Hello everyone,
Long story short: we thank all early testers of 18.1-RC1! You guys have made it possible to push this online update of 18.1-RC2 sooner than anticipated.
Here are the full patch notes:
- system: add workaround for new 32 bit mmap disallow default (requires reboot)
- system: modify the boot sequence to improve initial IP assignment for PPPoE
- system: support additional RADIUS attributes and show them in the authentication tester
- system: only zap non-directories in /var/run on boot
- system: remove mocked version string in high availability synchronisation
- system: added mail facility remote logging
- firewall: optional hash identifier for rules makes them easier to find in system file
- firewall: support IPv4 + IPv6 selection for port forwards
- firewall: add VIP gateway option for PPPoE interfaces
- firewall: rename NPT to NPTv6 for clarity
- firewall: race condition in creating alias directory
- firewall: make NAT reflection enable less ambiguous
- interfaces: fix "route change" usage in PPPoE name server setup
- dhcp: properly route assigned IPv6 prefixes
- firmware: new release type version is unknown when updates have never been checked
- firmware: security audit previously said "upgrade done"
- firmware: remove defunct mirrors
- installer: allow to overwrite /boot even on read-only media
- installer: restore DUID if found during early import
- intrusion detection: fix backend scripts after refactor
- openssh: tweak GUI display of greeting message
- openssh: make not permitting root login explicit
- openvpn: revert a change and fix deprecated option
- web proxy: allow SSL nobump via CN
- ui: HTML compliance fixes obsolete table attributes (contributed by NOYB)
- ui: HTML compliance fixes attribute "type" on i-tag (contributed by NOYB)
- ui: HTML compliance fixes attribute "for" on div-tag (contributed by NOYB)
- ui: HTML compliance for license page and dashboard widgets (contributed by NOYB)
- mvc: new validators for host names
- plugins: pass update type on configure to avoid spurious syslog reloads
- plugins: acme-client 1.13[1] (contributed by Frank Wall)
- plugins: c-icap 1.5 fixes startup race with clamav plugin
- plugins: frr 1.0_1 fixes service probing
- plugins: iperf 1.0 (contributed by Fabian Franz)
- plugins: lldp 1.0 (contributed by Michael Muenz)
- plugins: redis 1.0 (contributed by Fabian Franz)
The list of currently known issues with 18.1-RC1:
- The firewall NAT rule generation rewrite is not yet fully verified.
- The web GUI recovery is not yet fully implemented.
Stay safe,
Your OPNsense team