I wanted to upgrade my current version to the 123, because it offered me the WUI. However, I can't get from the half state to the 123s. The following he tells me at pakfire update: ####=====================================#### Oct 3 14:19:00 ipfw pakfire: DOWNLOAD INFO: HTTP-Status-Code: 200 - 200 OK Oct 3 14:19:00 ipfw pakfire: DOWNLOAD INFO: File received. Start checking signature... Oct 3 14:19:00 ipfw pakfire: DOWNLOAD INFO: Signature of meta-core-upgrade-122 is fine. Oct 3 14:19:00 ipfw pakfire: DOWNLOAD FINISHED: ipfire/pakfire2/2.21/meta/meta-core-upgrade-122 Oct 3 14:19:00 ipfw pakfire: DOWNLOAD STARTED: paks/core-upgrade-2.21-122.ipfire Oct 3 14:19:00 ipfw pakfire: MIRROR INFO: 32 servers found in list Oct 3 14:19:00 ipfw pakfire: PING INFO: mirror.lightningwirelabs.com is alive Oct 3 14:19:00 ipfw pakfire: DOWNLOAD INFO: Host: mirror.lightningwirelabs.com (HTTPS) - File: pub/ipfire/pakfire2/2.21/paks/core-upgrade-2.21-122.ipfire Oct 3 14:19:00 ipfw pakfire: DOWNLOAD INFO: pub/ipfire/pakfire2/2.21/paks/core-upgrade-2.21-122.ipfire has size of bytes Oct 3 14:19:00 ipfw pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowing which Certificate Authorities to trust Oct 3 14:19:00 ipfw pakfire: Giving up: There was no chance to get the file paks/core-upgrade-2.21-122.ipfire from any available server. There was an error on the way. Please fix it. Oct 3 14:19:00 ipfw pakfire: DOWNLOAD STARTED: meta/meta-core-upgrade-123 Oct 3 14:19:00 ipfw pakfire: MIRROR INFO: 32 servers found in list Oct 3 14:19:01 ipfw pakfire: PING INFO: mirror.espoch.edu.ec is alive Oct 3 14:19:01 ipfw pakfire: DOWNLOAD INFO: Host: mirror.espoch.edu.ec (HTTPS) - File: ipfire/pakfire2/2.21/meta/meta-core-upgrade-123 Oct 3 14:19:01 ipfw pakfire: DOWNLOAD INFO: ipfire/pakfire2/2.21/meta/meta-core-upgrade-123 has size of bytes Oct 3 14:19:01 ipfw pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowing which Certificate Authorities to trust Oct 3 14:19:01 ipfw pakfire: Giving up: There was no chance to get the file meta/meta-core-upgrade-123 from any available server. There was an error on the way. Please fix it. Oct 3 14:19:01 ipfw pakfire: No filename given in meta-file. ####=====================================#### Manually via terminal - on at --force seen: ####=====================================#### pakfire update Giving up: There was no chance to get the file "counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879" from any available server. There was an error on the way. Please fix it. Giving up: There was no chance to get the file "2.21/lists/server-list.db" from any available server. There was an error on the way. Please fix it. Giving up: There was no chance to get the file "lists/packages_list.db" from any available server. There was an error on the way. Please fix it. Giving up: There was no chance to get the file "lists/core-list.db" from any available server. There was an error on the way. Please fix it. ####=====================================#### fileinformation /opt/pakfire/db/meta: ####=====================================#### -rw-r--r-- 1 root root 964 Oct 3 14:19 meta-core-upgrade-122 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Name: core-upgrade ProgVersion: 2.21 Release: 122 Size: 50360320 Dependencies: File: core-upgrade-2.21-122.ipfire -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJbUe/HAAoJEG/veo7XE1lLSCwP/iv8IiSih4/3RG1lkmQ13TcN y6vR1z78Y1r9Recw8EkNP6ZcviAAXmCxn6wiMbhmmpdo2Q7N/JdqknSxkqSc+9tr VK86HqwOoEEigr2FaqzD2jEgGQhUzSsimztVevxDB1hVJi9kMBcY8EtvrzsW7rxe 1opYqa72/zBmrYkheyJh6aGfjiLCpAEVkQiyuoiRqYRxOnel/PuhnPlqpUpRc+SE qe1xQAcQjLNRApdgSNJ2FvgnTJ0A+HHb0r0FklhqG341TjSs0kVVJYr6PQ2B32fo EK6Y/7ui7suyNwpD4KKgVgyh/sebeYoNdiBY/3Cux7OV+kab0AtCTKrM+0dY/nwg M+qW8QW3sFV8u5kvcA+rLSe/1LKxrRkEuhmnH1GAwAX7b30IMV5+eQBR9Fms5ZGf 2pIgLIuuNbFIymONHeTO686z6B5u1jd19PtBpR052biLVA4NBQKzNwkF+HDfVazn RpWVW0PcB5DSmKSjdto3ppxVMnHEc7eCUsvogxuAZUlZW/V7Dp3EpGVDUW6m/v1U b4ZYS/gUiBHD0YK8V/DULDL13Z3Oo/wlK4dgvDt7Q3lqcshu6ltON9zeX0Ac1WQe r8yLoY6KvoquDWcPJ+gQ1HbEwXfRaF/MWxNrf4D5OWHlv8SZIHdJSm6UVGMuuD7s yYlXm/AkA4ss1vpJec9G =2NYS -----END PGP SIGNATURE----- ####=====================================#### The 123's empty: ####=====================================#### -rw-r--r-- 1 root root 0 Oct 3 14:19 meta-core-upgrade-123 ####=====================================#### Also DNS changes to currently 8.8.8.8 as well as 1.1.1.1 or 81.3.27.54 (Lightning Wire Labs) did not bring any changes including restarts of unbound. Ping works - already stored in /etc/hosts for tests: ####=====================================#### ping pakfire.ipfire.org PING fw01.ipfire.org (81.3.27.38) 56(84) bytes of data. 64 bytes from 81.3.27.38 (81.3.27.38): icmp_seq=1 ttl=54 time=30.4 ms 64 bytes from 81.3.27.38 (81.3.27.38): icmp_seq=2 ttl=54 time=30.0 ms 64 bytes from 81.3.27.38 (81.3.27.38): icmp_seq=3 ttl=54 time=30.6 ms ####=====================================#### even a "rm meta-core-upgrade-123" with update afterwards didn't bring anything. ####=====================================#### root@ipfw(/opt/pakfire/db/meta):pakfire update Giving up: There was no chance to get the file "counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879" from any available server. There was an error on the way. Please fix it. Giving up: There was no chance to get the file "2.21/lists/server-list.db" from any available server. There was an error on the way. Please fix it. packages_list.db 100.00% |=============================>| 4.31 KB Giving up: There was no chance to get the file "lists/core-list.db" from any available server. There was an error on the way. Please fix it. ####=====================================#### Version in mine: ####=====================================#### /opt/pakfire/db/core):less mine 121 ####=====================================#### What more could I test or do to make it work? BR, Thomas
Is the time set correctly on the system? Does a simple "wget -O - https://www.ipfire.org" show you the HTML page?
