Afgelopen weekeinde is versie 1.3.2 van M0n0wall verschenen. M0n0wall is een uitgebreid en zeer compleet opensource-firewallpakket, gemaakt voor pc's en embedded computers. Het is gebaseerd op een bare-bones-versie van FreeBSD 6.2 en maakt gebruik van een webserver en php voor configuratie. Een installatie heeft minder dan 12MB nodig en past dus prima op een compact flash-kaartje. Hieronder is te vinden wat er sinds de vorige vermelding in Meuktracker in het programma is veranderd:
Changes in version 1.32:Changes in version 1.31:
- Add kernel patch for vr(4) lockups after link flaps (e.g. on ALIX boards)
- Make motherboard monitor off by default, and switchable in advanced/misc
- Allow both a v4 and a v6 entry for the same host in DNS forwarder overrides
- Fix nameserver handling when IPv6 PPP WAN is enabled
- Fix auto suggested IPv6 address
- Add wildcard information text for DNS forwarder
- Add Fahrenheit support for system temperatures
- Add support for DNS forwarder wildcard, use * as hostname
- Add SixXS interface to traffic graph
- Fix IPv6 link local filter rule
- Fix DHCPv4 having IPv6 address inserted in dhcpd.conf
Changes in version 1.3:
- IPv6 improvements
- Allow IPv6 addresses for domain overrides in DNS forwarder
- Added 'strict order' to DNS forwarder (useful when using SixXS DNS)
- Initial support for AYIYA for SixXS tunnels
- Fix for DHCPv6 firewall rules
- Allow link-local addresses to communicate
- Allow input of DUID in MAC address field of a DHCPv6 reservation
- DHCPv6 reservations are now also added to DHCPv4
- Fix to WAN DHCP (release/renew button)
- Added option to disable spoof check on bridge (use to enable non-m0n0wall DHCP servers and/or multicast traffic)
- Added system fans/temperature monitoring on status page – should work on a reasonable set of PC hardware (but not on Soekris/PC Engines boards)
- Improved handling of accesses to pages that the user is not authorized for
- Added fix for OpenSSL session renegotiation vulnerability
- Added patch to ISC-DHCP to rewrite lease file every 5 minutes (reduce growth rate and occurrence of MFS exhaustion)
- WARNING: this version (any platform) no longer fits on 8 MB CF cards! (>= 16 MB required)
- When upgrading from generic-pc 1.2x, you must install 1.3b7 first before you install this image. Other platforms are not affected.
- Fixed DHCP server "deny unknown clients" option with known clients without a statically assigned IP address
- Fixed a security issue in the DHCP client (CVE-2009-0692)