pfSense CEをアップデートした記録 2.6.0→2.7.0
アップデート内容確認
pfSense CE 2.6.0からpfSense CE 2.7.0にアップデートします
変更点を確認
https://docs.netgate.com/pfsense/en/latest/releases/2-7-0.html
Upgrade Notes Warning Due to major changes in PHP and base OS versions, there is a higher than usual chance that packages will interfere with the upgrade process. To give an upgrade the best possible chance of going smoothly, uninstall all packages before starting the upgrade. General PHP has been upgraded from 7.4.x to 8.2.6 The base operating system has been upgraded to FreeBSD 14-CURRENT Warning As a part of the FreeBSD upgrade this version removes several deprecated IPsec algorithms: 3DES Encryption Blowfish Encryption CAST 128 Encryption MD5 HMAC Authentication The best practice is to reconfigure tunnels using better encryption and test them before performing an upgrade to ensure a smoother transition. On upgrade, IPsec tunnels will be adjusted to remove any deprecated algorithms from their configuration. The upgrade process will disable tunnels if they have no valid encryption or authentication options remaining. The upgrade process will notify the user of any changes it makes. This change only affects IPsec and not other uses of these algorithms. For example, BGP can still use TCP-MD5 authentication. Added support for ChaCha20-Poly1305 encryption with IPsec Captive Portal has been migrated from IPFW to PF A long-standing difficult-to-reproduce crash in Unbound during reloading has been addressed. Christian McDonald tracked down the source of the Unbound SIGHUP crashes to a reference counting bug within the MaxMindDB Python module. Both a patch to MaxMind and a port revision to FreeBSD ports were submitted and accepted, and the fix is included in the 2.7.0 release. It is now safe again to enable DHCP registration alongside Unbound Python mode in pfBlockerNG. In addition to the Unbound crash, Christian also identified a memory leak with DHCP registration and Unbound Python mode (#10624). This is largely mitigated by updates to Python and related libraries, but there is additional ongoing work to resolve it further for future release. Fix for UPnP and multiple game systems New gateway state killing options for smoother failover Firewall/NAT rule usability improvements such as buttons to toggle multiple rules and copy rules to other interfaces OpenVPN upgraded to 2.6.4 OpenVPN Shared Key Tunnels Deprecated – They still work, but will trigger warnings in the logs and GUI. New Packet Capture GUI UDP Broadcast Relay Package Security pfSense CE 2.7.0-RELEASE includes fixes for the following potential vulnerabilities: pfSense-SA-22_05.webgui: A potential XSS vulnerability in firewall_aliases.php from URL table alias URLs. pfSense-SA-23_01.webgui: A potential XSS vulnerability in diag_edit.php from browsing directories containing specially crafted filenames on the filesystem. pfSense-SA-23_02.webgui: A potential XSS vulnerability in system_camanager.php and system_certmanager.php from specially crafted descriptions when editing entries. pfSense-SA-23_03.webgui: A potential authenticated arbitrary file creation vulnerability from the name parameter when creating or editing URL table aliases. pfSense-SA-23_04.webgui: A potential authenticated arbitrary command execution vulnerability in status.php from specially crafted filenames on the filesystem. pfSense-SA-23_05.sshguard: Anti-brute force protection bypass for GUI authentication requests containing certain proxy headers. pfSense-SA-23_06.webgui A potential Authenticated Command Execution vulnerability from the bridgeif parameter on interfaces_bridge_edit.php in the GUI. pfSense CE Changes in this version of pfSense CE software. Aliases / Tables Fixed: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries #9296 Fixed: Alias with non-resolving FQDN entry breaks underlying PF table #12708 Fixed: Renaming an alias does not update the alias names in static routes and OpenVPN instances #12727 Added: Retain descriptions when exporting and importing aliases #12842 Fixed: Potential XSS from URL and URL Table alias URLs #13060 Fixed: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias #13282 Added: Specify CA trust store location when downloading and validating URL alias content #13367 Fixed: Invalid alias name can still be used by code attempting to validate URL table content #13425 Fixed: Deleting an alias marks the subsystem as unclean but also unconditionally reloads the filter configuration #13538 Fixed: Missing descriptions for referrers to firewall aliases cause empty strings for references to be returned when deleting an in-use alias #13539 Fixed: Using PF reserved keywords for interface descriptions results in an invalid ruleset #14007 Fixed: Alias list is not sorted #14015 Authentication Fixed: User password hashes pseudo-random number generator may return insecure salt value #12801 Added: GUI option to select the user password hashing algorithm #12855 Fixed: LDAP setup does not display ‘Global Root CA List’ option unless another CA also exists #13185 Fixed: Unable to set web interface session timeout to 0 (i.e. never expire) #13561 Fixed: Extra remote address information can confuse sshguard #13574 Changed: Improve LDAP debugging #13718 Added: Option to enable/disable console bell, enabled by default #14002 Auto Configuration Backup Added: Option to list AutoConfigBackup entries in “reverse” order (newest at top) #11266 Added: Support for international characters in the AutoConfigBackup Hint/Identifier field #13388 Fixed: Auto Config Backup prints a confusing decryption error when using the wrong key #14060 Backup / Restore Changed: Comply with current iteration standards when encrypting and decrypting configuration files #12556 Added: Support encrypted config.xml files when restoring via ECL #12685 Added: Notify user if AutoConfigBackup is unable to successfully upload a backup #12724 Added: Ability to sort AutoConfigBackup entries #12773 Fixed: Sanitize SHA-512 user password hashes in status.php output #12810 Added: Option to restore dashboard widget layout #13125 Fixed: PHP error restoring DHCP lease data on fresh installation: #13157 Fixed: Attempting to restore a 0 byte config.xml prints an error that the file cannot be read #13289 Fixed: Configuration history restores revision no matter which option is clicked in confirmation dialog #13861 Fixed: RRD restore process does not sanitize filenames from backup XML #13935 Build / Release Changed: Disable pkg compatibility flag which creates txz file extension symbolic links #12782 CARP Fixed: CARP VIPs can become master too early at boot time #2218 Changed: Reorganize CARP status page #12701 Fixed: CARP event storm when leaving persistent CARP maintenance mode #12961 Captive Portal Fixed: Allowed IP/Hostname “Direction” option is never used #12649 Fixed: nginx logs an error that the port is already in use when restarting Captive Portal services #12651 Fixed: Value of net.inet.ip.dummynet.* OIDs in sysctl are ignored #12733 Fixed: Only TCP traffic is passed outbound through IPFW #12834 Changed: Transition Captive Portal from IPFW to PF #13100 Fixed: Voucher CSV output has leading space before voucher code #13272 Fixed: Captive Portal breaks policy based routing for MAC address bypass clients #13323 Fixed: Multiple Captive Portal interfaces do not properly form the list of portal IP addresses #13391 Fixed: Custom logo or background image is created with two dots (..) before the file extension #13396 Fixed: Captive Portal does not keep track of client data usage #13418 Fixed: All Captive Portal users are given the same limiter pipe pair #13488 Fixed: Captive Portal RADIUS start/stop accounting does not reset counters at each accounting start #13838 Fixed: Captive Portal does not apply RADIUS bandwidth limits to user pipes #13853 Certificates Fixed: CA path is not defined when using curl in the shell #12737 Added: Option to retain the existing serial number when renewing a CA or certificate #13010 Fixed: Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm #13257 Fixed: Input validation is not rejecting invalid description characters when editing a CA or Certificate #13387 Fixed: CRL expiration date with default lifetime is too long, goes past UTCTime limit #13424 Fixed: ECDSA certificate renewal causes digest algorithm to be reset to SHA1 #13437 Fixed: Some blank SAN fields are not ignored when creating a certificate #14124 Added: Ability to edit Certificate Revocation List properties #14185 Changed: Add note to inform the user that the “Next Certificate Serial” value is ignored when the “Randomize Serial” option is enabled #14188 Configuration Backend Added: Move command line history to a GUI option stored in config.xml rather than a manual flag file #12675 Added: Eliminate duplicate shell commands from history file #12741 Fixed: Input validation is checking RAM disk sizes when they are inactive #13479 Configuration Upgrade Added: Playback script to perform a configuration upgrade on an arbitrary config.xml file #12973 Fixed: PHP Error in upgrade216_ipsec_create_vtimap() #14400 Console Menu Fixed: Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface #12632 Added: Warn the user if they attempt to disable SSH from the menu while connected through SSH #13103 Fixed: Hidden menu option 100 incorrectly handles HTTPS detection #13258 DHCP (IPv4) Added: Improve distinction between online and idle/offline entries in DHCP lease list #10345 Fixed: Disabling DHCP Server RRD statistics does not work #12710 Fixed: HTTPClient option not sent when using UEFI HTTP Boot #12892 Fixed: HTTPClient option does not work for static mappings #12896 Fixed: DHCP “Ignore denied clients” option with MAC Deny list set causes DHCP server to not start #12923 Added: Relax DHCP maximum lease time input validation #13118 Fixed: DHCP lease list displays wrong interface name in the “Leases in Use” summary if DHCP settings for a disabled interface remain in the configuration #13127 Changed: Clean up DHCP Server option language #13250 Fixed: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL #13573 Added: Input validation for numbered DHCP options in static mappings #13584 Fixed: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers #14115 DHCP (IPv6) Fixed: Multiple DHCP6 WAN connections leads to multiple dhcp6c clients #6880 Fixed: DHCPv6 server does not skip interfaces configured with invalid ranges #12527 Fixed: RADVD can be started on both HA nodes when configured with an IPv6 link-local address #12582 Fixed: Uninitialized array in array_remove_duplicates() #12749 Fixed: Advanced DHCP6 client settings only work for a single interface #13462 Fixed: “Provide DNS servers to DHCPv6 clients” setting does not reflect a changed value until the page is reloaded #13594 Fixed: DHCPv6 rules are not created for interfaces with static IPv6 #13633 DNS Forwarder Fixed: DNS Forwarder refuses valid retries from clients in certain cases #12901 Fixed: DNS Forwarder creates a loop when “Use local DNS, ignore remote DNS servers” is selected #12902 Fixed: DNS Forwarder custom options may fail after save/restore when options are only separated by newline #13105 Fixed: DNS Forwarder (dnsmasq) is using an invalid combination of options when “Query DNS servers sequentially” is enabled #13655 DNS Resolver Fixed: Memory leak in Unbound with Python module and DHCP lease registration active #10624 Fixed: Unbound crashes with signal 11 when reloading #11316 Fixed: DNS Resolver is restarted during every rc.newwanip event even for interfaces not used in the resolver #12612 Fixed: DNS Resolver does not restart during link up/down events on a static IP address interface #12613 Added: Automatically create DNS Resolver ACLs for OpenVPN CSO entries #12636 Fixed: DNS Resolver help text for System Domain Local Zone Type option refers users to unbound.conf(5) man page instead of pfSense docs #12781 Fixed: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access #12985 Fixed: DNS Resolver ACLs are not updated when OpenVPN networks change #12991 Added: DNS Resolver option to keep probing when servers are down #13023 Fixed: DNS resolver does not update its configuration or reload during link down events #13254 Fixed: DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled #13393 Fixed: Incorrect word in “Network Interfaces” help text on services_unbound.php #13453 Fixed: DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to “All” #13851 Changed: Update Unbound to use Python 3.11 instead of Python 3.9 #13867 Changed: Update Unbound to 1.17.1 #13893 Fixed: DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR #14056 Fixed: Setting system DNS servers can incorrectly modify routes for interface addresses #14288 Fixed: Discrepancy in “TTL for Host Cache Entries” Description #14358 Dashboard Fixed: Firewall log widget action icon features stop working when new log entries are added dynamically #6253 Added: Show Inactive for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated #12714 Fixed: Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget #14176 Added: Support for Intel PCH temperature values in thermal sensors #14255 Diagnostics Fixed: diag_pftop.php does not fully encode output #12915 Fixed: File browser on diag_edit.php does not encode filenames before display #13262 Fixed: Neighbor hostnames in the NDP Table on diag_ndp.php are always empty #13318 Fixed: status.php uses <name> component of /tmp/rules.packages.<name> filenames in shell command without encoding #13426 Changed: Add multicast group membership (ifmcstat) to status.php #13731 Changed: Add more disk information to status output #14103 Dynamic DNS Fixed: Dynamic DNS custom IPv6 service fails on 6rd tunnels #12590 Fixed: GleSYS Dynamic DNS responses are not parsed properly #12672 Added: IPv6 support for DNSimple Dynamic DNS #12744 Fixed: Input validation prevents configuring wildcard Dynamic DNS records on GoDaddy #12750 Added: Support wildcard Dynamic DNS records on DigitalOcean #12752 Fixed: Google Domains Dynamic DNS responses are not parsed properly #12754 Fixed: Input validation prevents configuring wildcard Dynamic DNS records on Google Domains #12761 Fixed: Namecheap Dynamic DNS responses are not parsed properly #12816 Fixed: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout #12870 Fixed: DigitalOcean Dynamic DNS update fails with a “bad request” error #13167 Fixed: Dynv6 Dynamic DNS client does not check the response code when updating #13298 Fixed: DNSExit Dynamic DNS updates no longer work #13303 Changed: Improve DynDNS help text readability #14186 FilterDNS Fixed: Resolve interval for filterdns may not match the configured value #13067 FreeBSD Fixed: Cannot set EFI console as primary console when using both EFI and Serial #13080 Fixed: CVE-2022-23093 / FreeBSD-SA-22:15.ping #13716 Changed: Update Time Zone data to 2023c or later #14209 Gateway Monitoring Fixed: Gateway monitoring should mark gateway as “offline” on PPPoE parent interface disconnect #12633 Added: Option to disable auto-addition of static routes for dpinger #12687 Changed: Update dpinger to 3.2 #12881 Fixed: Marking a gateway as down does not affect IPsec entries using gateway groups #13076 Fixed: Incorrect function parameters for get_dpinger_status() call in gwlb.inc #13295 Gateways Fixed: fixup_default_gateway() should not remove a default gateway managed by a dynamic routing daemon #11692 Fixed: IPv6 link local gateway default status not indicated in GUI #11764 Fixed: IPv6 gateway group using link local addresses incorrectly logs a gateway change because it not including interface scope properly #12721 Added: Retain knowledge of previous dynamic gateway IP address when interface is down #12931 Fixed: Recovering interface gateway may not be added back into gateway groups and rules when expected #13228 Fixed: Gateway popup in firewall rule list does not indicate current gateway status #14327 Hardware / Drivers Added: Chelsio TOE support using the t4_tom module #9091 Fixed: Intel e1000 driver (em, igb) cannot pass packets tagged with VLAN 0 #12821 Fixed: Hyper-V RSC support in hn(4) driver is enabled by default and results in very low throughput #12873 Fixed: Malicious Driver Detection event on ixl(4) driver #13003 Fixed: UDP checksum errors with ixgbe interfaces #13883 High Availability Added: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings #12702 IGMP Proxy Fixed: IGMP Proxy server is restarted during every rc.newwanip event #12609 IPsec Added: Option to choose default tab in IPsec status Dashboard widget #2456 Fixed: IPsec VTI phase 2 traffic selectors default to address when defined as a network #11226 Fixed: filterdns does not monitor remote IPsec gateways for IPv6 address changes #12645 Fixed: Disallow remote gateway of 0.0.0.0 for VTI mode #12723 Fixed: VTI gateway status stuck as “pending” after reboot #12763 Fixed: ESP description in IPsec phase 2 proposal help text is ambiguous #12953 Fixed: IKEv2 Mobile IPsec clients do not receive INTERNAL_DNS_DOMAIN (value 25) attribute #12975 Fixed: Deadlock in Charon VICI interface #13014 Added: GUI option for IPsec dns-interval setting #13057 Fixed: Delete function for IPsec SAD entries