IPFire is een opensourcefirewall voor i586-, x86_64- en Arm-systemen. Het bevat onder andere een intrusion detection/prevention system, deelt het netwerk op in zones, doet stateful packet inspection en biedt vpn-mogelijkheden. Voor meer informatie verwijzen we naar deze pagina. De ontwikkelaars hebben versie 2.29 Core Update 186 uitgebracht, een stabiele uitgave voor productiesystemen. De bijbehorende aantekeningen zien er als volgt uit:
IPFire 2.29 - Core Update 186 releasedFinally it is time for another release of IPFire! IPFire 2.29 - Core Update 186. Packaged with a refreshed kernel, experimental support for Btrfs, as well as various security & bug fixes. But before we start talking about the changes in detail, we would like to take a moment and ask for your support. We put a lot of effort into building and testing this update and could not do any of this without your donation. Please, donate to the project helping us to put more resources to bring you more and better updates. It is very much appreciated by all of us here!
A Refreshed KernelThis update brings a refresh of the IPFire Kernel, based on Linux 6.6.32. It has mitigations for the latest Register File Data Sampling (RFDS, CVE-2023-28746) in Intel processors and fixes issues with the CPU graph for processors when some virtual cores are offline. The Raspberry Pi has received support for CPU frequency scaling.
Experimental Support for BtrfsThis release introduces experimental support for Btrfs in IPFire. Currently this has been implemented to test out what benefits IPFire could draw from this new design of a filesystem. It enables compression of all data it holds and allows to create snapshots which might become useful for the development process and enable easier rollbacks.
Misc.Add-ons
- Firewall Blocklists
- Spamhaus EDROP has been merged into DROP. Users who had EDROP enabled will automatically have DROP enabled after installing this update.
- The discontinued Alienvault list has been removed.
- Suricata haș been enabled to use Linux Landlock which is supposed to protect against any unauthorised file system access from exploits.
- The Unbound/DHCP Leases bridge has been patched to avoid unnecessary reloads of Unbound. Thanks to Nick Howitt for his first-time contribution.
- Some unnecessary warnings during the boot process have been silenced.
- Updated packages: Apache2 2.4.59, BIND 9.16.49, kmod 32, libhtp 0.5.48, OpenSSL 3.2.2, SQLite 3.45.3, squid 6.9, strongSwan 5.9.14, Suricata 7.0.5, tzdata 2024a
- Icinga has been removed, as announced in February
- The broken sslh add-on has been removed
- Updated packages: Bacula 13.0.4, dnsdist 1.9.3, Lynis 3.1.1, mympd 14.1.2, Tor 0.4.8.11
After installing this update, please reboot your IPFire appliance.
:fill(white):strip_exif()/i/2004006994.jpeg?f=thumbmedium)
/u/682775/crop57d85a78cec2a_cropped.png?f=community){kind=small}