Hey Michael, yes date and the HTML Welcome Site lookng good. I cant see any problems. BR, Thomas
I also saw these log lines on a system tonight: 01:27:05 pakfire: PAKFIRE INFO: Pakfire has finished. Closing. 01:27:05 pakfire: DOWNLOAD FINISHED: pakfire2/2.21-x86_64/lists/core-list.db 01:27:05 pakfire: DOWNLOAD INFO: Signature of core-list.db is fine. 01:27:05 pakfire: DOWNLOAD INFO: File received. Start checking signature... 01:27:05 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 200 - 200 OK 01:26:41 pakfire: DOWNLOAD INFO: pakfire2/2.21-x86_64/lists/core-list.db has size of 871 bytes 01:26:28 pakfire: PAKFIRE INFO: Pakfire has finished. Closing. 01:26:28 pakfire: DOWNLOAD FINISHED: pakfire2/2.21-x86_64/lists/core-list.db 01:26:28 pakfire: DOWNLOAD INFO: Signature of core-list.db is fine. 01:26:28 pakfire: DOWNLOAD INFO: File received. Start checking signature... 01:26:28 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 200 - 200 OK 01:26:28 pakfire: DOWNLOAD INFO: pakfire2/2.21-x86_64/lists/core-list.db has size of 871 bytes 01:26:28 pakfire: DOWNLOAD INFO: Logging in with: fw-[REDACTED] - [REDACTED] 01:26:28 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 01:26:28 pakfire: DOWNLOAD INFO: Host: ipfire.earl-net.com (HTTPS) - File: pakfire2/2.21-x86_64/lists/core-list.db 01:26:28 pakfire: PING INFO: ipfire.earl-net.com is alive 01:26:28 pakfire: MIRROR INFO: 27 servers found in list 01:26:28 pakfire: DOWNLOAD STARTED: lists/core-list.db 01:26:28 pakfire: CORE INFO: core-list.db is 79610 seconds old. - DEBUG: force 01:26:28 pakfire: DB INFO: packages_list.db is 15 seconds old. - DEBUG: noforce 01:26:28 pakfire: Giving up: There was no chance to get the file 2.21-x86_64/lists/server-list.db from any available server. There was an error on the way. Please fix it. 01:26:28 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't connect to pakfire.ipfire.org:80 (connect: Connection timed out) 01:26:13 pakfire: DOWNLOAD INFO: Logging in with: fw-[REDACTED] - [REDACTED] 01:26:13 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 01:26:13 pakfire: DOWNLOAD INFO: Host: mirror1.ipfire.org (HTTPS) - File: pakfire2/2.21-x86_64/lists/core-list.db 01:26:13 pakfire: PING INFO: mirror1.ipfire.org is alive 01:26:13 pakfire: MIRROR INFO: 27 servers found in list 01:26:13 pakfire: DOWNLOAD STARTED: lists/core-list.db 01:26:13 pakfire: CORE INFO: core-list.db is 79595 seconds old. - DEBUG: force 01:26:13 pakfire: DOWNLOAD FINISHED: pakfire2/2.21-x86_64/lists/packages_list.db 01:26:13 pakfire: DOWNLOAD INFO: Signature of packages_list.db is fine. 01:26:13 pakfire: DOWNLOAD INFO: File received. Start checking signature... 01:26:13 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 200 - 200 OK 01:26:13 pakfire: DOWNLOAD INFO: pakfire2/2.21-x86_64/lists/packages_list.db has size of 4387 bytes 01:26:13 pakfire: DOWNLOAD INFO: Logging in with: fw-[REDACTED] - [REDACTED] 01:26:13 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 01:26:13 pakfire: DOWNLOAD INFO: Host: mirror2.ipfire.org (HTTPS) - File: pakfire2/2.21-x86_64/lists/packages_list.db 01:26:13 pakfire: PING INFO: mirror2.ipfire.org is alive 01:26:13 pakfire: MIRROR INFO: 27 servers found in list 01:26:13 pakfire: DOWNLOAD STARTED: lists/packages_list.db 01:26:13 pakfire: DB INFO: packages_list.db is 79603 seconds old. - DEBUG: force 01:26:13 pakfire: Giving up: There was no chance to get the file 2.21-x86_64/lists/server-list.db from any available server. There was an error on the way. Please fix it. 01:26:13 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't connect to pakfire.ipfire.org:443 (connect: Connection timed out) 01:26:13 pakfire: DOWNLOAD INFO: 2.21-x86_64/lists/server-list.db has size of bytes 01:25:57 pakfire: DOWNLOAD INFO: Logging in with: fw-[REDACTED] - [REDACTED] 01:25:57 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 01:25:57 pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: 2.21-x86_64/lists/server-list.db 01:25:57 pakfire: DOWNLOAD STARTED: 2.21-x86_64/lists/server-list.db 01:25:57 pakfire: MIRROR INFO: server-list.db is 79594 seconds old. - DEBUG: force 01:25:49 pakfire: DOWNLOAD INFO: 2.21-x86_64/lists/server-list.db has size of 2368 bytes 01:25:19 pakfire: DOWNLOAD INFO: Logging in with: fw-[REDACTED] - [REDACTED] 01:25:19 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 01:25:19 pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: 2.21-x86_64/lists/server-list.db 01:25:19 pakfire: DOWNLOAD STARTED: 2.21-x86_64/lists/server-list.db 01:25:19 pakfire: MIRROR INFO: server-list.db is 79556 seconds old. - DEBUG: force 01:25:19 pakfire: PAKFIRE INFO: IPFire Pakfire 2.21-x86_64 started! 01:25:01 pakfire: CRON INFO: Waiting for 56 seconds. 01:25:01 pakfire: CRON INFO: Running an update 01:25:01 pakfire: PAKFIRE INFO: IPFire Pakfire 2.21-x86_64 started! However, a few hours later, everything works fine. Manual test done right now also result in correctly fetching the lists. I have no idea what went wrong here. @Michael: Thoughts on this? Thank you.