on status_ipsec_sad.php does not work #13071 Fixed: Mobile IPsec clients cannot be manually disconnected from IPsec status screen #13131 Fixed: IPsec rejects certificates if any SAN is wildcard rather than rejecting when all SANs are wildcard #13373 Changed: Information box on status_ipsec.php says “IPsec not enabled” even when a tunnel is established #13398 Fixed: Incorrect quoting of Split DNS attribute value in strongswan.conf #13579 Added: Support for ChaCha20-Poly1305 encryption with IPsec #13647 Changed: Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing) #13648 Fixed: Reassembled packets received on a VTI are not forwarded #14396 Installer Fixed: Support encrypted config.xml files when restoring during install #12691 Added: Recover existing SSH keys during installation #12809 Interfaces Added: Show SFP module details on status_interfaces.php #8861 Added: Improved support for USB interfaces that may not always be present #9393 Fixed: Primary interface address is not always used when VIPs are present #11545 Fixed: PPPoE WAN IP address different than expected when set static by ISP #11629 Added: Support for VLAN 0 #12070 Fixed: devd is not configured to act on USB interface attach/detach events #12606 Changed: Restart services on interface changes #12619 Fixed: Interface status “Total Interrupts” display is non-functional #12735 Fixed: L2TP/PPTP interface assignment page loses some values after input validation error #12780 Fixed: Link-Local IPv6 address on WAN with MAC spoofing changes if there is an IP Alias on WAN #12790 Fixed: Link-local address does not reset after removing MAC address spoofing #12794 Fixed: Disabled Captive Portal configuration prevents adding an interface to a bridge #12866 Fixed: The ruleset is not regenerated after assigning an interface #12949 Fixed: Bridges with QinQ interfaces not properly set up at boot #13225 Changed: Start rtsold immediately after dhcp6c sends a request #13492 Fixed: Several advanced DHCP6 client options do not inform the user when rejecting invalid input #13493 Changed: Clean up obsolete code in pfSense-dhclient-script #13501 Fixed: DHCP client can fail permanently if an interface is down at boot #13671 Fixed: Code that sets IPv6 MTU can unintentionally act on IPv4 addresses #13675 Changed: Trim blank characters from static IP address fields on the Interface configuration page #13959 Fixed: Bridge interface is not properly validated when submitted on interfaces_bridge_edit.php #14052 L2TP Fixed: L2TP MPD configuration is not updated when a dynamic WAN IP address changes #13066 Fixed: L2TP stays bound to previous IP address after static IP address change #13082 Fixed: Static routes to destinations at L2TP clients are not re-added after a client reconnects #13099 LAGG Interfaces Added: GUI option to configure layers for LACP hash #12819 Logging Added: Option to control log level of authentication messages in system logs (“Emergency” vs “Notice” level) #12464 Notifications Fixed: Slack notification options only allow - as a special character in channel names #13083 Fixed: Identical SMTP notifications repeat in an infinite loop under certain conditions #14031 Fixed: Notices incorrectly set system LEDs on hardware with less than three LEDs #14482 OpenVPN Fixed: OpenVPN IPv4 Tunnel Network incorrectly allows hostnames #11416 Fixed: OpenVPN stays bound to previous IP address after interface changes #11864 Added: OpenVPN option to limit concurrent connections per user #12267 Fixed: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases #12332 Added: Use deferred client connections in OpenVPN #12407 Fixed: OpenVPN re-synchronization also synchronizes override entries unnecessarily in some cases #12628 Fixed: Automatic filter reload with OpenVPN client gateway uplink happens too soon or not at all #12771 Fixed: PHP error when terminating OpenVPN sessions via the dashboard widget #12817 Fixed: OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases #12884 Fixed: GUI does not reject an invalid OpenVPN tap mode configuration with an empty tunnel network “Bridge DHCP” disabled #12887 Fixed: FQDN in network alias is omitted from OpenVPN networks list #12925 Changed: Warn about OpenVPN shared key deprecation #12981 Fixed: OpenVPN remote_cert_tls option does not behave correctly when enabled and later disabled #13056 Fixed: Gateway events for IPv6 affect IPv4 OpenVPN instances and vice versa #13061 Fixed: OpenVPN Client Overrides: properly hide/show form fields #13088 Fixed: OpenVPN client tls-client/client configuration directive not handled properly #13116 Changed: OpenVPN status page improvements #13129 Fixed: OpenVPN client-connect file contains topology #13133 Fixed: Per-user route files are not removed from /tmp when they are no longer needed #13145 Fixed: OpenVPN status for multi-user VPN shows info icon to display RADIUS rules when there are none to display #13243 Fixed: OpenVPN override IPv4 tunnel network field changing value improperly #13274 Changed: Update OpenVPN Wizard to match current certificate and OpenVPN options #14183 Changed: Remove deprecated NCP enable/disable toggle from OpenVPN #14201 Operating System Fixed: pf hostid value is handled inconsistently #12703 Fixed: Some sysctl OIDs in loader.conf.local are silently removed #12862 Fixed: Output from pfctl -vvsr does not include ridentifier value in the expected location #12868 Changed: Update memory graphs to account for changes in memory reporting #14011 Fixed: Netlink debug messages from IPsec #14370 Added: wpa_supplicant: add VLAN 0 support #14457 PHP Interpreter Added: Upgrade PHP from 7.4 to 8.1 #13446 Fixed: fcgicli fails to write packets with nvpair values that exceed 128 bytes #13638 Changed: Update PHP to 8.2.6 #14027 PPP Interfaces Fixed: Services are not restarted when PPP interfaces connect #12811 Fixed: PPPoE WANs fail to reconnect after parameter negotiation failure #13092 Fixed: PPP interface custom reset date/time Hour and Minute fields do not properly handle 0 value #13307 Fixed: IPv6 does not work on secondary PPPoE WAN #13939 PPPoE Server Fixed: PPPoE server panics with multiple client connections #13210 Package System Fixed: Packages are not automatically reinstalled when restoring configuration using the installer #12105 Fixed: Packages with custom internal_name values do not reinstall properly when restoring a backup #12766 Fixed: write_rcfile() does not create rc_restart() entry #13004 Added: Package plugin hook for web server configuration stanzas #13054 Packet Capture Added: Button to clear previous packet capture data #12968 Added: Packet Capture GUI with granular control #13382 Routing Added: Enable ROUTE_MPATH multipath routing #9544 Fixed: Setting a default gateway of “None” does not remove the default gateway from the routing table #12536 Fixed: Cannot remove IPv6 static routes #12728 Fixed: Explicit PPPoE disconnect of a WAN Gateway Group member may not restore a default route #13048 Rules / NAT Added: Toggle button to disable/enable multiple firewall rules #2505 Added: Port forward NAT rules with “any” protocol #4259 Added: Allow NPt to use dynamic IPv6 networks #4881 Added: Button to copy rules from one interface to another #8365 Fixed: Rule separator positions change when deleting multiple rules #9887 Fixed: Automatic Outbound NAT mode can create incorrect rules in some cases #11984 Added: Utilize new pfctl abilities to kill states #12092 Fixed: NAT reflection does not work for IPv6 port forwarding rules when configured for NAT+Proxy mode #12319 Added: Allow the selection of “any” interface in floating rules #12392 Fixed: Applying firewall rule changes does not clear dirty flag for aliases subsystem #12678 Fixed: Automatic Outbound NAT rules do not include OpenVPN CSO entries #12792 Fixed: Error loading ruleset due to illegal TOS value #12803 Fixed: High latency and packet loss during a filter reload #12827 Fixed: On startup “No routing address with matching address” might appear #12847 Added: Toggle button to disable/enable multiple entries on NAT pages #12879 Fixed: Delete button is always active for NAT rules, even if no rules are selected #12957 Fixed: NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet #13012 Fixed: NAT generates duplicate no nat on rules for port forwards with a destination of Any #13015 Fixed: Input validation requires a gateway for floating match out rules #13027 Fixed: Empty negate_networks table breaks policy routing rules #13049 Fixed: The negate_networks table is not updated when an OpenVPN server is deleted #13055 Added: Allow auto prefix with manual prefix-length