Software-update: OPNsense 23.7.11
Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, openvpn, ipsec, carp en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars hebben OPNsense 23.7.11 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.
The final test phase for 24.1 is starting just as 23.7 strechtes towardsits inevitable end of life. At the moment it is unlcear if this releasewill be the last one or not so we shall refrain from stating something thatmay not be true in the coming weeks.Of special note is the Python rewrite of the relevant FreeBSD certctl toolbits that are needed to register certificates in the system. It should beabout 30 times faster now than it was before.
system: implement relevant certctl tool functionality in Python to increase performancesystem: fix log severity selector (contributed by kulikov-a)system: include IPv6 link-local interface addresses for web GUI and OpenSSH (contributed by Maurice Walker)system: update cron and gateways modelinterfaces: obey menu group sequence when specifiedfirewall: fix traceback in OpenVPN group alias due to wrong return typefirewall: fix missing physical_interface() in shaper templatedhcp: cache backend action "interface list macdb" to increase responsivenessdhcp: allow saving with invalid range when IPv4 server is disableddhcp: do not clobber $range_to / $range_from with the legacy test for lower 64 bit only inputfirmware: opnsense-update: avoid rewriting .cshrc and .profile files on base set updatesfirmware: add audit messages for relevant API actionsfirmware: implement "always reboot" optionfirmware: add unlocked mode to launcher scriptfirmware: use pluggable package repository scriptslang: assorted language updatesnetwork time: prevent the service from listening on a wildcard when selecting specific interfaces (contributed by doktornotor)openvpn: add virtual IPv6 address to widget and status page (contributed by cs-1)openvpn: consider clients missing CARP VHID as disabledunbound: replace JustDomains with Firebog blocklists (contributed by Amy Nagle)unbound: update root hintsplugins: os-acme-client 3.20plugins: os-ddclient 1.19plugins: os-wireguard 2.6ports: curl 8.5.0ports: nss 3.95ports: php 8.2.14ports: py-netaddr 0.10.0ports: squid 6.6ports: sudo 1.9.15p4
system: implement relevant certctl tool functionality in Python to increase performancesystem: fix log severity selector (contributed by kulikov-a)system: include IPv6 link-local interface addresses for web GUI and OpenSSH (contributed by Maurice Walker)system: update cron and gateways modelinterfaces: obey menu group sequence when specifiedfirewall: fix traceback in OpenVPN group alias due to wrong return typefirewall: fix missing physical_interface() in shaper templatedhcp: cache backend action "interface list macdb" to increase responsivenessdhcp: allow saving with invalid range when IPv4 server is disableddhcp: do not clobber $range_to / $range_from with the legacy test for lower 64 bit only inputfirmware: opnsense-update: avoid rewriting .cshrc and .profile files on base set updatesfirmware: add audit messages for relevant API actionsfirmware: implement "always reboot" optionfirmware: add unlocked mode to launcher scriptfirmware: use pluggable package repository scriptslang: assorted language updatesnetwork time: prevent the service from listening on a wildcard when selecting specific interfaces (contributed by doktornotor)openvpn: add virtual IPv6 address to widget and status page (contributed by cs-1)openvpn: consider clients missing CARP VHID as disabledunbound: replace JustDomains with Firebog blocklists (contributed by Amy Nagle)unbound: update root hintsplugins: os-acme-client 3.20plugins: os-ddclient 1.19plugins: os-wireguard 2.6ports: curl 8.5.0ports: nss 3.95ports: php 8.2.14ports: py-netaddr 0.10.0ports: squid 6.6ports: sudo 1.9.15p4
Source:
Tweakers.net