OPNsense Forum
Archive => 17.1 Legacy Series => Topic started by: Feldunost on June 20, 2017, 03:22:06 pm
-
Hello,
I'm managing one OPNsense that is functionnal behind another proxy, modifications are done properly to set :
- a parent proxy in squid.conf
- setenv for parent proxy in pkg.conf.
However when i attempt to upgrade from SSH, it returns me :
Fetching packages-17.1-OpenSSL-amd64.tar: .............................................................opnsense-verify: Unable to open /var/cache/opnsense-update/2640/packages-17.1-OpenSSL-amd64.tar: No such file or directory
failed
Any pointer to look into this problem ?
Regards.
-
Problem is still up ...
Can't seems to find solution.
-
Fetch is probably not using the proxy...
You can preload everything given the correct environment PROXY vars are set on the command line:
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.obsolete
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.obsolete.sig
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/base-17.1-amd64.txz.sig
# fetch https://pkg.opnsense.org/sets/kernel-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/kernel-17.1-amd64.txz.sig
# fetch https://pkg.opnsense.org/sets/packages-17.1-amd64.txz
# fetch https://pkg.opnsense.org/sets/packages-17.1-amd64.txz.sig
# opnsense-update -l . -ur 17.1
# /usr/local/etc/rc.reboot
Note that if you are having these issues, you likely didn't receive kernel/base updates in the past.
Cheers,
Franco
-
The problem is indeed about fetch, but i can't seems to find a proper functionnal solution.
It throws me back "Proxy authentication required" even though i specified username and password for the proxy in environment.
-
Hmm, fetch supports the following:
See fetch(3) for a description of additional environment variables,
including FETCH_BIND_ADDRESS, FTP_LOGIN, FTP_PASSIVE_MODE, FTP_PASSWORD,
FTP_PROXY, ftp_proxy, HTTP_ACCEPT, HTTP_AUTH, HTTP_PROXY, http_proxy,
HTTP_PROXY_AUTH, HTTP_REFERER, HTTP_USER_AGENT, NETRC, NO_PROXY,
no_proxy, SSL_CA_CERT_FILE, SSL_CA_CERT_PATH, SSL_CLIENT_CERT_FILE,
SSL_CLIENT_KEY_FILE, SSL_CRL_FILE, SSL_ALLOW_SSL3, SSL_NO_TLS1,
SSL_NO_TLS1_1, SSL_NO_TLS1_2, SSL_NO_VERIFY_HOSTNAME and
SSL_NO_VERIFY_PEER.
You can add those vars to /root/.cshrc as follows:
setenv HTTP_PROXY Value
And then just:
source .cshrc
Download will work if proxy is being operated correctly.
Cheers,
Franco