Hi, nothing's changed with me and the same message comes up. BR, Thomas
This seems to be a connectivity issue: 01:26:03 pakfire: DB INFO: packages_list.db is 79588 seconds old. - DEBUG: force 01:26:03 pakfire: Giving up: There was no chance to get the file 2.21-x86_64/lists/server-list.db from any available server. There was an error on the way. Please fix it. 01:26:03 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't connect to pakfire.ipfire.org:80 (connect: Connection timed out) 01:25:48 pakfire: DOWNLOAD INFO: 2.21-x86_64/lists/server-list.db has size of 2368 bytes It only happens occasionally on my systems and only ~ 01:00 CEST. At ~ 03:15 CEST, everything works fine.
The Same Problem top another Time. I cant find my actually problem where it is: Oct 8 20:10:19 ipfw-pcomu pakfire: PAKFIRE INFO: Pakfire has finished. Closing. Oct 8 20:10:33 ipfw-pcomu pakfire: PAKFIRE INFO: IPFire Pakfire 2.21 started! Oct 8 20:10:33 ipfw-pcomu pakfire: Sending my uuid: 96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 8 20:10:33 ipfw-pcomu pakfire: DOWNLOAD STARTED: counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 8 20:10:33 ipfw-pcomu pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 8 20:10:33 ipfw-pcomu pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowing which Certificate Authorities to trust Oct 8 20:10:33 ipfw-pcomu pakfire: Giving up: There was no chance to get the file counter.py?ver=2.21 Oct 8 20:10:33 ipfw-pcomu pakfire: MIRROR INFO: server-list.db is 3529777 seconds old. - DEBUG: force Oct 8 20:10:33 ipfw-pcomu pakfire: DOWNLOAD STARTED: 2.21/lists/server-list.db Oct 8 20:10:33 ipfw-pcomu pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: 2.21/lists/server-list.db
Neither Arne not I can reproduce this. Any idea what could influence this? Do you have any upstream proxies in use?
I have an upstream proxy (Squid 4.x) in use; since all other traffic works well, it would surprise me if this caused the issue. Systems NTP time is being monitored and does not show major skew.
Could we investigate from where this HTTP response is coming? Don't think that the web server here is doing that.
I cant find thus Problem. What can i do to make the Update manually? What meaning the systemlog with: Can't verify SSL peers without knowing which Certificate Authorities Oct 14 22:39:01 ipfw-pcomu pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowing which Certificate Authorities to trust Oct 14 22:39:01 ipfw-pcomu pakfire: Giving up: There was no chance to get the file lists/core-list.db from any available server. There was an error on the way. Please fix it. Oct 14 22:39:01 ipfw-pcomu pakfire: PAKFIRE INFO: Pakfire has finished. Closing. Oct 14 22:39:53 ipfw-pcomu pakfire: PAKFIRE INFO: IPFire Pakfire 2.21 started! Oct 14 22:39:53 ipfw-pcomu pakfire: Sending my uuid: 96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 14 22:39:53 ipfw-pcomu pakfire: DOWNLOAD STARTED: counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 14 22:39:53 ipfw-pcomu pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 14 22:39:54 ipfw-pcomu pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowing which Certificate Authorities to trust Oct 14 22:39:54 ipfw-pcomu pakfire: Giving up: There was no chance to get the file counter.py?ver=2.21 Oct 14 22:39:54 ipfw-pcomu pakfire: MIRROR INFO: server-list.db is 4057138 seconds old. - DEBUG: force Oct 14 22:39:54 ipfw-pcomu pakfire: DOWNLOAD STARTED: 2.21/lists/server-list.db Oct 14 22:39:54 ipfw-pcomu pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: 2.21/lists/server-list.db
