New Release Candidate

OPNsense® 18.1 Release Candidate 2

Hello everyone,

Long story short: we thank all early testers of 18.1-RC1! You guys have made it possible to push this online update of 18.1-RC2 sooner than anticipated.

Here are the full patch notes:

  • system: add workaround for new 32 bit mmap disallow default (requires reboot)
  • system: modify the boot sequence to improve initial IP assignment for PPPoE
  • system: support additional RADIUS attributes and show them in the authentication tester
  • system: only zap non-directories in /var/run on boot
  • system: remove mocked version string in high availability synchronisation
  • system: added mail facility remote logging
  • firewall: optional hash identifier for rules makes them easier to find in system file
  • firewall: support IPv4 + IPv6 selection for port forwards
  • firewall: add VIP gateway option for PPPoE interfaces
  • firewall: rename NPT to NPTv6 for clarity
  • firewall: race condition in creating alias directory
  • firewall: make NAT reflection enable less ambiguous
  • interfaces: fix "route change" usage in PPPoE name server setup
  • dhcp: properly route assigned IPv6 prefixes
  • firmware: new release type version is unknown when updates have never been checked
  • firmware: security audit previously said "upgrade done"
  • firmware: remove defunct mirrors
  • installer: allow to overwrite /boot even on read-only media
  • installer: restore DUID if found during early import
  • intrusion detection: fix backend scripts after refactor
  • openssh: tweak GUI display of greeting message
  • openssh: make not permitting root login explicit
  • openvpn: revert a change and fix deprecated option
  • web proxy: allow SSL nobump via CN
  • ui: HTML compliance fixes obsolete table attributes (contributed by NOYB)
  • ui: HTML compliance fixes attribute "type" on i-tag (contributed by NOYB)
  • ui: HTML compliance fixes attribute "for" on div-tag (contributed by NOYB)
  • ui: HTML compliance for license page and dashboard widgets (contributed by NOYB)
  • mvc: new validators for host names
  • plugins: pass update type on configure to avoid spurious syslog reloads
  • plugins: acme-client 1.13[1] (contributed by Frank Wall)
  • plugins: c-icap 1.5 fixes startup race with clamav plugin
  • plugins: frr 1.0_1 fixes service probing
  • plugins: iperf 1.0 (contributed by Fabian Franz)
  • plugins: lldp 1.0 (contributed by Michael Muenz)
  • plugins: redis 1.0 (contributed by Fabian Franz)

The list of currently known issues with 18.1-RC1:

  • The firewall NAT rule generation rewrite is not yet fully verified.
  • The web GUI recovery is not yet fully implemented.


Stay safe,

Your OPNsense team