Software-update: M0n0wall 1.3.2

Afgelopen weekeinde is versie 1.3.2 van M0n0wall verschenen. M0n0wall is een uitgebreid en zeer compleet opensource-firewallpakket, gemaakt voor pc's en embedded computers. Het is gebaseerd op een bare-bones-versie van FreeBSD 6.2 en maakt gebruik van een webserver en php voor configuratie. Een installatie heeft minder dan 12MB nodig en past dus prima op een compact flash-kaartje. Hieronder is te vinden wat er sinds de vorige vermelding in Meuktracker in het programma is veranderd:

Changes in version 1.32:

• Add kernel patch for vr(4) lockups after link flaps (e.g. on ALIX boards)
• Make motherboard monitor off by default, and switchable in advanced/misc
• Allow both a v4 and a v6 entry for the same host in DNS forwarder overrides
• Fix nameserver handling when IPv6 PPP WAN is enabled
• Fix auto suggested IPv6 address
• Add wildcard information text for DNS forwarder
• Add Fahrenheit support for system temperatures
• Add support for DNS forwarder wildcard, use * as hostname
• Add SixXS interface to traffic graph
• Fix IPv6 link local filter rule
• Fix DHCPv4 having IPv6 address inserted in dhcpd.conf

Changes in version 1.31:

• IPv6 improvements
  • Allow IPv6 addresses for domain overrides in DNS forwarder
  • Added 'strict order' to DNS forwarder (useful when using SixXS DNS)
  • Initial support for AYIYA for SixXS tunnels
  • Fix for DHCPv6 firewall rules
  • Allow link-local addresses to communicate
  • Allow input of DUID in MAC address field of a DHCPv6 reservation
  • DHCPv6 reservations are now also added to DHCPv4
• Fix to WAN DHCP (release/renew button)
• Added option to disable spoof check on bridge (use to enable non-m0n0wall DHCP servers and/or multicast traffic)
• Added system fans/temperature monitoring on status page – should work on a reasonable set of PC hardware (but not on Soekris/PC Engines boards)
• Improved handling of accesses to pages that the user is not authorized for
• Added fix for OpenSSL session renegotiation vulnerability
• Added patch to ISC-DHCP to rewrite lease file every 5 minutes (reduce growth rate and occurrence of MFS exhaustion)

Changes in version 1.3:

• WARNING: this version (any platform) no longer fits on 8 MB CF cards! (>= 16 MB required)
• When upgrading from generic-pc 1.2x, you must install 1.3b7 first before you install this image. Other platforms are not affected.
• Fixed DHCP server "deny unknown clients" option with known clients without a statically assigned IP address
• Fixed a security issue in the DHCP client (CVE-2009-0692)