pfSenseをアップデート 2.4.3_1→2.4.4

pfSenseをアップデートした記録 2.4.3_1→2.4.4

アップデート内容確認

2.4.3_1(2.4.3-p1)から2.4.4にアップデートします

変更点を確認
Releases — 2.4.4 New Features and Changes | pfSense Documentation
https://www.netgate.com/docs/pfsense/releases/2-4-4-new-features-and-changes.html

Significant Changes
OS Upgrade: Base Operating System upgraded to FreeBSD 11.2-RELEASE-p3. As a part of moving to FreeBSD 11.2, new hardware support is included for C3000-based hardware.
PHP 7.2: PHP upgraded to 7.2, which required numerous changes to syntax throughout the source code and packages.
Routed IPsec (VTI): Routed IPsec is now possible using using FreeBSD if_ipsec(4) Virtual Tunnel Interfaces (VTI). #8544 (See also: Routed IPsec (VTI))
IPsec Speed Improvements: The new Asynchronous Cryptography option under the IPsec Advanced Settings tab can dramatically improve IPsec performance on multi-core hardware #8772
Default Gateway Group: The default gateway may now be configured using a Gateway Group setup for failover (each gateway on a different tier), which replaces Default Gateway Switching. #8187
Limiter AQM/Queue Schedulers: Limiters now include support for several Active Queue Management (AQM) methods and Queue Scheduler configurations such as FQ_CODEL. #6620 (See also: pfSense PR #3941)
Certificate Subject Requirements: The Certificate Manager and OpenVPN wizard now only require the Common Name to be set, and all other fields are optional. #8381
AutoConfigBackup is free!: AutoConfigBackup now integrated and free for all to use. (See also: Using the AutoConfigBackup Service)
DNS over TLS: The DNS Resolver now includes support for DNS over TLS as both a client and a server, including for domain overrides. #8388 #8030 #8431
Captive Portal Authentication: Captive Portal authentication is now integrated with the User Manager system. Captive Portal instances may now use RADIUS, LDAP, or Local Authentication like other integrated services. The firewall will migrate existing Captive Portal RADIUS settings to the User Manager automatically on upgrade.
Captive Portal HTML Design and Usability: The default Captive Portal page has been redesigned. Controls have also been added which allow for the logo and background images and Terms of Service text to be customized without editing and uploading custom HTML code. #8793
Integrated Switch Improvements: Netgate devices with integrated switches such as the SG-3100 and XG-7100 can now configure per-port speed and duplex settings, discrete port configuration interfaces can now be tied to switch ports for up/down status, and LAGG support is also now available (Failover mode only)

Security
FreeBSD SA for CVE-2018-6922: Resource exhaustion in TCP reassembly FreeBSD-SA-18:08.tcp
FreeBSD SA for CVE-2018-3620, CVE-2018-3646: L1 Terminal Fault (L1TF) Kernel Information Disclosure FreeBSD-SA-18:09.l1tf
FreeBSD SA for CVE-2018-6923: Resource exhaustion in IP fragment reassembly FreeBSD-SA-18:10.ip
FreeBSD SA for CVE-2018-14526: Unauthenticated EAPOL-Key Decryption Vulnerability FreeBSD-SA-18:11.hostapd
FreeBSD SA for CVE-2018-6924: Improper ELF header parsing FreeBSD-SA-18:12.elf
FreeBSD errata notice for LazyFPU remediation causing potential data corruption FreeBSD-EN-18:08.lazyfpu
Fixed a potential XSS vulnerability via GUI rule separators pfSense-SA-18_06.webgui #8654
Fixed a potential XSS via custom GUI/dashboard settings pfSense-SA-18_07.webgui #8726
Fixed a potential authenticated ACE vulnerability pfSense-SA-18_08.webgui #8843
Upgraded strongSwan to 5.6.3 to address a buffer underflow leading to denial of service (CVE-2018-5388) #8746
Updated default cryptographic settings for OpenVPN, IPsec, and Certificates #8594
Changed the included DH groups to those defined in RFC 7919 #8582
Added stronger IPsec Pre-Shared Key usage warnings, and a button to generate a secure PSK #8667
Disabled OpenVPN compression by default on new instances for security reasons due to VORACLE – Users should strongly consider disabling compression on OpenVPN instances if they pass unencrypted data such as HTTP to arbitrary Internet sites #8788
Patched OpenSSH for CVE-2018-15473, username enumeration/disclosure through malformed packets.
Changed from sshlockout_pf to sshguard for monitoring failed logins and locking out offenders, this allows the lockout to work on IPv4 and IPv6 and also terminates states when adding offenders to the block list #7694 #7695
Removed options for the deprecated FEC LAGG Protocol #8734

Certificates
Changed the Certificate Manager and OpenVPN wizard to only require the Common Name for the CA/Cert subject #8381
Updated default cryptographic settings Certificates #8594
Added support for OCSP Must-Staple certificates in the GUI (and ACME package) #8418
Changed CRL support from using an abandoned PHP OpenSSL module patch to a pure PHP implementation compatible with PHP 7.2 #8762
Fixed issues with several areas not properly parsing CA fields properly when they were not in the expected order #8801
Changed the default CA and Certificate create action from “Import…” to “Create an internal…” #8851


DNS
Added DNS over TLS for upstream forwarders to the DNS Resolver #8388
Added DNS over TLS server support to the DNS Resolver #8030
Added DNS over TLS options for DNS Resolver Domain Override #8431
Fixed editing DNS Resolver ACLs in non-English languages #8539
Added a DNS Resolver status page #8430
Clarified that “Register DHCP leases in the DNS Resolver” only works for IPv4 addresses #8592
Added IPv6 representation of IPv4 addresses in DNS Resolver DNS Rebinding checks #8750
Fixed disabling the DHCP Server on interfaces when the DNS Resolver DHCP Registration option is enabled (Only one enabled interface is required) #8120
Added advanced option for qname-minimization to the DNS Resolver #8028
Fixed an issue with IDs when editing or deleting DNS Forwarder host override entries #8767

Dynamic DNS
Added Dynamic DNS client for DigitalOcean DNS #8478
Fixed Dynamic DNS clients usage of custom check IP services #8664
Added Dynamic DNS client for Azure #7769
Updated DNSimple Dynamic DNS client to use DNSimple API v2 #8071
Fixed handling of username and password fields for custom Dynamic DNS entries #8782

