
Die Open-Source Firewall, OPNsense, erhielt vor wenigen Tagen das Update 20.1 alias Keen Knigfisher. Damit ist ein neues Major Release der beliebten veröffentlicht worden. OPNsense gibt es nunmehr seit 5 Jahren und basiert auf HardenedBSD. Das Alias “Keen Kingfisher” benannte Release bringt VXLAN und zusätzlichen loopback support, IPsec Public Key Autentifizierung und elliptic curve TLS Zertifikate.
OPNsense 20.1 Release Notes
- Captive portal performance improvements
- IPsec public key authentication support
- Elliptic curve TLS certificate creation
- CARP service demotion hook
- VXLAN device support
- Loopback device support
- Extended firmware health audit checks
- Support direction and non-quick on interface rules
- Logging frontend migrated to MVC / API
- PSR 12 coding style
- Documentation for all core components
- Python 3.7 is now the default Python version
- LibreSSL 3.0 and OpenSSL 1.1.1
- Google Backup API 2.4
- jQuery 3.4.1
And here are the full patch notes against version 20.1-RC1:
- installer: welcome users as genuine 20.1 installer
- rc: revert growfs change since Nano does not grow anymore
- plugins: os-mail-backup 1.1[2]
- plugins: os-nrpe 1.0 (contributed by Michael Muenz)
- plugins: os-theme-rebellion 1.8.3 (contributed by Team Rebellion)
- plugins: os-vnstat 1.2[3]
- plugins: zabbix4-proxy 1.2[4]
- ports: ca_root_nss 3.49.2
- ports: curl 7.68.0[5]
- ports: isc-dhcp 4.4.2[6]
- ports: php 7.2.27[7]
- ports: urllib3 1.27.7[8]
Known issues and limitations:
- HardenedBSD 12.1 has been postponed to the next major release
- Legacy MPD5 plugins os-l2tp, os-pppoe and os-pptp have been deprecated and will no longer receive updates
- To prevent stale configuration files for remote syslog we advise to setup the new targets first[9] and disable the old ones under System: Settings: Logging
- i386 has not been deprecated for the time being
Quelle: https://opnsense.org/opnsense-20-1-keen-kingfisher-released/
Wenn pppoe depricated markiert ist, gibt es einen nachfolger dafür ?