Hi everyone,
quick note for 15.7.1 and up: you'll be able to test the development version snapshot which is being refreshed every time a stable update is released. In order to switch, drop to the console and type:
# pkg install -y opnsense-devel
DISCLAIMER: Helping to test the development version may cause OPNsense to get better faster. :)
We are going to add bleeding edge features to the development version whenever we're not sure it's working 100% yet and look for any type of feedback so that once it is merged to the stable version, it really is working as intended.
Some features may not work all the time, so be careful still.
If you choose to go back, type:
# pkg install -y opnsense
Cheers,
Franco
Quote from: franco on July 08, 2015, 03:32:07 PM
Hi everyone,
quick note for 15.7.1 and up: you'll be able to test the development version snapshot which is being refreshed every time a stable update is released. In order to switch, drop to the console and type:
# pkg install -y opnsense-devel
Disclaimer: THERE ARE NO GUARANTEES THE DEVELOPMENT VERSION IS IN A WORKING STATE. PLEASE DO NOT USE IT IN A PRODUCTION SETTING.
If you choose to go back, type:
# pkg install -y opnsense
Currently, only amd64 packages support this as an experimental feature in 15.7.1. If all works well, we'll keep this MO for all flavours of 15.7.2 and beyond. :)
Cheers,
Franco
Franco,
will there be a announcement here each week (since thats what stable is on) on whats changed between development snapshots?
or do i need to track commits on github to see whats changed during the week?
thank you for what you guys do.
After doing two of such releases it looks like opnsense-devel is a development / staging area for new features or fixes that do not directly apply to stable (or should not). There is no release engineering involved, we just take the latest development state. Running opnsense-devel may or may not work so for a production environment that likely is too much trouble.
We try to move the new features to stable as soon as we can now. It may change later or is decided on a case by case basis. The good thing about the extra package is that it can help to "try" certain features for interested users without the need for git or other development skills.
All in all, we will not have any associated release notes for opnsense-devel, but will ask for test coverage from time to time or give individuals a chance to try out specific bug fixes / features without sacrificing stability of the actual release track.
To help with the testing, do you recommend i use real hardware or can i use a virtual machine just as well?
VM is perfectly fine. Sometimes I find it harder to set up a proper VM routing though, but that heavily depends on hardware being available and available time.
Good, i'll set one up then! :)
If you use the VM directly connected to the internet that should never be a problem.
Unless you got a very funky VM Switch setup.
Thanks for the info! it is connected trough a dedicated networkcard directly on my production firewall :)
I should be covered! 8)
Ah, using the dedicated firewall as gateway, etc?
I only use OPNsense at home, and have a couple of VM's all with the same MAC addresses so switching is easy.
Without resetting the cable modem each time :-)
I know! it's awesome right?! ;)
Setup a DMZ between the two and it's really awesome ;-)
Jup! First thing i did ;)
Am I dropping to console to update every time?
You can safely upgrade into the next opnsense-devel using the GUI, too.
Before enabling IPS mode it is understood that I disable all offloading. 2 of the 3 are disabled by default on my setp at least. Am I correct in assuming I should also check (disable) " Disable hardware checksum offload" before enabling?
also there is a bit of a typo in the informational regarding enabling IPS
Quote
enable protection mode (block traffic). before enabling, please disable all hardware oFFloading first.
in advanced network
Thanks for mentioning the typo, will fix that right away.
Your assumption is correct, you best disable checksum offloading as well.
Is there by chance a memstick img available yet for testing out 16 release or is the best way to install the old release and update? I am looking at installing this for home use and would love to try out the version 16 since it is so close to release.
Also if I do have to install the old version and update to the devel branch will this transition well when the new version is released or will I need to tweak it to stop from updating to bleeding edge features?
Appreciate the help and look forwarding to trying out your product.
I'll regenerate the 16.1 kernel tomorrow, hopefully have images up as well by nightfall.
Images for amd64 are up, i386 will follow shortly:
https://pkg.opnsense.org/snapshots/20160120/
Snapshot images are provided as is and should be able to upgrade right into 16.1 when it is out, but that's not the focus of these images. The focus is to verify the new FreeBSD 10.2 works in the integrated image setting before we flip the switch on January 28.
Any feedback here, positive or negative is greatly appreciated.
I'll have a go at it too, just to see how a Hyper-V VM installation works out.
i386 snapshots are up as well :)
Still
# opnsense-update -bkr 15.7_38 && /usr/local/etc/rc.reboot
?
Ah, yes, of course :)
# opnsense-update -bkr 15.7_41 && /usr/local/etc/rc.reboot
i am on OPNsense 16.1.18-amd64 can i still test this ?
if yes which command to run ? already tried the command on the first post and it comes back that all repo are up to date.
Hi jamerson,
Instructions for 16.7-RC will be out on Monday.
Cheers,
Franco
Thank yuo,
i am on the 16.7 now
will report backup
Hi, any command line to switch from 16.1 to 16.7 ?
Best regards
With a bit of important disclaiming:
Requirements:
o OPNsense stable release 16.1.16 or later
o Config backups or VM snapshots
o Receive updates from the OpenSSL branch only by switching the flavour
Grab the new release signature fingerprint:
# opnsense-patch 317410c
Change the repository location:
# opnsense-update -sn "16.7\/latest"
Update from the GUI, console option (12) or by running:
# opnsense-update && /usr/local/etc/rc.reboot
Note the only OpenSSL is available at the moment. Switching your firmware flavour is advised as noted by Bill in the other thread just now.
Have fun,
Franco
"Please reboot.
/usr/local/etc/reboot: Command not found."
Guess you meant:
opnsense-update && /usr/local/etc/rc.reboot
Doing so I got:
root@gateway08:/usr/local/etc # ./rc.reboot
Performing sanity check on squid configuration.
FATAL: getpwnam failed to find userid for effective user 'squid'
Squid Cache (Version 3.5.20): Terminated abnormally.
But it continued shutting down and it seems Ok for now.
Yes, good catch. The error message is due to changing from 10.2 -> 10.3, users and groups are rebuilt on bootup.