pfSenseをアップデートした記録 2.4.4_3→2.4.5
アップデート内容確認
2.4.4_3(2.4.4-p3)から2.4.5(2.4.5)にアップデートします
変更点を確認
https://docs.netgate.com/pfsense/en/latest/releases/2-4-5-new-features-and-changes.html
Operating System / Architecture changes
Base OS upgraded to FreeBSD 11-STABLE (exact contents TBD)
Security / Errata
Fixed dependency issues with pfSense-upgrade which may have caused it not to update itself properly #10303
Added encoding to the hostname in services_acb.php #9584
Added encoding to error output in services_captiveportal_mac.php #9609
Improved Picture Widget input validation #9610 #9731 #9804
Added a fsck run with -z for UFS filesystems on upgrade to address FreeBSD-SA-19:10.ufs #9612
Fixed format of XMLRPC auth error to match GUI auth error #9782
Added a custom CSRF Error page with warnings and confirmation prompts before resubmitting potentially harmful data #9799
Fixed Status_Monitoring rrd_fetch_json.php error encoding #9601
Fixed encoding of the user full name on system_usermanager_addprivs.php #10324
Fixed input validation and output encoding of host on diag_ping.php #10355
Addressed FreeBSD Security Advisories & Errata Notices
FreeBSD-SA-20:05.if_oce_ioctl
FreeBSD-SA-20:04.tcp
FreeBSD-SA-19:24.mqueuefs
FreeBSD-SA-19:23.midi
FreeBSD-SA-19:22.mbuf
FreeBSD-SA-19:21.bhyve
FreeBSD-SA-19:20.bsnmp
FreeBSD-SA-19:19.mldv2
FreeBSD-SA-19:18.bzip2
FreeBSD-SA-19:17.fd
FreeBSD-SA-19:16.bhyve
FreeBSD-SA-19:15.mqueuefs
FreeBSD-SA-19:14.freebsd32
FreeBSD-SA-19:13.pts
FreeBSD-SA-19:12.telnet
FreeBSD-SA-19:11.cd_ioctl
FreeBSD-SA-19:10.ufs
FreeBSD-SA-19:09.iconv
FreeBSD-SA-19:08.rack
FreeBSD-EN-20:06.ipv6
FreeBSD-EN-20:04.pfctl
FreeBSD-EN-19:18.tzdata
FreeBSD-EN-19:17.ipfw
FreeBSD-EN-19:16.bhyve
FreeBSD-EN-19:15.libunwind
FreeBSD-EN-19:14.epoch
FreeBSD-EN-19:13.mds
FreeBSD-EN-19:12.tzdata
FreeBSD-EN-19:11.net
Aliases/Tables
Fixed an issue when resolving FQDN entries in aliases where some entries could be missing #9296
Improved URL Table aliases to support FQDNs which return muliple entries #8531
Added a function to download the contents of an individual alias #9816
Authentication
Added exception handling to authentication attempts #9150
Backup/Restore
Added a special string (NoReMoTeBaCkUp) that when used in write_config() descriptions will prevent a remote backup #9693
Removed legacy AutoConfigBackup options (there were no more active accounts using the retired legacy service) #9687 #9785
Added CDATA protection to the encryption_password XML tag, which allows international characters to be used in that field #7186
Added CDATA escape to more auth-related fields #9327
Ensured that kern.cam.boot_delay is set for new installations and upgrades so that USB devices are properly initialized in time for configuration restore in the installer and ECL to function #9533
Captive Portal
Fixed Captive Portal vouchers shortcut links #9722
Changed Captive Portal redirect page selection order #9819
Fixed a rare and intermittent issue where users could encounter an nginx error when restarting Captive Portal instances #10159
Certificates
Added sorting and search/filtering to Certificate Authority & Certificate manager #9412
Corrected wording of CA/Cert CN input validation #9234
Fixed certificate Descriptive Name field behavior when adding a user certificate #9719
Added clientAuth EKU to Server type certificates #9868
Reduced the default GUI web server certificate lifetime to 825 days to prevent errors on Apple platforms #9825
Dashboard
Added option to disable PTI display in System Information widget #9323
DHCP
Fixed incorrect expansion of Dynamic DNS advanced options on the DHCPv6 Server page #9448
Changed DHCP relay backend code to determine and specify separate upstream and downstream interface lists #9466
Prevented OpenVPN interfaces from being used by DHCP relay, since that type of interface is not compatible #8443
Added an option to disable ping check in dhcpd #9285
Fixed Show all configured leases so it is persistent after deleting a DHCP lease #9133
Added search/filter to DHCP/DHCPv6 leases #9791
Diagnostics
Fixed a PHP warning in diag_dump_states.php #9780
Fixed reverse lookup of IPv6 addresses on diag_dns.php #9543
Fixed diag_system_activity.php to use batch mode for top so it displays process list w/o terminal, and increased amount of output displayed #9522
Added search/filter ARP table and NDP status #9791
DNS
Added 127.0.0.0/8 to the DNS Resolver private-address list for DNS rebinding protection #9708
Fixed CIDR selection issues with /32 entries in DNS Resolver Access List entries #9586
Fixed an issue saving DNS over TLS hostnames on systems with only one gateway #9898
Fixed an issue where manually configured DNS servers may not have been active if “allow override” was disabled and they were also assigned dynamically #9963
Added DNS Resolver (Unbound) Python Integration #9251
Dynamic DNS
Fixed Dynamic DNS class constructor name #9779
Fixed errors in DNSimple Dynamic DNS #9580
Fixed handling of wildcard (*) hostname entries in Cloudflare Dynamic DNS #9361
Added support for AAAA records to Digital Ocean Dynamic DNS #9280
Fixed issues with Digital Ocean Dynamic DNS handling of empty hostnames #9602
Cleaned up whitespace issues in Azure Dynamic DNS backend code #9271
Added support for Linode Dynamic DNS #9268
Fixed issues with IPv6 on Azure Dynamic DNS #9248