Routing/Gateways
Added the ability to set a Gateway Group as the default gateway. #3781 #8187
Extended the maximum Gateway monitoring Probe Interval #8593
Fixed handling of Gateway Group Trigger Level #8586
Fixed inconsistency in display and usage of units for Gateway latency #8477
Upgraded FRR to 5.0.1 for compatibility with FreeBSD 11.2 #8449
Fixed FRR BGP MD5 support #8407
Fixed handling of Router Advertisement preferences #6237

IPsec
Added routed IPsec using FreeBSD if_ipsec(4) VTI #8544
Added a GUI option to the IPsec Advanced Settings tab for Asynchronous Cryptography which can dramatically improve IPsec crypto operation performance on multi-core hardware #8772
Added IPsec identifiers to Status > IPsec #8598
Fixed a JavaScript variable issue in IPsec IKE Phase 1 causing the Key Length field to be blank in some browsers such as IE #8543
Added IPsec mobile client options to configure different (virtual) IP addresses per user #8292
Added IPsec mobile client options to configure different DNS servers per user #8644
Updated default cryptographic settings for IPsec #8594
Changed the default behavior of an IPsec Phase 1 to rekey as needed #8540
Fixed handling of per-user IPsec rules from an authentication server #8765
Added warnings and hints to IPsec encryption and hash choices about potentially insecure selections #8766
Fixed an issue with handling IP Alias VIPs with CARP parent after an interface up/down event #8768

OpenVPN
Disabled compression by default for new OpenVPN client and server instances for security reasons #8788
Changed OpenVPN Authentication to use an asynchronous authentication plugin which avoids stalling server traffic during the authentication process, especially noticeable on down/broken authentication servers #7905
Fixed display of Bridge Route Gateway options on OpenVPN tap bridge servers #8658
Fixed handling of LDAP fields in the OpenVPN wizard and brought the options in line with current LDAP server options #8605
Updated default cryptographic settings for OpenVPN #8594
Added missing OpenVPN compression options (stub-v2 and plain compress) #8788

DHCP Server
Fixed validation of custom DHCP options #8534
Fixed a situation where DHCPv6 was configured for LAN when the LAN interface was not assigned #8048
Fixed an issue with XMLRPC synchronization of DHCP static mappings #8721

Interfaces / VIPs
Removed IPv4 and IPv6 settings from the Interface configuration for assigned OpenVPN/GIF/GRE/Routed IPsec instances, since the IP addresses are managed by the parent config not interfaces.php #8687
Fixed an HTTP_REFERER issue when changing the LAN IP address in the Setup Wizard #8524
Fixed an HTTP_REFERER issue when changing an interface IP address while accessing the GUI from the same interface #8822
Fixed handling of the FreeBSD 11.2-BETA dhclient MTU value #8507
Added PPPoE multi-link over single link to allow users with a supported provider to have a larger MTU #8737
Fixed a PPPoE MTU issue with ORANGE FR #8595
Fixed QinQ interface assignment #8446
Fixed radvd/IPv6 when using a LAN bridge #8429
Fixed deleting IP Alias VIPs outside an interface subnet where a gateway exists in the same subnet #4438
Fixed handling of IP Alias and CARP VIP subnet mask/prefix autodetection #8741
Fixed a panic in IPv6 fragment logging #8499
Fixed handling of DHCP option 77 in the DHCP client #7425
Fixed deleting Interface Group members which are disabled #8800
Fixed MAC address spoofing for bridge interfaces #8138
Fixed an issue with string termination when creating interfaces through the pfSense PHP module #8683
Fixed an issue where changing a LAGG could cause a VLAN using that LAGG as a parent interface to lose its association with the LAGG #8527

Integrated Switches
Added GUI controls to configure LAGG on integrated switch ports (Load Balance mode only)
Added GUI controls to configure Speed/Duplex for switch ports on integrated switches
Added the ability to tie the status of an assigned VLAN interface to a switch port for integrated switches
Added Switch Status to status.php for platforms with a switch #8525
Fixed an issue switching between Port VLAN and 802.1q VLAN mode on integrated switches #8422
Fixed an SNMP error on hardware with integrated switches #8600
Added Preserve Switch Configuration option when restoring config.xml to keep the current active switch settings instead of those from the imported configuration to help with hardware transitions

Hardware/Platform
Added support for the new SG-5100
Fixed an issue with ARM hardware not completely halting when shut down (SG-3100 and SG-1000)
Fixed HDMI hotplug issues on Minnowboard Turbot hardware (MBT-2220 and MBT-4220)
Fixed SG-1000 autonegotiation for 10baseT speed and duplex #7532

User Management / Authentication
Added a visible warning to the user when default password has not been changed #8596
Fixed configuration descriptions user management operations and added logging #8548
Fixed escaping of LDAP search parameters #8626
Fixed an OS issue with adding a group to a user when creating the user #8553
Fixed handling of LDAP bind credentials #8583
Removed some legacy code from auth.inc #8742
Fixed Group selections after an input error in the User Manager #8622
Fixed inconsistent usage of sshdkeyonly in system_advanced_admin.php #8403
Added SSH configuration option to require both Key and Username+Password authentication at the same time #8402
Replaced radius.inc by pear-Auth_RADIUS #7024
Fixed synchronization of User Manager group scope and operating system groups #7013
Fixed logging and display of GUI user authentication source IP address when the user logs in through a proxy #8813
Fixed logging and display of GUI user authentication sources to show what source authorized the login (e.g. LDAP, RADIUS, Local, Fallback) #8816

Captive Portal
Integrated Captive Portal authentication into the User Manager to enable support for LDAP #5112
Updated Captive Portal HTML/CSS to a modern design and added controls to customize images and ToS without uploading custom HTML #8793
Fixed deleting Allowed Hostnames and Allowed IP Addresses entries in Captive Portal when a zone is disabled #8530
Added support for setting Captive Portal traffic quotas #8202
Added display of a custom username when Captive Portal is set to None for the authentication type #8361
Changed handling of Called-Station-Id/Calling-Station ID to send a MAC address instead of IP address when using RADIUS authentication #4294
Changed to a standardized NAS-Identifier when using RADIUS authentication #3686
Corrected accounting updates not being sent when expected #8655
Fixed an issue with XMLRPC synchronization of Captive Portal settings #8806

WebGUI / Dashboard
Enabled HTTP2 for the Web GUI server #8552
Updated the text and links in the HTML footer #8733
Fixed display of available swap with multiple swap disks in the System Information Dashboard widget #8587
Updated text in the Setup Wizard #8753
Moved the simplepie RSS reader code to a FreeBSD port for easier updates #6998
Fixed handling of the Inverse option in the Traffic Graphs Dashboard Widget #8367
Fixed issues with the GUI following upgrade progress #8519
Added a line to display the current GUI user viewing the Dashboard in the System Information Widget #8817

