Home

Software-update: OPNsense 24.1.4

Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, OpenVPN, IPsec, CARP en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars hebben OPNsense 24.1.3 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.

OPNsense 24.1.4 released

Suricata and Unbound have been updated to their latest versions. Support for dynamic DNS VTI connections has also been added amongst other things. We would like to thank Cedrik Pischem (Monviech) for upstreaming his Caddy plugin to the official packages. If you already have this plugin installed no further action has to be taken and updates should proceed through the standard firmware channel from now on. Documentation for it was added to the manual as well.

For 24.7, we are currently working on a DHCP-Relay replacement, a rewrite of the trust section in MVC as well as a new dashboard implementation. It has been busy and we will keep it that way.

Here are the full patch notes:
  • system: allow 0 length voucher passwords in authentication server
  • system: merge static logging settings into existing MVC page
  • system: fix handling of empty "serialusb" node set during import
  • system: prevent empty "user" node to crash during boot
  • interfaces: prevent modal x-axis overflow on packet capture page
  • firewall: refactor schedule matching and fix an end-of-the-month bug
  • firewall: fix incorrect packet counters statistics collection
  • intrusion detection: align performValidation()->count() to use count() instead
  • ipsec: optionally hook VTI tunnel configuration to connection up event to support dynamic DNS
  • isc-dhcp: do not add interfaces for non-Ethernet types to relaying
  • kea-dhcp: add domain-search, time-servers and static-routes client options to subnet configuration
  • openvpn: various improvements for TAP servers
  • wireguard: migrate non-netmask allowed IP entries and enforce them in validation
  • wireguard: show proper names when public keys overlap between instances
  • mvc: fix PHP_FLOAT_MIN being unreliable
  • mvc: Add simple Message class and remove the previous Phalcon dependency
  • mvc: refactor HostnameField, remove HostValidator dependency and add unit test
  • mvc: add new static Autoconf class to access information collected by ifctl
  • mvc: fix rewind() stream not supporting seeking error
  • mvc: add copy of our html_safe() and use it in the translator
  • ui: adjust margin of hr elements to match __mX helpers
  • ui: add a button to allow textarea style edits of free-form tokenizers
  • ui: when an error is raised make sure it is always visible
  • ui: fix copy/paste buttons not showing for tokenizers in some situations
  • plugins: os-bind 1.30
  • plugins: os-caddy 1.5.2
  • ports: expat 2.6.1
  • ports: libpfctl 0.10
  • ports: nss 3.98
  • ports: phalcon 5.6.2
  • ports: sqlite 3.45.1
  • ports: suricata 7.0.4
  • ports: unbound 1.19.3

    • Source: Tweakers.net

    Previous

    Next