pfSense CEをアップデートした記録 2.6.0→2.7.0
アップデート内容確認
pfSense CE 2.6.0からpfSense CE 2.7.0にアップデートします
変更点を確認
https://docs.netgate.com/pfsense/en/latest/releases/2-7-0.html
Upgrade Notes
Warning
Due to major changes in PHP and base OS versions, there is a higher than usual chance that packages will interfere with the upgrade process.
To give an upgrade the best possible chance of going smoothly, uninstall all packages before starting the upgrade.
General
PHP has been upgraded from 7.4.x to 8.2.6
The base operating system has been upgraded to FreeBSD 14-CURRENT
Warning
As a part of the FreeBSD upgrade this version removes several deprecated IPsec algorithms:
3DES Encryption
Blowfish Encryption
CAST 128 Encryption
MD5 HMAC Authentication
The best practice is to reconfigure tunnels using better encryption and test them before performing an upgrade to ensure a smoother transition.
On upgrade, IPsec tunnels will be adjusted to remove any deprecated algorithms from their configuration. The upgrade process will disable tunnels if they have no valid encryption or authentication options remaining. The upgrade process will notify the user of any changes it makes.
This change only affects IPsec and not other uses of these algorithms. For example, BGP can still use TCP-MD5 authentication.
Added support for ChaCha20-Poly1305 encryption with IPsec
Captive Portal has been migrated from IPFW to PF
A long-standing difficult-to-reproduce crash in Unbound during reloading has been addressed. Christian McDonald tracked down the source of the Unbound SIGHUP crashes to a reference counting bug within the MaxMindDB Python module. Both a patch to MaxMind and a port revision to FreeBSD ports were submitted and accepted, and the fix is included in the 2.7.0 release. It is now safe again to enable DHCP registration alongside Unbound Python mode in pfBlockerNG.
In addition to the Unbound crash, Christian also identified a memory leak with DHCP registration and Unbound Python mode (#10624). This is largely mitigated by updates to Python and related libraries, but there is additional ongoing work to resolve it further for future release.
Fix for UPnP and multiple game systems
New gateway state killing options for smoother failover
Firewall/NAT rule usability improvements such as buttons to toggle multiple rules and copy rules to other interfaces
OpenVPN upgraded to 2.6.4
OpenVPN Shared Key Tunnels Deprecated – They still work, but will trigger warnings in the logs and GUI.
New Packet Capture GUI
UDP Broadcast Relay Package
Security
pfSense CE 2.7.0-RELEASE includes fixes for the following potential vulnerabilities:
pfSense-SA-22_05.webgui: A potential XSS vulnerability in firewall_aliases.php from URL table alias URLs.
pfSense-SA-23_01.webgui: A potential XSS vulnerability in diag_edit.php from browsing directories containing specially crafted filenames on the filesystem.
pfSense-SA-23_02.webgui: A potential XSS vulnerability in system_camanager.php and system_certmanager.php from specially crafted descriptions when editing entries.
pfSense-SA-23_03.webgui: A potential authenticated arbitrary file creation vulnerability from the name parameter when creating or editing URL table aliases.
pfSense-SA-23_04.webgui: A potential authenticated arbitrary command execution vulnerability in status.php from specially crafted filenames on the filesystem.
pfSense-SA-23_05.sshguard: Anti-brute force protection bypass for GUI authentication requests containing certain proxy headers.
pfSense-SA-23_06.webgui A potential Authenticated Command Execution vulnerability from the bridgeif parameter on interfaces_bridge_edit.php in the GUI.
pfSense CE
Changes in this version of pfSense CE software.
Aliases / Tables
Fixed: Alias content is sometimes incomplete when an alias contains both FQDN and IP address entries #9296
Fixed: Alias with non-resolving FQDN entry breaks underlying PF table #12708
Fixed: Renaming an alias does not update the alias names in static routes and OpenVPN instances #12727
Added: Retain descriptions when exporting and importing aliases #12842
Fixed: Potential XSS from URL and URL Table alias URLs #13060
Fixed: Alias content is sometimes incomplete if the firewall cannot resolve an FQDN in the alias #13282
Added: Specify CA trust store location when downloading and validating URL alias content #13367
Fixed: Invalid alias name can still be used by code attempting to validate URL table content #13425
Fixed: Deleting an alias marks the subsystem as unclean but also unconditionally reloads the filter configuration #13538
Fixed: Missing descriptions for referrers to firewall aliases cause empty strings for references to be returned when deleting an in-use alias #13539
Fixed: Using PF reserved keywords for interface descriptions results in an invalid ruleset #14007
Fixed: Alias list is not sorted #14015
Authentication
Fixed: User password hashes pseudo-random number generator may return insecure salt value #12801
Added: GUI option to select the user password hashing algorithm #12855
Fixed: LDAP setup does not display ‘Global Root CA List’ option unless another CA also exists #13185
Fixed: Unable to set web interface session timeout to 0 (i.e. never expire) #13561
Fixed: Extra remote address information can confuse sshguard #13574
Changed: Improve LDAP debugging #13718
Added: Option to enable/disable console bell, enabled by default #14002
Auto Configuration Backup
Added: Option to list AutoConfigBackup entries in “reverse” order (newest at top) #11266
Added: Support for international characters in the AutoConfigBackup Hint/Identifier field #13388
Fixed: Auto Config Backup prints a confusing decryption error when using the wrong key #14060
Backup / Restore
Changed: Comply with current iteration standards when encrypting and decrypting configuration files #12556
Added: Support encrypted config.xml files when restoring via ECL #12685
Added: Notify user if AutoConfigBackup is unable to successfully upload a backup #12724
Added: Ability to sort AutoConfigBackup entries #12773
Fixed: Sanitize SHA-512 user password hashes in status.php output #12810
Added: Option to restore dashboard widget layout #13125
Fixed: PHP error restoring DHCP lease data on fresh installation: #13157
Fixed: Attempting to restore a 0 byte config.xml prints an error that the file cannot be read #13289
Fixed: Configuration history restores revision no matter which option is clicked in confirmation dialog #13861
Fixed: RRD restore process does not sanitize filenames from backup XML #13935
Build / Release
Changed: Disable pkg compatibility flag which creates txz file extension symbolic links #12782
CARP
Fixed: CARP VIPs can become master too early at boot time #2218
Changed: Reorganize CARP status page #12701
Fixed: CARP event storm when leaving persistent CARP maintenance mode #12961
Captive Portal
Fixed: Allowed IP/Hostname “Direction” option is never used #12649
Fixed: nginx logs an error that the port is already in use when restarting Captive Portal services #12651
Fixed: Value of net.inet.ip.dummynet.* OIDs in sysctl are ignored #12733
Fixed: Only TCP traffic is passed outbound through IPFW #12834
Changed: Transition Captive Portal from IPFW to PF #13100
Fixed: Voucher CSV output has leading space before voucher code #13272
Fixed: Captive Portal breaks policy based routing for MAC address bypass clients #13323
Fixed: Multiple Captive Portal interfaces do not properly form the list of portal IP addresses #13391
Fixed: Custom logo or background image is created with two dots (..) before the file extension #13396
Fixed: Captive Portal does not keep track of client data usage #13418
Fixed: All Captive Portal users are given the same limiter pipe pair #13488
Fixed: Captive Portal RADIUS start/stop accounting does not reset counters at each accounting start #13838
Fixed: Captive Portal does not apply RADIUS bandwidth limits to user pipes #13853
Certificates
Fixed: CA path is not defined when using curl in the shell #12737
Added: Option to retain the existing serial number when renewing a CA or certificate #13010
Fixed: Exporting a PKCS#12 file from the certificate manager does not use the intended encryption algorithm #13257
Fixed: Input validation is not rejecting invalid description characters when editing a CA or Certificate #13387
Fixed: CRL expiration date with default lifetime is too long, goes past UTCTime limit #13424
Fixed: ECDSA certificate renewal causes digest algorithm to be reset to SHA1 #13437
Fixed: Some blank SAN fields are not ignored when creating a certificate #14124
Added: Ability to edit Certificate Revocation List properties #14185
Changed: Add note to inform the user that the “Next Certificate Serial” value is ignored when the “Randomize Serial” option is enabled #14188
Configuration Backend
Added: Move command line history to a GUI option stored in config.xml rather than a manual flag file #12675
Added: Eliminate duplicate shell commands from history file #12741
Fixed: Input validation is checking RAM disk sizes when they are inactive #13479
Configuration Upgrade
Added: Playback script to perform a configuration upgrade on an arbitrary config.xml file #12973
Fixed: PHP Error in upgrade216_ipsec_create_vtimap() #14400
Console Menu
Fixed: Changing an interface IP address and gateway at the console does not save the new gateway if one already exists for the interface #12632
Added: Warn the user if they attempt to disable SSH from the menu while connected through SSH #13103
Fixed: Hidden menu option 100 incorrectly handles HTTPS detection #13258
DHCP (IPv4)
Added: Improve distinction between online and idle/offline entries in DHCP lease list #10345
Fixed: Disabling DHCP Server RRD statistics does not work #12710
Fixed: HTTPClient option not sent when using UEFI HTTP Boot #12892
Fixed: HTTPClient option does not work for static mappings #12896
Fixed: DHCP “Ignore denied clients” option with MAC Deny list set causes DHCP server to not start #12923
Added: Relax DHCP maximum lease time input validation #13118
Fixed: DHCP lease list displays wrong interface name in the “Leases in Use” summary if DHCP settings for a disabled interface remain in the configuration #13127
Changed: Clean up DHCP Server option language #13250
Fixed: DHCP Server generates an invalid configuration for static mappings when defining network booting and UEFI HTTPBoot URL #13573
Added: Input validation for numbered DHCP options in static mappings #13584
Fixed: DHCP Server page does not properly select a default interface tab if neither WAN nor LAN are capable of being DHCP servers #14115
DHCP (IPv6)
Fixed: Multiple DHCP6 WAN connections leads to multiple dhcp6c clients #6880
Fixed: DHCPv6 server does not skip interfaces configured with invalid ranges #12527
Fixed: RADVD can be started on both HA nodes when configured with an IPv6 link-local address #12582
Fixed: Uninitialized array in array_remove_duplicates() #12749