in NPt #13070 Fixed: Info icon on firewall_nat_out.php is incorrectly placed in manual outbound NAT mode #13164 Fixed: Changing the redirect target for a Port Forward with an associated filter creates an incorrect firewall rule #13171 Fixed: Incorrect usage of DSCP hex value #13178 Fixed: TCP traffic sourced from the firewall can only use the default gateway #13420 Fixed: easyrule CLI script has multiple bugs and undesirable behaviors #13445 Changed: Correct DHCP client rule descriptions in the generated firewall ruleset #13505 Fixed: Toggling NAT rules using the button method does not enable/disable corresponding firewall rules #13545 Fixed: The “Kill States” button does not work consistently #14091 Changed: Match upstream changes in PF syntax to disable fragment disassembly #14098 Fixed: Associated firewall rule for NAT port forward does not inherit nosync property, gets synchronized #14335 Fixed: Default tab on firewall_rules.php is not selected if the configuration has no WAN interface #14345 Fixed: Outbound NAT rule input validation error when attempting to manually specify “Other Subnet” with a valid address #14354 Fixed: Enable IPv6 over IPv4 tunneling option results in invalid PF rule #14415 SNMP Fixed: SNMP daemon is restarted during every rc.newwanip event #12611 Services Fixed: NTP service is not listed on status_services.php unless config.xml contains NTP configuration data #12775 Setup Wizard Changed: Update firewall host and domain fields in the Setup Wizard to match the description and warning text from system.php #14250 System Logs Fixed: Firewall log parser does not handle SCTP log entries #13940 Traffic Shaper (ALTQ) Changed: Remove code references to unused reset parameter from traffic shaper pages #13042 Added: ALTQ GUI support for Broadcom Netextreme II (bxe) interfaces #13304 Added: Include ixv in ALTQ capable NIC list #14408 Traffic Shaper (Limiters) Fixed: Incorrect ICMP reply when using limiters #9263 Fixed: Pie and fq_pie are missing options and do not handle floating point number input correctly #12003 Fixed: Utilize dnctl(8) to apply limiter changes without a filter reload #12579 Fixed: Traffic routed through DUMMYNET by PF fails when IPFW is enabled #12954 Fixed: Traffic shaped by limiters is dropped when routed to a GIF gateway #14055 Traffic Shaper Wizards Fixed: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server #12937 Translations Fixed: Polish translation contains an invalid sprintf() format in the text for firewall_nat_out_edit.php #13946 UPnP/NAT-PMP Fixed: UPnP/NAT-PMP status page does not display all port mappings #4500 Added: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port #7727 Changed: Reorganize UPnP options #12624 Changed: Update miniupnpd to 2.3.3 #14307 Unknown Fixed: Many exec() functions do not use full path to executable files #11941 Fixed: URL scheme is not properly validated in some cases #14356 Upgrade Fixed: Upgrade does not work when using only IPv6 DNS servers #13162 Fixed: pfSense-boot can fail to copy the EFI bootloader #14045 User Manager / Privileges Added: Support for RADIUS authentication over IPv6 #4154 Fixed: Icon missing for user manager entries with a scope other than “user” #13174 Virtual IP Addresses Fixed: Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active #13908 Web Interface Fixed: Unnecessary link tag in login page #7996 Fixed: “Dark” theme does not sufficiently distinguish between selected and deselected elements in option lists #11730 Fixed: Lack of DNS or Internet connectivity causes GUI to be slow #12141 Changed: GUI pages should use POST for AJAX calls, not GET #12431 Fixed: Zero-value prefix IPv6 addresses are mishandled #12440 Added: Option to filter state table contents by rule ID #12616 Fixed: Changing RAM disk size does not prompt to reboot #12876 Fixed: VGA install defaults to serial as primary console when loading/saving admin GUI settings without making changes #12960 Fixed: Input validation for IPv6 addresses allows invalid address compression in some cases #13069 Added: Trim whitespace from MAC addresses in user input #13109 Changed: Spelling and typo corrections #13357 Fixed: “Dark” theme uses the same colors for disabled and enabled input fields #13390 Fixed: Input validation on system_advanced_firewall.inc uses incorrect variable references for some fields #13436 Changed: Update external HTTPS/HTTP links #13440 Fixed: Table row selection has poor contrast in Dark theme #13448 Added: Support for iwlwifi wireless interfaces #14050 Wireless Fixed: Wireless interface WPA configuration fields are always visible #12998 Fixed: Duplicate wireless interfaces are created at boot #12999 XMLRPC Fixed: Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync #12940 Fixed: Filter/NAT rules configured with “No XMLRPC Sync” enabled are still synchronized #14316
pfSense CE体制になってから初のバージョンアップがきました
pfSense CE 2.6.0リリースが2022/02でpfSense CE 2.7.0リリースが2023/06なので
なんと約1年半ぶりの更新となります
さすがに1年半も空くと使用しているベースOSも
STABLEからCURRENTに変更された影響もあって
FreeBSD12.3-STABLEからFreeBSD14.0-CURRENTになり
13をスキップして一気に14ベースになりました
(現時点ではFreeBSD14.0-STABLEはまだリリース前、2023年末リリース予定)
当然ながら内部で使用していたソフトウェア関連も
ほとんどがそれなりに数字の飛ぶバージョンアップがされており
内蔵PHPも7.4.26から8.2.6になってます
この関係で別途追加でパッケージをインストールしている場合は
特にPHPの関係でエラーが発生しやすいらしく
pfSense本体とは別に不具合がそれなりに発生している様子です
不具合修正もパッケージ更新待ちになる為
解消するかは各パッケージ次第、追加でパッケージ導入している方は
事前に情報収集された方がいいかもしれません
不具合報告を見ていると変更箇所が多い影響からか
ブートしなくなったりルーティングやFWルールが壊れていたなど
本体の問題と思われる報告が普段より多い印象を受けるので
時間に余裕があり問題があればすぐに2.6.0へ戻せるような状態での作業をオススメします
アップデートの作業時間はダウンロード時間が長く、30分程度を要しました
ダウンタイムとなる再起動は通常1分30秒ほどで済む環境で3~4分ほどと
再起動カウントダウンは何回か待つことになりますが
気長に待ちましょう
アップデート後、数日経過してますが特に不具合は発生してません
アップデートの手順
事前に設定のバックアップをした上で以下の操作でアップデートを実行
手順はいつもと同じです
2.6.0から2.7.0へアップデートと表示出てるのを確認して「Confirm」を押す
Update時の処理ログ
Migrating /cf to ZFS dataset pfSense/ROOT/default/cf... done. Migrating /var/cache/pkg to ZFS dataset pfSense/ROOT/default/var_cache_pkg... done. Migrating /var/db/pkg to ZFS dataset pfSense/ROOT/default/var_db_pkg... done. >>> Updating repositories metadata... Updating pfSense-core repository catalogue... Fetching meta.conf: . done Fetching packagesite.pkg: . done Processing entries: . done pfSense-core repository update completed. 7 packages processed. Updating pfSense repository catalogue... Fetching meta.conf: . done Fetching packagesite.pkg: .......... done Processing entries: .......... done pfSense repository update completed. 532 packages processed. All repositories are up to date. >>> Locking package pkg... done. >>> Setting vital flag on pkg... done. >>> Removing vital flag from php74... done. >>> Unlocking package pkg... done. >>> Downloading upgrade packages... Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. Checking for upgrades (170 candidates): .......... done Processing candidates (170 candidates): ....... done The following 228 package(s) will be affected (of 0 checked): Installed packages to be REMOVED: openldap24-client: 2.4.59_4 pfSense-Status_Monitoring: 1.7.11_4 php74: 7.4.26 php74-bcmath: 7.4.26 php74-bz2: 7.4.26 php74-ctype: 7.4.26 php74-curl: 7.4.26 php74-dom: 7.4.26 php74-filter: 7.4.26 php74-gettext: 7.4.26 php74-intl: 7.4.26 php74-json: 7.4.26 php74-ldap: 7.4.26 php74-mbstring: 7.4.26 php74-opcache: 7.4.26 php74-openssl: 7.4.26 php74-openssl_x509_crl: 1.3 php74-pcntl: 7.4.26 php74-pdo: 7.4.26 php74-pdo_sqlite: 7.4.26 php74-pear: 1.10.12 php74-pear-Auth_RADIUS: 1.1.0_4 php74-pear-Cache_Lite: 1.8.3,1 php74-pear-Crypt_CHAP: 1.5.0 php74-pear-HTTP_Request2: 2.5.0,1 php74-pear-Mail: 1.4.1,1 php74-pear-Net_IPv6: 1.3.0.b2_2 php74-pear-Net_SMTP: 1.10.0 php74-pear-Net_Socket: 1.2.2 php74-pear-Net_URL2: 2.2.1 php74-pear-XML_RPC2: 1.1.4 php74-pecl-mcrypt: 1.0.4 php74-pecl-radius: 1.4.0b1_1 php74-pecl-rrd: 2.0.1_1 php74-pfSense-module: 0.76 php74-phpseclib: 2.0.17 php74-posix: 7.4.26 php74-readline: 7.4.26 php74-session: 7.4.26 php74-shmop: 7.4.26 php74-simplepie: 1.5.1_1 php74-simplexml: 7.4.26 php74-sockets: 7.4.26 php74-sqlite3: 7.4.26 php74-sysvmsg: 7.4.26 php74-sysvsem: 7.4.26 php74-sysvshm: 7.4.26 php74-tokenizer: 7.4.26 php74-xml: 7.4.26 php74-xmlreader: 7.4.26 php74-xmlwriter: 7.4.26 php74-zlib: 7.4.26 py38-ply: 3.11 py38-setuptools: 57.0.0 python38: 3.8.12_1 New packages to be INSTALLED: 7-zip: 22.01 [pfSense] gmp: 6.2.1 [pfSense] libpsl: 0.21.2_3 [pfSense] libsodium: 1.0.18 [pfSense] libsysinfo: 0.0.3_2 [pfSense] openldap26-client: 2.6.4 [pfSense] pfSense-Status_Monitoring-php82: 1.8_3 [pfSense] pfSense-boot: 2.7.0 [pfSense-core] php82: 8.2.6 [pfSense] php82-bcmath: 8.2.6 [pfSense] php82-bz2: 8.2.6 [pfSense] php82-ctype: 8.2.6 [pfSense] php82-curl: 8.2.6 [pfSense] php82-dom: 8.2.6 [pfSense] php82-filter: 8.2.6 [pfSense] php82-gettext: 8.2.6 [pfSense] php82-gmp: 8.2.6 [pfSense] php82-intl: 8.2.6 [pfSense] php82-ldap: 8.2.6 [pfSense] php82-mbstring: 8.2.6 [pfSense] php82-opcache: 8.2.6 [pfSense] php82-openssl_x509_crl: 1.3_2 [pfSense] php82-pcntl: 8.2.6 [pfSense] php82-pdo: 8.2.6 [pfSense] php82-pdo_sqlite: 8.2.6 [pfSense] php82-pear: 1.10.13 [pfSense] php82-pear-Auth_RADIUS: 1.1.0_4 [pfSense] php82-pear-Cache_Lite: 1.8.3,1 [pfSense] php82-pear-Crypt_CHAP: 1.5.0_2 [pfSense] php82-pear-HTTP_Request2: 2.5.1,1 [pfSense] php82-pear-Mail: 1.4.1,1 [pfSense] php82-pear-Net_IPv6: 1.3.0.b4_2 [pfSense] php82-pear-Net_SMTP: 1.10.1 [pfSense] php82-pear-Net_Socket: 1.2.2 [pfSense] php82-pear-Net_URL2: 2.2.1 [pfSense] php82-pear-XML_RPC2: 1.1.5 [pfSense] php82-pecl-mcrypt: 1.0.6 [pfSense] php82-pecl-radius: 1.4.0b1_2 [pfSense] php82-pecl-rrd: 2.0.3 [pfSense] php82-pfSense-module: 0.95 [pfSense] php82-phpseclib: 2.0.17 [pfSense] php82-posix: 8.2.6 [pfSense] php82-readline: 8.2.6 [pfSense] php82-session: 8.2.6 [pfSense] php82-shmop: 8.2.6 [pfSense] php82-simplexml: 8.2.6 [pfSense] php82-sockets: 8.2.6 [pfSense] php82-sqlite3: 8.2.6 [pfSense] php82-sysvmsg: 8.2.6 [pfSense] php82-sysvsem: 8.2.6 [pfSense] php82-sysvshm: 8.2.6 [pfSense] php82-tokenizer: 8.2.6 [pfSense] php82-xml: 8.2.6 [pfSense] php82-xmlreader: 8.2.6 [pfSense] php82-xmlwriter: 8.2.6 [pfSense] php82-zlib: 8.2.6 [pfSense] pkcs11-helper: 1.29.0 [pfSense] python311: 3.11.3 [pfSense] whois: 5.5.7 [pfSense] zstd: 1.5.4_2 [pfSense] Installed packages to be UPGRADED: bind-tools: 9.16.23 -> 9.18.14 [pfSense] ca_root_nss: 3.71 -> 3.89.1 [pfSense] ccid: 1.4.36 -> 1.5.1 [pfSense] check_reload_status: 0.0.11 -> 0.0.15 [pfSense] curl: 7.80.0 -> 8.1.0 [pfSense] cyrus-sasl: 2.1.27_2 -> 2.1.28 [pfSense] dbus: 1.12.20_5 -> 1.14.6,1 [pfSense] devcpu-data: 20211109 -> 20230513 [pfSense] devcpu-data-amd: 20211115 -> 20230424 [pfSense] devcpu-data-intel: 20210608 -> 20230512 [pfSense] dmidecode: 3.3 -> 3.5 [pfSense] dnsmasq: 2.86,1 -> 2.89_1,1 [pfSense] dpinger: 3.0 -> 3.3 [pfSense] expat: 2.4.1 -> 2.5.0 [pfSense] filterdns: 2.0_5 -> 2.2 [pfSense] gettext-runtime: 0.21 -> 0.21.1 [pfSense] glib: 2.70.2,2 -> 2.76.2,2 [pfSense] hostapd: 2.9_4 -> 2.10_5 [pfSense] icu: 70.1_1,1 -> 73.1,1 [pfSense] igmpproxy: 0.3,1 -> 0.4,1 [pfSense] isc-dhcp44-client: 4.4.2P1 -> 4.4.3P1 [pfSense] isc-dhcp44-relay: 4.4.2P1 -> 4.4.3P1 [pfSense] isc-dhcp44-server: 4.4.2P1_1 -> 4.4.3P1 [pfSense] json-c: 0.15_1 -> 0.16 [pfSense] ldns: 1.7.1_2 -> 1.8.3 [pfSense] libedit: 3.1.20210216,1 -> 3.1.20221030,1 [pfSense] libffi: 3.3_1 -> 3.4.4 [pfSense] libgcrypt: 1.9.4 -> 1.9.4_1 [pfSense] libgpg-error: 1.43 -> 1.47 [pfSense] libiconv: 1.16 -> 1.17 [pfSense] libidn2: 2.3.2 -> 2.3.4 [pfSense] libinotify: 20180201_2 -> 20211018 [pfSense] libltdl: 2.4.6 -> 2.4.7 [pfSense] liblz4: 1.9.3,1 -> 1.9.4,1 [pfSense] libnghttp2: 1.46.0 -> 1.52.0 [pfSense] libssh2: 1.9.0_3,3 -> 1.10.0_1,3 [pfSense] libunistring: 0.9.10_1 -> 1.1 [pfSense] libuv: 1.42.0 -> 1.45.0 [pfSense] libxml2: 2.9.12 -> 2.10.4 [pfSense] libxslt: 1.1.34_2 -> 1.1.37 [pfSense] links: 2.20.2_1,1 -> 2.29,1 [pfSense] lua-resty-core: 0.1.22 -> 0.1.26 [pfSense] lua-resty-lrucache: 0.11 -> 0.13 [pfSense] luajit-openresty: 2.1.20210510 -> 2.1.20230410 [pfSense] miniupnpd: 2.2.1_1,1 -> 2.3.3,1 [pfSense] mobile-broadband-provider-info: 20210805 -> 20221107 [pfSense] mpd5: 5.9_6 -> 5.9_16 [pfSense] nginx: 1.20.2_1,2 -> 1.24.0_6,3 [pfSense] ntp: 4.2.8p15_3 -> 4.2.8p15_5 [pfSense] oniguruma: 6.9.7.1 -> 6.9.8_1 [pfSense] opensc: 0.22.0 -> 0.23.0_1 [pfSense] openvpn: 2.5.4_1 -> 2.6.4 [pfSense] openvpn-client-export: 2.5.2 -> 2.5.8 [pfSense] pcre: 8.45 -> 8.45_3 [pfSense] pcre2: 10.39 -> 10.42 [pfSense] pcsc-lite: 1.9.4,2 -> 1.9.9,2 [pfSense] perl5: 5.32.1_1 -> 5.32.1_3 [pfSense] pfSense: 2.6.0 -> 2.7.0 [pfSense] pfSense-base: 2.6.0 -> 2.7.0 [pfSense-core] pfSense-default-config: 2.6.0 -> 2.7.0 [pfSense-core] pfSense-kernel-pfSense: 2.6.0 -> 2.7.0 [pfSense-core] pfSense-pkg-openvpn-client-export: 1.6_4 -> 1.8 [pfSense] pfSense-rc: 2.6.0 -> 2.7.0 [pfSense-core] pftop: 0.7_9 -> 0.8_2 [pfSense] readline: 8.1.1 -> 8.2.1 [pfSense] rrdtool: 1.7.2_4 -> 1.8.0_2 [pfSense] smartmontools: 7.2_3 -> 7.3 [pfSense] sqlite3: 3.35.5_4,1 -> 3.41.2,1 [pfSense] sshguard: 2.4.2_1,1 -> 2.4.2_2,1 [pfSense] strongswan: 5.9.4 -> 5.9.10_2 [pfSense] unbound: 1.13.2 -> 1.17.1_3 [pfSense] wpa_supplicant: 2.9_11 -> 2.10_6 [pfSense] Installed packages to be REINSTALLED: beep-1.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') bsnmp-regex-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') bsnmp-ucd-0.4.5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') bwi-firmware-kmod-3.130.20 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') choparp-20150613 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') cpdup-1.22 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') cpustats-0.1_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') dhcp6-20080615.2_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') dhcpleases-0.5_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') expiretable-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') filterlog-0.1_9 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') iftop-1.0.p4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') indexinfo-0.3.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') ipmitool-1.8.18_3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') libargon2-20190702 [pfSense] libevent-2.1.12 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') libmcrypt-2.5.8_3 [pfSense] libucl-0.8.2 [pfSense] lzo2-2.10_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') minicron-0.0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') mpdecimal-2.5.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') nss_ldap-1.265_14 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') openvpn-auth-script-1.0.0.3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') pam_ldap-186_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') pam_mkhomedir-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') pfSense-repo-2.7.0_1 [pfSense] pfSense-repoc-20230616 [pfSense] pfSense-upgrade-1.0_33 [pfSense] pkg-1.19.1_1 [pfSense] qstats-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') radvd-2.19_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') rate-0.9_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') scponly-4.8.20110526_5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') ssh_tunnel_shell-0.2_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') uclcmd-0.2.20211204 [pfSense] voucher-0.1_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') vstr-1.0.15_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') wol-0.7.1_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') wrapalixresetbutton-0.0.8 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') xinetd-2.3.15_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') zip-3.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') Number of packages to be removed: 55 Number of packages to be installed: 60 Number of packages to be upgraded: 72 Number of packages to be reinstalled: 41 The process will require 60 MiB more space. 287 MiB to be downloaded. [1/168] Fetching unbound-1.17.1_3.pkg: .......... done [2/168] Fetching isc-dhcp44-client-4.4.3P1.pkg: .......... done [3/168] Fetching php82-session-8.2.6.pkg: ...... done [4/168] Fetching php82-gmp-8.2.6.pkg: .... done [5/168] Fetching wpa_supplicant-2.10_6.pkg: .......... done [6/168] Fetching nginx-1.24.0_6,3.pkg: .......... done [7/168] Fetching pfSense-base-2.7.0.pkg: .......... done [8/168] Fetching mpdecimal-2.5.1.pkg: .......... done [9/168] Fetching filterlog-0.1_9.pkg: .. done [10/168] Fetching dpinger-3.3.pkg: .. done [11/168] Fetching php82-pear-Crypt_CHAP-1.5.0_2.pkg: . done [12/168] Fetching libidn2-2.3.4.pkg: .......... done [13/168] Fetching hostapd-2.10_5.pkg: .......... done [14/168] Fetching filterdns-2.2.pkg: ... done [15/168] Fetching devcpu-data-20230513.pkg: . done [16/168] Fetching libxslt-1.1.37.pkg: .......... done [17/168] Fetching libuv-1.45.0.pkg: .......... done [18/168] Fetching bsnmp-ucd-0.4.5.pkg: ... done [19/168] Fetching nss_ldap-1.265_14.pkg: ....... done [20/168] Fetching lzo2-2.10_1.pkg: .......... done [21/168] Fetching php82-pear-Net_Socket-1.2.2.pkg: . done [22/168] Fetching pfSense-rc-2.7.0.pkg: .. done [23/168] Fetching libunistring-1.1.pkg: .......... done [24/168] Fetching cpdup-1.22.pkg: .... done [25/168] Fetching php82-zlib-8.2.6.pkg: ... done [26/168] Fetching php82-dom-8.2.6.pkg: ......... done [27/168] Fetching php82-simplexml-8.2.6.pkg: ... done [28/168] Fetching php82-pfSense-module-0.95.pkg: ..... done [29/168] Fetching libiconv-1.17.pkg: .......... done [30/168] Fetching json-c-0.16.pkg: ......... done [31/168] Fetching devcpu-data-amd-20230424.pkg: ...... done [32/168] Fetching pam_mkhomedir-0.2.pkg: . done [33/168] Fetching choparp-20150613.pkg: . done [34/168] Fetching ldns-1.8.3.pkg: .......... done [35/168] Fetching lua-resty-core-0.1.26.pkg: .... done [36/168] Fetching php82-shmop-8.2.6.pkg: .. done [37/168] Fetching rate-0.9_2.pkg: ....... done [38/168] Fetching pcsc-lite-1.9.9,2.pkg: .......... done [39/168] Fetching lua-resty-lrucache-0.13.pkg: . done [40/168] Fetching qstats-0.2.pkg: . done [41/168] Fetching pfSense-Status_Monitoring-php82-1.8_3.pkg: ... done [42/168] Fetching openvpn-2.6.4.pkg: .......... done [43/168] Fetching cpustats-0.1_1.pkg: . done [44/168] Fetching php82-pecl-rrd-2.0.3.pkg: .. done [45/168] Fetching libnghttp2-1.52.0.pkg: .......... done [46/168] Fetching libxml2-2.10.4.pkg: .......... done [47/168] Fetching php82-pdo-8.2.6.pkg: ....... done [48/168] Fetching ipmitool-1.8.18_3.pkg: .......... done [49/168] Fetching php82-readline-8.2.6.pkg: .. done [50/168] Fetching php82-curl-8.2.6.pkg: ...... done [51/168] Fetching bsnmp-regex-0.6_2.pkg: ... done [52/168] Fetching icu-73.1,1.pkg: .......... done [53/168] Fetching pfSense-default-config-2.7.0.pkg: . done [54/168] Fetching php82-pecl-radius-1.4.0b1_2.pkg: .... done [55/168] Fetching dnsmasq-2.89_1,1.pkg: .......... done [56/168] Fetching bind-tools-9.18.14.pkg: .......... done [57/168] Fetching libmcrypt-2.5.8_3.pkg: .......... done [58/168] Fetching rrdtool-1.8.0_2.pkg: .......... done [59/168] Fetching openvpn-client-export-2.5.8.pkg: .......... done [60/168] Fetching pfSense-2.7.0.pkg: . done [61/168] Fetching libargon2-20190702.pkg: ......... done [62/168] Fetching radvd-2.19_2.pkg: ....... done [63/168] Fetching isc-dhcp44-server-4.4.3P1.pkg: .......... done [64/168] Fetching php82-mbstring-8.2.6.pkg: .......... done [65/168] Fetching php82-tokenizer-8.2.6.pkg: .. done [66/168] Fetching ntp-4.2.8p15_5.pkg: .......... done [67/168] Fetching opensc-0.23.0_1.pkg: .......... done [68/168] Fetching voucher-0.1_2.pkg: . done [69/168] Fetching dhcp6-20080615.2_4.pkg: .......... done [70/168] Fetching libpsl-0.21.2_3.pkg: ........ done [71/168] Fetching dmidecode-3.5.pkg: ......... done [72/168] Fetching php82-ldap-8.2.6.pkg: ..... done [73/168] Fetching pfSense-boot-2.7.0.pkg: .......... done [74/168] Fetching miniupnpd-2.3.3,1.pkg: .......... done [75/168] Fetching libevent-2.1.12.pkg: .......... done [76/168] Fetching ca_root_nss-3.89.1.pkg: .......... done [77/168] Fetching libinotify-20211018.pkg: .... done [78/168] Fetching links-2.29,1.pkg: .......... done [79/168] Fetching python311-3.11.3.pkg: .......... done [80/168] Fetching wol-0.7.1_4.pkg: .... done [81/168] Fetching php82-sysvmsg-8.2.6.pkg: .. done [82/168] Fetching dbus-1.14.6,1.pkg: .......... done [83/168] Fetching beep-1.0_1.pkg: . done [84/168] Fetching libedit-3.1.20221030,1.pkg: .......... done [85/168] Fetching php82-pear-Net_URL2-2.2.1.pkg: ... done [86/168] Fetching xinetd-2.3.15_2.pkg: .......... done [87/168] Fetching php82-pear-XML_RPC2-1.1.5.pkg: ........ done [88/168] Fetching mobile-broadband-provider-info-20221107.pkg: ........ done [89/168] Fetching vstr-1.0.15_1.pkg: .......... done [90/168] Fetching php82-posix-8.2.6.pkg: .. done [91/168] Fetching liblz4-1.9.4,1.pkg: .......... done [92/168] Fetching libgcrypt-1.9.4_1.pkg: .......... done [93/168] Fetching iftop-1.0.p4.pkg: ..... done [94/168] Fetching pkcs11-helper-1.29.0.pkg: .......... done [95/168] Fetching php82-sockets-8.2.6.pkg: ...... done [96/168] Fetching php82-8.2.6.pkg: .......... done [97/168] Fetching pfSense-kernel-pfSense-2.7.0.pkg: .......... done [98/168] Fetching php82-pear-Cache_Lite-1.8.3,1.pkg: ..... done [99/168] Fetching php82-sqlite3-8.2.6.pkg: .... done [100/168] Fetching zstd-1.5.4_2.pkg: .......... done [101/168] Fetching php82-xmlreader-8.2.6.pkg: ... done [102/168] Fetching pcre2-10.42.pkg: .......... done [103/168] Fetching scponly-4.8.20110526_5.pkg: ... done [104/168] Fetching php82-pear-Net_SMTP-1.10.1.pkg: ... done [105/168] Fetching libgpg-error-1.47.pkg: .......... done [106/168] Fetching php82-xml-8.2.6.pkg: ... done [107/168] Fetching curl-8.1.0.pkg: .......... done [108/168] Fetching gmp-6.2.1.pkg: .......... done [109/168] Fetching php82-pcntl-8.2.6.pkg: ... done [110/168] Fetching expiretable-0.6_2.pkg: . done [111/168] Fetching igmpproxy-0.4,1.pkg: .... done [112/168] Fetching gettext-runtime-0.21.1.pkg: .......... done [113/168] Fetching php82-intl-8.2.6.pkg: .......... done [114/168] Fetching php82-bcmath-8.2.6.pkg: ... done [115/168] Fetching php82-pear-Net_IPv6-1.3.0.b4_2.pkg: .. done [116/168] Fetching bwi-firmware-kmod-3.130.20.pkg: .... done [117/168] Fetching php82-bz2-8.2.6.pkg: .. done [118/168] Fetching ssh_tunnel_shell-0.2_1.pkg: .......... done [119/168] Fetching pkg-1.19.1_1.pkg: .......... done [120/168] Fetching indexinfo-0.3.1.pkg: . done [121/168] Fetching cyrus-sasl-2.1.28.pkg: .......... done [122/168] Fetching libsysinfo-0.0.3_2.pkg: .... done [123/168] Fetching php82-phpseclib-2.0.17.pkg: .......... done [124/168] Fetching php82-openssl_x509_crl-1.3_2.pkg: .. done [125/168] Fetching check_reload_status-0.0.15.pkg: ..... done [126/168] Fetching dhcpleases-0.5_1.pkg: .. done [127/168] Fetching php82-sysvshm-8.2.6.pkg: .. done [128/168] Fetching libltdl-2.4.7.pkg: ..... done [129/168] Fetching php82-xmlwriter-8.2.6.pkg: ... done [130/168] Fetching pcre-8.45_3.pkg: .......... done [131/168] Fetching zip-3.0_1.pkg: .......... done [132/168] Fetching pfSense-pkg-openvpn-client-export-1.8.pkg: ... done [133/168] Fetching mpd5-5.9_16.pkg: .......... done [134/168] Fetching sqlite3-3.41.2,1.pkg: .......... done [135/168] Fetching minicron-0.0.2.pkg: . done [136/168] Fetching openldap26-client-2.6.4.pkg: .......... done [137/168] Fetching php82-gettext-8.2.6.pkg: .. done [138/168] Fetching whois-5.5.7.pkg: ......... done [139/168] Fetching glib-2.76.2,2.pkg: .......... done [140/168] Fetching php82-pecl-mcrypt-1.0.6.pkg: ... done [141/168] Fetching devcpu-data-intel-20230512.pkg: .......... done [142/168] Fetching luajit-openresty-2.1.20230410.pkg: .......... done [143/168] Fetching libsodium-1.0.18.pkg: .......... done [144/168] Fetching perl5-5.32.1_3.pkg: .......... done [145/168] Fetching openvpn-auth-script-1.0.0.3.pkg: . done [146/168] Fetching oniguruma-6.9.8_1.pkg: .......... done [147/168] Fetching php82-pear-HTTP_Request2-2.5.1,1.pkg: .......... done [148/168] Fetching pam_ldap-186_1.pkg: ...... done [149/168] Fetching strongswan-5.9.10_2.pkg: .......... done [150/168] Fetching readline-8.2.1.pkg: .......... done [151/168] Fetching libffi-3.4.4.pkg: ...... done [152/168] Fetching ccid-1.5.1.pkg: ......... done [153/168] Fetching php82-ctype-8.2.6.pkg: . done [154/168] Fetching smartmontools-7.3.pkg: .......... done [155/168] Fetching libssh2-1.10.0_1,3.pkg: .......... done [156/168] Fetching php82-pear-Mail-1.4.1,1.pkg: ... done [157/168] Fetching php82-sysvsem-8.2.6.pkg: .. done [158/168] Fetching wrapalixresetbutton-0.0.8.pkg: . done [159/168] Fetching isc-dhcp44-relay-4.4.3P1.pkg: .......... done [160/168] Fetching pftop-0.8_2.pkg: ........ done [161/168] Fetching expat-2.5.0.pkg: .......... done [162/168] Fetching php82-opcache-8.2.6.pkg: .......... done [163/168] Fetching php82-pear-1.10.13.pkg: .......... done [164/168] Fetching php82-filter-8.2.6.pkg: ... done [165/168] Fetching php82-pdo_sqlite-8.2.6.pkg: .. done [166/168] Fetching sshguard-2.4.2_2,1.pkg: .......... done [167/168] Fetching 7-zip-22.01.pkg: .......... done [168/168] Fetching php82-pear-Auth_RADIUS-1.1.0_4.pkg: .. done Checking integrity... done (51 conflicting) - php82-session-8.2.6 [pfSense] conflicts with php74-session-7.4.26 [installed] on /usr/local/include/php/ext/session/php_session.h - php82-pear-Crypt_CHAP-1.5.0_2 [pfSense] conflicts with php74-pear-Crypt_CHAP-1.5.0 [installed] on /usr/local/share/pear/Crypt/CHAP.php - php82-pear-Net_Socket-1.2.2 [pfSense] conflicts with php74-pear-Net_Socket-1.2.2 [installed] on /usr/local/share/doc/pear/Net_Socket/LICENSE - php82-zlib-8.2.6 [pfSense] conflicts with php74-zlib-7.4.26 [installed] on /usr/local/include/php/ext/zlib/php_zlib.h - php82-dom-8.2.6 [pfSense] conflicts with php74-dom-7.4.26 [installed] on /usr/local/include/php/ext/dom/dom_ce.h - php82-simplexml-8.2.6 [pfSense] conflicts with php74-simplexml-7.4.26 [installed] on /usr/local/include/php/ext/simplexml/php_simplexml.h - php82-pfSense-module-0.95 [pfSense] conflicts with php74-pfSense-module-0.76 [installed] on /usr/local/include/php/ext/pfSense/php_pfSense.h - php82-shmop-8.2.6 [pfSense] conflicts with php74-shmop-7.4.26 [installed] on /usr/local/include/php/ext/shmop/php_shmop.h - pfSense-Status_Monitoring-php82-1.8_3 [pfSense] conflicts with pfSense-Status_Monitoring-1.7.11_4 [installed] on /etc/inc/priv/pfSense-Status_Monitoring.priv.inc - php82-pecl-rrd-2.0.3 [pfSense] conflicts with php74-pecl-rrd-2.0.1_1 [installed] on /usr/local/include/php/ext/rrd/rrd_info.h - php82-pdo-8.2.6 [pfSense] conflicts with php74-pdo-7.4.26 [installed] on /usr/local/include/php/ext/pdo/php_pdo.h - php82-readline-8.2.6 [pfSense] conflicts with php74-readline-7.4.26 [installed] on /usr/local/include/php/ext/readline/readline_cli.h - php82-curl-8.2.6 [pfSense] conflicts with php74-curl-7.4.26 [installed] on /usr/local/include/php/ext/curl/config.h - php82-pecl-radius-1.4.0b1_2 [pfSense] conflicts with php74-pecl-radius-1.4.0b1_1 [installed] on /usr/local/include/php/ext/radius/radius_init_const.h - php82-mbstring-8.2.6 [pfSense] conflicts with php74-mbstring-7.4.26 [installed] on /usr/local/include/php/ext/mbstring/php_mbregex.h - php82-tokenizer-8.2.6 [pfSense] conflicts with php74-tokenizer-7.4.26 [installed] on /usr/local/include/php/ext/tokenizer/config.h - php82-ldap-8.2.6 [pfSense] conflicts with php74-ldap-7.4.26 [installed] on /usr/local/include/php/ext/ldap/config.h - php82-sysvmsg-8.2.6 [pfSense] conflicts with php74-sysvmsg-7.4.26 [installed] on /usr/local/include/php/ext/sysvmsg/config.h - php82-pear-Net_URL2-2.2.1 [pfSense] conflicts with php74-pear-Net_URL2-2.2.1 [installed] on /usr/local/share/doc/pear/Net_URL2/docs/6470.php - php82-pear-XML_RPC2-1.1.5 [pfSense] conflicts with php74-pear-XML_RPC2-1.1.4 [installed] on /usr/local/share/doc/pear/XML_RPC2/docs/Makefile - php82-posix-8.2.6 [pfSense] conflicts with php74-posix-7.4.26 [installed] on /usr/local/include/php/ext/posix/config.h - php82-sockets-8.2.6 [pfSense] conflicts with php74-sockets-7.4.26 [installed] on /usr/local/include/php/ext/sockets/sendrecvmsg.h - php82-8.2.6 [pfSense] conflicts with php74-7.4.26 [installed] on /usr/local/bin/php - php82-8.2.6 [pfSense] conflicts with php74-json-7.4.26 [installed] on /usr/local/include/php/ext/json/php_json.h - php82-pear-Cache_Lite-1.8.3,1 [pfSense] conflicts with php74-pear-Cache_Lite-1.8.3,1 [installed] on /usr/local/share/doc/pear/Cache_Lite/LICENSE - php82-sqlite3-8.2.6 [pfSense] conflicts with php74-sqlite3-7.4.26 [installed] on /usr/local/include/php/ext/sqlite3/config.h - php82-xmlreader-8.2.6 [pfSense] conflicts with php74-xmlreader-7.4.26 [installed] on /usr/local/include/php/ext/xmlreader/config.h - php82-pear-Net_SMTP-1.10.1 [pfSense] conflicts with php74-pear-Net_SMTP-1.10.0 [installed] on /usr/local/share/doc/pear/Net_SMTP/LICENSE - php82-xml-8.2.6 [pfSense] conflicts with php74-xml-7.4.26 [installed] on /usr/local/include/php/ext/xml/php_xml.h - php82-pcntl-8.2.6 [pfSense] conflicts with php74-pcntl-7.4.26 [installed] on /usr/local/include/php/ext/pcntl/php_pcntl.h - php82-intl-8.2.6 [pfSense] conflicts with php74-intl-7.4.26 [installed] on /usr/local/include/php/ext/intl/intl_error.h - php82-bcmath-8.2.6 [pfSense] conflicts with php74-bcmath-7.4.26 [installed] on /usr/local/include/php/ext/bcmath/config.h - php82-pear-Net_IPv6-1.3.0.b4_2 [pfSense] conflicts with php74-pear-Net_IPv6-1.3.0.b2_2 [installed] on /usr/local/share/pear/Net/IPv6.php - php82-bz2-8.2.6 [pfSense] conflicts with php74-bz2-7.4.26 [installed] on /usr/local/include/php/ext/bz2/php_bz2.h - php82-phpseclib-2.0.17 [pfSense] conflicts with php74-phpseclib-2.0.17 [installed] on /usr/local/www/phpseclib/Crypt/AES.php - php82-openssl_x509_crl-1.3_2 [pfSense] conflicts with php74-openssl_x509_crl-1.3 [installed] on /usr/local/share/openssl_x509_crl/ASN1.php - php82-sysvshm-8.2.6 [pfSense] conflicts with php74-sysvshm-7.4.26 [installed] on /usr/local/include/php/ext/sysvshm/php_sysvshm.h - php82-xmlwriter-8.2.6 [pfSense] conflicts with php74-xmlwriter-7.4.26 [installed] on /usr/local/include/php/ext/xmlwriter/config.h - openldap26-client-2.6.4 [pfSense] conflicts with openldap24-client-2.4.59_4 [installed] on /usr/local/bin/ldapadd - php82-gettext-8.2.6 [pfSense] conflicts with php74-gettext-7.4.26 [installed] on /usr/local/include/php/ext/gettext/php_gettext.h - php82-pecl-mcrypt-1.0.6 [pfSense] conflicts with php74-pecl-mcrypt-1.0.4 [installed] on /usr/local/include/php/ext/mcrypt/php_mcrypt.h - php82-pear-HTTP_Request2-2.5.1,1 [pfSense] conflicts with php74-pear-HTTP_Request2-2.5.0,1 [installed] on /usr/local/share/doc/pear/HTTP_Request2/LICENSE - php82-ctype-8.2.6 [pfSense] conflicts with php74-ctype-7.4.26 [installed] on /usr/local/include/php/ext/ctype/config.h - php82-pear-Mail-1.4.1,1 [pfSense] conflicts with php74-pear-Mail-1.4.1,1 [installed] on /usr/local/share/doc/pear/Mail/LICENSE - php82-sysvsem-8.2.6 [pfSense] conflicts with php74-sysvsem-7.4.26 [installed] on /usr/local/include/php/ext/sysvsem/php_sysvsem.h - php82-opcache-8.2.6 [pfSense] conflicts with php74-opcache-7.4.26 [installed] on /usr/local/include/php/ext/opcache/zend_file_cache.h - php82-pear-1.10.13 [pfSense] conflicts with php74-pear-1.10.12 [installed] on /usr/local/bin/pear - php82-filter-8.2.6 [pfSense] conflicts with php74-filter-7.4.26 [installed] on /usr/local/include/php/ext/filter/filter_private.h - php82-pdo_sqlite-8.2.6 [pfSense] conflicts with php74-pdo_sqlite-7.4.26 [installed] on /usr/local/include/php/ext/pdo_sqlite/php_pdo_sqlite.h - 7-zip-22.01 [pfSense] conflicts with p7zip-16.02_3 [installed] on /usr/local/bin/7z - php82-pear-Auth_RADIUS-1.1.0_4 [pfSense] conflicts with php74-pear-Auth_RADIUS-1.1.0_4 [installed] on /usr/local/share/doc/pear/Auth_RADIUS/examples/radius-acct.php Checking integrity... done (0 conflicting) Conflicts with the existing packages have been found. One more solver iteration is needed to resolve them. The following 229 package(s) will be affected (of 0 checked): Installed packages to be REMOVED: openldap24-client: 2.4.59_4 p7zip: 16.02_3 pfSense-Status_Monitoring: 1.7.11_4 php74: 7.4.26 php74-bcmath: 7.4.26 php74-bz2: 7.4.26 php74-ctype: 7.4.26 php74-curl: 7.4.26 php74-dom: 7.4.26 php74-filter: 7.4.26 php74-gettext: 7.4.26 php74-intl: 7.4.26 php74-json: 7.4.26 php74-ldap: 7.4.26 php74-mbstring: 7.4.26 php74-opcache: 7.4.26 php74-openssl: 7.4.26 php74-openssl_x509_crl: 1.3 php74-pcntl: 7.4.26 php74-pdo: 7.4.26 php74-pdo_sqlite: 7.4.26 php74-pear: 1.10.12 php74-pear-Auth_RADIUS: 1.1.0_4 php74-pear-Cache_Lite: 1.8.3,1 php74-pear-Crypt_CHAP: 1.5.0 php74-pear-HTTP_Request2: 2.5.0,1 php74-pear-Mail: 1.4.1,1 php74-pear-Net_IPv6: 1.3.0.b2_2 php74-pear-Net_SMTP: 1.10.0 php74-pear-Net_Socket: 1.2.2 php74-pear-Net_URL2: 2.2.1 php74-pear-XML_RPC2: 1.1.4 php74-pecl-mcrypt: 1.0.4 php74-pecl-radius: 1.4.0b1_1 php74-pecl-rrd: 2.0.1_1 php74-pfSense-module: 0.76 php74-phpseclib: 2.0.17 php74-posix: 7.4.26 php74-readline: 7.4.26 php74-session: 7.4.26 php74-shmop: 7.4.26 php74-simplepie: 1.5.1_1 php74-simplexml: 7.4.26 php74-sockets: 7.4.26 php74-sqlite3: 7.4.26 php74-sysvmsg: 7.4.26 php74-sysvsem: 7.4.26 php74-sysvshm: 7.4.26 php74-tokenizer: 7.4.26 php74-xml: 7.4.26 php74-xmlreader: 7.4.26 php74-xmlwriter: 7.4.26 php74-zlib: 7.4.26 py38-ply: 3.11 py38-setuptools: 57.0.0 python38: 3.8.12_1 New packages to be INSTALLED: 7-zip: 22.01 [pfSense] gmp: 6.2.1 [pfSense] libpsl: 0.21.2_3 [pfSense] libsodium: 1.0.18 [pfSense] libsysinfo: 0.0.3_2 [pfSense] openldap26-client: 2.6.4 [pfSense] pfSense-Status_Monitoring-php82: 1.8_3 [pfSense] pfSense-boot: 2.7.0 [pfSense-core] php82: 8.2.6 [pfSense] php82-bcmath: 8.2.6 [pfSense] php82-bz2: 8.2.6 [pfSense] php82-ctype: 8.2.6 [pfSense] php82-curl: 8.2.6 [pfSense] php82-dom: 8.2.6 [pfSense] php82-filter: 8.2.6 [pfSense] php82-gettext: 8.2.6 [pfSense] php82-gmp: 8.2.6 [pfSense] php82-intl: 8.2.6 [pfSense] php82-ldap: 8.2.6 [pfSense] php82-mbstring: 8.2.6 [pfSense] php82-opcache: 8.2.6 [pfSense] php82-openssl_x509_crl: 1.3_2 [pfSense] php82-pcntl: 8.2.6 [pfSense] php82-pdo: 8.2.6 [pfSense] php82-pdo_sqlite: 8.2.6 [pfSense] php82-pear: 1.10.13 [pfSense] php82-pear-Auth_RADIUS: 1.1.0_4 [pfSense] php82-pear-Cache_Lite: 1.8.3,1 [pfSense] php82-pear-Crypt_CHAP: 1.5.0_2 [pfSense] php82-pear-HTTP_Request2: 2.5.1,1 [pfSense] php82-pear-Mail: 1.4.1,1 [pfSense] php82-pear-Net_IPv6: 1.3.0.b4_2 [pfSense] php82-pear-Net_SMTP: 1.10.1 [pfSense] php82-pear-Net_Socket: 1.2.2 [pfSense] php82-pear-Net_URL2: 2.2.1 [pfSense] php82-pear-XML_RPC2: 