Fixed handling of wildcards in Route53 Dynamic DNS #9053
Fixed handling of wildcards in Loopia Dynamic DNS #8014
Fixed CloudFlare Dynamic DNS processing when proxied is enabled #9362
Fixed CloudFlare Dynamic DNS “Invalid TTL” error due to CloudFlare API update #10196
Changed hostname to optional for DNS-O-Matic Dynamic DNS #7601
Added support for Gandi LiveDNS Dynamic DNS #9452
Gateways
Corrected PHP errors when marking gateways down in certain edge cases #9851
Interfaces
Added more prefix delegation size entries to selection list on interfaces.php #9590
Added initialization to the VLAN array in console setup #9582
Fixed issues with Netgate & hardware model detection which caused problems with default interface mappings #8051
Fixed issues with display of previously-entered IP address values on interfaces_ppps_edit.php #9741
Added a confirmation prompt to disconnect/release actions on status_interfaces.php #9911
Added drivers for Mellanox mlx4 and mlx5 network interface cards #7537
IPsec
Fixed IPsec VTI interface creation logic #9781
Added GUI option for IPsec P2/Child SA close action #9767
Added IPsec DH and PFS groups 25, 26, and 27 #9757
Added 25519 curve-based IPsec DH and PFS group 31 #9531
Enabled NAT-T controls for IKEv2 #9695
Improved handling of IPsec restarts breaking VTI routing #9668
Fixed input validation that incorrectly prevented deleting IPsec P2 entries in some cases with VTI #9258
Fixed IPsec keyid identifier handling #9243
Fixed IPsec VTI MTU boot-time configuration #9111
Escape Windows domain backslash in IPsec widget #9747
Fixed VTI IPv6 address handling #9801
Fixed Child SA button JS hide on status_ipsec.php, along with other cosmetic improvements #8847
Added Connect Children button to status_ipsec.php to connect when IKE (Phase 1) is up but Child SAs (Phase 2 entries) are not #9954
Fixed IPsec Phase 2 Remote Network field show/hide when changing between Phase 2 modes #9720
Fixed IPsec configuration generation so that encryption options for every P2 on a given P1 are not duplicated on each P2 #6263
Fixed a PHP error in IPsec package plugin hook processing #10217
Load Balancer
Fixed a PHP when processing services when the configuration does not contain Load Balancer entries #10308
Logging
Moved igmpproxy logs to routing.log #10139
Moved igmpproxy verbose logging option to services_igmpproxy.php (formerly at status_logs_settings.php) #10139
Updated sshguard and fixed a log processing regression #9971
Fixed PHP errors in filter log processing when entries contain an invalid port #10255
Monitoring
Fixed custom view titles being forced to lower case #9681
Fixed packet graph scaling #9807
Fixed a PHP error in RRD processing of ALTQ data #10248
Notifications
Fixed SMTP notification password being unintentionally changed when testing SMTP settings #9684
Reduced frequency of GEOM rebuild notifications #9256
NTPD
Added validation to ensure NTP values are treated as numbers before use #9558
Changed the default NTP pool server to 2.<domain> so that it can use IPv6 #9931
Improved handling of errors on the NTP status page to work/fail gracefully with custom ACLs for localhost in place #9829
OpenVPN
Fixed JavaScript issue when selecting multiple OpenVPN NCP algorithms #9756
Fixed OpenVPN wizard so it does not show DH parameter lengths that are not available #9748
Fixed issues with OpenVPN resynchronizing when running on a gateway group #9595
Added an option to set the OpenVPN TLS Key Direction #9030
Added GUI options to configure OpenVPN keepalive parameters #3473
Fixed instances of hidden invalid OpenVPN options affecting save operations #9674
Added a copy action to OpenVPN pages #5851
Improved sorting of bytes sent/receives on OpenVPN status page #7359
Fixed visibility of the OpenVPN ‘interface’ option when multihome is selected #7840
Reduced the OpenVPN server certificate lifetime to 825 days in the wizard to prevent errors on Apple platforms #9825
Added input validation to prevent OpenVPN tunnel network reuse #3244
Added Exit Notify to OpenVPN servers/client options #9078
Operating System
Fixed serial console terminal size issues #9569
Added the strings binary to base builds for troubleshooting #7791
Changed UFS filesystem defaults to noatime on new installations #9483
Fixed an issue where the IP header checksum was incorrect when reassembling packet fragments to a link with a different MTU #10189
Packet Capture
Changed Packet Capture GUI to allow multiple TCP/UDP ports to be specified #9766
Added start time to Packet Capture display #9831
Added OSPF/OSPFv3 to Packet Capture protocols #9905
Fixed Packet Capture to match both IPv4+IPv6 CARP when that protocol is selected #9867
Fixed Packet Capture for the pfsync protocol #10183
Routing
Fixed (Default) designation on routes to match the default route in the OS #9292
Fixed static routes remaining in routing table after removal #9969
Rules / NAT
Fixed state kill ordering in rc.newwanip #4674
Added the ability to search firewall logs by tracking ID #8703
Added GUI option to disable default blocking of APIPA networks #9966
Added more common ports to the firewall rule drop-down list #10166
Added input validation to prevent selecting !* (“not any”) in source or destination #10168
Fixed invalid rules generated when using NAT reflection with a negated destination #10246
S.M.A.R.T.