Firewall Rules / NAT / Shaping
Added CoDel, FQ-CoDel, PIE and FQ-PIE AQMs to limiters #6620
Fixed firewall ruleset errors related to VIPs and outbound rules #8518 #8408
Added validation for IPv6 NPt input #8575
Fixed a race condition in NAT reflection filter rules that could lead to a ruleset load failure #8604
Fixed viewing the list of Port Forwards when a user only has the “WebCfg - Firewall: NAT: Port Forward” privilege #8563
Fixed an issue with default field selection when editing Firewall Rules #8597
Added code to prevent nested alias loops #8101
Added interface groups support for NAT rules #1933
Fixed a case where invalid IPv6 NAT rules could be generated #8437
Fixed a case where IPv6 Neighbor Discovery and other similar valid messages sent from the unspecified address (::) were not allowed by default #8791
Added Select All functionality to firewall and NAT rules #8812
Fixed IPv6 address form field format tooltip #8834

Packages
Fixed situation where the firewall would get stuck attempting to reinstall packages after restoring a configuration when there is no Internet connection #7604
Added a new tag for package services, <starts_on_sync/>, to allow packages to declare that they start themselves during the sync process, which lets packages opt out of a (second) forced start at boot and during interface events #8850 See also: #8620

Miscellaneous
Fixed display of stored Load Balancer custom settings #8704
Fixed handling of loader.conf and loader.conf.local so it will not removed customized options that override defaults #8571
Fixed the restoration process for a config.xml from USB during install to remove RRD data so that the data does not indefinitely stay in config.xml #7634
Fixed handling of special characters in L2TP user passwords #7623
Fixed handling of sample bounds with custom timer periods on Status > Monitoring #6477
Changed the crash reporter so that users can download the reports locally rather than submitting to a server #8764
Added more redacted XML tags to status.php #8819
Changed status.php to use ifconfig -va to show more detail, including attached SFP devices with certain network interface drivers #8860

前の2.4.3_1から134日ぶりのリリースとなりました
pfSenseが2.4系になってから来月の2018年10月で1年経過となりますので
2.3系は2018年10月末でEOL(サポート終了)となります
まだ2.3系を使っている方は早めに2.4系へ更新しましょう

今回は0.0.1差とは思えないほど機能追加・不具合修正がかなりの数です
ベースOSであるFreeBSDも11.1から11.2へバージョンアップ!
FreeBSD内の脆弱性も複数修正された11.2-p3です

中でもPHPが5.6から7.2へ大幅バージョンアップをしており
使用しているプラグインによっては不具合は出る場合があるので
プラグインを利用している場合は個別に確認した方がいいと思います

特に公式リポジトリ以外を利用している人はエラー発生率が高いとのことで
公式で注意喚起されていました

こちらの環境では後述しているCrash reportが検知される問題が
3台中の1台だけ発生しましたが特に問題はなく
全台ともに設定引継ぎも問題なしで
まだ1日目ではありますが安定して動作しています

pfSense Gold無料開放

実際は寄付的要素の強いプログラムではありましたが
pfSense Goldという年間99ドルのプランが存在しており
有料会員向けの特典がありました

今回の2.4.4からpfSense Goldが無料開放されることになり
無料ユーザでも有料向け特典が利用可能になりました
主な内容はAutoConfigBackup・pfSense Hangouts・pfSense Bookです

Auto Config Backup(以下ACB)は設定ファイルを
自動でNetgateサーバへオンラインバックアップする機能で
ACBを有効にするとFWやNATルールを変更する度にバックアップされます
Services→Auto Config Backupから利用できます

pfSense Hangoutsは簡単に言うと解説動画のことで
各機能の解説や開発近況などが視聴できます
Netgate – YouTube
https://www.youtube.com/channel/UC3Cq2kjCWM8odzoIzftS04A

pfSense BookはpfSenseの解説本のことで
WEBベースと電子データ(PDF/ePub)で閲覧可能です
The pfSense Book
https://www.netgate.com/docs/pfsense/book/

アップデートの手順

事前に設定のバックアップをした上で以下の操作でアップデートを実行
手順はいつもと同じです

まずダッシュボードのVersionのところにある雲マークか
System→Updateを選択

2.4.3_1から2.4.4へアップデートと表示出てるのを確認して「Confirm」を押す

無事に完了すると自動で再起動開始されます

最後に2.4.4の状態で設定をバックアップして完了

アプデ後にCrash reportを検知

アップデート後に管理画面に入りダッシュボードに入ると
「pfSense has detected a crash report or programming bug. Click here for more information.」
という表示が出てきました
3台中1台のみ発生しましたので必ず発生するわけでもないようです

詳細確認する為にリンクを選択すると
Crash Reporterの画面に移動しログが確認できます

Crash report begins.  Anonymous machine information:

amd64
11.2-RELEASE-p3
FreeBSD 11.2-RELEASE-p3 #17 e6b497fa0a3(RELENG_2_4_4): Thu Sep 20 09:04:45 EDT 2018     root@buildbot3:/crossbuild/ce-244/obj/amd64/WvDslnYb/crossbuild/ce-244/pfSense/tmp/FreeBSD-src/sys/pfSense

Crash report details:

No PHP errors found.

No FreeBSD crash data found.

レポートを読むと「エラーはないよ」というエラー検知
今回はPHPとFreeBSDがバージョンアップされているのでその影響でしょう

リリース情報にもそれっぽい記載がありました

Due to the significant nature of the changes in this version of pfSense software, warnings and error messages, particularly from PHP and package updates, are likely to occur during the upgrade process. In nearly all cases these errors are a harmless side effect of the changes between FreeBSD 11.1 and 11.2 and between PHP 5.6 and PHP 7.2.