Fixed: Advanced DHCP6 client settings only work for a single interface #13462
Fixed: “Provide DNS servers to DHCPv6 clients” setting does not reflect a changed value until the page is reloaded #13594
Fixed: DHCPv6 rules are not created for interfaces with static IPv6 #13633
DNS Forwarder
Fixed: DNS Forwarder refuses valid retries from clients in certain cases #12901
Fixed: DNS Forwarder creates a loop when “Use local DNS, ignore remote DNS servers” is selected #12902
Fixed: DNS Forwarder custom options may fail after save/restore when options are only separated by newline #13105
Fixed: DNS Forwarder (dnsmasq) is using an invalid combination of options when “Query DNS servers sequentially” is enabled #13655
DNS Resolver
Fixed: Memory leak in Unbound with Python module and DHCP lease registration active #10624
Fixed: Unbound crashes with signal 11 when reloading #11316
Fixed: DNS Resolver is restarted during every rc.newwanip event even for interfaces not used in the resolver #12612
Fixed: DNS Resolver does not restart during link up/down events on a static IP address interface #12613
Added: Automatically create DNS Resolver ACLs for OpenVPN CSO entries #12636
Fixed: DNS Resolver help text for System Domain Local Zone Type option refers users to unbound.conf(5) man page instead of pfSense docs #12781
Fixed: DNS Resolver updates trust anchor at boot even with DNSSEC disabled which can lead to a startup delay of ~2 minutes if the firewall does not have Internet access #12985
Fixed: DNS Resolver ACLs are not updated when OpenVPN networks change #12991
Added: DNS Resolver option to keep probing when servers are down #13023
Fixed: DNS resolver does not update its configuration or reload during link down events #13254
Fixed: DNS Resolver responds with unexpected source address when the DNS over TLS server function is enabled #13393
Fixed: Incorrect word in “Network Interfaces” help text on services_unbound.php #13453
Fixed: DNS Resolver does not generate automatic ACLs for IPv6 when Network Interfaces is set to “All” #13851
Changed: Update Unbound to use Python 3.11 instead of Python 3.9 #13867
Changed: Update Unbound to 1.17.1 #13893
Fixed: DNS Resolver experiences intermittent resolution failures with SSL over TLS due to ASLR #14056
Fixed: Setting system DNS servers can incorrectly modify routes for interface addresses #14288
Fixed: Discrepancy in “TTL for Host Cache Entries” Description #14358
Dashboard
Fixed: Firewall log widget action icon features stop working when new log entries are added dynamically #6253
Added: Show Inactive for Hardware Crypto output instead of empty field on System Information dashboard widget when nothing can be accelerated #12714
Fixed: Uptime displays plural seconds for multiple minutes in the System Information Dashboard widget #14176
Added: Support for Intel PCH temperature values in thermal sensors #14255
Diagnostics
Fixed: diag_pftop.php does not fully encode output #12915
Fixed: File browser on diag_edit.php does not encode filenames before display #13262
Fixed: Neighbor hostnames in the NDP Table on diag_ndp.php are always empty #13318
Fixed: status.php uses <name> component of /tmp/rules.packages.<name> filenames in shell command without encoding #13426
Changed: Add multicast group membership (ifmcstat) to status.php #13731
Changed: Add more disk information to status output #14103
Dynamic DNS
Fixed: Dynamic DNS custom IPv6 service fails on 6rd tunnels #12590
Fixed: GleSYS Dynamic DNS responses are not parsed properly #12672
Added: IPv6 support for DNSimple Dynamic DNS #12744
Fixed: Input validation prevents configuring wildcard Dynamic DNS records on GoDaddy #12750
Added: Support wildcard Dynamic DNS records on DigitalOcean #12752
Fixed: Google Domains Dynamic DNS responses are not parsed properly #12754
Fixed: Input validation prevents configuring wildcard Dynamic DNS records on Google Domains #12761
Fixed: Namecheap Dynamic DNS responses are not parsed properly #12816
Fixed: Clicking Save & Force Update on a Dynamic DNS entry results in a GUI timeout #12870
Fixed: DigitalOcean Dynamic DNS update fails with a “bad request” error #13167
Fixed: Dynv6 Dynamic DNS client does not check the response code when updating #13298
Fixed: DNSExit Dynamic DNS updates no longer work #13303
Changed: Improve DynDNS help text readability #14186
FilterDNS
Fixed: Resolve interval for filterdns may not match the configured value #13067
FreeBSD
Fixed: Cannot set EFI console as primary console when using both EFI and Serial #13080
Fixed: CVE-2022-23093 / FreeBSD-SA-22:15.ping #13716
Changed: Update Time Zone data to 2023c or later #14209
Gateway Monitoring
Fixed: Gateway monitoring should mark gateway as “offline” on PPPoE parent interface disconnect #12633
Added: Option to disable auto-addition of static routes for dpinger #12687
Changed: Update dpinger to 3.2 #12881
Fixed: Marking a gateway as down does not affect IPsec entries using gateway groups #13076
Fixed: Incorrect function parameters for get_dpinger_status() call in gwlb.inc #13295
Gateways
Fixed: fixup_default_gateway() should not remove a default gateway managed by a dynamic routing daemon #11692
Fixed: IPv6 link local gateway default status not indicated in GUI #11764
Fixed: IPv6 gateway group using link local addresses incorrectly logs a gateway change because it not including interface scope properly #12721
Added: Retain knowledge of previous dynamic gateway IP address when interface is down #12931
Fixed: Recovering interface gateway may not be added back into gateway groups and rules when expected #13228
Fixed: Gateway popup in firewall rule list does not indicate current gateway status #14327
Hardware / Drivers
Added: Chelsio TOE support using the t4_tom module #9091
Fixed: Intel e1000 driver (em, igb) cannot pass packets tagged with VLAN 0 #12821
Fixed: Hyper-V RSC support in hn(4) driver is enabled by default and results in very low throughput #12873
Fixed: Malicious Driver Detection event on ixl(4) driver #13003
Fixed: UDP checksum errors with ixgbe interfaces #13883
High Availability
Added: Use consistent pf host ID and add GUI option to set a custom host ID in state synchronization settings #12702
IGMP Proxy
Fixed: IGMP Proxy server is restarted during every rc.newwanip event #12609
IPsec
Added: Option to choose default tab in IPsec status Dashboard widget #2456
Fixed: IPsec VTI phase 2 traffic selectors default to address when defined as a network #11226
Fixed: filterdns does not monitor remote IPsec gateways for IPv6 address changes #12645
Fixed: Disallow remote gateway of 0.0.0.0 for VTI mode #12723
Fixed: VTI gateway status stuck as “pending” after reboot #12763
Fixed: ESP description in IPsec phase 2 proposal help text is ambiguous #12953
Fixed: IKEv2 Mobile IPsec clients do not receive INTERNAL_DNS_DOMAIN (value 25) attribute #12975
Fixed: Deadlock in Charon VICI interface #13014
Added: GUI option for IPsec dns-interval setting #13057
Fixed: Delete function for IPsec SAD entries on status_ipsec_sad.php does not work #13071
Fixed: Mobile IPsec clients cannot be manually disconnected from IPsec status screen #13131
Fixed: IPsec rejects certificates if any SAN is wildcard rather than rejecting when all SANs are wildcard #13373
Changed: Information box on status_ipsec.php says “IPsec not enabled” even when a tunnel is established #13398
Fixed: Incorrect quoting of Split DNS attribute value in strongswan.conf #13579
Added: Support for ChaCha20-Poly1305 encryption with IPsec #13647
Changed: Remove deprecated IPsec algorithms (3DES, Blowfish, and CAST 128 encryption; MD5 HMAC/Hashing) #13648
Fixed: Reassembled packets received on a VTI are not forwarded #14396
Installer
Fixed: Support encrypted config.xml files when restoring during install #12691
Added: Recover existing SSH keys during installation #12809
Interfaces
Added: Show SFP module details on status_interfaces.php #8861
Added: Improved support for USB interfaces that may not always be present #9393
Fixed: Primary interface address is not always used when VIPs are present #11545
Fixed: PPPoE WAN IP address different than expected when set static by ISP #11629
Added: Support for VLAN 0 #12070
Fixed: devd is not configured to act on USB interface attach/detach events #12606
Changed: Restart services on interface changes #12619
Fixed: Interface status “Total Interrupts” display is non-functional #12735
Fixed: L2TP/PPTP interface assignment page loses some values after input validation error #12780
Fixed: Link-Local IPv6 address on WAN with MAC spoofing changes if there is an IP Alias on WAN #12790
Fixed: Link-local address does not reset after removing MAC address spoofing #12794
Fixed: Disabled Captive Portal configuration prevents adding an interface to a bridge #12866
Fixed: The ruleset is not regenerated after assigning an interface #12949
Fixed: Bridges with QinQ interfaces not properly set up at boot #13225
Changed: Start rtsold immediately after dhcp6c sends a request #13492
Fixed: Several advanced DHCP6 client options do not inform the user when rejecting invalid input #13493
Changed: Clean up obsolete code in pfSense-dhclient-script #13501
Fixed: DHCP client can fail permanently if an interface is down at boot #13671
Fixed: Code that sets IPv6 MTU can unintentionally act on IPv4 addresses #13675
Changed: Trim blank characters from static IP address fields on the Interface configuration page #13959
Fixed: Bridge interface is not properly validated when submitted on interfaces_bridge_edit.php #14052
L2TP
Fixed: L2TP MPD configuration is not updated when a dynamic WAN IP address changes #13066
Fixed: L2TP stays bound to previous IP address after static IP address change #13082
Fixed: Static routes to destinations at L2TP clients are not re-added after a client reconnects #13099
LAGG Interfaces
Added: GUI option to configure layers for LACP hash #12819
Logging
Added: Option to control log level of authentication messages in system logs (“Emergency” vs “Notice” level) #12464
Notifications
Fixed: Slack notification options only allow - as a special character in channel names #13083
Fixed: Identical SMTP notifications repeat in an infinite loop under certain conditions #14031
Fixed: Notices incorrectly set system LEDs on hardware with less than three LEDs #14482
OpenVPN
Fixed: OpenVPN IPv4 Tunnel Network incorrectly allows hostnames #11416
Fixed: OpenVPN stays bound to previous IP address after interface changes #11864
Added: OpenVPN option to limit concurrent connections per user #12267
Fixed: OpenVPN does not clear old Cisco-AVPair anchor rules in some cases #12332
Added: Use deferred client connections in OpenVPN #12407
Fixed: OpenVPN re-synchronization also synchronizes override entries unnecessarily in some cases #12628
Fixed: Automatic filter reload with OpenVPN client gateway uplink happens too soon or not at all #12771
