pfSense 1.2.2 released!

January 9th, 2009 by Chris Buechler

1.2.2 is now making its way to the mirrors. Only five changes from 1.2.1, but we did want to get these issues fixed and an updated version out there.

  • Setup wizard fix – removing BigPond from the WAN page on the setup wizard caused problems.
  • SVG graphs fixed in Google Chrome. The graph page used to not require authentication, which is how it works in m0n0wall, I believe because at the time the feature was implemented in m0n0wall that is the only way it would work. We added required authentication on this page, and while it worked in Firefox, the way it was implemented broke Chrome. Chrome is now fixed. IE believed to still be broken, and the only resolution appears to be not requiring authentication for the graph. We would rather break the SVG graphs in IE and tighten that down than leave it open.
  • IPsec reload fix specific to large (100+ site) deployments
  • Bridge creation code changes – there have always been issues when attempting to bridge more than two interfaces. This fixes several bugs when attempting to use more than one bridge.
  • FreeBSD updates for two security advisories on January 7, 2009, listed here. The OpenSSL one could possibly affect OpenVPN users, as discussed on the mailing list.

Most users on 1.2.1 won’t have any need to upgrade to 1.2.2. If any of the above applies to you, then upgrade to this version.

1.2.2 should be used for all new installs.

Downloads

New installs

Updates

For information on upgrading, see the Upgrade Guide. If you haven’t upgraded to 1.2.1 yet, you can upgrade from 1.2 and prior versions directly to 1.2.2, skipping 1.2.1.

Note on Release Signing for 1.2 (not 1.2.1) users
The key for signing releases and its backup were inadvertently destroyed. This means you’ll get a warning that the release is unsigned, unless you are updating from a recent 1.2.1 snapshot. You can either just click through that warning, or install the Pubkey package you will find under System -> Packages. If you wish to update the file manually from a secure source, you can overwrite /etc/pubkey.pem with this file.

Tags:

24 Responses to “pfSense 1.2.2 released!”

  1. aussiebear Says:

    Its OK to completely remove BigPond support. The ISP has changed the login and authentication process such that it now works automatically via DHCP. ie: You don’t need the bigpond login client any more. :)

  2. Chris Buechler Says:

    That’s what we did as one of the last clean ups before 1.2.1… except in the process we broke the setup wizard. :)

  3. Dominik Schips Says:

    Thank you for this Release works great here.
    Now I can bridge 4 ports correct on my Soekris net5501-70 for LAN zone.

  4. johnny99 Says:

    Umm.. system_firmware_auto.php = fail through the backend web admin — I get Update cannot continue on both boxes from .21 > .22

  5. Dominik Schips Says:

    Ok, i doesn’t work as perfect as I thought with the LAN bridge (4 interfaces).

    Sometimes after removing CAT5 cable of a client (connected to the brideged OPT1 interface) it doesn’t get an IP again.
    If I unplug the client on the LAN interface, which all other interfaces (OPT1, OPT2, OPT3) are bridegd to, then the client on OPT1 get an IP again by DHCP.

    Could that be a bridge or DHCP problem?
    Or just a problem of the MDI-X of the interfaces?

  6. Haody Says:

    i like pfsense more than sexly girl~

  7. Boycott Novell » Links 10/01/2009: GNU/Linux on Disney Desktops, Btrfs Enters Linux Says:

    [...] pfSense 1.2.2 released! 1.2.2 is now making its way to the mirrors. Only five changes from 1.2.1, but we did want to get these issues fixed and an updated version out there. [...]

  8. Chris Buechler Says:

    johnny: auto update will work from 1.2.2 on. Use one of the other upgrade mechanisms to upgrade to 1.2.2.

    Dominik: if you post to the forum or mailing list I’ll comment on those.

  9. pfSense 1.2.2 | thecamels.org Says:

    [...] Buechler ogłosił wydanie systemu pfSense 1.2.2. Opiera się on o system FreeBSD i jest przystosowany do pracy jako firewall lub router. Wersja [...]