内容的には無害なので下にある
「Delete the crash report data and return to the Dashboard」ボタンでエラー削除でOK

念のためエラー削除後に再起動して他にエラーが出ないかを確認した方がいいと思います

このバグは既に#8915にて登録され2.4.4-p1で修正予定となっていますが
動作に影響があるわけではないのでp1を待つ必要もないでしょう

Update時の処理ログ

>>> Updating repositories metadata... 
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
>>> Setting vital flag on pkg... done.
>>> Downloading upgrade packages... 
Updating pfSense-core repository catalogue...
pfSense-core repository is up to date.
Updating pfSense repository catalogue...
pfSense repository is up to date.
All repositories are up to date.
Checking for upgrades (39 candidates): .......... done
Processing candidates (39 candidates): .......... done
The following 94 package(s) will be affected (of 0 checked):

New packages to be INSTALLED:
  php72: 7.2.10 [pfSense]
  libargon2: 20171227 [pfSense]
  php72-pecl-rrd: 2.0.1_1 [pfSense]
  php72-simplepie: 1.5.1_1 [pfSense]
  php72-curl: 7.2.10 [pfSense]
  php72-tokenizer: 7.2.10 [pfSense]
  php72-mbstring: 7.2.10 [pfSense]
  oniguruma: 6.8.1 [pfSense]
  php72-session: 7.2.10 [pfSense]
  php72-opcache: 7.2.10 [pfSense]
  php72-xmlwriter: 7.2.10 [pfSense]
  php72-xmlreader: 7.2.10 [pfSense]
  php72-dom: 7.2.10 [pfSense]
  php72-xml: 7.2.10 [pfSense]
  php72-simplexml: 7.2.10 [pfSense]
  php72-ctype: 7.2.10 [pfSense]
  php72-posix: 7.2.10 [pfSense]
  sshguard: 2.2.0_4 [pfSense]
  php72-openssl: 7.2.10 [pfSense]
  php72-hash: 7.2.10 [pfSense]
  php72-filter: 7.2.10 [pfSense]
  php72-openssl_x509_crl: 1.2 [pfSense]
  php72-bcmath: 7.2.10 [pfSense]
  php72-pecl-mcrypt: 1.0.1 [pfSense]
  php72-pear-Crypt_CHAP: 1.5.0 [pfSense]
  php72-pear: 1.10.5_1 [pfSense]
  php72-zlib: 7.2.10 [pfSense]
  openvpn-auth-script: 1.0.0.3 [pfSense]
  php72-sockets: 7.2.10 [pfSense]
  php72-ldap: 7.2.10 [pfSense]
  php72-pecl-zmq: 1.1.3_2 [pfSense]
  php72-pecl-radius: 1.4.0.b1 [pfSense]
  php72-pear-XML_RPC2: 1.1.3_1 [pfSense]
  php72-pear-HTTP_Request2: 2.3.0,1 [pfSense]
  php72-pear-Net_URL2: 2.2.1 [pfSense]
  php72-pear-Cache_Lite: 1.7.16,1 [pfSense]
  php72-pear-Net_IPv6: 1.3.0.b2_2 [pfSense]
  php72-pear-Net_Growl: 2.7.0 [pfSense]
  php72-pear-Auth_RADIUS: 1.1.0_4 [pfSense]
  php72-pear-Mail: 1.4.1,1 [pfSense]
  php72-pear-Net_SMTP: 1.8.0 [pfSense]
  php72-pear-Net_Socket: 1.0.14 [pfSense]
  php72-sysvshm: 7.2.10 [pfSense]
  php72-sysvsem: 7.2.10 [pfSense]
  php72-sysvmsg: 7.2.10 [pfSense]
  php72-shmop: 7.2.10 [pfSense]
  php72-readline: 7.2.10 [pfSense]
  php72-pcntl: 7.2.10 [pfSense]
  php72-json: 7.2.10 [pfSense]
  php72-gettext: 7.2.10 [pfSense]
  php72-pfSense-module: 0.64_6 [pfSense]
  php72-sqlite3: 7.2.10 [pfSense]
  php72-pdo_sqlite: 7.2.10 [pfSense]
  php72-pdo: 7.2.10 [pfSense]
  php72-bz2: 7.2.10 [pfSense]

Installed packages to be UPGRADED:
  unbound: 1.6.8 -> 1.7.3 [pfSense]
  strongswan: 5.6.2_1 -> 5.6.3 [pfSense]
  sqlite3: 3.22.0_1 -> 3.24.0_1 [pfSense]
  rrdtool: 1.7.0_1 -> 1.7.0_2 [pfSense]
  radvd: 2.17_4 -> 2.17_5 [pfSense]
  python27: 2.7.14_1 -> 2.7.15 [pfSense]
  py27-setuptools: 36.5.0 -> 39.2.0 [pfSense]
  py27-ply: 3.10_1 -> 3.11 [pfSense]
  pfSense-rc: 2.4.3_1 -> 2.4.4 [pfSense-core]
  pfSense-kernel-pfSense: 2.4.3_1 -> 2.4.4 [pfSense-core]
  pfSense-default-config: 2.4.3_1 -> 2.4.4 [pfSense-core]
  pfSense-base: 2.4.3_1 -> 2.4.4 [pfSense-core]
  pfSense: 2.4.3_1 -> 2.4.4 [pfSense]
  perl5: 5.24.4 -> 5.26.2 [pfSense]
  pcre: 8.40_1 -> 8.42 [pfSense]
  openvpn: 2.4.4_1 -> 2.4.6_1 [pfSense]
  openldap-client: 2.4.45 -> 2.4.46 [pfSense]
  ntp: 4.2.8p11 -> 4.2.8p12 [pfSense]
  nginx: 1.12.2_3,2 -> 1.14.0_6,2 [pfSense]
  mpd5: 5.8_3 -> 5.8_7 [pfSense]
  miniupnpd: 1.9.20160113,1 -> 2.0.20180503,1 [pfSense]
  links: 2.13,1 -> 2.16,1 [pfSense]
  libzmq4: 4.2.2_1 -> 4.2.3 [pfSense]
  libunistring: 0.9.8 -> 0.9.10 [pfSense]
  libnghttp2: 1.31.1 -> 1.32.0 [pfSense]
  liblz4: 1.8.0,1 -> 1.8.2,1 [pfSense]
  libidn2: 2.0.4 -> 2.0.5 [pfSense]
  isc-dhcp43-server: 4.3.6P1 -> 4.3.6P1_1 [pfSense]
  isc-dhcp43-relay: 4.3.6P1 -> 4.3.6P1_1 [pfSense]
  igmpproxy: 0.1_5,1 -> 0.2.1,1 [pfSense]
  hostapd: 2.6_1 -> 2.6_2 [pfSense]
  glib: 2.50.3_1,1 -> 2.50.3_4,1 [pfSense]
  dnsmasq: 2.78,1 -> 2.79,1 [pfSense]
  devcpu-data: 1.16 -> 1.19 [pfSense]
  curl: 7.58.0 -> 7.61.1 [pfSense]
  ca_root_nss: 3.36 -> 3.39 [pfSense]
  bsnmp-regex: 0.6_1 -> 0.6_2 [pfSense]
  bind-tools: 9.11.2P1 -> 9.12.2P1 [pfSense]

Installed packages to be REINSTALLED:
  pfSense-Status_Monitoring-1.7.6 [pfSense] (direct dependency changed: php72)

Number of packages to be installed: 55
Number of packages to be upgraded: 38
Number of packages to be reinstalled: 1

