Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, OpenVPN, IPsec, CARP en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars hebben OPNsense 23.7.12 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.
OPNsense 23.7.12 releasedOne more release it was indeed. We have added considerable backend work for improving security and adding a streaming function to avoid memory exhaustion for data-intense data exchanges. Note this is in preparation for 24.1 where these will be used, but direct use in 23.7 is avoided to lower the possibility for regressions.
The release date for 24.1 is January 30 and we approaching this differently this time with release candidates only being available from the development version meaning there will be no installation media before the final release.
While RC1 is mostly ready the publication is currently on hold due to chasing down a kernel panic. Watch out for the release notes of the RC1. It should be available this week with a follow-up RC2 in the following week.
Here are the full patch notes:
- system: change ZFS transaction group defaults to avoid excessive disk wear
- firewall: validate if GeoIP and BGP ASN targets contain at least 1 kb of data before assuming timestamp is correct
- firmware: automatically install os-squid plugin install when web proxy is enabled before major upgrade
- firmware: refactor export and scrub Unbound DNS database before major upgrade
- firmware: disallow TLS lower than 1.3 on business mirror
- openvpn: add validation for netmask greater than 29 exactly as specified in the OpenVPN source code
- backend: support streaming output using the "stream_output" handler
- backend: implement optional trust model and add extended logging
- backend: support optional configd configuration files
- mvc: add an IPPortField type
- mvc: split configdRun() in order to return a resource which the controller can stream with minimal memory consumption
- ui: fix the missing dialog padding in some modals
- ui: set a default data-size for increased readability in selectpickers
- ui: show tooltip when grid td content does not fit
- plugins: os-bind 1.29
- plugins: os-ddclient 1.20
- plugins: os-frr 1.38
- plugins: os-node_exporter 1.2
- plugins: os-sunnyvalley 1.4 switches to new repository layout
- ports: py-netaddr 0.10.1
- ports: sudo 1.9.15p5
:fill(white):strip_exif()/i/2007222016.jpeg?f=thumbmedium)
:strip_exif()/u/390047/crop5ec42062521a5_cropped.gif?f=community){kind=small}
/u/1741088/crop636b6e3488036_cropped.png?f=community){kind=small}
/u/94596/crop643fb12fd4e6d.png?f=community){kind=small}
/u/35508/crop61e6aa7b579e2_cropped.png?f=community){kind=small}