Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor 2fa, openvpn, ipsec, carp en captive portal. Daarnaast kan het packet filtering toepassen en beschikt het over een traffic shaper. De ontwikkelaars hebben onlangs OPNsense 16.7.10 uitgebracht met de volgende aankondiging:
OPNsense 16.7.10 released
Another week, another update. We are addressing two regressions caught by our users and update the ports to their latest versions including NTP, Squid, and strongSwan. As always, thank you for your support!
This update also enables console upgrades for the development version into the upcoming 17.1-BETA, which will be published right after we finish the WiFi configuration and the last known trouble with PHP 7.0 in the GUI pages. Please make sure you understand the implications of upgrading to BETA. Release notes will be published along with it as soon as it is out.
Here are the full patch notes:Stay safe,
- system: revamped message of the day on console login
- system: validate passed arguments instead of $_POST or $_REQUEST
- system: merged VPN servers into get_possible_listen_ips()
- system: repair French translation for user manager (contributed by Valentin Deville)
- dashboard: do not arbitrarily split descriptions in services
- firewall: added maximum fragments setting
- dhcp: interface column for leases
- ipsec: properly configure syslog output
- dns forwarder: use plugin framework
- dns forwarder: improve DHCP registration option
- dns resolver: use plugin framework
- dns resolver: improve DHCP registration option
- universal plug and play: fix regression in rules anchor
- radvd: mark interface used in case of interface tracking
- radvd: do not inject local DNS server when there is no IP
- radvd: match service running metric with how it works
- captive portal: validate input of voucher validity and quantity
- captive portal: add error message on failed validation (contributed by Fabian Franz)
- netflow: added service control
- ntp: use plugin framework
- intrusion detection: rotate eve-log every 500 MB
- web proxy: add FTP support back
- web proxy: performance improvements on ACL parse
- web proxy: allow option to disable HTTPS verification
- web proxy: enable remote ACL by default when creating it
- plugins: allow Tinc to sync via XMLRPC
- lang: updates for Czech, French and German
- ports: pkg 1.9.3 upstream fetch patch
- ports: sqlite 3.15.1
- ports: strongswan 5.5.1
- ports: ntp 4.2.8p9
- ports: squid 3.5.22
- ports: flock 2.29
- ports: syslogd 11.0
Your OPNsense team