Updated the SMART page with new capabilities #9367
SNMP
Fixed SNMP sysDescr contents to include hostname and patch version #9218
Traffic Shaping / Limiters
Added input validation for Limiter delay values #9921
Fixed the queue statistics parser to handle large values #9938
Translations
Fixed an issue with international characters in configuration descriptions, which led to failures in certain cases, such as failing to set Manual Outbound NAT when the Language was set to pt_BR #6195
Fixed a PHP error on system_advanced_admin.php when the language was set to French #10331
Upgrade / Installation
Revised update check to provide a more consistent version string in JSON format #9778
Disabled serial console on VGA memstick images #9488
Fixed a PHP error when upgrading older configurations from revision 14.4 to 14.5 #9840
UPnP
Fixed display of active UPnP sessions when configured with an alternate external address #9961
User Manager / Privileges
Added input validation to prevent changing the authentication server name #9692
Added privilege to manage integrated switches #9620
Fixed privilege matching to handle JS anchor links #9550
Removed wildcards incorrectly used in isAllowedPage() #9541
This issue could prevent a user in the admins group from reaching certain pages such as the User Manager.
Improved Deny Config Write privilege handling in the User & Group Manager #9259
Fixed input validation of group name sizes to allow longer remote groups #3792
Fixed handling of L2TP and PPPoE user passwords containing invalid characters #10275
Web Interface
Corrected input validation for firewall rule VLAN priority/set #9763
Restricted Thoth tests to arm64 in status.php NG 2569
Added kernel memory usage to status.php output #9705
Redacted several additional fields in status.php output #9784 #9729 #9728 #9727 #9694 #9736 #9764
Fixed a potential source of PHP errors when saving per-log settings #9540
Added GUI components for MDS mitigation #9532
Fixed integrated switch LAGG member editing on switch_ports.php #9447
Fixed wizard.php selection option size attribute handling #8907
Fixed platform detection for certain C2558/C2758 systems #6846
Set autocomplete=new-password for forms containing authentication fields to help prevent browser auto-fill from completing irrelevant fields #9864
Fixed processing of shortcuts for XML-based packages #9770
Updated jQuery #9407
Improved consistency of SSL/TLS references throughout the GUI #10172
Updated various help references and links to use the pfSense book instead of external resources #10135 #10184
XMLRPC
Fixed removal of the last ALTQ traffic shaping entry from the target system when performing an XMLRPC sync #9469
Fixed removal of the last limiter entry from the target system when performing an XMLRPC sync #9468
しばらく更新がなかったのですが10か月ぶりにようやく2.4.5がリリースされました
期間が空いただけあって修正内容はかなりの量になってますが
不具合修正や脆弱性対策がほとんどで
大きな変更はベースOSがFreeBSD 11.3になった程度です
ただリリースノートにも注意事項として記載されていますが
COVID-19の関係でpfSenseの設置している場所に直接行くことができず
リモートでしか作業ができない状況である場合は
万が一に更新エラーなどが発生した際に復旧作業ができなくなり
pfSenseが一定期間利用できなくなる恐れがありますので注意が必要です
アップデート処理中の再起動にいつもより少し時間がかかるので
いつもより数分程度ですが多めに作業時間が必要です
アップデートの手順
事前に設定のバックアップをした上で以下の操作でアップデートを実行
手順はいつもと同じです
まずダッシュボードのVersionのところにある雲マークか
System→Updateを選択
2.4.4_3から2.4.5へアップデートと表示出てるのを確認して「Confirm」を押す
無事に完了すると自動で再起動開始されます
いつもはこのRebootingの90秒の間かNot yet readyの1回分程度でWEBGUIが復帰しますが
今回はRebootingの90秒の後に更に1~2分程度の時間が必要でした
いつもより時間がかかっていてもリセットボタン押したりしないよう注意してください
最後に2.4.5の状態で設定をバックアップして完了
Update時の処理ログ
