Messages

I tested on 25.7.10 and it adds and deletes the neighbor entry from the configuration.

It likely does not remove the neighbor from the ARP table until a reboot. Static ARP in ISC DHCP may change that if you apply there but that's for historic reasons.  There are upcoming changes related to these topics in 26.1.

So in case I haven't answered your question or bug can you be more precise?


Thanks,
Franco

Great, thank you!  :)

@kozistan the only thing I can think of is that the update stopped after

> socat upgraded: 1.8.0.3 -> 1.8.1.0

but it feels rather weird it didn't even mention removing opnsense package.

But it also looks like the files are there which makes me think you don't have many packages in your local database?

# pkg info | wc -l
     191

Should be somewhere over 100 packages at least.

The easiest way to fix it would be

# pkg install opnsense


Cheers,
Franco

It's out now.


Cheers,
Franco

A hotfix release was issued as 25.10.1_2:

o firewall: clean up rules edit cancel button
o firmware: opnsense-update: remove architecture pinning for -X option
o mvc: FilterBaseController: move shared automation rule logic here
o src: e1000: do not enable ASPM L1 without L0s
o src: e1000: bump 82574/82583 PBA to 32K
o src: if_ovpn: use IFT_TUNNEL
o src: ifconfig: bring back -L for netlink
o src: igb: fix VLAN support on VFs
o src: irdma: fix potential memory leak on qhash cqp operation
o src: ix: add support for debug dump for E610 adapters
o src: netmap: fix error handling in nm_os_extmem_create()
o src: pf: reading rules with a read lock on ioctl
o src: pf: relax sctp v_tag verification
o src: pf: handle divert packets
o src: pfsync: fix incorrect unlock during destroy
o src: rtsold: remote code execution via ND6 router advertisements[27]

[27] https://www.freebsd.org/security/advisories/FreeBSD-SA-25:12.rtsold.asc

> Is 25.10.1 not affected by this issue?

From your question it seems more relevant that you implied to ask why no business update was issued yet.

Because we have a process to ensure that a business update will be adequately assembled and vetted prior to release. 24 hours is not that much to ask for IMO.


Cheers,
Franco

If someone suggests an elegant way and the relevant use case... sure? But what is the reason?


Cheers,
Franco

This is still pretty strange. The /var/logs/pkg folder has the logs of the previous days too if you can find the day with the non-working upgrade.


Cheers,
Franco

Ok, the 25.7.8 update looks good.

The only way I can think of for it not to write the log is when "pkg upgrade" was used verbatim. But there would still be a pkg log:

# opnsense-log pkg

Maybe it gives a few clues.


Thanks,
Franco

> The console option 12 also writes a log. I don't understand why it should be missing?

I just tested this and it logs just fine.


Cheers,
Franco

The console option 12 also writes a log. I don't understand why it should be missing?

> All packages came from OPNsense repository, no FreeBSD repo was involved.

Well, if you installed a package from somwhere that is NOT OPNsense repo we simply don't know how the package manager reacts on unresolvable conflicts is my main point here.

And no modified log snippets please, it hides crucial information.


Cheers,
Franco

> Any plans on how to proceed there?

Nope. I've asked FreeBSD committers, core team and even foundation for help on improving cooperation over the years. The ball was always in their court.

Not sure if it's really appropriate to kick me instead of the ball, but it is what it is. Someone clever will figure something out I guess.  ;)


Cheers,
Franco

Since you installed something from FreeBSD repo it's already in a state that is impossible to reproduce from our end.

If you still have the update log we can try to figure out what is going on. It probably did a partial upgrade and aborted while also uninstalling a vital package. It's the same old story with the package manager.  ;)

With this command you can get the last update log:

# opnsense-update -g


Cheers,
Franco

Intended. The IP is still searchable. It may not be in the tooltip yet, but it was also suggested so it might still be done.

This was done to save a lot of space in an already wide table.


Cheers,
Franco

Later today, yes.


Cheers,
Franco