I have the exact same problem. I described it on the forum : https://forum.ipfire.org/viewtopic.php?p=119648#p119648 Logs : 13:49:18 pakfire: PAKFIRE INFO: IPFire Pakfire 2.21-x86_64 started! 13:49:18 pakfire: Sending my uuid: e6d47317-174d-47f7-a382-0d98d2e64055 13:49:18 pakfire: DOWNLOAD STARTED: counter.py?ver=2.21-x86_64&uuid=e6d47317-174d-47f7-a382-0d98d 2e64055 13:49:18 pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: counter.py?ver=2.21-x86_ 64&uuid=e6d47317-174d-47f7-a382-0d98d2e64055 13:49:18 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowi ng which Certificate Authorities to trust 13:49:18 pakfire: Giving up: There was no chance to get the file counter.py?ver=2.21-x86_64 13:49:18 pakfire: MIRROR INFO: server-list.db is 4182165 seconds old. - DEBUG: force 13:49:18 pakfire: DOWNLOAD STARTED: 2.21-x86_64/lists/server-list.db 13:49:18 pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: 2.21-x86_64/lists/server -list.db 13:49:18 pakfire: DOWNLOAD INFO: 2.21-x86_64/lists/server-list.db has size of bytes 13:49:18 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowi ng which Certificate Authorities to trust 13:49:18 pakfire: Giving up: There was no chance to get the file 2.21-x86_64/lists/server-list.db from any available server. There was an error on the way. Please fix it. 13:49:18 pakfire: DB INFO: packages_list.db is 35789 seconds old. - DEBUG: force 13:49:18 pakfire: DOWNLOAD STARTED: lists/packages_list.db 13:49:18 pakfire: MIRROR INFO: 32 servers found in list 13:49:19 pakfire: PING INFO: mirror.onesystems.ch is alive 13:49:19 pakfire: DOWNLOAD INFO: Host: mirror.onesystems.ch (HTTPS) - File: ipfire/pakfire2/2.19- x86_64/lists/packages_list.db 13:49:19 pakfire: DOWNLOAD INFO: ipfire/pakfire2/2.19-x86_64/lists/packages_list.db has size of bytes 13:49:19 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowi ng which Certificate Authorities to trust 13:49:19 pakfire: Giving up: There was no chance to get the file lists/packages_list.db from any available server. There was an error on the way. Please fix it. 13:49:19 pakfire: CORE INFO: core-list.db is 35789 seconds old. - DEBUG: force 13:49:19 pakfire: DOWNLOAD STARTED: lists/core-list.db 13:49:19 pakfire: MIRROR INFO: 32 servers found in list 13:49:19 pakfire: PING INFO: mirror.ictec.it is alive 13:49:19 pakfire: DOWNLOAD INFO: Host: mirror.ictec.it (HTTP) - File: ipfire/pakfire2/2.19-x86_64 /lists/core-list.db 13:49:20 pakfire: DOWNLOAD INFO: ipfire/pakfire2/2.19-x86_64/lists/core-list.db has size of 233 b ytes 13:49:20 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 200 - 200 OK 13:49:20 pakfire: DOWNLOAD INFO: File received. Start checking signature... 13:49:20 pakfire: DOWNLOAD INFO: Signature of core-list.db is fine. 13:49:20 pakfire: DOWNLOAD FINISHED: ipfire/pakfire2/2.19-x86_64/lists/core-list.db 13:49:20 pakfire: PAKFIRE INFO: Pakfire has finished. Closing.
Hey @ all fyi: https://forum.ipfire.org/viewtopic.php?f=17&t=21556 in this thread here you can find a litte bit more information (in german) about my problem.
