Software-update: OPNsense 24.7.11
Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, OpenVPN, IPsec, CARP en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars hebben OPNsense 24.7.11 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.
OPNsense 24.7.11 releasedThis is a minor update all things considered, but it does bring you the long sought after Tailscale plugin courtesy of Sheridan Computers. Suricata is also updated to its latest version to fix a couple of CVEs.
In other news, 25.1 will contain FreeBSD 14.2 which will be available for BETA preview using images later this week as well. The 25.1-BETA will also include a rewritten theme (light and dark) using the new OPNsense logo already being used in the documentation. It also has MVC/API support for the user and group management plus more you can always find on the roadmap in detail.
Here are the full patch notes:system: show multiple SAN entries when supplied by the certificatesystem: traffic dashboard widget should persist interface identifierssystem: reset dashboard widget options to the default if none of the options matchsystem: mismatch in returned "change" attribute for route togglesystem: suppress XML parse errors in announcement widget when forum is unreachablesystem: catch PHP errors for Google Drive backupssystem: ignore plugins_interfaces() errors in write_config()system: fix snapshot ACLinterfaces: reload GUI in the backgroundfirewall: remove faulty PPP exclusion in scrubbing rule creationdhcp: allow radvd to use /128 CARP VIP as sourcefirmware: add "configctl firmware changelog current" backend commandfirmware: refactor lock/unlock scripts using new output helpersfirmware: opnsense-code: support for origin selection during upgrade modefirmware: opnsense-patch: improve patch behaviour for non-default account/repositories combinationsipsec: remove hashing algorithm from null cipherunbound: make OpenSSL bundle workaround permanentmvc: last batch of sessionClose() cleanups in controllersmvc: call initialize() after authenticationmvc: normalize multiple slashes in pathsplugins: os-caddy 1.7.6plugins: os-ddclient 1.26plugins: os-nut 1.9plugins: os-qemu-guest-agent 1.3plugins: os-tailscale 1.0 (contributed by Sheridan Computers)plugins: os-telegraf 1.12.12ports: monit 5.34.3ports: suricata 7.0.8
system: show multiple SAN entries when supplied by the certificatesystem: traffic dashboard widget should persist interface identifierssystem: reset dashboard widget options to the default if none of the options matchsystem: mismatch in returned "change" attribute for route togglesystem: suppress XML parse errors in announcement widget when forum is unreachablesystem: catch PHP errors for Google Drive backupssystem: ignore plugins_interfaces() errors in write_config()system: fix snapshot ACLinterfaces: reload GUI in the backgroundfirewall: remove faulty PPP exclusion in scrubbing rule creationdhcp: allow radvd to use /128 CARP VIP as sourcefirmware: add "configctl firmware changelog current" backend commandfirmware: refactor lock/unlock scripts using new output helpersfirmware: opnsense-code: support for origin selection during upgrade modefirmware: opnsense-patch: improve patch behaviour for non-default account/repositories combinationsipsec: remove hashing algorithm from null cipherunbound: make OpenSSL bundle workaround permanentmvc: last batch of sessionClose() cleanups in controllersmvc: call initialize() after authenticationmvc: normalize multiple slashes in pathsplugins: os-caddy 1.7.6plugins: os-ddclient 1.26plugins: os-nut 1.9plugins: os-qemu-guest-agent 1.3plugins: os-tailscale 1.0 (contributed by Sheridan Computers)plugins: os-telegraf 1.12.12ports: monit 5.34.3ports: suricata 7.0.8
Source:
Tweakers.net