Änderungen an News einreichen TitelIntro<p>Heute wurde die OPNsense in der Version 23.1 released.</p> Hauptteil<p>Die Open Source Firewall OPNsense bringt ein Update auf die Version 23.1 heraus. Die Version bringt keine großen Neuerungen sondern, sondern pflegt die Basis.</p> <p>Die Version kann wie immer kostenfrei heruntergeladen werden. <a data-tabindex-counter="1" data-tabindex-value="none" href="https://mirror.dns-root.de/opnsense/releases/23.1/OPNsense-23.1-OpenSSL-dvd-amd64.iso.bz2" tabindex="-1">Downloadlink</a></p> <p>Hier ein Kurzüberblick über die Änderungen:</p> <p><strong>Base system</strong></p> <ul> <li>PHP 8.1 update</li> <li>New system status notification system</li> <li>Phpseclib 3 support for missing EC CA revocation</li> </ul> <p><strong>Interfaces</strong></p> <ul> <li>SLAAC WAN improvements</li> <li>Firewall</li> <li>Firewall alias BGP ASN type support</li> </ul> <p><strong>Reporting</strong></p> <ul> <li>Traffic graph polling interval selection and UX</li> <li>DNS insights dashboard</li> </ul> <p><strong>Interfaces</strong></p> <ul> <li>Packet capture MVC/API conversion *</li> <li>Virtual IP MVC/API conversion</li> </ul> <p><strong>VPN</strong></p> <ul> <li>IPsec legacy ipsec.conf to swanctl.conf migration</li> <li>IPsec MVC module using swanctl.conf layout</li> </ul> <p><strong>Services</strong></p> <ul> <li>Unbound: DNSBL to python implementation to fluently support larger lists</li> </ul> <p><strong>Project</strong></p> <ul> <li>Introduce tier system for plugin support levels</li> </ul> <p> </p> <p>Das komplette Changelog im Vergleich zur Version 22.7.11</p> <ul> <li>system: replaced log_error() use with log_msg() and adjusted logging levels accordingly</li> <li>system: introduced a service boot log</li> <li>system: the LibreSSL flavour has been discontinued</li> <li>system: simplify gateway monitoring setup code</li> <li>system: add option to skip gateway monitor host route</li> <li>system: populate /etc/hosts file with IPv6 addresses too</li> <li>system: simplify and guard host route creation</li> <li>system: merge system_staticroutes_configure() into system_routing_configure()</li> <li>system: do not yield process after calling shutdown command</li> <li>system: apply tunables during late boot in case a module was loaded depending on them to be set to a specific value</li> <li>system: show size of ZFS ARC (adaptive replacement cache) in system widget</li> <li>system: introduce support tier annotations for core and plugins[2]</li> <li>system: add cron tasks for scrubbing and trimming ZFS pools (contributed by Iain Henderson)</li> <li>system: fix 6rd/6to4 gateway interface detection (contributed by Frans J Elliott)</li> <li>reporting: add Unbound DNS statistics frontend including client drill-down</li> <li>interfaces: heavy cleanup of the wireless device integration</li> <li>interfaces: use 802.1ad protocol for stacked VLAN parent (QinQ)</li> <li>interfaces: GIF and GRE now support subnet-based IPv6 configurations instead of always falling back to a point-to-point (/128) setup</li> <li>interfaces: GIF and GRE now disable IPv6 on IPv4 tunnels (contributed by Maurice Walker)</li> <li>interfaces: add isolated PPPoEv6 mode to selectively enable IPv6 CP negotiation and turn it off when no IPv6 mode is set</li> <li>interfaces: add support for SLAAC WAN interfaces without DHCPv6 (contributed by Maurice Walker)</li> <li>interfaces: register LAGG, PPP, VLAN and wireless devices as plugins</li> <li>interfaces: simplified get_real_interface() function</li> <li>interfaces: removed obsolete "defaultgw" files</li> <li>interfaces: simplified rc.linkup script</li> <li>interfaces: improve IP address cache behaviour in rc.newwanip(v6) scripts</li> <li>interfaces: converted virtual IPs to MVC/API</li> <li>interfaces: add MAC filtering to packet capture</li> <li>interfaces: convert ARP/NDP pages to server-side searchable variant</li> <li>interfaces: create null route for DHCPv6 delegated prefix</li> <li>interfaces: tighten the concept of hardware interfaces and pull supported plugin devices into assignments page automatically</li> <li>firewall: remove deprecated "Dynamic state reset" mechanic</li> <li>firewall: invalidate port forward rule entry when no target is specified</li> <li>firewall: hide deprecated source OS rule setting under advanced</li> <li>firewall: add group option to prevent grouping in interfaces menu</li> <li>firewall: safeguard against missing name from the alias API call</li> <li>intrusion detection: keep grid to prevent widgets being removed</li> <li>intrusion detection: reload grid after log drop (contributed by kulikov-a)</li> <li>intrusion detection: add verbose logging mode selector</li> <li>ipsec: disable charon.install_routes completely in case upstream would implement it for FreeBSD later on</li> <li>ipsec: move user PSK (pre-shared key) and static PSK items to new MVC/API implementation</li> <li>ipsec: migrate existing configuration from ipsec.conf to swanctl.conf</li> <li>ipsec: add a new independent connections MVC/API component to manage IPsec in a layout matching swanctl.conf syntax more closely</li> <li>ipsec: rewrote lease status page in MVC/API</li> <li>ipsec: add configurable "unique" setting to phase 1</li> <li>ipsec: missing correct phase 1 to collect "Network List" option</li> <li>monit: support start timeout setting (contributed by spoutin)</li> <li>openvpn: add unique daemon name to each instance</li> <li>unbound: add statistics database backend</li> <li>unbound: add exact domain blocking</li> <li>mvc: call plugins_interfaces() optionally on service reconfigure</li> <li>mvc: match UUID for multiple values (contributed by kulikov-a)</li> <li>mvc: convert setBase() to an upsert operation</li> <li>mvc: change default sorting to case-insensitive</li> <li>mvc: add TextField tests (contributed by agh1467)</li> <li>mvc: implement required getRealInterface() variant</li> <li>ui: assorted improvements in bootgrid and form controls</li> <li>ui: switch to pure JSON data in bootgrids</li> <li>plugins: os-bind 1.25[3]</li> <li>plugins: os-ddclient 1.11[4]</li> <li>plugins: os-dyndns end of life note moves to 23.7</li> <li>plugins: os-freeradius 1.9.22[5]</li> <li>plugins: os-frr 1.32[6]</li> <li>plugins: os-haproxy 4.0[7]</li> <li>plugins: os-puppet-agent 1.1[8]</li> <li>plugins: os-sslh 1.0[9] (contributed by agh1467)</li> <li>plugins: os-theme-cicada 1.32 (contributed by Team Rebellion)</li> <li>plugins: os-upnp 1.5[10]</li> <li>plugins: os-wireguard switches to kernel module with a separate os-wireguard-go variant available for installation to keep the old behaviour</li> <li>src: assorted FreeBSD 13 stable fixes for e.g. bpf, bridge, bsdinstall ifconfig, iflib, ipfw, ipsec, lagg, netmap, pf, route and vlan components</li> <li>ports: php 8.1.14[11]</li> <li>ports: sudo 1.9.12p2[12]</li> </ul> <p> </p> <p>Bei der Implementierung Ihres <a data-tabindex-counter="1" data-tabindex-value="none" href="https://datazon.de/it-service/opnsense" tabindex="-1">OPNsense </a>Firewall sind wir Ihnen gerne behilflich.</p> VeröffentlichungsdatumKategorienZielgruppeKurzbeschreibungObertitelUntertitelOrtKurztitel Bilder Sie können hier Dateien ablegen Erlaubte Dateitypen: NameVorschauBeschreibungAlternativtextUrheberrechtLizenzDateigrößeTypZuletzt geändertKategorieopnsense_logo_large----6.27 kBBild13.12.2022, 21:28 - Hinzufügen CaptchaForename Eingaben absenden Abbrechen * Pflichtfeld Möchten Sie die Änderungen verwerfen?
