OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.
The 19.1 release, nicknamed "Inspiring Iguana", consists of a total of 620 individual changes since 18.7 came out 6 months ago, spread out over 12 intermediate releases including the recent release candidates. That is the average of 2 stable releases per month, security updates and important bug fixes included! If we had to pick a few highlights it would be: The firewall alias API is finally in place. The migration to HardenedBSD 11.2 has been completed. 2FA now works with a remote LDAP / local TOTP combination. And the OpenVPN client export was rewritten for full API support as well.
Download links, an installation guide and the checksums for the images can be found below as well.
o Europe: https://opnsense.c0urier.net/releases/19.1/
o US East Coast: http://mirrors.nycbug.org/pub/opnsense/releases/19.1/
o US West Coast: https://mirror.sfo12.us.leaseweb.net/opnsense/releases/19.1/
o South America: http://mirror.upb.edu.co/opnsense/releases/19.1/
o South-East Asia: https://ftp.yzu.edu.tw/opnsense/releases/19.1/
o Full mirror list: https://opnsense.org/download/
These are the most prominent changes since version 18.7:
o fully functional firewall alias API
o PIE firewall shaper support
o firewall NAT rule logging support
o 2FA via LDAP-TOTP combination
o WPAD / PAC and parent proxy support in the web proxy
o P12 certificate export with custom passwords
o Dpinger is now the default gateway monitor
o ET Pro Telemetry edition plugin
o extended IPv6 DUID support
o Dnsmasq DNSSEC support
o OpenVPN client export API
o Realtek NIC driver version 1.95
o HardenedBSD 11.2, LibreSSL 2.7
o Unbound 1.8, Suricata 4.1
o Phalcon 3.4, Perl 5.28
o firmware health check extended to cover all OS files, HTTPS mirror default
o collapsible side bar menu in the default theme
o language updates for Chinese, Czech, French, German, Japanese, Portuguese and Russian
o API backup export, Bind, Hardware widget, Nginx, Ntopng, VnStat and Dnscrypt-proxy plugins
Here are the full changes against version 19.1-RC2:
o ipsec: add firewall interface as soon as phase 1 is enabled
o monit: widget improvements and bug fix (contributed by Frank Brendel)
o ui: fix regression in single host or network subnet select in static pages
o plugins: os-frr 1.7 updates OSFP outbound rules (contributed by Fabian Franz)
o plugins: os-telegraf 1.7.4 fixes packet filter input
o plugins: os-theme-rebellion 1.8.2 adds image colour invert
o plugins: os-vnstat 1.1
o plugins: os-zabbix-agent now uses Zabbix version 4.0
o src: revert mmc_calculate_clock() as HS200/HS400 support breaks legacy support
o src: update sqlite3-3.20.0 to sqlite3-3.26.0
o src: import tzdata 2018h, 2018i
o src: avoid unsynchronized updates to kn_status
o ports: ca_root_nss 3.42
o ports: dhcp6c 20190128 prevent rawops double-free (contributed by Team Rebellion)
o ports: sudo patch to fix listpw=never
Migration notes and minor incompatibilities to look out for:
o Gateway health graphs may need a manual reset due to the Apinger to Dpinger migration. Apinger is no longer available.
o Intrusion detection GeoIP rules are automatically deactivated and need to be manually migrated to firewall alias GeoIP.
o Quagga plugin has been superseded by FRR plugin. A binary quagga package has been conserved for the time being.
o Please read the FRR documentation with regard to the required system tunables.
o Bhyve UEFI boot may fail as a guest. The problem is being investigated.
o SNMP plugin has been superseded by Net-SNMP plugin.
- ASSASSIN’S CREED® VALHALLA RELEASE DATE ANNOUNCED FOR NOVEMBER 17 - July 12, 2020
- Free-to-play Brawlhalla® Coming to Mobile on August 6 - July 12, 2020
- EA SPORTS UFC 4 Officially Revealed With UFC Middleweight Champion Israel Adesanya and UFC Welterweight Jorge Masvidal as Cover Athletes - July 12, 2020