Maybe you had the same problem as me. Log in on ssh shell and then try running: pfctl -f /tmp/rules.debug This should reload the rules, but might throw an error..
Kind regards, Seb > -----Original Message----- > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf > Of Chuck Mariotti cmariotti-at-xunity.com > Sent: 15 August 2015 22:26 > To: pfSense Support and Discussion Mailing List > Subject: Re: [pfSense] pfSense 2.1.5 to 2.2.4 update problems... > > I should point out that at one point there was a "DNS Rebind" > message in the best browser for one of the sites internally > (not sure if that's related). > > -----Original Message----- > From: List [mailto:list-boun...@lists.pfsense.org] On Behalf > Of Chuck Mariotti > Sent: August-15-15 1:16 PM > To: pfSense Support and Discussion Mailing List > <list@lists.pfsense.org> > Subject: [pfSense] pfSense 2.1.5 to 2.2.4 update problems... > > I had a need to update to the latest pfSense. I had a > replacement machine with the latest 2.2.4. Took the config > file from 2.1.5 and restored it... > > It got stuck on the restoring packages and I eventually > unlocked and just left it as-is. > > Swapped over the connection to the replacement and some > internal websites (https) stopped being available to the > public... internally no problems. > > I looked quickly but could not find what was happening with a > simple update. So I switched it back to the original. > > I reinstalled 2.1.5 on the replacement machine... restored > the config... switched it over and all worked perfectly. > > I ran the in-place update and it completed without issues > (including packages)... but again, many internal sites not > available to the public side. > > Did I miss something in the upgrade method? There is a patch > that was previously applied but I don't think it was related > and it didn't say it was enabled. > > Fix SHA1 certs > > http://github.com/pfsense/pfsense/commit/fd750cd064a46f364a7e0 > 6c9fe27d46ce11cd09a.patch > > Unfortunately, I did not have much time to debug since there > was an unrelated hardware failure which extended the appox > downtime from 5-10mins to about 3 hours.... So was mostly > interesting it restoring things back to normal. > > To be honest, I don't know if it was both http(s) or just > https only that was not accessible... I think it was https > but it's too late to test it again. There is a NLBS serving > up some of those sites if that matters. > > Any suggestions would be greatful. > > Regards, > > Chuck > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ > pfSense mailing list > https://lists.pfsense.org/mailman/listinfo/list > Support the project with Gold! https://pfsense.org/gold > _______________________________________________ pfSense mailing list https://lists.pfsense.org/mailman/listinfo/list Support the project with Gold! https://pfsense.org/gold