Software-update: OPNsense 25.1.1
Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, OpenVPN, IPsec, CARP en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars achter OPNsense hebben de eerste update voor versie 25.1 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.
OPNsense 25.1.1 releasedHere we are with further refinements to 25.1 and it is lookingpretty well so far. Included are the recent FreeBSD securityadvisories and the OpenSSL 3.0.16 which came out just yesterday.The roadmap for 25.7 is being worked on at the moment and shouldbe ready for publication next week / release.
system: exclude pchtherm thresholds temperature thresholdssystem: regression in groupAllowed() as values are now comma-separatedsystem: update button wording on new HA status pagereporting: fix missing typecast in epoch range for DNS statisticsinterfaces: fix undefined array key warnings in DHCP client setup (contributed by Ben Smithurst)interfaces: remove "hellotime" configuration leftover of recent bridge cleanupfirmware: opnsense-update: fix failure to clean up the working directoryfirmware: opnsense-update: support -B and -K with -c option checkfirmware: opnsense-update: let -u skip already installed packages setfirmware: kernel may not be pending so be sure to check on upgrade attemptfirmware: add an upgrade test for wrong pkg repositoryfirmware: revoke 24.7 fingerprintcaptive portal: fix missing class importcaptive portal: partially revert new lighttpd TLS defaultsipsec: fix glob pattern for advanced configuration bannermonit: revert "wrap exec in double quotes to allow arguments"ui: reverted style changes only relevant for the development versionui: header image scaling fixes in default light themeui: remove right border from "aside" element in default dark themeplugins: os-caddy 1.8.2plugins: os-crowdsec 1.0.9plugins: os-ddclient 1.27src: pf: send ICMP destination unreachable fragmentation needed when appropriatesrc: pfil: set PFIL_FWD for IPv4 forwardingsrc: if_vxlan: use static initializerssrc: if_vxlan: prefer SYSCTL_INT over TUNABLE_INTsrc: if_vxlan: Invoke vxlan_stop event handler only when the interface is configuredsrc: pf: force logging if pf_create_state() failssrc: tarfs: fix the size of struct tarfs_fid and add a static assertsrc: ext2fs: fix the size of struct ufid and add a static assertsrc: cd9660: make sure that struct ifid fits in generic filehandle structuresrc: tzdata: import tzdata 2025asrc: audit: fix short-circuiting in syscallenter()src: ktrace: fix uninitialized memory disclosure]src: netinet: enter epoch in garp_rexmit()ports: curl 8.12.0ports: monit 5.34.4ports: openssl 3.0.16ports: pcre2 10.45ports: php 8.3.16
system: exclude pchtherm thresholds temperature thresholdssystem: regression in groupAllowed() as values are now comma-separatedsystem: update button wording on new HA status pagereporting: fix missing typecast in epoch range for DNS statisticsinterfaces: fix undefined array key warnings in DHCP client setup (contributed by Ben Smithurst)interfaces: remove "hellotime" configuration leftover of recent bridge cleanupfirmware: opnsense-update: fix failure to clean up the working directoryfirmware: opnsense-update: support -B and -K with -c option checkfirmware: opnsense-update: let -u skip already installed packages setfirmware: kernel may not be pending so be sure to check on upgrade attemptfirmware: add an upgrade test for wrong pkg repositoryfirmware: revoke 24.7 fingerprintcaptive portal: fix missing class importcaptive portal: partially revert new lighttpd TLS defaultsipsec: fix glob pattern for advanced configuration bannermonit: revert "wrap exec in double quotes to allow arguments"ui: reverted style changes only relevant for the development versionui: header image scaling fixes in default light themeui: remove right border from "aside" element in default dark themeplugins: os-caddy 1.8.2plugins: os-crowdsec 1.0.9plugins: os-ddclient 1.27src: pf: send ICMP destination unreachable fragmentation needed when appropriatesrc: pfil: set PFIL_FWD for IPv4 forwardingsrc: if_vxlan: use static initializerssrc: if_vxlan: prefer SYSCTL_INT over TUNABLE_INTsrc: if_vxlan: Invoke vxlan_stop event handler only when the interface is configuredsrc: pf: force logging if pf_create_state() failssrc: tarfs: fix the size of struct tarfs_fid and add a static assertsrc: ext2fs: fix the size of struct ufid and add a static assertsrc: cd9660: make sure that struct ifid fits in generic filehandle structuresrc: tzdata: import tzdata 2025asrc: audit: fix short-circuiting in syscallenter()src: ktrace: fix uninitialized memory disclosure]src: netinet: enter epoch in garp_rexmit()ports: curl 8.12.0ports: monit 5.34.4ports: openssl 3.0.16ports: pcre2 10.45ports: php 8.3.16
Source:
Tweakers.net