Fixed: PHP error when terminating OpenVPN sessions via the dashboard widget #12817
Fixed: OpenVPN status display for TAP mode services shows peer-to-peer instead of client list in certain cases #12884
Fixed: GUI does not reject an invalid OpenVPN tap mode configuration with an empty tunnel network “Bridge DHCP” disabled #12887
Fixed: FQDN in network alias is omitted from OpenVPN networks list #12925
Changed: Warn about OpenVPN shared key deprecation #12981
Fixed: OpenVPN remote_cert_tls option does not behave correctly when enabled and later disabled #13056
Fixed: Gateway events for IPv6 affect IPv4 OpenVPN instances and vice versa #13061
Fixed: OpenVPN Client Overrides: properly hide/show form fields #13088
Fixed: OpenVPN client tls-client/client configuration directive not handled properly #13116
Changed: OpenVPN status page improvements #13129
Fixed: OpenVPN client-connect file contains topology #13133
Fixed: Per-user route files are not removed from /tmp when they are no longer needed #13145
Fixed: OpenVPN status for multi-user VPN shows info icon to display RADIUS rules when there are none to display #13243
Fixed: OpenVPN override IPv4 tunnel network field changing value improperly #13274
Changed: Update OpenVPN Wizard to match current certificate and OpenVPN options #14183
Changed: Remove deprecated NCP enable/disable toggle from OpenVPN #14201
Operating System
Fixed: pf hostid value is handled inconsistently #12703
Fixed: Some sysctl OIDs in loader.conf.local are silently removed #12862
Fixed: Output from pfctl -vvsr does not include ridentifier value in the expected location #12868
Changed: Update memory graphs to account for changes in memory reporting #14011
Fixed: Netlink debug messages from IPsec #14370
Added: wpa_supplicant: add VLAN 0 support #14457
PHP Interpreter
Added: Upgrade PHP from 7.4 to 8.1 #13446
Fixed: fcgicli fails to write packets with nvpair values that exceed 128 bytes #13638
Changed: Update PHP to 8.2.6 #14027
PPP Interfaces
Fixed: Services are not restarted when PPP interfaces connect #12811
Fixed: PPPoE WANs fail to reconnect after parameter negotiation failure #13092
Fixed: PPP interface custom reset date/time Hour and Minute fields do not properly handle 0 value #13307
Fixed: IPv6 does not work on secondary PPPoE WAN #13939
PPPoE Server
Fixed: PPPoE server panics with multiple client connections #13210
Package System
Fixed: Packages are not automatically reinstalled when restoring configuration using the installer #12105
Fixed: Packages with custom internal_name values do not reinstall properly when restoring a backup #12766
Fixed: write_rcfile() does not create rc_restart() entry #13004
Added: Package plugin hook for web server configuration stanzas #13054
Packet Capture
Added: Button to clear previous packet capture data #12968
Added: Packet Capture GUI with granular control #13382
Routing
Added: Enable ROUTE_MPATH multipath routing #9544
Fixed: Setting a default gateway of “None” does not remove the default gateway from the routing table #12536
Fixed: Cannot remove IPv6 static routes #12728
Fixed: Explicit PPPoE disconnect of a WAN Gateway Group member may not restore a default route #13048
Rules / NAT
Added: Toggle button to disable/enable multiple firewall rules #2505
Added: Port forward NAT rules with “any” protocol #4259
Added: Allow NPt to use dynamic IPv6 networks #4881
Added: Button to copy rules from one interface to another #8365
Fixed: Rule separator positions change when deleting multiple rules #9887
Fixed: Automatic Outbound NAT mode can create incorrect rules in some cases #11984
Added: Utilize new pfctl abilities to kill states #12092
Fixed: NAT reflection does not work for IPv6 port forwarding rules when configured for NAT+Proxy mode #12319
Added: Allow the selection of “any” interface in floating rules #12392
Fixed: Applying firewall rule changes does not clear dirty flag for aliases subsystem #12678
Fixed: Automatic Outbound NAT rules do not include OpenVPN CSO entries #12792
Fixed: Error loading ruleset due to illegal TOS value #12803
Fixed: High latency and packet loss during a filter reload #12827
Fixed: On startup “No routing address with matching address” might appear #12847
Added: Toggle button to disable/enable multiple entries on NAT pages #12879
Fixed: Delete button is always active for NAT rules, even if no rules are selected #12957
Fixed: NAT Reflection generates duplicate rules when internal interface contains multiple VIPs in the same subnet #13012
Fixed: NAT generates duplicate no nat on rules for port forwards with a destination of Any #13015
Fixed: Input validation requires a gateway for floating match out rules #13027
Fixed: Empty negate_networks table breaks policy routing rules #13049
Fixed: The negate_networks table is not updated when an OpenVPN server is deleted #13055
Added: Allow auto prefix with manual prefix-length in NPt #13070
Fixed: Info icon on firewall_nat_out.php is incorrectly placed in manual outbound NAT mode #13164
Fixed: Changing the redirect target for a Port Forward with an associated filter creates an incorrect firewall rule #13171
Fixed: Incorrect usage of DSCP hex value #13178
Fixed: TCP traffic sourced from the firewall can only use the default gateway #13420
Fixed: easyrule CLI script has multiple bugs and undesirable behaviors #13445
Changed: Correct DHCP client rule descriptions in the generated firewall ruleset #13505
Fixed: Toggling NAT rules using the button method does not enable/disable corresponding firewall rules #13545
Fixed: The “Kill States” button does not work consistently #14091
Changed: Match upstream changes in PF syntax to disable fragment disassembly #14098
Fixed: Associated firewall rule for NAT port forward does not inherit nosync property, gets synchronized #14335
Fixed: Default tab on firewall_rules.php is not selected if the configuration has no WAN interface #14345
Fixed: Outbound NAT rule input validation error when attempting to manually specify “Other Subnet” with a valid address #14354
Fixed: Enable IPv6 over IPv4 tunneling option results in invalid PF rule #14415
SNMP
Fixed: SNMP daemon is restarted during every rc.newwanip event #12611
Services
Fixed: NTP service is not listed on status_services.php unless config.xml contains NTP configuration data #12775
Setup Wizard
Changed: Update firewall host and domain fields in the Setup Wizard to match the description and warning text from system.php #14250
System Logs
Fixed: Firewall log parser does not handle SCTP log entries #13940
Traffic Shaper (ALTQ)
Changed: Remove code references to unused reset parameter from traffic shaper pages #13042
Added: ALTQ GUI support for Broadcom Netextreme II (bxe) interfaces #13304
Added: Include ixv in ALTQ capable NIC list #14408
Traffic Shaper (Limiters)
Fixed: Incorrect ICMP reply when using limiters #9263
Fixed: Pie and fq_pie are missing options and do not handle floating point number input correctly #12003
Fixed: Utilize dnctl(8) to apply limiter changes without a filter reload #12579
Fixed: Traffic routed through DUMMYNET by PF fails when IPFW is enabled #12954
Fixed: Traffic shaped by limiters is dropped when routed to a GIF gateway #14055
Traffic Shaper Wizards
Fixed: Traffic Shaper wizard can produce an invalid ruleset when configured with an IPv4 upstream SIP server #12937
Translations
Fixed: Polish translation contains an invalid sprintf() format in the text for firewall_nat_out_edit.php #13946
UPnP/NAT-PMP
Fixed: UPnP/NAT-PMP status page does not display all port mappings #4500
Added: uPnP fails to properly give out subsequent reservations when multiple gaming systems are playing the same game/using the same port #7727
Changed: Reorganize UPnP options #12624
Changed: Update miniupnpd to 2.3.3 #14307
Unknown
Fixed: Many exec() functions do not use full path to executable files #11941
Fixed: URL scheme is not properly validated in some cases #14356
Upgrade
Fixed: Upgrade does not work when using only IPv6 DNS servers #13162
Fixed: pfSense-boot can fail to copy the EFI bootloader #14045
User Manager / Privileges
Added: Support for RADIUS authentication over IPv6 #4154
Fixed: Icon missing for user manager entries with a scope other than “user” #13174
Virtual IP Addresses
Fixed: Firewall rules are not reloaded when removing a VIP, outdated rules/entries remain active #13908
Web Interface
Fixed: Unnecessary link tag in login page #7996
Fixed: “Dark” theme does not sufficiently distinguish between selected and deselected elements in option lists #11730
Fixed: Lack of DNS or Internet connectivity causes GUI to be slow #12141
Changed: GUI pages should use POST for AJAX calls, not GET #12431
Fixed: Zero-value prefix IPv6 addresses are mishandled #12440
Added: Option to filter state table contents by rule ID #12616
Fixed: Changing RAM disk size does not prompt to reboot #12876
Fixed: VGA install defaults to serial as primary console when loading/saving admin GUI settings without making changes #12960
Fixed: Input validation for IPv6 addresses allows invalid address compression in some cases #13069
Added: Trim whitespace from MAC addresses in user input #13109
Changed: Spelling and typo corrections #13357
Fixed: “Dark” theme uses the same colors for disabled and enabled input fields #13390
Fixed: Input validation on system_advanced_firewall.inc uses incorrect variable references for some fields #13436
Changed: Update external HTTPS/HTTP links #13440
Fixed: Table row selection has poor contrast in Dark theme #13448
Added: Support for iwlwifi wireless interfaces #14050
Wireless
Fixed: Wireless interface WPA configuration fields are always visible #12998
Fixed: Duplicate wireless interfaces are created at boot #12999
XMLRPC
Fixed: Deleting a user on the primary node does not delete its home directory on secondary node during XMLRPC sync #12940
Fixed: Filter/NAT rules configured with “No XMLRPC Sync” enabled are still synchronized #14316
pfSense CE体制になってから初のバージョンアップがきました
pfSense CE 2.6.0リリースが2022/02でpfSense CE 2.7.0リリースが2023/06なので
なんと約1年半ぶりの更新となります
さすがに1年半も空くと使用しているベースOSも
STABLEからCURRENTに変更された影響もあって
FreeBSD12.3-STABLEからFreeBSD14.0-CURRENTになり
13をスキップして一気に14ベースになりました
(現時点ではFreeBSD14.0-STABLEはまだリリース前、2023年末リリース予定)
当然ながら内部で使用していたソフトウェア関連も
ほとんどがそれなりに数字の飛ぶバージョンアップがされており
内蔵PHPも7.4.26から8.2.6になってます
この関係で別途追加でパッケージをインストールしている場合は
特にPHPの関係でエラーが発生しやすいらしく
pfSense本体とは別に不具合がそれなりに発生している様子です
不具合修正もパッケージ更新待ちになる為
解消するかは各パッケージ次第、追加でパッケージ導入している方は
事前に情報収集された方がいいかもしれません
不具合報告を見ていると変更箇所が多い影響からか
ブートしなくなったりルーティングやFWルールが壊れていたなど
本体の問題と思われる報告が普段より多い印象を受けるので
時間に余裕があり問題があればすぐに2.6.0へ戻せるような状態での作業をオススメします
アップデートの作業時間はダウンロード時間が長く、30分程度を要しました
ダウンタイムとなる再起動は通常1分30秒ほどで済む環境で3~4分ほどと
再起動カウントダウンは何回か待つことになりますが
気長に待ちましょう
アップデート後、数日経過してますが特に不具合は発生してません
アップデートの手順
事前に設定のバックアップをした上で以下の操作でアップデートを実行
手順はいつもと同じです
2.6.0から2.7.0へアップデートと表示出てるのを確認して「Confirm」を押す
無事に完了すると自動で再起動開始されます
最後に2.7.0の状態で設定をバックアップして完了
Update時の処理ログ
Migrating /cf to ZFS dataset pfSense/ROOT/default/cf... done.