The process will require 76 MiB more space.
102 MiB to be downloaded.
[1/94] Fetching unbound-1.7.3.txz: .......... done
[2/94] Fetching strongswan-5.6.3.txz: .......... done
[3/94] Fetching sqlite3-3.24.0_1.txz: .......... done
[4/94] Fetching rrdtool-1.7.0_2.txz: .......... done
[5/94] Fetching radvd-2.17_5.txz: ....... done
[6/94] Fetching python27-2.7.15.txz: .......... done
[7/94] Fetching py27-setuptools-39.2.0.txz: .......... done
[8/94] Fetching py27-ply-3.11.txz: .......... done
[9/94] Fetching pfSense-rc-2.4.4.txz: .. done
[10/94] Fetching pfSense-kernel-pfSense-2.4.4.txz: .......... done
[11/94] Fetching pfSense-default-config-2.4.4.txz: . done
[12/94] Fetching pfSense-base-2.4.4.txz: .......... done
[13/94] Fetching pfSense-Status_Monitoring-1.7.6.txz: ... done
[14/94] Fetching pfSense-2.4.4.txz: . done
[15/94] Fetching perl5-5.26.2.txz: .......... done
[16/94] Fetching pcre-8.42.txz: .......... done
[17/94] Fetching openvpn-2.4.6_1.txz: .......... done
[18/94] Fetching openldap-client-2.4.46.txz: .......... done
[19/94] Fetching ntp-4.2.8p12.txz: .......... done
[20/94] Fetching nginx-1.14.0_6,2.txz: .......... done
[21/94] Fetching mpd5-5.8_7.txz: .......... done
[22/94] Fetching miniupnpd-2.0.20180503,1.txz: ........ done
[23/94] Fetching links-2.16,1.txz: .......... done
[24/94] Fetching libzmq4-4.2.3.txz: .......... done
[25/94] Fetching libunistring-0.9.10.txz: .......... done
[26/94] Fetching libnghttp2-1.32.0.txz: .......... done
[27/94] Fetching liblz4-1.8.2,1.txz: .......... done
[28/94] Fetching libidn2-2.0.5.txz: .......... done
[29/94] Fetching isc-dhcp43-server-4.3.6P1_1.txz: .......... done
[30/94] Fetching isc-dhcp43-relay-4.3.6P1_1.txz: .......... done
[31/94] Fetching igmpproxy-0.2.1,1.txz: ... done
[32/94] Fetching hostapd-2.6_2.txz: .......... done
[33/94] Fetching glib-2.50.3_4,1.txz: .......... done
[34/94] Fetching dnsmasq-2.79,1.txz: .......... done
[35/94] Fetching devcpu-data-1.19.txz: .......... done
[36/94] Fetching curl-7.61.1.txz: .......... done
[37/94] Fetching ca_root_nss-3.39.txz: .......... done
[38/94] Fetching bsnmp-regex-0.6_2.txz: ... done
[39/94] Fetching bind-tools-9.12.2P1.txz: .......... done
[40/94] Fetching php72-7.2.10.txz: .......... done
[41/94] Fetching libargon2-20171227.txz: ........ done
[42/94] Fetching php72-pecl-rrd-2.0.1_1.txz: .. done
[43/94] Fetching php72-simplepie-1.5.1_1.txz: ......... done
[44/94] Fetching php72-curl-7.2.10.txz: .... done
[45/94] Fetching php72-tokenizer-7.2.10.txz: .. done
[46/94] Fetching php72-mbstring-7.2.10.txz: .......... done
[47/94] Fetching oniguruma-6.8.1.txz: .......... done
[48/94] Fetching php72-session-7.2.10.txz: ..... done
[49/94] Fetching php72-opcache-7.2.10.txz: .......... done
[50/94] Fetching php72-xmlwriter-7.2.10.txz: .. done
[51/94] Fetching php72-xmlreader-7.2.10.txz: .. done
[52/94] Fetching php72-dom-7.2.10.txz: ....... done
[53/94] Fetching php72-xml-7.2.10.txz: ... done
[54/94] Fetching php72-simplexml-7.2.10.txz: ... done
[55/94] Fetching php72-ctype-7.2.10.txz: . done
[56/94] Fetching php72-posix-7.2.10.txz: .. done
[57/94] Fetching sshguard-2.2.0_4.txz: .......... done
[58/94] Fetching php72-openssl-7.2.10.txz: ....... done
[59/94] Fetching php72-hash-7.2.10.txz: .......... done
[60/94] Fetching php72-filter-7.2.10.txz: ... done
[61/94] Fetching php72-openssl_x509_crl-1.2.txz: .. done
[62/94] Fetching php72-bcmath-7.2.10.txz: ... done
[63/94] Fetching php72-pecl-mcrypt-1.0.1.txz: .. done
[64/94] Fetching php72-pear-Crypt_CHAP-1.5.0.txz: . done
[65/94] Fetching php72-pear-1.10.5_1.txz: .......... done
[66/94] Fetching php72-zlib-7.2.10.txz: ... done
[67/94] Fetching openvpn-auth-script-1.0.0.3.txz: . done
[68/94] Fetching php72-sockets-7.2.10.txz: ..... done
[69/94] Fetching php72-ldap-7.2.10.txz: ... done
[70/94] Fetching php72-pecl-zmq-1.1.3_2.txz: .... done
[71/94] Fetching php72-pecl-radius-1.4.0.b1.txz: ... done
[72/94] Fetching php72-pear-XML_RPC2-1.1.3_1.txz: ........ done
[73/94] Fetching php72-pear-HTTP_Request2-2.3.0,1.txz: .......... done
[74/94] Fetching php72-pear-Net_URL2-2.2.1.txz: ... done
[75/94] Fetching php72-pear-Cache_Lite-1.7.16,1.txz: .... done
[76/94] Fetching php72-pear-Net_IPv6-1.3.0.b2_2.txz: .. done
[77/94] Fetching php72-pear-Net_Growl-2.7.0.txz: .......... done
[78/94] Fetching php72-pear-Auth_RADIUS-1.1.0_4.txz: .. done
[79/94] Fetching php72-pear-Mail-1.4.1,1.txz: ... done
[80/94] Fetching php72-pear-Net_SMTP-1.8.0.txz: .. done
[81/94] Fetching php72-pear-Net_Socket-1.0.14.txz: . done
[82/94] Fetching php72-sysvshm-7.2.10.txz: . done
[83/94] Fetching php72-sysvsem-7.2.10.txz: . done
[84/94] Fetching php72-sysvmsg-7.2.10.txz: . done
[85/94] Fetching php72-shmop-7.2.10.txz: . done
[86/94] Fetching php72-readline-7.2.10.txz: .. done
[87/94] Fetching php72-pcntl-7.2.10.txz: .. done
[88/94] Fetching php72-json-7.2.10.txz: ... done
[89/94] Fetching php72-gettext-7.2.10.txz: . done
[90/94] Fetching php72-pfSense-module-0.64_6.txz: ...... done
[91/94] Fetching php72-sqlite3-7.2.10.txz: ... done
[92/94] Fetching php72-pdo_sqlite-7.2.10.txz: .. done
[93/94] Fetching php72-pdo-7.2.10.txz: ...... done
[94/94] Fetching php72-bz2-7.2.10.txz: .. done
Checking integrity... done (50 conflicting)
  - php72-7.2.10 [pfSense] conflicts with php56-5.6.34 [installed] on /usr/local/bin/php
  - php72-pecl-rrd-2.0.1_1 [pfSense] conflicts with pecl-rrd1-1.1.3 [installed] on /usr/local/include/php/ext/rrd/rrd_info.h
  - php72-curl-7.2.10 [pfSense] conflicts with php56-curl-5.6.34 [installed] on /usr/local/include/php/ext/curl/config.h
  - php72-tokenizer-7.2.10 [pfSense] conflicts with php56-tokenizer-5.6.34 [installed] on /usr/local/include/php/ext/tokenizer/config.h
  - php72-mbstring-7.2.10 [pfSense] conflicts with php56-mbstring-5.6.34 [installed] on /usr/local/include/php/ext/mbstring/php_mbregex.h
  - oniguruma-6.8.1 [pfSense] conflicts with oniguruma6-6.6.1 [installed] on /usr/local/bin/onig-config
  - php72-session-7.2.10 [pfSense] conflicts with php56-session-5.6.34 [installed] on /usr/local/include/php/ext/session/php_session.h
  - php72-opcache-7.2.10 [pfSense] conflicts with php56-opcache-5.6.34 [installed] on /usr/local/include/php/ext/opcache/zend_shared_alloc.h
  - php72-xmlwriter-7.2.10 [pfSense] conflicts with php56-xmlwriter-5.6.34 [installed] on /usr/local/include/php/ext/xmlwriter/config.h
  - php72-xmlreader-7.2.10 [pfSense] conflicts with php56-xmlreader-5.6.34 [installed] on /usr/local/include/php/ext/xmlreader/config.h
  - php72-dom-7.2.10 [pfSense] conflicts with php56-dom-5.6.34 [installed] on /usr/local/include/php/ext/dom/dom_ce.h
  - php72-xml-7.2.10 [pfSense] conflicts with php56-xml-5.6.34 [installed] on /usr/local/include/php/ext/xml/php_xml.h
  - php72-simplexml-7.2.10 [pfSense] conflicts with php56-simplexml-5.6.34 [installed] on /usr/local/include/php/ext/simplexml/php_simplexml.h
  - php72-ctype-7.2.10 [pfSense] conflicts with php56-ctype-5.6.34 [installed] on /usr/local/include/php/ext/ctype/config.h
  - php72-posix-7.2.10 [pfSense] conflicts with php56-posix-5.6.34 [installed] on /usr/local/include/php/ext/posix/config.h
  - php72-openssl-7.2.10 [pfSense] conflicts with php56-openssl-5.6.34 [installed] on /usr/local/include/php/ext/openssl/config.h
  - php72-hash-7.2.10 [pfSense] conflicts with php56-hash-5.6.34 [installed] on /usr/local/include/php/ext/hash/php_hash_crc32_tables.h
  - php72-filter-7.2.10 [pfSense] conflicts with php56-filter-5.6.34 [installed] on /usr/local/include/php/ext/filter/filter_private.h
  - php72-bcmath-7.2.10 [pfSense] conflicts with php56-bcmath-5.6.34 [installed] on /usr/local/include/php/ext/bcmath/config.h
  - php72-pecl-mcrypt-1.0.1 [pfSense] conflicts with php56-mcrypt-5.6.34 [installed] on /usr/local/include/php/ext/mcrypt/php_mcrypt.h
  - php72-pear-Crypt_CHAP-1.5.0 [pfSense] conflicts with pear-Crypt_CHAP-1.5.0 [installed] on /usr/local/share/pear/Crypt/CHAP.php
  - php72-pear-1.10.5_1 [pfSense] conflicts with pear-1.10.5_1 [installed] on /usr/local/bin/pear
  - php72-zlib-7.2.10 [pfSense] conflicts with php56-zlib-5.6.34 [installed] on /usr/local/include/php/ext/zlib/php_zlib.h
  - php72-sockets-7.2.10 [pfSense] conflicts with php56-sockets-5.6.34 [installed] on /usr/local/include/php/ext/sockets/sendrecvmsg.h
  - php72-ldap-7.2.10 [pfSense] conflicts with php56-ldap-5.6.34 [installed] on /usr/local/include/php/ext/ldap/config.h
  - php72-pecl-zmq-1.1.3_2 [pfSense] conflicts with pecl-zmq-1.1.3_2 [installed] on /usr/local/include/php/ext/zmq/php_zmq_pollset.h
  - php72-pecl-radius-1.4.0.b1 [pfSense] conflicts with pecl-radius-1.4.0.b1 [installed] on /usr/local/include/php/ext/radius/radius_init_const.h
  - php72-pear-XML_RPC2-1.1.3_1 [pfSense] conflicts with pear-XML_RPC2-1.1.3 [installed] on /usr/local/share/doc/pear/XML_RPC2/docs/Makefile
  - php72-pear-HTTP_Request2-2.3.0,1 [pfSense] conflicts with pear-HTTP_Request2-2.3.0,1 [installed] on /usr/local/share/doc/pear/HTTP_Request2/LICENSE
  - php72-pear-Net_URL2-2.2.1 [pfSense] conflicts with pear-Net_URL2-2.2.1 [installed] on /usr/local/share/doc/pear/Net_URL2/docs/6470.php
  - php72-pear-Cache_Lite-1.7.16,1 [pfSense] conflicts with pear-Cache_Lite-1.7.16,1 [installed] on /usr/local/share/doc/pear/Cache_Lite/LICENSE
  - php72-pear-Net_IPv6-1.3.0.b2_2 [pfSense] conflicts with pear-Net_IPv6-1.3.0.b2_2 [installed] on /usr/local/share/pear/Net/IPv6.php
  - php72-pear-Net_Growl-2.7.0 [pfSense] conflicts with pear-Net_Growl-2.7.0 [installed] on /usr/local/share/doc/pear/Net_Growl/examples/Help.ico
  - php72-pear-Auth_RADIUS-1.1.0_4 [pfSense] conflicts with pear-Auth_RADIUS-1.1.0 [installed] on /usr/local/share/doc/pear/Auth_RADIUS/examples/radius-acct.php
  - php72-pear-Mail-1.4.1,1 [pfSense] conflicts with pear-Mail-1.4.1,1 [installed] on /usr/local/share/doc/pear/Mail/LICENSE
  - php72-pear-Net_SMTP-1.8.0 [pfSense] conflicts with pear-Net_SMTP-1.8.0 [installed] on /usr/local/share/doc/pear/Net_SMTP/LICENSE
  - php72-pear-Net_Socket-1.0.14 [pfSense] conflicts with pear-Net_Socket-1.0.14 [installed] on /usr/local/share/pear/Net/Socket.php
  - php72-sysvshm-7.2.10 [pfSense] conflicts with php56-sysvshm-5.6.34 [installed] on /usr/local/include/php/ext/sysvshm/php_sysvshm.h
  - php72-sysvsem-7.2.10 [pfSense] conflicts with php56-sysvsem-5.6.34 [installed] on /usr/local/include/php/ext/sysvsem/php_sysvsem.h
  - php72-sysvmsg-7.2.10 [pfSense] conflicts with php56-sysvmsg-5.6.34 [installed] on /usr/local/include/php/ext/sysvmsg/config.h
  - php72-shmop-7.2.10 [pfSense] conflicts with php56-shmop-5.6.34 [installed] on /usr/local/include/php/ext/shmop/php_shmop.h
  - php72-readline-7.2.10 [pfSense] conflicts with php56-readline-5.6.34 [installed] on /usr/local/include/php/ext/readline/readline_cli.h
  - php72-pcntl-7.2.10 [pfSense] conflicts with php56-pcntl-5.6.34 [installed] on /usr/local/include/php/ext/pcntl/php_pcntl.h
  - php72-json-7.2.10 [pfSense] conflicts with php56-json-5.6.34 [installed] on /usr/local/include/php/ext/json/php_json.h
  - php72-gettext-7.2.10 [pfSense] conflicts with php56-gettext-5.6.34 [installed] on /usr/local/include/php/ext/gettext/php_gettext.h
  - php72-pfSense-module-0.64_6 [pfSense] conflicts with php56-pfSense-module-0.61 [installed] on /usr/local/include/php/ext/pfSense/php_pfSense.h
  - php72-sqlite3-7.2.10 [pfSense] conflicts with php56-sqlite3-5.6.34 [installed] on /usr/local/include/php/ext/sqlite3/config.h
  - php72-pdo_sqlite-7.2.10 [pfSense] conflicts with php56-pdo_sqlite-5.6.34 [installed] on /usr/local/include/php/ext/pdo_sqlite/php_pdo_sqlite.h
  - php72-pdo-7.2.10 [pfSense] conflicts with php56-pdo-5.6.34 [installed] on /usr/local/include/php/ext/pdo/php_pdo.h
  - php72-bz2-7.2.10 [pfSense] conflicts with php56-bz2-5.6.34 [installed] on /usr/local/include/php/ext/bz2/php_bz2.h
Checking integrity... done (0 conflicting)
Conflicts with the existing packages have been found.
One more solver iteration is needed to resolve them.
The following 145 package(s) will be affected (of 0 checked):

