OPNsense Bugfix Release 21.7.3 und 21.7.3_1 21.7.3_2

Dieses Release von OPNsense aktualsiiert Suricata auf Version 6 und ermöglicht den tls-crypt Support für OpenVPN. Weiterhin kann Opensense nun automatisch User, basierend auf LDAP basierten Logins, erstellen.

OPNsense 21.7.3 Release Notes

  • system: allow automatic user creation on LDAP-based logins
  • interfaces: add and use unified function is_interface_assigned() to prevent deleting assigned interfaces
  • interfaces: sync firewall groups after internal create/destroy operations
  • interfaces: add netstat tree search and improve page layout
  • interfaces: replace opportunistic diagnostics IP address lookups with more robust variants
  • firewall: clarify match/set priority in rules
  • firewall: improve alias description/preview
  • firewall: aliases maximum entries progress bar
  • dhcp: add shared dhcpd_leases() reader and use it in both lease pages
  • openvpn: use is_interface_assigned() to prevent deletion of assigned instances
  • openvpn: CARP status read cleanups (contributed by vnxme)
  • openvpn: tls-crypt support (contributed by vnxme)
  • openvpn: do not create empty router file
  • router advertisements: remove AdvRDNSSLifetime / AdvDNSSLLifetime bounds (contributed by Maurice Walker)
  • unbound: register DHCP leases with their matching IP range configured DHCP domain
  • plugins: os-acme-client 3.1[1]
  • plugins: os-chrony 1.4[2]
  • plugins: os-collectd 1.4[3]
  • plugins: os-fetchmail 1.1[4]
  • plugins: os-freeradius 1.9.16[5]
  • plugins: os-realtek-re 1.0 adds Realtek vendor NIC driver module
  • plugins: os-telegraf 1.12.1[6]
  • ports: dnsmasq 2.86[7]
  • ports: filterlog 0.5 removes unused IPv6 options support
  • ports: nss 3.70[8]
  • ports: pcre 8.45[9]
  • ports: python 3.8.12[10]
  • ports: sudo 1.9.8p1[11]
  • ports: suricata 6.0.3[12]
  • ports: syslog-ng 3.34.1[13]

Hotfix Release 21.7.3_1:

  • openvpn: properly save new tls-crypt configuation

Hotfix Release 21.7.3_3:

  • openvpn: fix validation for /30 subnet in peer to peer mode (contributed by kulikov-a)
  • backend: catch broken pipe on event handler (contributed by kulikov-a)
  • plugins: os-acme-client 3.2[1]

Schreibe einen Kommentar

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.