Migrating /var/cache/pkg to ZFS dataset pfSense/ROOT/default/var_cache_pkg... done.
Migrating /var/db/pkg to ZFS dataset pfSense/ROOT/default/var_db_pkg... done.
>>> Updating repositories metadata...
Updating pfSense-core repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: . done
Processing entries: . done
pfSense-core repository update completed. 7 packages processed.
Updating pfSense repository catalogue...
Fetching meta.conf: . done
Fetching packagesite.pkg: .......... done
Processing entries: .......... done
pfSense repository update completed. 532 packages processed.
All repositories are up to date.
>>> Locking package pkg... done.
>>> Setting vital flag on pkg... done.
>>> Removing vital flag from php74... done.
>>> Unlocking package pkg... done.
>>> Downloading upgrade packages...
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
Checking for upgrades (170 candidates): .......... done
Processing candidates (170 candidates): ....... done
The following 228 package(s) will be affected (of 0 checked):
Installed packages to be REMOVED:
openldap24-client: 2.4.59_4
pfSense-Status_Monitoring: 1.7.11_4
php74: 7.4.26
php74-bcmath: 7.4.26
php74-bz2: 7.4.26
php74-ctype: 7.4.26
php74-curl: 7.4.26
php74-dom: 7.4.26
php74-filter: 7.4.26
php74-gettext: 7.4.26
php74-intl: 7.4.26
php74-json: 7.4.26
php74-ldap: 7.4.26
php74-mbstring: 7.4.26
php74-opcache: 7.4.26
php74-openssl: 7.4.26
php74-openssl_x509_crl: 1.3
php74-pcntl: 7.4.26
php74-pdo: 7.4.26
php74-pdo_sqlite: 7.4.26
php74-pear: 1.10.12
php74-pear-Auth_RADIUS: 1.1.0_4
php74-pear-Cache_Lite: 1.8.3,1
php74-pear-Crypt_CHAP: 1.5.0
php74-pear-HTTP_Request2: 2.5.0,1
php74-pear-Mail: 1.4.1,1
php74-pear-Net_IPv6: 1.3.0.b2_2
php74-pear-Net_SMTP: 1.10.0
php74-pear-Net_Socket: 1.2.2
php74-pear-Net_URL2: 2.2.1
php74-pear-XML_RPC2: 1.1.4
php74-pecl-mcrypt: 1.0.4
php74-pecl-radius: 1.4.0b1_1
php74-pecl-rrd: 2.0.1_1
php74-pfSense-module: 0.76
php74-phpseclib: 2.0.17
php74-posix: 7.4.26
php74-readline: 7.4.26
php74-session: 7.4.26
php74-shmop: 7.4.26
php74-simplepie: 1.5.1_1
php74-simplexml: 7.4.26
php74-sockets: 7.4.26
php74-sqlite3: 7.4.26
php74-sysvmsg: 7.4.26
php74-sysvsem: 7.4.26
php74-sysvshm: 7.4.26
php74-tokenizer: 7.4.26
php74-xml: 7.4.26
php74-xmlreader: 7.4.26
php74-xmlwriter: 7.4.26
php74-zlib: 7.4.26
py38-ply: 3.11
py38-setuptools: 57.0.0
python38: 3.8.12_1
New packages to be INSTALLED:
7-zip: 22.01 [pfSense]
gmp: 6.2.1 [pfSense]
libpsl: 0.21.2_3 [pfSense]
libsodium: 1.0.18 [pfSense]
libsysinfo: 0.0.3_2 [pfSense]
openldap26-client: 2.6.4 [pfSense]
pfSense-Status_Monitoring-php82: 1.8_3 [pfSense]
pfSense-boot: 2.7.0 [pfSense-core]
php82: 8.2.6 [pfSense]
php82-bcmath: 8.2.6 [pfSense]
php82-bz2: 8.2.6 [pfSense]
php82-ctype: 8.2.6 [pfSense]
php82-curl: 8.2.6 [pfSense]
php82-dom: 8.2.6 [pfSense]
php82-filter: 8.2.6 [pfSense]
php82-gettext: 8.2.6 [pfSense]
php82-gmp: 8.2.6 [pfSense]
php82-intl: 8.2.6 [pfSense]
php82-ldap: 8.2.6 [pfSense]
php82-mbstring: 8.2.6 [pfSense]
php82-opcache: 8.2.6 [pfSense]
php82-openssl_x509_crl: 1.3_2 [pfSense]
php82-pcntl: 8.2.6 [pfSense]
php82-pdo: 8.2.6 [pfSense]
php82-pdo_sqlite: 8.2.6 [pfSense]
php82-pear: 1.10.13 [pfSense]
php82-pear-Auth_RADIUS: 1.1.0_4 [pfSense]
php82-pear-Cache_Lite: 1.8.3,1 [pfSense]
php82-pear-Crypt_CHAP: 1.5.0_2 [pfSense]
php82-pear-HTTP_Request2: 2.5.1,1 [pfSense]
php82-pear-Mail: 1.4.1,1 [pfSense]
php82-pear-Net_IPv6: 1.3.0.b4_2 [pfSense]
php82-pear-Net_SMTP: 1.10.1 [pfSense]
php82-pear-Net_Socket: 1.2.2 [pfSense]
php82-pear-Net_URL2: 2.2.1 [pfSense]
php82-pear-XML_RPC2: 1.1.5 [pfSense]
php82-pecl-mcrypt: 1.0.6 [pfSense]
php82-pecl-radius: 1.4.0b1_2 [pfSense]
php82-pecl-rrd: 2.0.3 [pfSense]
php82-pfSense-module: 0.95 [pfSense]
php82-phpseclib: 2.0.17 [pfSense]
php82-posix: 8.2.6 [pfSense]
php82-readline: 8.2.6 [pfSense]
php82-session: 8.2.6 [pfSense]
php82-shmop: 8.2.6 [pfSense]
php82-simplexml: 8.2.6 [pfSense]
php82-sockets: 8.2.6 [pfSense]
php82-sqlite3: 8.2.6 [pfSense]
php82-sysvmsg: 8.2.6 [pfSense]
php82-sysvsem: 8.2.6 [pfSense]
php82-sysvshm: 8.2.6 [pfSense]
php82-tokenizer: 8.2.6 [pfSense]
php82-xml: 8.2.6 [pfSense]
php82-xmlreader: 8.2.6 [pfSense]
php82-xmlwriter: 8.2.6 [pfSense]
php82-zlib: 8.2.6 [pfSense]
pkcs11-helper: 1.29.0 [pfSense]
python311: 3.11.3 [pfSense]
whois: 5.5.7 [pfSense]
zstd: 1.5.4_2 [pfSense]
Installed packages to be UPGRADED:
bind-tools: 9.16.23 -> 9.18.14 [pfSense]
ca_root_nss: 3.71 -> 3.89.1 [pfSense]
ccid: 1.4.36 -> 1.5.1 [pfSense]
check_reload_status: 0.0.11 -> 0.0.15 [pfSense]
curl: 7.80.0 -> 8.1.0 [pfSense]
cyrus-sasl: 2.1.27_2 -> 2.1.28 [pfSense]
dbus: 1.12.20_5 -> 1.14.6,1 [pfSense]
devcpu-data: 20211109 -> 20230513 [pfSense]
devcpu-data-amd: 20211115 -> 20230424 [pfSense]
devcpu-data-intel: 20210608 -> 20230512 [pfSense]
dmidecode: 3.3 -> 3.5 [pfSense]
dnsmasq: 2.86,1 -> 2.89_1,1 [pfSense]
dpinger: 3.0 -> 3.3 [pfSense]
expat: 2.4.1 -> 2.5.0 [pfSense]
filterdns: 2.0_5 -> 2.2 [pfSense]
gettext-runtime: 0.21 -> 0.21.1 [pfSense]
glib: 2.70.2,2 -> 2.76.2,2 [pfSense]
hostapd: 2.9_4 -> 2.10_5 [pfSense]
icu: 70.1_1,1 -> 73.1,1 [pfSense]
igmpproxy: 0.3,1 -> 0.4,1 [pfSense]
isc-dhcp44-client: 4.4.2P1 -> 4.4.3P1 [pfSense]
isc-dhcp44-relay: 4.4.2P1 -> 4.4.3P1 [pfSense]
isc-dhcp44-server: 4.4.2P1_1 -> 4.4.3P1 [pfSense]
json-c: 0.15_1 -> 0.16 [pfSense]
ldns: 1.7.1_2 -> 1.8.3 [pfSense]
libedit: 3.1.20210216,1 -> 3.1.20221030,1 [pfSense]
libffi: 3.3_1 -> 3.4.4 [pfSense]
libgcrypt: 1.9.4 -> 1.9.4_1 [pfSense]
libgpg-error: 1.43 -> 1.47 [pfSense]
libiconv: 1.16 -> 1.17 [pfSense]
libidn2: 2.3.2 -> 2.3.4 [pfSense]
libinotify: 20180201_2 -> 20211018 [pfSense]
libltdl: 2.4.6 -> 2.4.7 [pfSense]
liblz4: 1.9.3,1 -> 1.9.4,1 [pfSense]
libnghttp2: 1.46.0 -> 1.52.0 [pfSense]
libssh2: 1.9.0_3,3 -> 1.10.0_1,3 [pfSense]
libunistring: 0.9.10_1 -> 1.1 [pfSense]
libuv: 1.42.0 -> 1.45.0 [pfSense]
libxml2: 2.9.12 -> 2.10.4 [pfSense]
libxslt: 1.1.34_2 -> 1.1.37 [pfSense]
links: 2.20.2_1,1 -> 2.29,1 [pfSense]
lua-resty-core: 0.1.22 -> 0.1.26 [pfSense]
lua-resty-lrucache: 0.11 -> 0.13 [pfSense]
luajit-openresty: 2.1.20210510 -> 2.1.20230410 [pfSense]
miniupnpd: 2.2.1_1,1 -> 2.3.3,1 [pfSense]
mobile-broadband-provider-info: 20210805 -> 20221107 [pfSense]
mpd5: 5.9_6 -> 5.9_16 [pfSense]
nginx: 1.20.2_1,2 -> 1.24.0_6,3 [pfSense]
ntp: 4.2.8p15_3 -> 4.2.8p15_5 [pfSense]
oniguruma: 6.9.7.1 -> 6.9.8_1 [pfSense]
opensc: 0.22.0 -> 0.23.0_1 [pfSense]
openvpn: 2.5.4_1 -> 2.6.4 [pfSense]
openvpn-client-export: 2.5.2 -> 2.5.8 [pfSense]
pcre: 8.45 -> 8.45_3 [pfSense]
pcre2: 10.39 -> 10.42 [pfSense]
pcsc-lite: 1.9.4,2 -> 1.9.9,2 [pfSense]
perl5: 5.32.1_1 -> 5.32.1_3 [pfSense]
pfSense: 2.6.0 -> 2.7.0 [pfSense]
pfSense-base: 2.6.0 -> 2.7.0 [pfSense-core]
pfSense-default-config: 2.6.0 -> 2.7.0 [pfSense-core]
pfSense-kernel-pfSense: 2.6.0 -> 2.7.0 [pfSense-core]
pfSense-pkg-openvpn-client-export: 1.6_4 -> 1.8 [pfSense]
pfSense-rc: 2.6.0 -> 2.7.0 [pfSense-core]
pftop: 0.7_9 -> 0.8_2 [pfSense]
readline: 8.1.1 -> 8.2.1 [pfSense]
rrdtool: 1.7.2_4 -> 1.8.0_2 [pfSense]
smartmontools: 7.2_3 -> 7.3 [pfSense]
sqlite3: 3.35.5_4,1 -> 3.41.2,1 [pfSense]
sshguard: 2.4.2_1,1 -> 2.4.2_2,1 [pfSense]
strongswan: 5.9.4 -> 5.9.10_2 [pfSense]
unbound: 1.13.2 -> 1.17.1_3 [pfSense]
wpa_supplicant: 2.9_11 -> 2.10_6 [pfSense]
Installed packages to be REINSTALLED:
beep-1.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
bsnmp-regex-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
