OPNsense 16.1.12 released
Hi everyone,
How are you doing? We have been doing fine, trying new things, moving on further… The progress for our upcoming version 16.7 now accumulates to 3 full months. To that end we are making the transition from ALPHA to BETA on the 16.7 development series. And since we have been asked to incorporate development change logs as well, look no further (well, look below).
Anyway, 16.1.12 brings a handful of anticipated additions like FreeBSD’s package manager version 1.7.2 and the ability to use CoDel / FQ-Codel in the traffic shaper. We have also started to move services to the plugin framework instead of having them in the base installation. And, maybe as a last point, initial work for fixing the trusty apinger utility for gateway monitoring has surfaced.
Here is the full change log for 16.1.12:
- ports: pkg 1.7.2[1][2][3], sqlite 3.12.1[4], squid 3.5.17[5]
- firewall: skip anti-lockout WAN rule when only LAN is connected
- firewall: clean up unused alias tabes
- firewall: improve alias usage validation
- firewall: validate / transform url content before save
- traffic shaper: add Codel / FQ-CoDel support[6]
- firmware: changed “halt” to “power off”
- firmware: advertise current product and os version in API
- firmware: kernel and base fetch will now advertise download progress
- interfaces: translation fixes (contributed by Fabian Franz)
- system: fix RRD boot error for CPU temperature graph
- gateways: code modernisation for the trusty apinger utility
- ipsec: added service control to log page
- captive portal: cleanse cert output before write
- proxy: cleanse cert output before write
- proxy: do not stop authenticating after an empty string
- proxy: added log page to ACL
- proxy: remove auth local database as default
- smart: removed from base, can be installed as plugin “os-smart”
And this is the change log for 16.7 BETA:
- netflow: finished exporter capable of sending NetFlow to multiple remote destinations
- netflow: finished local reporting frontend on top of collected NetFlow data
- interfaces: polling mode has been deprecated and will be phased out soon
- vpn: L2TP, PPTP and PPPoE servers have been ported to use MPD5
- vpn: legacy servers have been prepared to be moved from base install to plugins
- cron: code preparations for opening up the MVC cron API
- tests: added a unit test framework and several tests
- backup: reworked the RRD and DHCP leases backup strategies
- backup: added the ability to also backup local NetFlow data
- plugins: added the HAProxy plugin (contributed by Frank Wall)
- kernel: CoDel / FQ-CoDel AQM patch version 0.2
- kernel: HardenedBSD’s ASLR
- languages: translations have their own repository and package now
- languages: updated Dutch, French, German, Japanese, Russian
- languages: can now collect strings from all plugins
- languages: first steps for Portuguese
Stay safe,
Your OPNsense team
—
[1] https://github.com/freebsd/freebsd-ports/commit/aabba637e
[2] https://github.com/freebsd/freebsd-ports/commit/d3e9dc5ee
[3] https://github.com/freebsd/freebsd-ports/commit/057fbfc94b
[4] http://www.sqlite.org/changes.html
[5] ftp://ftp.meisei-u.ac.jp/mirror/squid/squid-3.5-ChangeLog.txt
[6] https://github.com/opnsense/core/issues/505