Installed packages to be REMOVED:
  php-suhosin-0.9.38_3
  php56-5.6.34
  php56-xml-5.6.34
  php56-zlib-5.6.34
  pear-1.10.5_1
  pear-Net_URL2-2.2.1
  pear-Net_Socket-1.0.14
  oniguruma6-6.6.1
  pear-HTTP_Request2-2.3.0,1
  pear-Cache_Lite-1.7.16,1
  php56-curl-5.6.34
  pear-Net_SMTP-1.8.0
  php56-mcrypt-5.6.34
  php56-hash-5.6.34
  pecl-radius-1.4.0.b1
  php56-dom-5.6.34
  pecl-rrd1-1.1.3
  php56-pdo-5.6.34
  php56-tokenizer-5.6.34
  php56-openssl-5.6.34
  php56-mbstring-5.6.34
  php56-bcmath-5.6.34
  php56-gettext-5.6.34
  pear-XML_RPC2-1.1.3
  pear-Mail-1.4.1,1
  pear-Crypt_CHAP-1.5.0
  pear-Net_IPv6-1.3.0.b2_2
  pear-Net_Growl-2.7.0
  pear-Auth_RADIUS-1.1.0
  php56-xmlreader-5.6.34
  php56-xmlwriter-5.6.34
  php56-simplexml-5.6.34
  php56-session-5.6.34
  pecl-zmq-1.1.3_2
  php56-pdo_sqlite-5.6.34
  php56-sysvshm-5.6.34
  php56-sysvsem-5.6.34
  php56-sysvmsg-5.6.34
  php56-sqlite3-5.6.34
  php56-sockets-5.6.34
  php56-shmop-5.6.34
  php56-readline-5.6.34
  php56-posix-5.6.34
  php56-pfSense-module-0.61
  php56-pcntl-5.6.34
  php56-opcache-5.6.34
  php56-ldap-5.6.34
  php56-json-5.6.34
  php56-filter-5.6.34
  php56-ctype-5.6.34
  php56-bz2-5.6.34

