
Die Firewall OPNsense erhielt das Update 21.7.6, das einige Fehler behebt Plugins aktualisiert und das Suricata 5-basierte Regelset mit bringt. Ebenso ist Suricata auf Version 6.0.4 aktualisiert worden und eine optionale Änderung der Netmap API Version 14 ist vorhanden.
OPNsense 21.7.6 Release Notes
- system: move logging remnants of Relayd/HAProxy to plugin code
- system: support XMLRPC authentication using API keys
- system: escape shell parameters in cron jobs
- system: system log widget auto-refresh (contributed by kulikov-a)
- interfaces: make is_linklocal() properly detect all link-local addresses (contributed by Per von Zweigbergk)
- firewall: properly translate “any” port to upper or lower port bound
- firewall: support any-to-X ranges for rules port input (contributed by kulikov-a)
- firewall: drop policy based routing validation on interface rules
- captive portal: missing tooltip in session window
- captive portal: “connected since” malformed due to datetime already being converted
- dhcp: add current IPv4 address to static lease creation (contributed by Taneli Leppa)
- intrusion detection: switch to ET-Open Suricata 5 rulesets
- intrusion detection: support multiple policy property in metadata
- ipsec: inline only caller of get_configured_vips_list()
- ipsec: avoid VTI device recreation when using hostnames
- backend: add configctl “-d” and “-q” options for future use
- plugins: os-acme-client 3.5[1]
- plugins: os-dyndns 1.27[2]
- plugins: os-etpro-telemetry 1.6 switches to Suricata 5 rulesets
- plugins: os-frr 1.24[3]
- plugins: os-nginx 1.24[4]
- plugins: os-telegraf 1.12.3[5]
- plugins: os-wireguard 1.9[6]
- plugins: os-zabbix-agent 1.10[7]
- plugins: os-zabbix-proxy 1.6[8]
- ports: suricata 6.0.4[9] with Netmap API version 14 enabled
Quelle: OPNsense 21.7.6 released