bsnmp-ucd-0.4.5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
bwi-firmware-kmod-3.130.20 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
choparp-20150613 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
cpdup-1.22 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
cpustats-0.1_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
dhcp6-20080615.2_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
dhcpleases-0.5_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
expiretable-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
filterlog-0.1_9 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
iftop-1.0.p4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
indexinfo-0.3.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
ipmitool-1.8.18_3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
libargon2-20190702 [pfSense]
libevent-2.1.12 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
libmcrypt-2.5.8_3 [pfSense]
libucl-0.8.2 [pfSense]
lzo2-2.10_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
minicron-0.0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
mpdecimal-2.5.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
nss_ldap-1.265_14 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
openvpn-auth-script-1.0.0.3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
pam_ldap-186_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
pam_mkhomedir-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
pfSense-repo-2.7.0_1 [pfSense]
pfSense-repoc-20230616 [pfSense]
pfSense-upgrade-1.0_33 [pfSense]
pkg-1.19.1_1 [pfSense]
qstats-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
radvd-2.19_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
rate-0.9_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
scponly-4.8.20110526_5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
ssh_tunnel_shell-0.2_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
uclcmd-0.2.20211204 [pfSense]
voucher-0.1_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
vstr-1.0.15_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
wol-0.7.1_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
wrapalixresetbutton-0.0.8 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
xinetd-2.3.15_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
zip-3.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
Number of packages to be removed: 55
Number of packages to be installed: 60
Number of packages to be upgraded: 72
Number of packages to be reinstalled: 41
The process will require 60 MiB more space.
287 MiB to be downloaded.
[1/168] Fetching unbound-1.17.1_3.pkg: .......... done
[2/168] Fetching isc-dhcp44-client-4.4.3P1.pkg: .......... done
[3/168] Fetching php82-session-8.2.6.pkg: ...... done
[4/168] Fetching php82-gmp-8.2.6.pkg: .... done
[5/168] Fetching wpa_supplicant-2.10_6.pkg: .......... done
[6/168] Fetching nginx-1.24.0_6,3.pkg: .......... done
[7/168] Fetching pfSense-base-2.7.0.pkg: .......... done
[8/168] Fetching mpdecimal-2.5.1.pkg: .......... done
[9/168] Fetching filterlog-0.1_9.pkg: .. done
[10/168] Fetching dpinger-3.3.pkg: .. done
[11/168] Fetching php82-pear-Crypt_CHAP-1.5.0_2.pkg: . done
[12/168] Fetching libidn2-2.3.4.pkg: .......... done
[13/168] Fetching hostapd-2.10_5.pkg: .......... done
[14/168] Fetching filterdns-2.2.pkg: ... done
[15/168] Fetching devcpu-data-20230513.pkg: . done
[16/168] Fetching libxslt-1.1.37.pkg: .......... done
[17/168] Fetching libuv-1.45.0.pkg: .......... done
[18/168] Fetching bsnmp-ucd-0.4.5.pkg: ... done
[19/168] Fetching nss_ldap-1.265_14.pkg: ....... done
[20/168] Fetching lzo2-2.10_1.pkg: .......... done
[21/168] Fetching php82-pear-Net_Socket-1.2.2.pkg: . done
[22/168] Fetching pfSense-rc-2.7.0.pkg: .. done
[23/168] Fetching libunistring-1.1.pkg: .......... done
[24/168] Fetching cpdup-1.22.pkg: .... done
[25/168] Fetching php82-zlib-8.2.6.pkg: ... done
[26/168] Fetching php82-dom-8.2.6.pkg: ......... done
[27/168] Fetching php82-simplexml-8.2.6.pkg: ... done
[28/168] Fetching php82-pfSense-module-0.95.pkg: ..... done
[29/168] Fetching libiconv-1.17.pkg: .......... done
[30/168] Fetching json-c-0.16.pkg: ......... done
[31/168] Fetching devcpu-data-amd-20230424.pkg: ...... done
[32/168] Fetching pam_mkhomedir-0.2.pkg: . done
[33/168] Fetching choparp-20150613.pkg: . done
[34/168] Fetching ldns-1.8.3.pkg: .......... done
[35/168] Fetching lua-resty-core-0.1.26.pkg: .... done
[36/168] Fetching php82-shmop-8.2.6.pkg: .. done
[37/168] Fetching rate-0.9_2.pkg: ....... done
[38/168] Fetching pcsc-lite-1.9.9,2.pkg: .......... done
[39/168] Fetching lua-resty-lrucache-0.13.pkg: . done
[40/168] Fetching qstats-0.2.pkg: . done
[41/168] Fetching pfSense-Status_Monitoring-php82-1.8_3.pkg: ... done
[42/168] Fetching openvpn-2.6.4.pkg: .......... done
[43/168] Fetching cpustats-0.1_1.pkg: . done
[44/168] Fetching php82-pecl-rrd-2.0.3.pkg: .. done
[45/168] Fetching libnghttp2-1.52.0.pkg: .......... done
[46/168] Fetching libxml2-2.10.4.pkg: .......... done
[47/168] Fetching php82-pdo-8.2.6.pkg: ....... done
[48/168] Fetching ipmitool-1.8.18_3.pkg: .......... done
[49/168] Fetching php82-readline-8.2.6.pkg: .. done
[50/168] Fetching php82-curl-8.2.6.pkg: ...... done
[51/168] Fetching bsnmp-regex-0.6_2.pkg: ... done
[52/168] Fetching icu-73.1,1.pkg: .......... done
[53/168] Fetching pfSense-default-config-2.7.0.pkg: . done
[54/168] Fetching php82-pecl-radius-1.4.0b1_2.pkg: .... done
[55/168] Fetching dnsmasq-2.89_1,1.pkg: .......... done
[56/168] Fetching bind-tools-9.18.14.pkg: .......... done
[57/168] Fetching libmcrypt-2.5.8_3.pkg: .......... done
[58/168] Fetching rrdtool-1.8.0_2.pkg: .......... done
[59/168] Fetching openvpn-client-export-2.5.8.pkg: .......... done
[60/168] Fetching pfSense-2.7.0.pkg: . done
[61/168] Fetching libargon2-20190702.pkg: ......... done
[62/168] Fetching radvd-2.19_2.pkg: ....... done
[63/168] Fetching isc-dhcp44-server-4.4.3P1.pkg: .......... done
[64/168] Fetching php82-mbstring-8.2.6.pkg: .......... done
[65/168] Fetching php82-tokenizer-8.2.6.pkg: .. done
[66/168] Fetching ntp-4.2.8p15_5.pkg: .......... done
[67/168] Fetching opensc-0.23.0_1.pkg: .......... done
[68/168] Fetching voucher-0.1_2.pkg: . done
[69/168] Fetching dhcp6-20080615.2_4.pkg: .......... done
[70/168] Fetching libpsl-0.21.2_3.pkg: ........ done
[71/168] Fetching dmidecode-3.5.pkg: ......... done
[72/168] Fetching php82-ldap-8.2.6.pkg: ..... done
[73/168] Fetching pfSense-boot-2.7.0.pkg: .......... done
[74/168] Fetching miniupnpd-2.3.3,1.pkg: .......... done
[75/168] Fetching libevent-2.1.12.pkg: .......... done
[76/168] Fetching ca_root_nss-3.89.1.pkg: .......... done
[77/168] Fetching libinotify-20211018.pkg: .... done
[78/168] Fetching links-2.29,1.pkg: .......... done
[79/168] Fetching python311-3.11.3.pkg: .......... done
[80/168] Fetching wol-0.7.1_4.pkg: .... done
[81/168] Fetching php82-sysvmsg-8.2.6.pkg: .. done
[82/168] Fetching dbus-1.14.6,1.pkg: .......... done
[83/168] Fetching beep-1.0_1.pkg: . done
[84/168] Fetching libedit-3.1.20221030,1.pkg: .......... done
[85/168] Fetching php82-pear-Net_URL2-2.2.1.pkg: ... done
[86/168] Fetching xinetd-2.3.15_2.pkg: .......... done
[87/168] Fetching php82-pear-XML_RPC2-1.1.5.pkg: ........ done
[88/168] Fetching mobile-broadband-provider-info-20221107.pkg: ........ done
[89/168] Fetching vstr-1.0.15_1.pkg: .......... done