New packages to be INSTALLED:
  libargon2: 20171227 [pfSense]
  php72: 7.2.10 [pfSense]
  php72-xml: 7.2.10 [pfSense]
  php72-zlib: 7.2.10 [pfSense]
  php72-pear: 1.10.5_1 [pfSense]
  oniguruma: 6.8.1 [pfSense]
  php72-pear-Net_URL2: 2.2.1 [pfSense]
  php72-pear-Net_Socket: 1.0.14 [pfSense]
  php72-pecl-rrd: 2.0.1_1 [pfSense]
  php72-curl: 7.2.10 [pfSense]
  php72-tokenizer: 7.2.10 [pfSense]
  php72-mbstring: 7.2.10 [pfSense]
  php72-dom: 7.2.10 [pfSense]
  php72-openssl: 7.2.10 [pfSense]
  php72-hash: 7.2.10 [pfSense]
  php72-bcmath: 7.2.10 [pfSense]
  php72-pecl-mcrypt: 1.0.1 [pfSense]
  php72-pecl-radius: 1.4.0.b1 [pfSense]
  php72-pear-HTTP_Request2: 2.3.0,1 [pfSense]
  php72-pear-Cache_Lite: 1.7.16,1 [pfSense]
  php72-pear-Net_SMTP: 1.8.0 [pfSense]
  php72-pdo: 7.2.10 [pfSense]
  php72-simplepie: 1.5.1_1 [pfSense]
  php72-session: 7.2.10 [pfSense]
  php72-opcache: 7.2.10 [pfSense]
  php72-xmlwriter: 7.2.10 [pfSense]
  php72-xmlreader: 7.2.10 [pfSense]
  php72-simplexml: 7.2.10 [pfSense]
  php72-ctype: 7.2.10 [pfSense]
  php72-posix: 7.2.10 [pfSense]
  sshguard: 2.2.0_4 [pfSense]
  php72-filter: 7.2.10 [pfSense]
  php72-openssl_x509_crl: 1.2 [pfSense]
  php72-pear-Crypt_CHAP: 1.5.0 [pfSense]
  openvpn-auth-script: 1.0.0.3 [pfSense]
  php72-sockets: 7.2.10 [pfSense]
  php72-ldap: 7.2.10 [pfSense]
  php72-pecl-zmq: 1.1.3_2 [pfSense]
  php72-pear-XML_RPC2: 1.1.3_1 [pfSense]
  php72-pear-Net_IPv6: 1.3.0.b2_2 [pfSense]
  php72-pear-Net_Growl: 2.7.0 [pfSense]
  php72-pear-Auth_RADIUS: 1.1.0_4 [pfSense]
  php72-pear-Mail: 1.4.1,1 [pfSense]
  php72-sysvshm: 7.2.10 [pfSense]
  php72-sysvsem: 7.2.10 [pfSense]
  php72-sysvmsg: 7.2.10 [pfSense]
  php72-shmop: 7.2.10 [pfSense]
  php72-readline: 7.2.10 [pfSense]
  php72-pcntl: 7.2.10 [pfSense]
  php72-json: 7.2.10 [pfSense]
  php72-gettext: 7.2.10 [pfSense]
  php72-pfSense-module: 0.64_6 [pfSense]
  php72-sqlite3: 7.2.10 [pfSense]
  php72-pdo_sqlite: 7.2.10 [pfSense]
  php72-bz2: 7.2.10 [pfSense]

