To help, we should know your configuration. Especially the firewall rules and activated ISP rules.
At the moment ( till CU166 ) I would recommend to solve the problem in the running system. The generation of the backup files is not really working ( many files are not saved, cf. bugzilla #12817 ).
After running the install of 164 from the web interface, the browser screen went blank and I expected it to reconnect but it didnt, refreshing the screen after 30 mins did nothing.
Attaching a screen & keyboard and rebooting I can see IP fire start up with all Green OK’s but with 2 messages that i do not know if they happen usually
Error Resolving 1.ipfire.pool.ntp.org Name or service not known(-2)
I can log in as root
Setup
Red is a router connected to the internet
Green goes to a switch and a router is also connected to the switch and providing wireless
I can connect to the router on Green from within the network but not the router on Red
I am not skilled in the command line so cant easily see my firewall rules but they are not that complicated, Several devices are excluded from the internet Most and get through.,
I use DHCP & have configured DNS
Sorry to be vague but it has been running well and I havent had to look at rules for several Months.
Do you have any thoughts, or should I just relaod and if the backup wont restore just rebuild?
I ran into exactly the same issue when I upgraded to 164. My solution involved turning off IPS. I found that when I disconnected the red interface and rebooted from the console, I could access the web interface on the green network. I took me 4 hrs, but I eventually found that the IPS was, for lack of a better description, blocking everything on the green interface. I hope this helps.
I certainly found that helped. And disconnecting Red and rebooting did bring the Web interface back.
But disabling Intrusion protection didnt seem to have a lot of affect, I reconnected Red re booted and lost the web interface again .
So I decided to install Core 164, that worked fine, then i restored my backup from 163 which appeared to work, rebooted and web interface disappeared.
So now i have reinstalled 164 again and am rebuilding the firewall manually.
Also looking for good ways to clone a working system as a restore point
I always use this method ( clone ) via dd command & live installer.
It does take more time than a back-up, but this method is 100% reliable.
I tried several ways from temporary drive added to clone to. Dd need about 10 minutes to complete.
Tried with a permanent drive. dd to compress image via zstd take 4 hours achiving 70% compression at -16 resize img from 74 g to 46 g. With core 165 will try dd to img
Used for longest time dd to usb drive, with about 40 minutes to complete.
My source drive is 74G.
Pc is thinkstation ( core 2 ) @ 2.4
So if you want to clone a large drive … it might be time consuming … unless you have sdd drives.
Side note : i wish dev would reconsider btrfs, om my other linux it resume to a snapshot in less then 20 seconds using 3 commands ( list (view existing snapshots), delete {removes oldest snapshot} and snapshot (to create a new snapshot). It make’s my life so easy …
for the records: There is one caveat about cloned IPFire installations, as they already have HTTPS and SSH keys generated. Some months ago, we learned about an entity deploying dozens of IPFire installations - all cloned from the same image, hence all coming with the same cryptographic material. Getting this mess fixed is now a PITA deluxe, I can tell.
Therefore, if IPFire’s implemented backup functionalities do not fulfill your needs, doing cloning for backups is fine, but only if you are not going to restore more than one system from that image.
Well, at the moment, I am rather pessimistic that this will land in IPFire in the foreseeable future. For quite some time now, we are facing severe capacity constraints, with less than ten people maintaining IPFire 2.x, all having a full-time job (and some family life and/or partners) beside that. This is also why no progress regarding IPFire 3.x was made in the recent time, which I consider the top priority aside from keeping IPFire 2.x maintained at the moment.
If anybody is willing to contribute manpower to the project, we would be more than happy to have it.