1.1.5 [pfSense] php82-pecl-mcrypt: 1.0.6 [pfSense] php82-pecl-radius: 1.4.0b1_2 [pfSense] php82-pecl-rrd: 2.0.3 [pfSense] php82-pfSense-module: 0.95 [pfSense] php82-phpseclib: 2.0.17 [pfSense] php82-posix: 8.2.6 [pfSense] php82-readline: 8.2.6 [pfSense] php82-session: 8.2.6 [pfSense] php82-shmop: 8.2.6 [pfSense] php82-simplexml: 8.2.6 [pfSense] php82-sockets: 8.2.6 [pfSense] php82-sqlite3: 8.2.6 [pfSense] php82-sysvmsg: 8.2.6 [pfSense] php82-sysvsem: 8.2.6 [pfSense] php82-sysvshm: 8.2.6 [pfSense] php82-tokenizer: 8.2.6 [pfSense] php82-xml: 8.2.6 [pfSense] php82-xmlreader: 8.2.6 [pfSense] php82-xmlwriter: 8.2.6 [pfSense] php82-zlib: 8.2.6 [pfSense] pkcs11-helper: 1.29.0 [pfSense] python311: 3.11.3 [pfSense] whois: 5.5.7 [pfSense] zstd: 1.5.4_2 [pfSense] Installed packages to be UPGRADED: bind-tools: 9.16.23 -> 9.18.14 [pfSense] ca_root_nss: 3.71 -> 3.89.1 [pfSense] ccid: 1.4.36 -> 1.5.1 [pfSense] check_reload_status: 0.0.11 -> 0.0.15 [pfSense] curl: 7.80.0 -> 8.1.0 [pfSense] cyrus-sasl: 2.1.27_2 -> 2.1.28 [pfSense] dbus: 1.12.20_5 -> 1.14.6,1 [pfSense] devcpu-data: 20211109 -> 20230513 [pfSense] devcpu-data-amd: 20211115 -> 20230424 [pfSense] devcpu-data-intel: 20210608 -> 20230512 [pfSense] dmidecode: 3.3 -> 3.5 [pfSense] dnsmasq: 2.86,1 -> 2.89_1,1 [pfSense] dpinger: 3.0 -> 3.3 [pfSense] expat: 2.4.1 -> 2.5.0 [pfSense] filterdns: 2.0_5 -> 2.2 [pfSense] gettext-runtime: 0.21 -> 0.21.1 [pfSense] glib: 2.70.2,2 -> 2.76.2,2 [pfSense] hostapd: 2.9_4 -> 2.10_5 [pfSense] icu: 70.1_1,1 -> 73.1,1 [pfSense] igmpproxy: 0.3,1 -> 0.4,1 [pfSense] isc-dhcp44-client: 4.4.2P1 -> 4.4.3P1 [pfSense] isc-dhcp44-relay: 4.4.2P1 -> 4.4.3P1 [pfSense] isc-dhcp44-server: 4.4.2P1_1 -> 4.4.3P1 [pfSense] json-c: 0.15_1 -> 0.16 [pfSense] ldns: 1.7.1_2 -> 1.8.3 [pfSense] libedit: 3.1.20210216,1 -> 3.1.20221030,1 [pfSense] libffi: 3.3_1 -> 3.4.4 [pfSense] libgcrypt: 1.9.4 -> 1.9.4_1 [pfSense] libgpg-error: 1.43 -> 1.47 [pfSense] libiconv: 1.16 -> 1.17 [pfSense] libidn2: 2.3.2 -> 2.3.4 [pfSense] libinotify: 20180201_2 -> 20211018 [pfSense] libltdl: 2.4.6 -> 2.4.7 [pfSense] liblz4: 1.9.3,1 -> 1.9.4,1 [pfSense] libnghttp2: 1.46.0 -> 1.52.0 [pfSense] libssh2: 1.9.0_3,3 -> 1.10.0_1,3 [pfSense] libunistring: 0.9.10_1 -> 1.1 [pfSense] libuv: 1.42.0 -> 1.45.0 [pfSense] libxml2: 2.9.12 -> 2.10.4 [pfSense] libxslt: 1.1.34_2 -> 1.1.37 [pfSense] links: 2.20.2_1,1 -> 2.29,1 [pfSense] lua-resty-core: 0.1.22 -> 0.1.26 [pfSense] lua-resty-lrucache: 0.11 -> 0.13 [pfSense] luajit-openresty: 2.1.20210510 -> 2.1.20230410 [pfSense] miniupnpd: 2.2.1_1,1 -> 2.3.3,1 [pfSense] mobile-broadband-provider-info: 20210805 -> 20221107 [pfSense] mpd5: 5.9_6 -> 5.9_16 [pfSense] nginx: 1.20.2_1,2 -> 1.24.0_6,3 [pfSense] ntp: 4.2.8p15_3 -> 4.2.8p15_5 [pfSense] oniguruma: 6.9.7.1 -> 6.9.8_1 [pfSense] opensc: 0.22.0 -> 0.23.0_1 [pfSense] openvpn: 2.5.4_1 -> 2.6.4 [pfSense] openvpn-client-export: 2.5.2 -> 2.5.8 [pfSense] pcre: 8.45 -> 8.45_3 [pfSense] pcre2: 10.39 -> 10.42 [pfSense] pcsc-lite: 1.9.4,2 -> 1.9.9,2 [pfSense] perl5: 5.32.1_1 -> 5.32.1_3 [pfSense] pfSense: 2.6.0 -> 2.7.0 [pfSense] pfSense-base: 2.6.0 -> 2.7.0 [pfSense-core] pfSense-default-config: 2.6.0 -> 2.7.0 [pfSense-core] pfSense-kernel-pfSense: 2.6.0 -> 2.7.0 [pfSense-core] pfSense-pkg-openvpn-client-export: 1.6_4 -> 1.8 [pfSense] pfSense-rc: 2.6.0 -> 2.7.0 [pfSense-core] pftop: 0.7_9 -> 0.8_2 [pfSense] readline: 8.1.1 -> 8.2.1 [pfSense] rrdtool: 1.7.2_4 -> 1.8.0_2 [pfSense] smartmontools: 7.2_3 -> 7.3 [pfSense] sqlite3: 3.35.5_4,1 -> 3.41.2,1 [pfSense] sshguard: 2.4.2_1,1 -> 2.4.2_2,1 [pfSense] strongswan: 5.9.4 -> 5.9.10_2 [pfSense] unbound: 1.13.2 -> 1.17.1_3 [pfSense] wpa_supplicant: 2.9_11 -> 2.10_6 [pfSense] Installed packages to be REINSTALLED: beep-1.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') bsnmp-regex-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') bsnmp-ucd-0.4.5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') bwi-firmware-kmod-3.130.20 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') choparp-20150613 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') cpdup-1.22 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') cpustats-0.1_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') dhcp6-20080615.2_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') dhcpleases-0.5_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') expiretable-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') filterlog-0.1_9 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') iftop-1.0.p4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') indexinfo-0.3.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') ipmitool-1.8.18_3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') libargon2-20190702 [pfSense] libevent-2.1.12 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') libmcrypt-2.5.8_3 [pfSense] libucl-0.8.2 [pfSense] lzo2-2.10_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') minicron-0.0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') mpdecimal-2.5.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') nss_ldap-1.265_14 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') openvpn-auth-script-1.0.0.3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') pam_ldap-186_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') pam_mkhomedir-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') pfSense-repo-2.7.0_1 [pfSense] pfSense-repoc-20230616 [pfSense] pfSense-upgrade-1.0_33 [pfSense] pkg-1.19.1_1 [pfSense] qstats-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') radvd-2.19_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') rate-0.9_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') scponly-4.8.20110526_5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') ssh_tunnel_shell-0.2_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') uclcmd-0.2.20211204 [pfSense] voucher-0.1_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') vstr-1.0.15_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') wol-0.7.1_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') wrapalixresetbutton-0.0.8 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') xinetd-2.3.15_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') zip-3.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64') Number of packages to be removed: 56 Number of packages to be installed: 60 Number of packages to be upgraded: 72 Number of packages to be reinstalled: 41 The process will require 54 MiB more space. >>> Downloading pkg... No packages are required to be fetched. Integrity check was successful. >>> Locking package pkg... done. >>> Upgrading pfSense-boot...>>> Unmounting /boot/efi... done. Updating pfSense-core repository catalogue... pfSense-core repository is up to date. Updating pfSense repository catalogue... pfSense repository is up to date. All repositories are up to date. Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): New packages to be INSTALLED: pfSense-boot: 2.7.0 [pfSense-core] Number of packages to be installed: 1 The process will require 6 MiB more space. [1/1] Installing pfSense-boot-2.7.0... [1/1] Extracting pfSense-boot-2.7.0: .......... done Updating the EFI loader >>> Upgrading pfSense-rc... Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense-rc: 2.6.0 -> 2.7.0 [pfSense-core] Number of packages to be upgraded: 1 [1/1] Upgrading pfSense-rc from 2.6.0 to 2.7.0... ===> Setting net.pf.request_maxcount=400000 [1/1] Extracting pfSense-rc-2.7.0: ...... done >>> Upgrading pfSense kernel... Checking integrity... done (0 conflicting) The following 1 package(s) will be affected (of 0 checked): Installed packages to be UPGRADED: pfSense-kernel-pfSense: 2.6.0 -> 2.7.0 [pfSense-core] Number of packages to be upgraded: 1 The operation will free 110 MiB. [1/1] Upgrading pfSense-kernel-pfSense from 2.6.0 to 2.7.0... [1/1] Extracting pfSense-kernel-pfSense-2.7.0: .......... done ===> Keeping a copy of current kernel in /boot/kernel.old >>> Removing unnecessary packages... done. >>> Activating boot environment default... done. System is going to be upgraded. Rebooting in 10 seconds. >>> Unlocking package pkg... done. Success
最後に
pfSense CEはいずれどこかの時点で終了するだろうという見方が今も多いので
pfSense CEが更新されたというだけでCEユーザは一安心というところですが
やはりpfSense CEの更新ペースが1年半というのはなかなか悩ましい問題です
ちなみにpfSense Plusの方はどういう更新ペースだったか確認してみると
pfSense CE 2.6.0と同時リリースされたのがpfSense Plus 22.01
今回の2.7.0と同時リリースされたのがpfSense Plus 23.05.1
この間に22.05と23.01のリリースがされていて
年数.月の表記でわかるように大体半年に1回の更新ペースとなってます
今後もpfSense CEがこの更新ペースになるのかは全くわかりませんし
致命的な問題があれば当然すぐ更新されると思ってますが
もし何もなければ次は1年半後の2025年に2.8.0リリースとなる可能性も覚悟しつつ
とりあえずしばらくは2.7.0で運用していこうと思います
コメント