I can confirm something is going wrong with Pakfire behind an upstream proxy (at least after updating to Core 124) indeed. Log records look like proxy settings are not applied correctly: 20:38:16 pakfire: PAKFIRE INFO: Pakfire has finished. Closing. 20:38:16 pakfire: DOWNLOAD FINISHED: pub/ipfire/pakfire2/2.21-x86_64/lists/core-list.db 20:38:16 pakfire: DOWNLOAD INFO: Signature of core-list.db is fine. 20:38:16 pakfire: DOWNLOAD INFO: File received. Start checking signature... 20:38:16 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 200 - 200 OK 20:38:15 pakfire: DOWNLOAD INFO: pub/ipfire/pakfire2/2.21-x86_64/lists/core-list.db has size of 871 bytes 20:38:15 pakfire: DOWNLOAD INFO: Logging in with: [REDACTED] - [REDACTED] 20:38:15 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 20:38:15 pakfire: DOWNLOAD INFO: Host: mirror.lightningwirelabs.com (HTTPS) - File: pub/ipfire/pakfire2/2.21-x86_64/lists/core-list.db 20:38:15 pakfire: MIRROR INFO: 25 servers found in list 20:38:15 pakfire: DOWNLOAD STARTED: lists/core-list.db 20:38:15 pakfire: CORE INFO: core-list.db is 182912 seconds old. - DEBUG: force 20:38:15 pakfire: Giving up: There was no chance to get the file lists/packages_list.db from any available server. There was an error on the way. Please fix it. 20:38:15 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't connect to ftp.nluug.nl:443 (connect: Connection timed out) 20:38:00 pakfire: DOWNLOAD INFO: os/Linux/distr/ipfire/pakfire2/2.21-x86_64/lists/packages_list.db has size of bytes 20:37:44 pakfire: DOWNLOAD INFO: Logging in with: [REDACTED] - [REDACTED] 20:37:44 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 20:37:44 pakfire: DOWNLOAD INFO: Host: ftp.nluug.nl (HTTPS) - File: os/Linux/distr/ipfire/pakfire2/2.21-x86_64/lists/packages_list.db 20:37:44 pakfire: MIRROR INFO: 25 servers found in list 20:37:44 pakfire: DOWNLOAD STARTED: lists/packages_list.db 20:37:44 pakfire: DB INFO: packages_list.db is 157516 seconds old. - DEBUG: force 20:37:44 pakfire: DOWNLOAD FINISHED: 2.21-x86_64/lists/server-list.db 20:37:44 pakfire: DOWNLOAD INFO: Signature of server-list.db is fine. 20:37:44 pakfire: DOWNLOAD INFO: File received. Start checking signature... 20:37:44 pakfire: DOWNLOAD INFO: HTTP-Status-Code: 200 - 200 OK 20:37:44 pakfire: DOWNLOAD INFO: 2.21-x86_64/lists/server-list.db has size of 2236 bytes 20:37:43 pakfire: DOWNLOAD INFO: Logging in with: [REDACTED] - [REDACTED] 20:37:43 pakfire: DOWNLOAD INFO: Upstream proxy: [REDACTED]:3128 20:37:43 pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: 2.21-x86_64/lists/server-list.db 20:37:43 pakfire: DOWNLOAD STARTED: 2.21-x86_64/lists/server-list.db 20:37:43 pakfire: MIRROR INFO: server-list.db is 58200 seconds old. - DEBUG: force 20:37:43 pakfire: PAKFIRE INFO: IPFire Pakfire 2.21-x86_64 started! Surprisingly, Pakfire closes with a success message even the package list could not be fetched correctly.
https://patchwork.ipfire.org/patch/1956/ fixes this problem for systems behind upstream proxies.
Hey Peter, thank you for these lines. I will Test & report it at the next Weekend. Good night.
Oh, this Patch is not for me. I have no Proxy active.
