike-02\n vendor ID
Dec 14 19:32:19 charon: 08[IKE] <26> received draft-ietf-ipsec-nat-t-ike-00 vendor ID
Dec 14 19:32:19 charon: 08[IKE] received draft-ietf-ipsec-nat-t-ike-00 vendor ID
Dec 14 19:32:19 charon: 08[ENC] received unknown vendor ID: da:8e:93:78:80:01:00:00
Dec 14 19:32:19 charon: 08[IKE] <26> received DPD vendor ID
Dec 14 19:32:19 charon: 08[IKE] received DPD vendor ID
Dec 14 19:32:19 charon: 08[IKE] <26> received XAuth vendor ID
Dec 14 19:32:19 charon: 08[IKE] received XAuth vendor ID
Dec 14 19:32:19 charon: 08[IKE] <26> 216.235.148.194 is initiating a Aggressive Mode IKE_SA
Dec 14 19:32:19 charon: 08[IKE] 216.235.xxx.194 is initiating a Aggressive Mode IKE_SA
Dec 14 19:32:19 charon: 08[CFG] looking for pre-shared key peer configs matching 71.204.15.119…216.235.xxx.194[0006B10ECFF0]
Dec 14 19:32:19 charon: 08[IKE] <26> no peer config found
Dec 14 19:32:19 charon: 08[IKE] no peer config found
Dec 14 19:32:19 charon: 08[ENC] generating INFORMATIONAL_V1 request 2450645352 [ N(AUTH_FAILED) ]
Dec 14 19:32:19 charon: 08[NET] sending packet: from 71.204.15.119[500] to 216.235.xxx.194[500] (56 bytes) -
Coming from 2.1.5 x64 - SSH access URL update - 2.2 rc x64 full update x64 busted the following:
1. Squid 3.4.9_1 pkg 0.1 - transparent not working , without Trans not working - getting the libmd5.so.o not found - uninstalled squid after a reboot verification that status did not change any of these findings.
2. the update Completely uninstalled squidGuard - left menus, services and watchdog. it was not me
3. Service Watch dog is a mess - changes to un-activate watching line items don't work, only deleting the line items that were watched.
4. Firewall log is empty and not reporting after turning a diagnostic external DNS server logging those on the general tab.
5. ipGuard service will not start.Not ready for prime time yet unless you want to be hours on site at a client with no filters in place s required by law at my school clients. Ouch!!
-
It would be best to split off issues into their own threads rather than piling on the announcement thread. Locking this for now. If you posted an issue here that hasn't already been solved, feel free to start a fresh thread here on the 2.2 board.