[90/168] Fetching php82-posix-8.2.6.pkg: .. done
[91/168] Fetching liblz4-1.9.4,1.pkg: .......... done
[92/168] Fetching libgcrypt-1.9.4_1.pkg: .......... done
[93/168] Fetching iftop-1.0.p4.pkg: ..... done
[94/168] Fetching pkcs11-helper-1.29.0.pkg: .......... done
[95/168] Fetching php82-sockets-8.2.6.pkg: ...... done
[96/168] Fetching php82-8.2.6.pkg: .......... done
[97/168] Fetching pfSense-kernel-pfSense-2.7.0.pkg: .......... done
[98/168] Fetching php82-pear-Cache_Lite-1.8.3,1.pkg: ..... done
[99/168] Fetching php82-sqlite3-8.2.6.pkg: .... done
[100/168] Fetching zstd-1.5.4_2.pkg: .......... done
[101/168] Fetching php82-xmlreader-8.2.6.pkg: ... done
[102/168] Fetching pcre2-10.42.pkg: .......... done
[103/168] Fetching scponly-4.8.20110526_5.pkg: ... done
[104/168] Fetching php82-pear-Net_SMTP-1.10.1.pkg: ... done
[105/168] Fetching libgpg-error-1.47.pkg: .......... done
[106/168] Fetching php82-xml-8.2.6.pkg: ... done
[107/168] Fetching curl-8.1.0.pkg: .......... done
[108/168] Fetching gmp-6.2.1.pkg: .......... done
[109/168] Fetching php82-pcntl-8.2.6.pkg: ... done
[110/168] Fetching expiretable-0.6_2.pkg: . done
[111/168] Fetching igmpproxy-0.4,1.pkg: .... done
[112/168] Fetching gettext-runtime-0.21.1.pkg: .......... done
[113/168] Fetching php82-intl-8.2.6.pkg: .......... done
[114/168] Fetching php82-bcmath-8.2.6.pkg: ... done
[115/168] Fetching php82-pear-Net_IPv6-1.3.0.b4_2.pkg: .. done
[116/168] Fetching bwi-firmware-kmod-3.130.20.pkg: .... done
[117/168] Fetching php82-bz2-8.2.6.pkg: .. done
[118/168] Fetching ssh_tunnel_shell-0.2_1.pkg: .......... done
[119/168] Fetching pkg-1.19.1_1.pkg: .......... done
[120/168] Fetching indexinfo-0.3.1.pkg: . done
[121/168] Fetching cyrus-sasl-2.1.28.pkg: .......... done
[122/168] Fetching libsysinfo-0.0.3_2.pkg: .... done
[123/168] Fetching php82-phpseclib-2.0.17.pkg: .......... done
[124/168] Fetching php82-openssl_x509_crl-1.3_2.pkg: .. done
[125/168] Fetching check_reload_status-0.0.15.pkg: ..... done
[126/168] Fetching dhcpleases-0.5_1.pkg: .. done
[127/168] Fetching php82-sysvshm-8.2.6.pkg: .. done
[128/168] Fetching libltdl-2.4.7.pkg: ..... done
[129/168] Fetching php82-xmlwriter-8.2.6.pkg: ... done
[130/168] Fetching pcre-8.45_3.pkg: .......... done
[131/168] Fetching zip-3.0_1.pkg: .......... done
[132/168] Fetching pfSense-pkg-openvpn-client-export-1.8.pkg: ... done
[133/168] Fetching mpd5-5.9_16.pkg: .......... done
[134/168] Fetching sqlite3-3.41.2,1.pkg: .......... done
[135/168] Fetching minicron-0.0.2.pkg: . done
[136/168] Fetching openldap26-client-2.6.4.pkg: .......... done
[137/168] Fetching php82-gettext-8.2.6.pkg: .. done
[138/168] Fetching whois-5.5.7.pkg: ......... done
[139/168] Fetching glib-2.76.2,2.pkg: .......... done
[140/168] Fetching php82-pecl-mcrypt-1.0.6.pkg: ... done
[141/168] Fetching devcpu-data-intel-20230512.pkg: .......... done
[142/168] Fetching luajit-openresty-2.1.20230410.pkg: .......... done
[143/168] Fetching libsodium-1.0.18.pkg: .......... done
[144/168] Fetching perl5-5.32.1_3.pkg: .......... done
[145/168] Fetching openvpn-auth-script-1.0.0.3.pkg: . done
[146/168] Fetching oniguruma-6.9.8_1.pkg: .......... done
[147/168] Fetching php82-pear-HTTP_Request2-2.5.1,1.pkg: .......... done
[148/168] Fetching pam_ldap-186_1.pkg: ...... done
[149/168] Fetching strongswan-5.9.10_2.pkg: .......... done
[150/168] Fetching readline-8.2.1.pkg: .......... done
[151/168] Fetching libffi-3.4.4.pkg: ...... done
[152/168] Fetching ccid-1.5.1.pkg: ......... done
[153/168] Fetching php82-ctype-8.2.6.pkg: . done
[154/168] Fetching smartmontools-7.3.pkg: .......... done
[155/168] Fetching libssh2-1.10.0_1,3.pkg: .......... done
[156/168] Fetching php82-pear-Mail-1.4.1,1.pkg: ... done
[157/168] Fetching php82-sysvsem-8.2.6.pkg: .. done
[158/168] Fetching wrapalixresetbutton-0.0.8.pkg: . done
[159/168] Fetching isc-dhcp44-relay-4.4.3P1.pkg: .......... done
[160/168] Fetching pftop-0.8_2.pkg: ........ done
[161/168] Fetching expat-2.5.0.pkg: .......... done
[162/168] Fetching php82-opcache-8.2.6.pkg: .......... done
[163/168] Fetching php82-pear-1.10.13.pkg: .......... done
[164/168] Fetching php82-filter-8.2.6.pkg: ... done
[165/168] Fetching php82-pdo_sqlite-8.2.6.pkg: .. done
[166/168] Fetching sshguard-2.4.2_2,1.pkg: .......... done
[167/168] Fetching 7-zip-22.01.pkg: .......... done
[168/168] Fetching php82-pear-Auth_RADIUS-1.1.0_4.pkg: .. done
Checking integrity... done (51 conflicting)
- php82-session-8.2.6 [pfSense] conflicts with php74-session-7.4.26 [installed] on /usr/local/include/php/ext/session/php_session.h
- php82-pear-Crypt_CHAP-1.5.0_2 [pfSense] conflicts with php74-pear-Crypt_CHAP-1.5.0 [installed] on /usr/local/share/pear/Crypt/CHAP.php
- php82-pear-Net_Socket-1.2.2 [pfSense] conflicts with php74-pear-Net_Socket-1.2.2 [installed] on /usr/local/share/doc/pear/Net_Socket/LICENSE
- php82-zlib-8.2.6 [pfSense] conflicts with php74-zlib-7.4.26 [installed] on /usr/local/include/php/ext/zlib/php_zlib.h
- php82-dom-8.2.6 [pfSense] conflicts with php74-dom-7.4.26 [installed] on /usr/local/include/php/ext/dom/dom_ce.h
- php82-simplexml-8.2.6 [pfSense] conflicts with php74-simplexml-7.4.26 [installed] on /usr/local/include/php/ext/simplexml/php_simplexml.h
- php82-pfSense-module-0.95 [pfSense] conflicts with php74-pfSense-module-0.76 [installed] on /usr/local/include/php/ext/pfSense/php_pfSense.h
- php82-shmop-8.2.6 [pfSense] conflicts with php74-shmop-7.4.26 [installed] on /usr/local/include/php/ext/shmop/php_shmop.h
- pfSense-Status_Monitoring-php82-1.8_3 [pfSense] conflicts with pfSense-Status_Monitoring-1.7.11_4 [installed] on /etc/inc/priv/pfSense-Status_Monitoring.priv.inc
- php82-pecl-rrd-2.0.3 [pfSense] conflicts with php74-pecl-rrd-2.0.1_1 [installed] on /usr/local/include/php/ext/rrd/rrd_info.h
- php82-pdo-8.2.6 [pfSense] conflicts with php74-pdo-7.4.26 [installed] on /usr/local/include/php/ext/pdo/php_pdo.h
- php82-readline-8.2.6 [pfSense] conflicts with php74-readline-7.4.26 [installed] on /usr/local/include/php/ext/readline/readline_cli.h
- php82-curl-8.2.6 [pfSense] conflicts with php74-curl-7.4.26 [installed] on /usr/local/include/php/ext/curl/config.h
- php82-pecl-radius-1.4.0b1_2 [pfSense] conflicts with php74-pecl-radius-1.4.0b1_1 [installed] on /usr/local/include/php/ext/radius/radius_init_const.h
- php82-mbstring-8.2.6 [pfSense] conflicts with php74-mbstring-7.4.26 [installed] on /usr/local/include/php/ext/mbstring/php_mbregex.h
- php82-tokenizer-8.2.6 [pfSense] conflicts with php74-tokenizer-7.4.26 [installed] on /usr/local/include/php/ext/tokenizer/config.h
- php82-ldap-8.2.6 [pfSense] conflicts with php74-ldap-7.4.26 [installed] on /usr/local/include/php/ext/ldap/config.h
- php82-sysvmsg-8.2.6 [pfSense] conflicts with php74-sysvmsg-7.4.26 [installed] on /usr/local/include/php/ext/sysvmsg/config.h
- php82-pear-Net_URL2-2.2.1 [pfSense] conflicts with php74-pear-Net_URL2-2.2.1 [installed] on /usr/local/share/doc/pear/Net_URL2/docs/6470.php
- php82-pear-XML_RPC2-1.1.5 [pfSense] conflicts with php74-pear-XML_RPC2-1.1.4 [installed] on /usr/local/share/doc/pear/XML_RPC2/docs/Makefile
- php82-posix-8.2.6 [pfSense] conflicts with php74-posix-7.4.26 [installed] on /usr/local/include/php/ext/posix/config.h
- php82-sockets-8.2.6 [pfSense] conflicts with php74-sockets-7.4.26 [installed] on /usr/local/include/php/ext/sockets/sendrecvmsg.h