Hello, i find a new fail messages into my tcpdump. :tcpdump -vvv -i red0 dst port 80: ####=====================================#### 09:46:20.798061 IP (tos 0x0, ttl 64, id 50065, offset 0, flags [none], proto TCP (6), length 52) 192.168.YYY.ZZZ.49679 > 81.3.27.38.http: Flags [F.], cksum 0x2f02 (incorrect -> 0x2654), seq 178, ack 174, win 237, options [nop,nop,TS val 487596818 ecr 85315067], length 0 09:46:21.044170 IP (tos 0x0, ttl 64, id 50114, offset 0, flags [none], proto TCP (6), length 60) 192.168.YYY.ZZZ.49680 > 81.3.27.38.http: Flags [S], cksum 0x2f0a (incorrect -> 0x298b), seq 3326391415, win 29200, options [mss 1460,sackOK,TS val 487596892 ecr 0,nop,wscale 7], length 0 09:46:21.073278 IP (tos 0x0, ttl 64, id 50115, offset 0, flags [none], proto TCP (6), length 52) 192.168.YYY.ZZZ.49680 > 81.3.27.38.http: Flags [.], cksum 0x2f02 (incorrect -> 0xc5fd), seq 3326391416, ack 2921627938, win 229, options [nop,nop,TS val 487596901 ecr 85315343], length 0 09:46:21.073721 IP (tos 0x0, ttl 64, id 50116, offset 0, flags [none], proto TCP (6), length 195) 192.168.YYY.ZZZ.49680 > 81.3.27.38.http: Flags [P.], cksum 0x2f91 (incorrect -> 0x8e50), seq 0:143, ack 1, win 229, options [nop,nop,TS val 487596901 ecr 85315343], length 143: HTTP, length: 143 HEAD /2.21/lists/server-list.db HTTP/1.1 TE: deflate,gzip;q=0.3 Connection: TE, close Host: pakfire.ipfire.org User-Agent: Pakfire/2.21 09:46:21.109494 IP (tos 0x0, ttl 64, id 50127, offset 0, flags [none], proto TCP (6), length 52) 192.168.YYY.ZZZ.49680 > 81.3.27.38.http: Flags [F.], cksum 0x2f02 (incorrect -> 0xc4ae), seq 143, ack 138, win 237, options [nop,nop,TS val 487596912 ecr 85315378], length 0 09:46:21.315020 IP (tos 0x0, ttl 64, id 50178, offset 0, flags [none], proto TCP (6), length 60) 192.168.YYY.ZZZ.49681 > 81.3.27.38.http: Flags [S], cksum 0x2f0a (incorrect -> 0x32fc), seq 3999105691, win 29200, options [mss 1460,sackOK,TS val 487596973 ecr 0,nop,wscale 7], length 0 09:46:21.342448 IP (tos 0x0, ttl 64, id 50182, offset 0, flags [none], proto TCP (6), length 52) 192.168.YYY.ZZZ.49681 > 81.3.27.38.http: Flags [.], cksum 0x2f02 (incorrect -> 0xd40b), seq 3999105692, ack 1651033910, win 229, options [nop,nop,TS val 487596981 ecr 85315611], length 0 09:46:21.343053 IP (tos 0x0, ttl 64, id 50183, offset 0, flags [none], proto TCP (6), length 194) 192.168.YYY.ZZZ.49681 > 81.3.27.38.http: Flags [P.], cksum 0x2f90 (incorrect -> 0xab81), seq 0:142, ack 1, win 229, options [nop,nop,TS val 487596982 ecr 85315611], length 142: HTTP, length: 142 GET /2.21/lists/server-list.db HTTP/1.1 TE: deflate,gzip;q=0.3 Connection: TE, close Host: pakfire.ipfire.org User-Agent: Pakfire/2.21 09:46:21.372703 IP (tos 0x0, ttl 64, id 50189, offset 0, flags [none], proto TCP (6), length 52) 192.168.YYY.ZZZ.49681 > 81.3.27.38.http: Flags [F.], cksum 0x2f02 (incorrect -> 0xd2c4), seq 142, ack 138, win 237, options [nop,nop,TS val 487596990 ecr 85315641], length 0 09:46:22.198260 IP (tos 0x0, ttl 127, id 27279, offset 0, flags [DF], proto TCP (6), length 41) 192.168.YYY.ZZZ.63230 > ip5886b629.dynamic.kabel-deutschland.de.http: Flags [.], cksum 0xb843 (correct), seq 1033665349:1033665350, ack 1752044190, win 64240, length 1: HTTP 09:46:32.229706 IP (tos 0x0, ttl 127, id 27294, offset 0, flags [DF], proto TCP (6), length 41) 192.168.YYY.ZZZ.63230 > ip5886b629.dynamic.kabel-deutschland.de.http: Flags [.], cksum 0xb843 (correct), seq 0:1, ack 1, win 64240, length 1: HTTP ####=====================================#### The sourcepoint is: ####=====================================#### inetnum: 81.3.27.32 - 81.3.27.63 netname: IPFIRE-ORG-NET descr: visit www.ipfire.org country: DE admin-c: MT15803-RIPE tech-c: MT15803-RIPE status: ASSIGNED PA mnt-by: SSERV-MNT created: 2016-01-19T10:15:52Z last-modified: 2016-01-19T10:15:52Z source: RIPE I think this is my Problem.