>>> Updating repositories metadata... Updating pfSense-core repository catalogue... Fetching meta.txz: . done Fetching packagesite.txz: . done Processing entries: . done pfSense-core repository update completed. 7 packages processed. Updating pfSense repository catalogue... Fetching meta.txz: . done Fetching packagesite.txz: .......... done Processing entries: Processing entries............. done pfSense repository update completed. 522 packages processed. All repositories are up to date. >>> Setting vital flag on pkg... done. >>> Removing vital flag from php72... done. >>> Downloading upgrade packages... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. Checking for upgrades (103 candidates): .......... done Processing candidates (103 candidates): .......... done The following 117 package(s) will be affected (of 0 checked): New packages to be INSTALLED: python37: 3.7.6 [pfSense] isc-dhcp44-server: 4.4.1_4 [pfSense] isc-dhcp44-relay: 4.4.1 [pfSense] isc-dhcp44-client: 4.4.1_1 [pfSense] php72-intl: 7.2.29 [pfSense] icu: 65.1,1 [pfSense] lua-resty-core: 0.1.17 [pfSense] lua-resty-lrucache: 0.09 [pfSense] luajit-openresty: 2.1.20190912_2 [pfSense] libxslt: 1.1.34 [pfSense] libgcrypt: 1.8.5 [pfSense] libgpg-error: 1.36 [pfSense] py37-ply: 3.11 [pfSense] py37-setuptools: 41.4.0_1 [pfSense] Installed packages to be UPGRADED: wpa_supplicant: 2.8 -> 2.9 [pfSense] wol: 0.7.1_3 -> 0.7.1_4 [pfSense] unbound: 1.9.1 -> 1.9.6 [pfSense] uclcmd: 0.1_2 -> 0.1_3 [pfSense] strongswan: 5.7.1 -> 5.8.2 [pfSense] sshguard: 2.3.1 -> 2.4.0_3,1 [pfSense] sqlite3: 3.28.0 -> 3.30.1 [pfSense] smartmontools: 6.6_1 -> 7.0_2 [pfSense] scponly: 4.8.20110526_2 -> 4.8.20110526_4 [pfSense] rrdtool: 1.7.0_2 -> 1.7.2_1 [pfSense] relayd: 5.5.20140810_2 -> 5.5.20140810_5 [pfSense] readline: 7.0.3_1 -> 8.0.1 [pfSense] radvd: 2.17_5 -> 2.18_2 [pfSense] python27: 2.7.16 -> 2.7.17_1 [pfSense] php72-zlib: 7.2.10 -> 7.2.29 [pfSense] php72-xmlwriter: 7.2.10 -> 7.2.29 [pfSense] php72-xmlreader: 7.2.10 -> 7.2.29 [pfSense] php72-xml: 7.2.10 -> 7.2.29 [pfSense] php72-tokenizer: 7.2.10 -> 7.2.29 [pfSense] php72-sysvshm: 7.2.10 -> 7.2.29 [pfSense] php72-sysvsem: 7.2.10 -> 7.2.29 [pfSense] php72-sysvmsg: 7.2.10 -> 7.2.29 [pfSense] php72-sqlite3: 7.2.10 -> 7.2.29 [pfSense] php72-sockets: 7.2.10 -> 7.2.29 [pfSense] php72-simplexml: 7.2.10 -> 7.2.29 [pfSense] php72-shmop: 7.2.10 -> 7.2.29 [pfSense] php72-session: 7.2.10 -> 7.2.29 [pfSense] php72-readline: 7.2.10 -> 7.2.29 [pfSense] php72-posix: 7.2.10 -> 7.2.29 [pfSense] php72-pecl-zmq: 1.1.3_2 -> 1.1.3_3 [pfSense] php72-pecl-mcrypt: 1.0.1 -> 1.0.3 [pfSense] php72-pear-XML_RPC2: 1.1.3_1 -> 1.1.4 [pfSense] php72-pear-Net_SMTP: 1.8.0 -> 1.9.0 [pfSense] php72-pear: 1.10.5_1 -> 1.10.6 [pfSense] php72-pdo_sqlite: 7.2.10 -> 7.2.29 [pfSense] php72-pdo: 7.2.10 -> 7.2.29 [pfSense] php72-pcntl: 7.2.10 -> 7.2.29 [pfSense] php72-openssl: 7.2.10 -> 7.2.29 [pfSense] php72-opcache: 7.2.10 -> 7.2.29 [pfSense] php72-mbstring: 7.2.10 -> 7.2.29 [pfSense] php72-ldap: 7.2.10 -> 7.2.29 [pfSense] php72-json: 7.2.10 -> 7.2.29 [pfSense] php72-hash: 7.2.10 -> 7.2.29 [pfSense] php72-gettext: 7.2.10 -> 7.2.29 [pfSense] php72-filter: 7.2.10 -> 7.2.29 [pfSense] php72-dom: 7.2.10 -> 7.2.29 [pfSense] php72-curl: 7.2.10 -> 7.2.29 [pfSense] php72-ctype: 7.2.10 -> 7.2.29 [pfSense] php72-bz2: 7.2.10 -> 7.2.29 [pfSense] php72-bcmath: 7.2.10 -> 7.2.29 [pfSense] php72: 7.2.10 -> 7.2.29 [pfSense] pftop: 0.7_8 -> 0.7_9 [pfSense] pfSense-rc: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense-kernel-pfSense: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense-default-config: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense-base: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense-Status_Monitoring: 1.7.7 -> 1.7.11_1 [pfSense] pfSense: 2.4.4_3 -> 2.4.5 [pfSense] perl5: 5.26.2 -> 5.30.1 [pfSense] pcre: 8.42 -> 8.43_2 [pfSense] openvpn: 2.4.6_1 -> 2.4.8 [pfSense] openldap-client: 2.4.46 -> 2.4.48 [pfSense] oniguruma: 6.8.1 -> 6.9.3 [pfSense] ntp: 4.2.8p13 -> 4.2.8p14 [pfSense] nginx: 1.14.1,2 -> 1.16.1_11,2 [pfSense] nettle: 3.4 -> 3.5.1_1 [pfSense] mpd5: 5.8_8 -> 5.8_10 [pfSense] mobile-broadband-provider-info: 20170310 -> 20190618_1 [pfSense] miniupnpd: 2.0.20180503,1 -> 2.1.20190210,1 [pfSense] links: 2.16,1 -> 2.16_2,1 [pfSense] libzmq4: 4.3.1 -> 4.3.1_1 [pfSense] libxml2: 2.9.7 -> 2.9.10 [pfSense] libunistring: 0.9.10 -> 0.9.10_1 [pfSense] libucl: 0.8.0 -> 0.8.1 [pfSense] libnghttp2: 1.32.0 -> 1.40.0 [pfSense] liblz4: 1.8.2,1 -> 1.9.2,1 [pfSense] libidn2: 2.0.5 -> 2.3.0_1 [pfSense] libffi: 3.2.1_2 -> 3.2.1_3 [pfSense] libevent: 2.1.8_1 -> 2.1.11 [pfSense] libedit: 3.1.20170329_2,1 -> 3.1.20191211,1 [pfSense] libargon2: 20171227 -> 20190702 [pfSense] ldns: 1.7.0_1 -> 1.7.1_1 [pfSense] json-c: 0.13 -> 0.13.1_1 [pfSense] ipmitool: 1.8.18_1 -> 1.8.18_2 [pfSense] hostapd: 2.8 -> 2.9 [pfSense] gmp: 6.1.2 -> 6.1.2_1 [pfSense] glib: 2.50.3_4,1 -> 2.56.3_7,1 [pfSense] gettext-runtime: 0.19.8.1_1 -> 0.20.1 [pfSense] filterdns: 2.0_1 -> 2.0_3 [pfSense] expat: 2.2.5 -> 2.2.8 [pfSense] dnsmasq: 2.79,1 -> 2.80_4,1 [pfSense] dmidecode: 3.1_1 -> 3.2 [pfSense] dhcp6: 20080615.2 -> 20080615.2_2 [pfSense] devcpu-data: 1.22 -> 1.28 [pfSense] curl: 7.64.0 -> 7.67.0 [pfSense] cpdup: 1.18 -> 1.20 [pfSense] ccache: 3.4.2 -> 3.7.1 [pfSense] ca_root_nss: 3.39 -> 3.51 [pfSense] bsnmp-ucd: 0.4.2 -> 0.4.4 [pfSense] bind-tools: 9.12.2P1 -> 9.14.9 [pfSense] Installed packages to be REINSTALLED: php72-pecl-radius-1.4.0.b1 [pfSense] (option added: EXAMPLES) php72-pear-Net_Socket-1.0.14 [pfSense] (ABI changed: 'freebsd:11:x86:64' -> 'freebsd:11:*') check_reload_status-0.0.8 [pfSense] (needed shared library changed) Number of packages to be installed: 14 Number of packages to be upgraded: 100 Number of packages to be reinstalled: 3 The process will require 190 MiB more space. 141 MiB to be downloaded. [1/117] Fetching wpa_supplicant-2.9.txz: .......... done [2/117] Fetching wol-0.7.1_4.txz: .... done [3/117] Fetching unbound-1.9.6.txz: .......... done [4/117] Fetching uclcmd-0.1_3.txz: ... done [5/117] Fetching strongswan-5.8.2.txz: .......... done [6/117] Fetching sshguard-2.4.0_3,1.txz: .......... done [7/117] Fetching sqlite3-3.30.1.txz: .......... done [8/117] Fetching smartmontools-7.0_2.txz: .......... done [9/117] Fetching scponly-4.8.20110526_4.txz: ... done [10/117] Fetching rrdtool-1.7.2_1.txz: .......... done [11/117] Fetching relayd-5.5.20140810_5.txz: .......... done [12/117] Fetching readline-8.0.1.txz: .......... done [13/117] Fetching radvd-2.18_2.txz: ....... done [14/117] Fetching python27-2.7.17_1.txz: .......... done [15/117] Fetching php72-zlib-7.2.29.txz: ... done [16/117] Fetching php72-xmlwriter-7.2.29.txz: .. done [17/117] Fetching php72-xmlreader-7.2.29.txz: .. done [18/117] Fetching php72-xml-7.2.29.txz: ... done [19/117] Fetching php72-tokenizer-7.2.29.txz: .. done [20/117] Fetching php72-sysvshm-7.2.29.txz: . done [21/117] Fetching php72-sysvsem-7.2.29.txz: . done [22/117] Fetching php72-sysvmsg-7.2.29.txz: .. done [23/117] Fetching php72-sqlite3-7.2.29.txz: ... done [24/117] Fetching php72-sockets-7.2.29.txz: ..... done [25/117] Fetching php72-simplexml-7.2.29.txz: ... done [26/117] Fetching php72-shmop-7.2.29.txz: . done [27/117] Fetching php72-session-7.2.29.txz: ..... done [28/117] Fetching php72-readline-7.2.29.txz: .. done [29/117] Fetching php72-posix-7.2.29.txz: .. done [30/117] Fetching php72-pecl-zmq-1.1.3_3.txz: .... done [31/117] Fetching php72-pecl-radius-1.4.0.b1.txz: ... done [32/117] Fetching php72-pecl-mcrypt-1.0.3.txz: .. done [33/117] Fetching php72-pear-XML_RPC2-1.1.4.txz: ........ done [34/117] Fetching php72-pear-Net_Socket-1.0.14.txz: . done [35/117] Fetching php72-pear-Net_SMTP-1.9.0.txz: .. done [36/117] Fetching php72-pear-1.10.6.txz: .......... done [37/117] Fetching php72-pdo_sqlite-7.2.29.txz: .. done [38/117] Fetching php72-pdo-7.2.29.txz: ...... done [39/117] Fetching php72-pcntl-7.2.29.txz: .. done [40/117] Fetching php72-openssl-7.2.29.txz: ....... done [41/117] Fetching php72-opcache-7.2.29.txz: .......... done [42/117] Fetching php72-mbstring-7.2.29.txz: .......... done [43/117] Fetching php72-ldap-7.2.29.txz: ... done [44/117] Fetching php72-json-7.2.29.txz: ... done [45/117] Fetching php72-hash-7.2.29.txz: .......... done [46/117] Fetching php72-gettext-7.2.29.txz: . done [47/117] Fetching php72-filter-7.2.29.txz: ... done [48/117] Fetching php72-dom-7.2.29.txz: ........ done [49/117] Fetching php72-curl-7.2.29.txz: .... done [50/117] Fetching php72-ctype-7.2.29.txz: . done [51/117] Fetching php72-bz2-7.2.29.txz: .. done [52/117] Fetching php72-bcmath-7.2.29.txz: ... done [53/117] Fetching php72-7.2.29.txz: .......... done [54/117] Fetching pftop-0.7_9.txz: ........ done [55/117] Fetching pfSense-rc-2.4.5.txz: .. done [56/117] Fetching pfSense-kernel-pfSense-2.4.5.txz: .......... done [57/117] Fetching pfSense-default-config-2.4.5.txz: . done [58/117] Fetching pfSense-base-2.4.5.txz: .......... done [59/117] Fetching pfSense-Status_Monitoring-1.7.11_1.txz: ... done [60/117] Fetching pfSense-2.4.5.txz: . done [61/117] Fetching perl5-5.30.1.txz: .......... done [62/117] Fetching pcre-8.43_2.txz: .......... done [63/117] Fetching openvpn-2.4.8.txz: .......... done [64/117] Fetching openldap-client-2.4.48.txz: .......... done [65/117] Fetching oniguruma-6.9.3.txz: .......... done [66/117] Fetching ntp-4.2.8p14.txz: .......... done [67/117] Fetching nginx-1.16.1_11,2.txz: .......... done [68/117] Fetching nettle-3.5.1_1.txz: .......... done [69/117] Fetching mpd5-5.8_10.txz: .......... done [70/117] Fetching mobile-broadband-provider-info-20190618_1.txz: ........ done [71/117] Fetching miniupnpd-2.1.20190210,1.txz: ........ done [72/117] Fetching links-2.16_2,1.txz: .......... done [73/117] Fetching libzmq4-4.3.1_1.txz: .......... done [74/117] Fetching libxml2-2.9.10.txz: .......... done [75/117] Fetching libunistring-0.9.10_1.txz: .......... done [76/117] Fetching libucl-0.8.1.txz: .......... done [77/117] Fetching libnghttp2-1.40.0.txz: .......... done [78/117] Fetching liblz4-1.9.2,1.txz: .......... done [79/117] Fetching libidn2-2.3.0_1.txz: .......... done [80/117] Fetching libffi-3.2.1_3.txz: ..... done [81/117] Fetching libevent-2.1.11.txz: .......... done [82/117] Fetching libedit-3.1.20191211,1.txz: .......... done [83/117] Fetching libargon2-20190702.txz: ........ done [84/117] Fetching ldns-1.7.1_1.txz: .......... done [85/117] Fetching json-c-0.13.1_1.txz: ........ done [86/117] Fetching ipmitool-1.8.18_2.txz: .......... done [87/117] Fetching hostapd-2.9.txz: .......... done [88/117] Fetching gmp-6.1.2_1.txz: .......... done [89/117] Fetching glib-2.56.3_7,1.txz: .......... done [90/117] Fetching gettext-runtime-0.20.1.txz: .......... done [91/117] Fetching filterdns-2.0_3.txz: ... done [92/117] Fetching expat-2.2.8.txz: .......... done [93/117] Fetching dnsmasq-2.80_4,1.txz: .......... done [94/117] Fetching dmidecode-3.2.txz: ........ done [95/117] Fetching dhcp6-20080615.2_2.txz: .......... done [96/117] Fetching devcpu-data-1.28.txz: .......... done [97/117] Fetching curl-7.67.0.txz: .......... done [98/117] Fetching cpdup-1.20.txz: .... done [99/117] Fetching check_reload_status-0.0.8.txz: .... done [100/117] Fetching ccache-3.7.1.txz: .......... done [101/117] Fetching ca_root_nss-3.51.txz: .......... done [102/117] Fetching bsnmp-ucd-0.4.4.txz: ... done [103/117] Fetching bind-tools-9.14.9.txz: .......... done [104/117] Fetching python37-3.7.6.txz: .......... done [105/117] Fetching isc-dhcp44-server-4.4.1_4.txz: .......... done [106/117] Fetching isc-dhcp44-relay-4.4.1.txz: .......... done [107/117] Fetching isc-dhcp44-client-4.4.1_1.txz: .......... done [108/117] Fetching php72-intl-7.2.29.txz: .......... done [109/117] Fetching icu-65.1,1.txz: .......... done [110/117] Fetching lua-resty-core-0.1.17.txz: ... done [111/117] Fetching lua-resty-lrucache-0.09.txz: . done [112/117] Fetching luajit-openresty-2.1.20190912_2.txz: .......... done [113/117] Fetching libxslt-1.1.34.txz: .......... done [114/117] Fetching libgcrypt-1.8.5.txz: .......... done [115/117] Fetching libgpg-error-1.36.txz: .......... done [116/117] Fetching py37-ply-3.11.txz: .......... done [117/117] Fetching py37-setuptools-41.4.0_1.txz: .......... done Checking integrity... done (5 conflicting) - isc-dhcp44-server-4.4.1_4 [pfSense] conflicts with isc-dhcp43-server-4.3.6P1_1 [installed] on /usr/local/etc/dhcpd.conf.sample - isc-dhcp44-relay-4.4.1 [pfSense] conflicts with isc-dhcp43-relay-4.3.6P1_1 [installed] on /usr/local/etc/rc.d/isc-dhcrelay6 - isc-dhcp44-client-4.4.1_1 [pfSense] conflicts with isc-dhcp43-client-4.3.6P1 [installed] on /usr/local/sbin/dhclient - luajit-openresty-2.1.20190912_2 [pfSense] conflicts with luajit-2.1.0.b3 [installed] on /usr/local/bin/luajit - py37-setuptools-41.4.0_1 [pfSense] conflicts with py27-setuptools-39.2.0 [installed] on /usr/local/bin/easy_install Checking integrity... done (0 conflicting) Conflicts with the existing packages have been found. One more solver iteration is needed to resolve them. The following 123 package(s) will be affected (of 0 checked): Installed packages to be REMOVED: luajit-2.1.0.b3 py27-setuptools-39.2.0 isc-dhcp43-server-4.3.6P1_1 isc-dhcp43-relay-4.3.6P1_1 isc-dhcp43-client-4.3.6P1 py27-ply-3.11 New packages to be INSTALLED: python37: 3.7.6 [pfSense] luajit-openresty: 2.1.20190912_2 [pfSense] libgpg-error: 1.36 [pfSense] lua-resty-lrucache: 0.09 [pfSense] libgcrypt: 1.8.5 [pfSense] py37-setuptools: 41.4.0_1 [pfSense] icu: 65.1,1 [pfSense] lua-resty-core: 0.1.17 [pfSense] libxslt: 1.1.34 [pfSense] py37-ply: 3.11 [pfSense] isc-dhcp44-server: 4.4.1_4 [pfSense] isc-dhcp44-relay: 4.4.1 [pfSense] isc-dhcp44-client: 4.4.1_1 [pfSense] php72-intl: 7.2.29 [pfSense] Installed packages to be UPGRADED: pcre: 8.42 -> 8.43_2 [pfSense] libxml2: 2.9.7 -> 2.9.10 [pfSense] libargon2: 20171227 -> 20190702 [pfSense] readline: 7.0.3_1 -> 8.0.1 [pfSense] php72: 7.2.10 -> 7.2.29 [pfSense] libffi: 3.2.1_2 -> 3.2.1_3 [pfSense] gettext-runtime: 0.19.8.1_1 -> 0.20.1 [pfSense] python27: 2.7.16 -> 2.7.17_1 [pfSense] php72-zlib: 7.2.10 -> 7.2.29 [pfSense] php72-xml: 7.2.10 -> 7.2.29 [pfSense] perl5: 5.26.2 -> 5.30.1 [pfSense] php72-pear: 1.10.5_1 -> 1.10.6 [pfSense] libnghttp2: 1.32.0 -> 1.40.0 [pfSense] libevent: 2.1.8_1 -> 2.1.11 [pfSense] glib: 2.50.3_4,1 -> 2.56.3_7,1 [pfSense] expat: 2.2.5 -> 2.2.8 [pfSense] ca_root_nss: 3.39 -> 3.51 [pfSense] unbound: 1.9.1 -> 1.9.6 [pfSense] rrdtool: 1.7.0_2 -> 1.7.2_1 [pfSense] oniguruma: 6.8.1 -> 6.9.3 [pfSense] libunistring: 0.9.10 -> 0.9.10_1 [pfSense] ldns: 1.7.0_1 -> 1.7.1_1 [pfSense] gmp: 6.1.2 -> 6.1.2_1 [pfSense] curl: 7.64.0 -> 7.67.0 [pfSense] strongswan: 5.7.1 -> 5.8.2 [pfSense] sqlite3: 3.28.0 -> 3.30.1 [pfSense] php72-tokenizer: 7.2.10 -> 7.2.29 [pfSense] php72-pecl-mcrypt: 1.0.1 -> 1.0.3 [pfSense] php72-pear-Net_SMTP: 1.8.0 -> 1.9.0 [pfSense] php72-pdo: 7.2.10 -> 7.2.29 [pfSense] php72-openssl: 7.2.10 -> 7.2.29 [pfSense] php72-mbstring: 7.2.10 -> 7.2.29 [pfSense] php72-hash: 7.2.10 -> 7.2.29 [pfSense] php72-dom: 7.2.10 -> 7.2.29 [pfSense] php72-curl: 7.2.10 -> 7.2.29 [pfSense] php72-bcmath: 7.2.10 -> 7.2.29 [pfSense] openldap-client: 2.4.46 -> 2.4.48 [pfSense] nettle: 3.4 -> 3.5.1_1 [pfSense] libzmq4: 4.3.1 -> 4.3.1_1 [pfSense] libucl: 0.8.0 -> 0.8.1 [pfSense] liblz4: 1.8.2,1 -> 1.9.2,1 [pfSense] libidn2: 2.0.5 -> 2.3.0_1 [pfSense] libedit: 3.1.20170329_2,1 -> 3.1.20191211,1 [pfSense] json-c: 0.13 -> 0.13.1_1 [pfSense] ccache: 3.4.2 -> 3.7.1 [pfSense] wpa_supplicant: 