OPNsense 15.7 发布,此版本代号为‘Brave Badger’。 OPNsense 15.7 是 OPNsense 15.1.12 的简单升级,强烈建议升级到最新版本!此版本把 LibreSSL 风情版升级到生产环境状态;改进了安装器的导入配置工具;可以无缝切换 OpenSSL 到 LibreSSL。 此版本最大的改进是入侵检测集成 (suricata) ;新的本地和远程代理服务器黑名单选项(squid)。 详细改进: kernel: borrowed a dummynet / ipnat patch from m0n0wall to enable symmetric traffic shaping when NAT is involved kernel: fix recurse lock panic for tmpfs in conjunction with unionfs kernel: applied two stable patches that prevent squid from crashing [1] kernel: retired ALTQ support base: sendmail TLS/DH Interoperability Improvement [2] base: improved iconv(3) UTF-7 support [3] base: inconsistency between locale and rune locale states [4] notable ports updates: phalcon 2.0.3 [5], curl 7.43.0_2 [6], openssh 6.8p1_8, python 2.7.10 [7], perl 5.20.2_5 [8], ntp 4.2.8p3 [9], libxml2 [10] 2.9.2_3, openldap24-server 2.4.41 [11] opnsense-update: will no longer try to reinstall the installed version after a fresh installation bsdinstaller: bring back cpdup to error out on low memory installation (you need 1 GB of RAM, or work around installation using the nano image) traffic shaper: removed legacy queues support in favour of the new traffic shaper functionality traffic shaper: allow direct enable/disable toggle proxy: fix the initial daemon start on bootup proxy: added LAN as the default interface configuration proxy: local and remote blacklists with regex support intrusion detection: initial release of our IDS GUI based on suricata gateways: monitoring mode gained IPv6 support captive portal: fix idle timeout bug captive portal: d not delete the wrong zone when having multiple configurations captive portal: removed include files from exposed web directory backend: always regenerate users and groups to avoid corruption after an unclean shutdown backend: wait for configd socket to come up to address a startup race issue backend: clean up configd socket on exit backend: fixed regression that prevented user scripts from being started via /etc/rc.conf gateways: only show apinger in services when monitoring is enabled for a gateway languages: brought Simplified Chinese to 49% completed, German to 30% completed universal plug and play: make page invoke static to remove exploitability of the legacy packages framework crash reporter: finally enabled the send button and provides human-readable feedback whether the submission was complete console: added non-interactive interface assignment for headless deployments ssh: disable password authentication on factory reset to align with the standard configuration diagnostics: avoid duplicated calls of gethostbyaddr() in NDP table view users: prompt for old password on password change to prevent account hijacking users: stripped the impossible scponly user privileges since said utility has never been part of our ecosystem 下载: https://opnsense.org/download/ 更多内容请看发行说明。 Stay safe, Your OPNsense team OPNsense 是一个开源易用,而且易于构建的基于 FreeBSD 的防火墙和路由平台。包括大多数商业防火墙的特性。提供功能完整却易用的 GUI 管理界面。 最小硬件要求: 1GHz dual core cpu 1 GB RAM 40GB SSD Serial console or video 推荐配置: 1.5GHz multi core cpu 4 GB RAM 120GB SSD Serial console or video OPNsense 15.7 发布,防火墙和路由平台下载地址