Installed packages to be UPGRADED:
  pcre: 8.40_1 -> 8.42 [pfSense]
  python27: 2.7.14_1 -> 2.7.15 [pfSense]
  perl5: 5.24.4 -> 5.26.2 [pfSense]
  libnghttp2: 1.31.1 -> 1.32.0 [pfSense]
  glib: 2.50.3_1,1 -> 2.50.3_4,1 [pfSense]
  ca_root_nss: 3.36 -> 3.39 [pfSense]
  unbound: 1.6.8 -> 1.7.3 [pfSense]
  rrdtool: 1.7.0_1 -> 1.7.0_2 [pfSense]
  py27-setuptools: 36.5.0 -> 39.2.0 [pfSense]
  libunistring: 0.9.8 -> 0.9.10 [pfSense]
  curl: 7.58.0 -> 7.61.1 [pfSense]
  strongswan: 5.6.2_1 -> 5.6.3 [pfSense]
  sqlite3: 3.22.0_1 -> 3.24.0_1 [pfSense]
  py27-ply: 3.10_1 -> 3.11 [pfSense]
  openldap-client: 2.4.45 -> 2.4.46 [pfSense]
  libzmq4: 4.2.2_1 -> 4.2.3 [pfSense]
  liblz4: 1.8.0,1 -> 1.8.2,1 [pfSense]
  libidn2: 2.0.4 -> 2.0.5 [pfSense]
  radvd: 2.17_4 -> 2.17_5 [pfSense]
  pfSense-rc: 2.4.3_1 -> 2.4.4 [pfSense-core]
  openvpn: 2.4.4_1 -> 2.4.6_1 [pfSense]
  ntp: 4.2.8p11 -> 4.2.8p12 [pfSense]
  nginx: 1.12.2_3,2 -> 1.14.0_6,2 [pfSense]
  mpd5: 5.8_3 -> 5.8_7 [pfSense]
  miniupnpd: 1.9.20160113,1 -> 2.0.20180503,1 [pfSense]
  links: 2.13,1 -> 2.16,1 [pfSense]
  isc-dhcp43-server: 4.3.6P1 -> 4.3.6P1_1 [pfSense]
  isc-dhcp43-relay: 4.3.6P1 -> 4.3.6P1_1 [pfSense]
  igmpproxy: 0.1_5,1 -> 0.2.1,1 [pfSense]
  hostapd: 2.6_1 -> 2.6_2 [pfSense]
  dnsmasq: 2.78,1 -> 2.79,1 [pfSense]
  devcpu-data: 1.16 -> 1.19 [pfSense]
  bsnmp-regex: 0.6_1 -> 0.6_2 [pfSense]
  bind-tools: 9.11.2P1 -> 9.12.2P1 [pfSense]
  pfSense-kernel-pfSense: 2.4.3_1 -> 2.4.4 [pfSense-core]
  pfSense-default-config: 2.4.3_1 -> 2.4.4 [pfSense-core]
  pfSense-base: 2.4.3_1 -> 2.4.4 [pfSense-core]
  pfSense: 2.4.3_1 -> 2.4.4 [pfSense]

Installed packages to be REINSTALLED:
  pfSense-Status_Monitoring-1.7.6 [pfSense] (direct dependency changed: php72)

Number of packages to be removed: 51
Number of packages to be installed: 55
Number of packages to be upgraded: 38
Number of packages to be reinstalled: 1

The process will require 43 MiB more space.
>>> Upgrading pfSense-rc... 
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
  pfSense-rc: 2.4.3_1 -> 2.4.4 [pfSense-core]

Number of packages to be upgraded: 1
[1/1] Upgrading pfSense-rc from 2.4.3_1 to 2.4.4...
[1/1] Extracting pfSense-rc-2.4.4: .... done
>>> Upgrading pfSense kernel... 
Checking integrity... done (0 conflicting)
The following 1 package(s) will be affected (of 0 checked):

Installed packages to be UPGRADED:
  pfSense-kernel-pfSense: 2.4.3_1 -> 2.4.4 [pfSense-core]

Number of packages to be upgraded: 1

The process will require 24 MiB more space.
[1/1] Upgrading pfSense-kernel-pfSense from 2.4.3_1 to 2.4.4...
[1/1] Extracting pfSense-kernel-pfSense-2.4.4: .......... done
===> Keeping a copy of current kernel in /boot/kernel.old
>>> Removing unnecessary packages... done.
Upgrade is complete.  Rebooting in 10 seconds.
Success