*What* is the problem in that dump? I do not see anything suspicious...
The patch given on comment #14 didn't solve the problem for us (although our ipfire isn't behind a proxy). Still have "HTTP-Status-Code: 500" error.
As far as I am concerned, we are dealing with two different problems here: (a) IPFire systems do not apply proxy settings correctly if behind an upstream proxy. (b) In some other scenarios, users experience a 500 server error. This looks more like an upstream problem on the main mirror to me.
Hi Michael, i don't now! But my general Problem is this messages: ####=====================================#### Oct 22 11:47:29 ipfw pakfire: PAKFIRE INFO: IPFire Pakfire 2.21 started! Oct 22 11:47:29 ipfw pakfire: Sending my uuid: 96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 22 11:47:29 ipfw pakfire: DOWNLOAD STARTED: counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 22 11:47:29 ipfw pakfire: DOWNLOAD INFO: Host: pakfire.ipfire.org (HTTP) - File: counter.py?ver=2.21&uuid=96b13752-49b9-4abd-a8e6-b3439a72c879 Oct 22 11:47:29 ipfw pakfire: DOWNLOAD INFO: HTTP-Status-Code: 500 - 500 Can't verify SSL peers without knowing which Certificate Authorities to trust Oct 22 11:47:29 ipfw pakfire: Giving up: There was no chance to get the file counter.py?ver=2.21 ####=====================================#### for more inputs see here: https://forum.ipfire.org/viewtopic.php?f=17&p=119733&sid=2eb69d68503165ec4183513e11acaebf#p119733 I don't know where and what else I can check. Maybe someone else knows what else I can do to test the ssl test.
Hi, i think i have solved my Problem: https://forum.ipfire.org/viewtopic.php?f=17&t=21556&p=119838#p119838 (in german) it was my Perl /usr/lib/perl5/site_perl/5.28.0/LWP/UserAgent.pm I set the checkvalue to: $ssl_opts->{verify_hostname} = 0; The Download it is now okay! this perlversion came from my postfix smtp proxy installation. But, my openssl.cnf has a missmatch btw. cnf file and destinationsfolder, these are empty - exept: index.txt and serial ####=====================================#### /var/ipfire/certs):ls -al total 12 drwxr-xr-x 2 nobody nobody 4096 Oct 16 2014 . drwxr-xr-x 51 root root 4096 Aug 22 19:50 .. -rw-r--r-- 1 nobody nobody 0 Oct 16 2014 index.txt -rw-r--r-- 1 nobody nobody 3 Oct 16 2014 serial
(In reply to 5p9 from comment #22) > Hi, > > i think i have solved my Problem: > https://forum.ipfire.org/viewtopic.php?f=17&t=21556&p=119838#p119838 (in > german) > > it was my Perl /usr/lib/perl5/site_perl/5.28.0/LWP/UserAgent.pm > > I set the checkvalue to: $ssl_opts->{verify_hostname} = 0; This is dangerous since it disables hostname verification for certificates! Do not do this! > The Download it is now okay! > > this perlversion came from my postfix smtp proxy installation. > But, my openssl.cnf has a missmatch btw. cnf file and destinationsfolder, > these are empty - exept: index.txt and serial > > ####=====================================#### > /var/ipfire/certs):ls -al > total 12 > drwxr-xr-x 2 nobody nobody 4096 Oct 16 2014 . > drwxr-xr-x 51 root root 4096 Aug 22 19:50 .. > -rw-r--r-- 1 nobody nobody 0 Oct 16 2014 index.txt > -rw-r--r-- 1 nobody nobody 3 Oct 16 2014 serial Okay, so I assume this was an ERRATA and will close the issue. Feel free to reopen if I am wrong. Downloading updates behind a proxy still is not working, but I will file this in a separate bug.