OPNsense Bugfix und Feature Release 18.7 RC2

Die Open-Source Firewall und Fork von PFsense, OPNsense, wurde in Version 18.7 als Release Candidate 2 veröffentlicht. Das Update enthält ebenso die neu Version 4.0.5 von Suricata.

OPNsense 18.7 RC2 Änderungen

• system: show fingerprint in certificate details (contributed by Robin Schneider)
• system: fix NextCloud file name format (contributed by Fabian Franz)
• system: allow remote backup via cron command
• system: clarify interface labels for NetFlow generator
• system: restart syslog when interface bind addresses may have changed
• system: do not use forced down gateways for default gateway switching
• system: allow USB-based serial ports
• interfaces: allow /0 to /32 in 6rd and align prefix length calculation with effective prefix used
• interfaces: 6rd validation and avoid listing on assignment page
• firewall: remove virtual IP network address restrictions for IPv6
• firewall: ignore namelookup when no nameservers are configured
• firewall: drop detail description field in preparation for alias API
• firewall: do not emit reflection rules for the wrong address family
• firewall: properly handle 6rd / 6to4 tunnel device in rule generation
• firewall: allow to select external aliases
• dashboard: add a 6 widget columns option
• firmware: slightly improve remote probing of kernel and base set
• firmware: hide upgrade banner when update is done
• installer: give basic tip that GUI IP can be set in console (contributed by stilez)
• intrusion detection: clean up previously installed rules
• ipsec: add mutual RSA and EAP-MSCHAPv2 support
• monit: fix UI issues (contributed by Frank Brendel)
• ntp: typo in SiRF selection
• openvpn: change IP calculation of /31 tunnel networks (contributed by Daniil Baturin)
• openvpn: move generation of client connect / disconnect directives to server mode block
• openvpn: properly translate several validation messages
• openvpn: disable use of /32 tunnel networks
• shell: show SSH and HTTPS fingerprints in banner (contributed by Robin Schneider)
• shell: reset DHCPv6 configuration during port reconfigure
• shell: clarify install media login message (contributed by stilez)
• shell: move banner display to top
• unbound: add latest root hints to standard configuration
• web proxy: allow to not use request or response URL in ICAP
• mvc: multiselect may allow empty option, no need to give blank item too
• plugins: os-frr 1.4 cleans up redistribute options (contributed by ShaRose)
• plugins: os-zabbix-proxy 1.1 adds PSK-based encryption (contributed by fzoske)
• plugins: os-theme-cicada 1.2 (contributed by Team Rebellion)
• plugins: os-theme-rebellion 1.2 (contributed by Team Rebellion)
• plugins: os-theme-tukan 1.1 (contributed by Team Rebellion)
• plugins: os-openconnect 1.1 (contributed by Michael Muenz)
• plugins: os-net-snmp 1.0 fix for listening field (contributed by Michael Muenz)
• plugins: os-haproxy 2.7 restores multiselect where needed (contributed by Frank Wall)
• plugins: os-web-proxy-sso 2.2 UI fixes (contributed by Smart-Soft)
• ports: dhcp6c now supports raw option send and receive (contributed by Team Rebellion and Christoph Engelbert)
• ports: suricata 4.0.5[1]

Quelle: https://opnsense.org/opnsense-18-7-rc2-released/

JARVIS

Interessiert in verschiedenste IT Themen, schreibe ich in diesem Blog über Software, Hardware, Smart Home, Games und vieles mehr. Ich berichte z.B. über die Installation und Konfiguration von Software als auch von Problemen mit dieser. News sind ebenso spannend, sodass ich auch über Updates, Releases und Neuigkeiten aus der IT berichte. Letztendlich nutze ich Taste-of-IT als eigene Dokumentation und Anlaufstelle bei wiederkehrenden Themen. Ich hoffe ich kann dich ebenso informieren und bei Problemen eine schnelle Lösung anbieten. Wer meinen Aufwand unterstützen möchte, kann gerne eine Tasse oder Pod Kaffe per PayPal spenden – vielen Dank.