this post was submitted on 15 Sep 2023
25 points (100.0% liked)

OPNsense

489 readers
1 users here now

All discussions about the open source, FreeBSD-based firewall called OPNsense.

founded 1 year ago
MODERATORS
 

This comes with some fixes to the new openVPN system, and route-gateway was added (a big oversight imo). More updates to wireguard and improvements have been added, and are still ongoing.

Here are the full patch notes:

system: correctly set RFC 5424 on remote TLS system logging

system: remove hasGateways() and write DHCP router option unconditionally

system: avoid plugin system for gateways monitor status fetch

system: remove passing unused ifconfig data to Gateways class on static pages

system: remove passing unused ifconfig data on gateway monitor status fetch

system: remove the unused "alert interval" option from the gateway configuration

interfaces: calculate_ipv6_delegation_length() should take advanced and custom dhcp6c into account

interfaces: teach ifctl to dump all files and its data for an interface

interfaces: remove dead link/hint in GIF table

interfaces: avoid duplicating $vfaces array

interfaces: introduce interfaces_restart_by_device()

firewall: remove old __empty__ options trick from shaper model

firewall: update models for clarity

firmware: update model for clarity

ipsec: omit conditional authentication properties when not applicable on connections

ipsec: fix key pair generator for secp256k1 EC and add properer naming to GUI (contributed by Manuel Faux)

ipsec: allow the use of eap_id = %any in instances

openvpn: fix certificate list for client export when optional CA specified (contributed by Manuel Faux)

openvpn: add CARP VHID tracking for client instances

openvpn: add tun-mtu/fragment/mssfix combo for instances

openvpn: add "route-gateway" advanced option to CSO

openvpn: use new File::file_put_contents() wrapper for instances

openvpn: updated model and clarified "auth" default option

mvc: remove "non-functional" hints from form input elements

mvc: uppercase default label in BaseListField is more likely

ui: add bytes format to standard formatters list

plugins: os-ddclient 1.16[1]

plugins: os-frr 1.36[2]

plugins: os-wireguard 2.1[3]

plugins: os-tinc 1.7 adds support for "StrictSubnets" variable (contributed by andrewhotlab)

lang: update translations and add Polish

src: bring back netmap tun(4) ethernet header emulation (contributed by Sunny Valley Networks)

src: axgbe: gracefully handle i2c bus failures

src: bnxt: do not restart on VLAN changes

src: ice: do not restart on VLAN changes

src: net: do not overwrite VLAN PCP

src: net: remove VLAN metadata on PCP / VLAN encapsulation

src: if_vlan: always default to 802.1

src: iflib: fix panic during driver reload stress test

src: iflib: fix white space and reduce some line lengths

src: ixgbe: define IXGBE_LE32_TO_CPUS

src: ixgbe: check for fw_recovery

src: net80211: fail for unicast traffic without unicast key[4]

src: pcib: allocate the memory BAR with the MSI-X table[5]

ports: php 8.2.10[6]

ports: python 3.9.18[7]

ports: unbound 1.18.0[8]
no comments (yet)
sorted by: hot top controversial new old
there doesn't seem to be anything here