- php82-8.2.6 [pfSense] conflicts with php74-7.4.26 [installed] on /usr/local/bin/php
- php82-8.2.6 [pfSense] conflicts with php74-json-7.4.26 [installed] on /usr/local/include/php/ext/json/php_json.h
- php82-pear-Cache_Lite-1.8.3,1 [pfSense] conflicts with php74-pear-Cache_Lite-1.8.3,1 [installed] on /usr/local/share/doc/pear/Cache_Lite/LICENSE
- php82-sqlite3-8.2.6 [pfSense] conflicts with php74-sqlite3-7.4.26 [installed] on /usr/local/include/php/ext/sqlite3/config.h
- php82-xmlreader-8.2.6 [pfSense] conflicts with php74-xmlreader-7.4.26 [installed] on /usr/local/include/php/ext/xmlreader/config.h
- php82-pear-Net_SMTP-1.10.1 [pfSense] conflicts with php74-pear-Net_SMTP-1.10.0 [installed] on /usr/local/share/doc/pear/Net_SMTP/LICENSE
- php82-xml-8.2.6 [pfSense] conflicts with php74-xml-7.4.26 [installed] on /usr/local/include/php/ext/xml/php_xml.h
- php82-pcntl-8.2.6 [pfSense] conflicts with php74-pcntl-7.4.26 [installed] on /usr/local/include/php/ext/pcntl/php_pcntl.h
- php82-intl-8.2.6 [pfSense] conflicts with php74-intl-7.4.26 [installed] on /usr/local/include/php/ext/intl/intl_error.h
- php82-bcmath-8.2.6 [pfSense] conflicts with php74-bcmath-7.4.26 [installed] on /usr/local/include/php/ext/bcmath/config.h
- php82-pear-Net_IPv6-1.3.0.b4_2 [pfSense] conflicts with php74-pear-Net_IPv6-1.3.0.b2_2 [installed] on /usr/local/share/pear/Net/IPv6.php
- php82-bz2-8.2.6 [pfSense] conflicts with php74-bz2-7.4.26 [installed] on /usr/local/include/php/ext/bz2/php_bz2.h
- php82-phpseclib-2.0.17 [pfSense] conflicts with php74-phpseclib-2.0.17 [installed] on /usr/local/www/phpseclib/Crypt/AES.php
- php82-openssl_x509_crl-1.3_2 [pfSense] conflicts with php74-openssl_x509_crl-1.3 [installed] on /usr/local/share/openssl_x509_crl/ASN1.php
- php82-sysvshm-8.2.6 [pfSense] conflicts with php74-sysvshm-7.4.26 [installed] on /usr/local/include/php/ext/sysvshm/php_sysvshm.h
- php82-xmlwriter-8.2.6 [pfSense] conflicts with php74-xmlwriter-7.4.26 [installed] on /usr/local/include/php/ext/xmlwriter/config.h
- openldap26-client-2.6.4 [pfSense] conflicts with openldap24-client-2.4.59_4 [installed] on /usr/local/bin/ldapadd
- php82-gettext-8.2.6 [pfSense] conflicts with php74-gettext-7.4.26 [installed] on /usr/local/include/php/ext/gettext/php_gettext.h
- php82-pecl-mcrypt-1.0.6 [pfSense] conflicts with php74-pecl-mcrypt-1.0.4 [installed] on /usr/local/include/php/ext/mcrypt/php_mcrypt.h
- php82-pear-HTTP_Request2-2.5.1,1 [pfSense] conflicts with php74-pear-HTTP_Request2-2.5.0,1 [installed] on /usr/local/share/doc/pear/HTTP_Request2/LICENSE
- php82-ctype-8.2.6 [pfSense] conflicts with php74-ctype-7.4.26 [installed] on /usr/local/include/php/ext/ctype/config.h
- php82-pear-Mail-1.4.1,1 [pfSense] conflicts with php74-pear-Mail-1.4.1,1 [installed] on /usr/local/share/doc/pear/Mail/LICENSE
- php82-sysvsem-8.2.6 [pfSense] conflicts with php74-sysvsem-7.4.26 [installed] on /usr/local/include/php/ext/sysvsem/php_sysvsem.h
- php82-opcache-8.2.6 [pfSense] conflicts with php74-opcache-7.4.26 [installed] on /usr/local/include/php/ext/opcache/zend_file_cache.h
- php82-pear-1.10.13 [pfSense] conflicts with php74-pear-1.10.12 [installed] on /usr/local/bin/pear
- php82-filter-8.2.6 [pfSense] conflicts with php74-filter-7.4.26 [installed] on /usr/local/include/php/ext/filter/filter_private.h
- php82-pdo_sqlite-8.2.6 [pfSense] conflicts with php74-pdo_sqlite-7.4.26 [installed] on /usr/local/include/php/ext/pdo_sqlite/php_pdo_sqlite.h
- 7-zip-22.01 [pfSense] conflicts with p7zip-16.02_3 [installed] on /usr/local/bin/7z
- php82-pear-Auth_RADIUS-1.1.0_4 [pfSense] conflicts with php74-pear-Auth_RADIUS-1.1.0_4 [installed] on /usr/local/share/doc/pear/Auth_RADIUS/examples/radius-acct.php
Checking integrity... done (0 conflicting)
Conflicts with the existing packages have been found.
One more solver iteration is needed to resolve them.
The following 229 package(s) will be affected (of 0 checked):
Installed packages to be REMOVED:
openldap24-client: 2.4.59_4
p7zip: 16.02_3
pfSense-Status_Monitoring: 1.7.11_4
php74: 7.4.26
php74-bcmath: 7.4.26
php74-bz2: 7.4.26
php74-ctype: 7.4.26
php74-curl: 7.4.26
php74-dom: 7.4.26
php74-filter: 7.4.26
php74-gettext: 7.4.26
php74-intl: 7.4.26
php74-json: 7.4.26
php74-ldap: 7.4.26
php74-mbstring: 7.4.26
php74-opcache: 7.4.26
php74-openssl: 7.4.26
php74-openssl_x509_crl: 1.3
php74-pcntl: 7.4.26
php74-pdo: 7.4.26
php74-pdo_sqlite: 7.4.26
php74-pear: 1.10.12
php74-pear-Auth_RADIUS: 1.1.0_4
php74-pear-Cache_Lite: 1.8.3,1
php74-pear-Crypt_CHAP: 1.5.0
php74-pear-HTTP_Request2: 2.5.0,1
php74-pear-Mail: 1.4.1,1
php74-pear-Net_IPv6: 1.3.0.b2_2
php74-pear-Net_SMTP: 1.10.0
php74-pear-Net_Socket: 1.2.2
php74-pear-Net_URL2: 2.2.1
php74-pear-XML_RPC2: 1.1.4
php74-pecl-mcrypt: 1.0.4
php74-pecl-radius: 1.4.0b1_1
php74-pecl-rrd: 2.0.1_1
php74-pfSense-module: 0.76
php74-phpseclib: 2.0.17
php74-posix: 7.4.26
php74-readline: 7.4.26
php74-session: 7.4.26
php74-shmop: 7.4.26
php74-simplepie: 1.5.1_1
php74-simplexml: 7.4.26
php74-sockets: 7.4.26
php74-sqlite3: 7.4.26
php74-sysvmsg: 7.4.26
php74-sysvsem: 7.4.26
php74-sysvshm: 7.4.26
php74-tokenizer: 7.4.26
php74-xml: 7.4.26
php74-xmlreader: 7.4.26
php74-xmlwriter: 7.4.26
php74-zlib: 7.4.26
py38-ply: 3.11
py38-setuptools: 57.0.0
python38: 3.8.12_1
New packages to be INSTALLED:
7-zip: 22.01 [pfSense]
gmp: 6.2.1 [pfSense]
libpsl: 0.21.2_3 [pfSense]
libsodium: 1.0.18 [pfSense]
libsysinfo: 0.0.3_2 [pfSense]
openldap26-client: 2.6.4 [pfSense]
pfSense-Status_Monitoring-php82: 1.8_3 [pfSense]
pfSense-boot: 2.7.0 [pfSense-core]
php82: 8.2.6 [pfSense]
php82-bcmath: 8.2.6 [pfSense]
php82-bz2: 8.2.6 [pfSense]
php82-ctype: 8.2.6 [pfSense]
php82-curl: 8.2.6 [pfSense]
php82-dom: 8.2.6 [pfSense]
php82-filter: 8.2.6 [pfSense]
php82-gettext: 8.2.6 [pfSense]
php82-gmp: 8.2.6 [pfSense]
php82-intl: 8.2.6 [pfSense]
php82-ldap: 8.2.6 [pfSense]
php82-mbstring: 8.2.6 [pfSense]
php82-opcache: 8.2.6 [pfSense]
php82-openssl_x509_crl: 1.3_2 [pfSense]
php82-pcntl: 8.2.6 [pfSense]
php82-pdo: 8.2.6 [pfSense]
php82-pdo_sqlite: 8.2.6 [pfSense]
php82-pear: 1.10.13 [pfSense]
php82-pear-Auth_RADIUS: 1.1.0_4 [pfSense]
php82-pear-Cache_Lite: 1.8.3,1 [pfSense]
php82-pear-Crypt_CHAP: 1.5.0_2 [pfSense]
php82-pear-HTTP_Request2: 2.5.1,1 [pfSense]
php82-pear-Mail: 1.4.1,1 [pfSense]
php82-pear-Net_IPv6: 1.3.0.b4_2 [pfSense]
php82-pear-Net_SMTP: 1.10.1 [pfSense]
php82-pear-Net_Socket: 1.2.2 [pfSense]
php82-pear-Net_URL2: 2.2.1 [pfSense]
php82-pear-XML_RPC2: 1.1.5 [pfSense]
php82-pecl-mcrypt: 1.0.6 [pfSense]
php82-pecl-radius: 1.4.0b1_2 [pfSense]
php82-pecl-rrd: 2.0.3 [pfSense]
php82-pfSense-module: 0.95 [pfSense]
php82-phpseclib: 2.0.17 [pfSense]
php82-posix: 8.2.6 [pfSense]
php82-readline: 8.2.6 [pfSense]
php82-session: 8.2.6 [pfSense]
php82-shmop: 8.2.6 [pfSense]
php82-simplexml: 8.2.6 [pfSense]
php82-sockets: 8.2.6 [pfSense]
php82-sqlite3: 8.2.6 [pfSense]
php82-sysvmsg: 8.2.6 [pfSense]
php82-sysvsem: 8.2.6 [pfSense]
php82-sysvshm: 8.2.6 [pfSense]
php82-tokenizer: 8.2.6 [pfSense]
php82-xml: 8.2.6 [pfSense]
php82-xmlreader: 8.2.6 [pfSense]
php82-xmlwriter: 8.2.6 [pfSense]
php82-zlib: 8.2.6 [pfSense]
pkcs11-helper: 1.29.0 [pfSense]
python311: 3.11.3 [pfSense]
whois: 5.5.7 [pfSense]
zstd: 1.5.4_2 [pfSense]
Installed packages to be UPGRADED:
bind-tools: 9.16.23 -> 9.18.14 [pfSense]
ca_root_nss: 3.71 -> 3.89.1 [pfSense]
ccid: 1.4.36 -> 1.5.1 [pfSense]
check_reload_status: 0.0.11 -> 0.0.15 [pfSense]
