OPNsense 24.1.7

Het pakket OPNsense is een firewall met uitgebreide mogelijkheden. Het is gebaseerd op het besturingssysteem FreeBSD en is oorspronkelijk een fork van m0n0wall en pfSense. Het pakket kan volledig via een webinterface worden ingesteld en heeft onder andere ondersteuning voor mfa, OpenVPN, IPsec, CARP en captive portal. Daarnaast kan het packetfiltering toepassen en beschikt het over een traffic shaper. De ontwikkelaars hebben OPNsense 24.1.7 uitgebracht en de releasenotes voor die uitgave kunnen hieronder worden gevonden.

OPNsense 24.1.7 released

Python was updated to version 3.11 along with the usual reliability patches in the core, plugins and third party software. At the moment we are working on removing most of the Phalcon framework dependencies which have the side effect of speeding up the MVC/API bits. The new dashboard is also taking shape. Try it on the development version if you can and let us know what you think.

Here are the full patch notes:

• system: fix maximum log file size being ignored when there is only one file
• system: make log rotate action available to Cron
• system: remove get_current_theme() and improve static page templating
• system: move radvd and rtsold to system log where they belong
• system: deny access to .core files from web GUI and disable core dumps by default
• system: adjust log levels in Google Drive backup
• system: prevent out of memory on gateways migrations
• interfaces: give DAD another second of delay to finish for the IPv6 renew
• interfaces: reword the gateway selector default and help text to describe its function more accurately
• ipsec: allow the equal sign for identity parsing in connections
• isc-dhcp: make private consumers actually private where it matters
• kea-dhcp: generate JSON payload from model
• kea-dhcp: fix field separator for subnet domain search (contributed by KitKat31337)
• openvpn: fix “attempt to read property…” in status page
• openvpn: safeguard config access in updown_event.py
• wireguard: pass endpoint to validator to avoid invalid QR code errors on mobile app
• wireguard: add MTU when set on the instance
• backend: allow to query multiple sysctl queries at once
• mvc: pass isFieldChanged() to children in ContainerField
• mvc: replace PhalconFilterValidationException with OPNsenseBaseValidationException wrapper
• mvc: extend model implementation to ease legacy migrations
• mvc: change exception handling in runMigrations() to avoid mismatches in attributes being silently ignored
• mvc: refactor grid search to fetch descriptive values from the model instead of trying to reconstruct them
• mvc: replace array_map+strval for loop with cast to preserve execution time in BaseListField
• ui: fix bootgrid parsing of timestamp
• ui: improve tokenizer paste behaviour
• plugins: os-acme-client 4.3
• plugins: os-caddy 1.5.5
• plugins: os-crowdsec 1.0.8
• plugins: os-freeradius 1.9.23
• plugins: os-frr 1.40
• plugins: os-relayd 2.9 moves validation to model where it belongs
• plugins: os-shadowsocks 1.1 adds transport mode option (contributed by xabbok255)
• plugins: os-squid workaround for broken OpenSSL legacy provider handling
• plugins: os-telegraf 1.12.11
• ports: libpfctl 0.11
• ports: libucl 0.9.2
• ports: lighttpd 1.4.76
• ports: php 8.2.19
• ports: pecl-mcrypt 1.0.7
• ports: python 3.11.9
• ports: strongswan 5.9.14
• ports: suricata 7.0.5
• ports: syslog-ng 4.7.1
• ports: unbound 1.20.0