Download OPNsense 17.1.9
The package OPNsense is a firewall with extensive possibilities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 17.1.9 with the following announcement:
OPNsense 17.1.9 released
Hi all,
Quite the list of changes after a few weeks of a turbulent summer. This update addresses Stack Clash, OpenVPN, Bind and cURL security issues. 17.7 is almost here, which means we have skipped over Alpha and Beta phase due to the fact that the base system is staying on FreeBSD 11.0. What you can expect is a Release Candidate within a week and a smooth transition.
Here are the full patch notes:
- firewall: move gateway switching from system to firewall advanced settings
- firewall: keep category selection when changing tabs
- firewall: do not skip gateway switch parsing too early (contributed by Stephane Lesimple)
- interfaces: show VLAN description during edit
- firmware: opnsense-revert can now handle multiple packages at once
- firmware: opnsense-patch can now handle permission changes from patches
- dnsmasq: use canned –bogus-priv for no_private_reverse
- dnsmasq: separate log file, ACL and menu entries
- dynamic dns: fix update for IPv6
- dynamic dns: remove usage of CURLAUTH_ANY
- intrusion detection: suppress “fast mode available” boot warning in PCAP mode
- openvpn: plugin framework adaption
- unbound: add local-zone typetransparent for PTR zone
- unbound: separate log file, ACL and menu entries
- wizard: remove HTML from description strings
- mvc: group relation to something other than uuid if needed
- mvc: rework “item in” for our Volt templates
- long: Czech to 100% translated
- plugins: zabbix agent 1.1
- plugins: haproxy 1.16
- plugins: acme client 1.8
- plugins: tinc fix for switch mode
- plugins: monitor 1.3
- src: support dhclient supersede statement for option 54
- src: add Intel Atom Cherryview SOC HSUART support
- src: add the ID for the Huawei ME909S LTE modem
- src: HardenedBSD Stack Clash mitigations
- ports: sqlite 3.19.3
- ports: openvpn 2.4.3
- ports: sudo 1.8.20p2
- ports: dnsmasq 2.77
- ports: openldap 2.4.45
- ports: php 7.0.20
- ports: suricata 3.2.2
- ports: squid 3.5.26
- ports: ca_root_nss 3.31
- ports: bind 9.11.1-P2
- ports: unbound 1.6.3
- ports: curl 7.54.1
stay safe,
Your OPNsense team
Version number | 17.1.9 |
Release status | Final |
Operating systems | BSD |
Website | OPNsense |
Download | |
License type | Conditions (GNU/BSD/etc.) |