  10. Gin Says:

    pfSense-Full-Update-1.2.2.tgz is screwed. Archive appears to be broken and – “The digital signature on this image is invalid”.
    Best regards.

  11. Chris Buechler Says:

    Gin: no it isn’t. IE tends to screw up gzipped file downloads. All the mirrors have a valid copy that extracts fine, your browser had to have broken the file.

  12. josias Says:

    Hi,
    this update include FreeBSD 7.1 ? if not, have some date ?
    where find developer version.
    Thanks.

  13. Chris Buechler Says:

    josias: it’s 7.0, we likely won’t be changing FreeBSD versions on 1.2.x again. 2.0 is on 7.1, about to move to 8.

  14. inetshell Says:

    What’s exactly the IPsec fix?

    Thanks

  15. Chris Buechler Says:

    inetshell: you can always find changes at http://cvstrac.pfsense.org/timeline or view the reports to get one on RELENG_1_2.

    IPsec change was: http://cvstrac.pfsense.org/chngview?cn=26879

  16. Charles Houp Says:

    Any chance this might have fixed the Google SafeSearch problem where it wipes out the config and requires a complete re-install?

  17. Chris Buechler Says:

    What you see listed is the entire list of fixes.

    I have no idea what you mean by Google SafeSearch problem, a quick search and it seems like maybe you’re referring to:
    http://forum.pfsense.org/index.php?topic=13002.0

    Packages have no relation to base system releases. Also note that Squidguard is not considered stable. dvserg is the only one who works on the Squid packages, you’ll need to pose that question to him by bumping that forum thread.

  18. Guy Boisvert Says:

    Hi,

    I downloaded the upgrade image for the New York site listed in the mirror list. I checked it successfully with the MD5 checksum. When i try to upgrade my pfSense 1.2-RELEASE using Firefox 3.0.5 on Wiblows XP SP2 (pfSense-Full-Update-1.2.2.tgz), i get the “The digital signature on this image is invalid.” message…

    Comments / infos about that?

    Thanks Chris for this great piece of software!

  19. Chris Buechler Says:

    Guy: read “Note on Release Signing for 1.2 (not 1.2.1) users” in this post.

  20. Guy Boisvert Says:

    Sorry Chris,

    I was under pressure and i didn’t read the whole post! Shame on me…

  21. Dan Gardner Says:

    Looks like 1.2.1 has a broken geom/gmirror. When I try to use gmirror, I get a “gmirror: gmirror and /lib/geom/geom_mirror.so are not synchronized.” I haven’t tried 1.2.2 since I’m not affected by any of the issues mentioned above – can anybody tell me whether the problem is resolved in that version?

    If not, any chance of a version 1.2.3 with a working geom please?

    Many thanks for a brilliant piece of software.

  22. cruzades Says:

    I can’t upgrade to 1.2.2 from 1.2-Release version, using the update and new install doesn’t work with my cpu anymore :(

    it continuously reboots me with bunch of hex codes and kernel panic message.

    here is my cpu specs

    Processors 1
    Model Pentium/P55C
    CPU Speed 187 Mhz
    PCI Devices
    - atapci0: GENERIC ATA controller
    - dc0: 82c169 PNIC 10/100BaseTX
    - fxp0: Intel 82558 Pro/100 Ethernet
    - isab0: PCI-ISA bridge
    - rl0: D-Link DFE-530TX+ 10/100BaseTX
    IDE Devices
    - ad1: QUANTUM FIREBALL EX3.2A A0A.0300 (Capacity: 3.15 GB)
    SCSI Devices none
    USB Devices none

    hope this helps.

  23. Chris Buechler Says:

    cruzades: You have another hardware combination that doesn’t work with FreeBSD 7.0 it seems. Try 1.2.3, it’s based on FreeBSD 7.1 which has resolved hardware regressions for a number of other people.
    http://blog.pfsense.org/?p=364

  24. cruzades Says:

    @Chris Buechler

    Gee, thanks for that, I’m gonna try 1.2.3 now.

    So much thanks.

Please don’t post technical questions or off-topic comments. It is far more likely that your questions and concerns will be addressed effectively through one of our support channels.

Leave a Reply