2.8 -> 2.9 [pfSense] wol: 0.7.1_3 -> 0.7.1_4 [pfSense] uclcmd: 0.1_2 -> 0.1_3 [pfSense] sshguard: 2.3.1 -> 2.4.0_3,1 [pfSense] smartmontools: 6.6_1 -> 7.0_2 [pfSense] scponly: 4.8.20110526_2 -> 4.8.20110526_4 [pfSense] relayd: 5.5.20140810_2 -> 5.5.20140810_5 [pfSense] radvd: 2.17_5 -> 2.18_2 [pfSense] php72-xmlwriter: 7.2.10 -> 7.2.29 [pfSense] php72-xmlreader: 7.2.10 -> 7.2.29 [pfSense] php72-sysvshm: 7.2.10 -> 7.2.29 [pfSense] php72-sysvsem: 7.2.10 -> 7.2.29 [pfSense] php72-sysvmsg: 7.2.10 -> 7.2.29 [pfSense] php72-sqlite3: 7.2.10 -> 7.2.29 [pfSense] php72-sockets: 7.2.10 -> 7.2.29 [pfSense] php72-simplexml: 7.2.10 -> 7.2.29 [pfSense] php72-shmop: 7.2.10 -> 7.2.29 [pfSense] php72-session: 7.2.10 -> 7.2.29 [pfSense] php72-readline: 7.2.10 -> 7.2.29 [pfSense] php72-posix: 7.2.10 -> 7.2.29 [pfSense] php72-pecl-zmq: 1.1.3_2 -> 1.1.3_3 [pfSense] php72-pear-XML_RPC2: 1.1.3_1 -> 1.1.4 [pfSense] php72-pdo_sqlite: 7.2.10 -> 7.2.29 [pfSense] php72-pcntl: 7.2.10 -> 7.2.29 [pfSense] php72-opcache: 7.2.10 -> 7.2.29 [pfSense] php72-ldap: 7.2.10 -> 7.2.29 [pfSense] php72-json: 7.2.10 -> 7.2.29 [pfSense] php72-gettext: 7.2.10 -> 7.2.29 [pfSense] php72-filter: 7.2.10 -> 7.2.29 [pfSense] php72-ctype: 7.2.10 -> 7.2.29 [pfSense] php72-bz2: 7.2.10 -> 7.2.29 [pfSense] pftop: 0.7_8 -> 0.7_9 [pfSense] pfSense-rc: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense-Status_Monitoring: 1.7.7 -> 1.7.11_1 [pfSense] openvpn: 2.4.6_1 -> 2.4.8 [pfSense] ntp: 4.2.8p13 -> 4.2.8p14 [pfSense] nginx: 1.14.1,2 -> 1.16.1_11,2 [pfSense] mpd5: 5.8_8 -> 5.8_10 [pfSense] mobile-broadband-provider-info: 20170310 -> 20190618_1 [pfSense] miniupnpd: 2.0.20180503,1 -> 2.1.20190210,1 [pfSense] links: 2.16,1 -> 2.16_2,1 [pfSense] ipmitool: 1.8.18_1 -> 1.8.18_2 [pfSense] hostapd: 2.8 -> 2.9 [pfSense] filterdns: 2.0_1 -> 2.0_3 [pfSense] dnsmasq: 2.79,1 -> 2.80_4,1 [pfSense] dmidecode: 3.1_1 -> 3.2 [pfSense] dhcp6: 20080615.2 -> 20080615.2_2 [pfSense] devcpu-data: 1.22 -> 1.28 [pfSense] cpdup: 1.18 -> 1.20 [pfSense] bsnmp-ucd: 0.4.2 -> 0.4.4 [pfSense] bind-tools: 9.12.2P1 -> 9.14.9 [pfSense] pfSense-kernel-pfSense: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense-default-config: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense-base: 2.4.4_3 -> 2.4.5 [pfSense-core] pfSense: 2.4.4_3 -> 2.4.5 [pfSense] Installed packages to be REINSTALLED: php72-pear-Net_Socket-1.0.14 [pfSense] (ABI changed: 'freebsd:11:x86:64' -> 'freebsd:11:*') php72-pecl-radius-1.4.0.b1 [pfSense] (option added: EXAMPLES) check_reload_status-0.0.8 [pfSense] (needed shared library changed) Number of packages to be removed: 6 Number of packages to be installed: 14 Number of packages to be upgraded: 100 Number of packages to be reinstalled: 3 The process will require 176 MiB more space. >>> Upgrading pfSense-rc... Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense-rc: 2.4.4_3 -> 2.4.5 [pfSense-core] Number of packages to be upgraded: 1 [1/1] Upgrading pfSense-rc from 2.4.4_3 to 2.4.5... ===> Setting net.pf.request_maxcount=400000 ===> Flagging this system to apply fix for FreeBSD-SA-19:10.ufs [1/1] Extracting pfSense-rc-2.4.5: ...... done >>> Upgrading pfSense kernel... Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense-kernel-pfSense: 2.4.4_3 -> 2.4.5 [pfSense-core] Number of packages to be upgraded: 1 The process will require 2 MiB more space. [1/1] Upgrading pfSense-kernel-pfSense from 2.4.4_3 to 2.4.5... [1/1] Extracting pfSense-kernel-pfSense-2.4.5: .......... done ===> Keeping a copy of current kernel in /boot/kernel.old >>> Removing unnecessary packages... done. Upgrade is complete. Rebooting in 10 seconds. Success
pfSense 2.5系の状況
今回の2.4.5がリリースされる1週間前から2.5.0が開発ブランチで利用可能になりました
WEBGUI上でブランチ変更するだけでインストールして試すことが可能です
当初は2.5.0から必須になると言われていたAES-NIですが
今までと同様に必須ではなくなりました
コメント