curl: 7.80.0 -> 8.1.0 [pfSense]
cyrus-sasl: 2.1.27_2 -> 2.1.28 [pfSense]
dbus: 1.12.20_5 -> 1.14.6,1 [pfSense]
devcpu-data: 20211109 -> 20230513 [pfSense]
devcpu-data-amd: 20211115 -> 20230424 [pfSense]
devcpu-data-intel: 20210608 -> 20230512 [pfSense]
dmidecode: 3.3 -> 3.5 [pfSense]
dnsmasq: 2.86,1 -> 2.89_1,1 [pfSense]
dpinger: 3.0 -> 3.3 [pfSense]
expat: 2.4.1 -> 2.5.0 [pfSense]
filterdns: 2.0_5 -> 2.2 [pfSense]
gettext-runtime: 0.21 -> 0.21.1 [pfSense]
glib: 2.70.2,2 -> 2.76.2,2 [pfSense]
hostapd: 2.9_4 -> 2.10_5 [pfSense]
icu: 70.1_1,1 -> 73.1,1 [pfSense]
igmpproxy: 0.3,1 -> 0.4,1 [pfSense]
isc-dhcp44-client: 4.4.2P1 -> 4.4.3P1 [pfSense]
isc-dhcp44-relay: 4.4.2P1 -> 4.4.3P1 [pfSense]
isc-dhcp44-server: 4.4.2P1_1 -> 4.4.3P1 [pfSense]
json-c: 0.15_1 -> 0.16 [pfSense]
ldns: 1.7.1_2 -> 1.8.3 [pfSense]
libedit: 3.1.20210216,1 -> 3.1.20221030,1 [pfSense]
libffi: 3.3_1 -> 3.4.4 [pfSense]
libgcrypt: 1.9.4 -> 1.9.4_1 [pfSense]
libgpg-error: 1.43 -> 1.47 [pfSense]
libiconv: 1.16 -> 1.17 [pfSense]
libidn2: 2.3.2 -> 2.3.4 [pfSense]
libinotify: 20180201_2 -> 20211018 [pfSense]
libltdl: 2.4.6 -> 2.4.7 [pfSense]
liblz4: 1.9.3,1 -> 1.9.4,1 [pfSense]
libnghttp2: 1.46.0 -> 1.52.0 [pfSense]
libssh2: 1.9.0_3,3 -> 1.10.0_1,3 [pfSense]
libunistring: 0.9.10_1 -> 1.1 [pfSense]
libuv: 1.42.0 -> 1.45.0 [pfSense]
libxml2: 2.9.12 -> 2.10.4 [pfSense]
libxslt: 1.1.34_2 -> 1.1.37 [pfSense]
links: 2.20.2_1,1 -> 2.29,1 [pfSense]
lua-resty-core: 0.1.22 -> 0.1.26 [pfSense]
lua-resty-lrucache: 0.11 -> 0.13 [pfSense]
luajit-openresty: 2.1.20210510 -> 2.1.20230410 [pfSense]
miniupnpd: 2.2.1_1,1 -> 2.3.3,1 [pfSense]
mobile-broadband-provider-info: 20210805 -> 20221107 [pfSense]
mpd5: 5.9_6 -> 5.9_16 [pfSense]
nginx: 1.20.2_1,2 -> 1.24.0_6,3 [pfSense]
ntp: 4.2.8p15_3 -> 4.2.8p15_5 [pfSense]
oniguruma: 6.9.7.1 -> 6.9.8_1 [pfSense]
opensc: 0.22.0 -> 0.23.0_1 [pfSense]
openvpn: 2.5.4_1 -> 2.6.4 [pfSense]
openvpn-client-export: 2.5.2 -> 2.5.8 [pfSense]
pcre: 8.45 -> 8.45_3 [pfSense]
pcre2: 10.39 -> 10.42 [pfSense]
pcsc-lite: 1.9.4,2 -> 1.9.9,2 [pfSense]
perl5: 5.32.1_1 -> 5.32.1_3 [pfSense]
pfSense: 2.6.0 -> 2.7.0 [pfSense]
pfSense-base: 2.6.0 -> 2.7.0 [pfSense-core]
pfSense-default-config: 2.6.0 -> 2.7.0 [pfSense-core]
pfSense-kernel-pfSense: 2.6.0 -> 2.7.0 [pfSense-core]
pfSense-pkg-openvpn-client-export: 1.6_4 -> 1.8 [pfSense]
pfSense-rc: 2.6.0 -> 2.7.0 [pfSense-core]
pftop: 0.7_9 -> 0.8_2 [pfSense]
readline: 8.1.1 -> 8.2.1 [pfSense]
rrdtool: 1.7.2_4 -> 1.8.0_2 [pfSense]
smartmontools: 7.2_3 -> 7.3 [pfSense]
sqlite3: 3.35.5_4,1 -> 3.41.2,1 [pfSense]
sshguard: 2.4.2_1,1 -> 2.4.2_2,1 [pfSense]
strongswan: 5.9.4 -> 5.9.10_2 [pfSense]
unbound: 1.13.2 -> 1.17.1_3 [pfSense]
wpa_supplicant: 2.9_11 -> 2.10_6 [pfSense]
Installed packages to be REINSTALLED:
beep-1.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
bsnmp-regex-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
bsnmp-ucd-0.4.5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
bwi-firmware-kmod-3.130.20 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
choparp-20150613 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
cpdup-1.22 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
cpustats-0.1_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
dhcp6-20080615.2_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
dhcpleases-0.5_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
expiretable-0.6_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
filterlog-0.1_9 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
iftop-1.0.p4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
indexinfo-0.3.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
ipmitool-1.8.18_3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
libargon2-20190702 [pfSense]
libevent-2.1.12 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
libmcrypt-2.5.8_3 [pfSense]
libucl-0.8.2 [pfSense]
lzo2-2.10_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
minicron-0.0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
mpdecimal-2.5.1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
nss_ldap-1.265_14 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
openvpn-auth-script-1.0.0.3 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
pam_ldap-186_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
pam_mkhomedir-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
pfSense-repo-2.7.0_1 [pfSense]
pfSense-repoc-20230616 [pfSense]
pfSense-upgrade-1.0_33 [pfSense]
pkg-1.19.1_1 [pfSense]
qstats-0.2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
radvd-2.19_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
rate-0.9_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
scponly-4.8.20110526_5 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
ssh_tunnel_shell-0.2_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
uclcmd-0.2.20211204 [pfSense]
voucher-0.1_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
vstr-1.0.15_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
wol-0.7.1_4 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
wrapalixresetbutton-0.0.8 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
xinetd-2.3.15_2 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
zip-3.0_1 [pfSense] (ABI changed: 'freebsd:12:x86:64' -> 'freebsd:14:x86:64')
Number of packages to be removed: 56
Number of packages to be installed: 60
Number of packages to be upgraded: 72
Number of packages to be reinstalled: 41
The process will require 54 MiB more space.
>>> Downloading pkg...
No packages are required to be fetched.
Integrity check was successful.
>>> Locking package pkg... done.
>>> Upgrading pfSense-boot...>>> Unmounting /boot/efi... done.
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
New packages to be INSTALLED:
pfSense-boot: 2.7.0 [pfSense-core]
Number of packages to be installed: 1
The process will require 6 MiB more space.
[1/1] Installing pfSense-boot-2.7.0...
[1/1] Extracting pfSense-boot-2.7.0: .......... done
Updating the EFI loader
>>> Upgrading pfSense-rc...
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
pfSense-rc: 2.6.0 -> 2.7.0 [pfSense-core]
Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-rc from 2.6.0 to 2.7.0...
===> Setting net.pf.request_maxcount=400000
[1/1] Extracting pfSense-rc-2.7.0: ...... done
>>> Upgrading pfSense kernel...
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):
Installed packages to be UPGRADED:
pfSense-kernel-pfSense: 2.6.0 -> 2.7.0 [pfSense-core]
Number of packages to be upgraded: 1
The operation will free 110 MiB.
[1/1] Upgrading pfSense-kernel-pfSense from 2.6.0 to 2.7.0...
[1/1] Extracting pfSense-kernel-pfSense-2.7.0: .......... done
===> Keeping a copy of current kernel in /boot/kernel.old
>>> Removing unnecessary packages... done.
>>> Activating boot environment default... done.
System is going to be upgraded. Rebooting in 10 seconds.
>>> Unlocking package pkg... done.
Success
最後に
pfSense CEはいずれどこかの時点で終了するだろうという見方が今も多いので
pfSense CEが更新されたというだけでCEユーザは一安心というところですが
やはりpfSense CEの更新ペースが1年半というのはなかなか悩ましい問題です
ちなみにpfSense Plusの方はどういう更新ペースだったか確認してみると
pfSense CE 2.6.0と同時リリースされたのがpfSense Plus 22.01
今回の2.7.0と同時リリースされたのがpfSense Plus 23.05.1
この間に22.05と23.01のリリースがされていて
年数.月の表記でわかるように大体半年に1回の更新ペースとなってます
今後もpfSense CEがこの更新ペースになるのかは全くわかりませんし
致命的な問題があれば当然すぐ更新されると思ってますが
もし何もなければ次は1年半後の2025年に2.8.0リリースとなる可能性も覚悟しつつ
とりあえずしばらくは2.7.0で運用していこうと思います
コメント