Download OPNsense 18.7.10

Spread the love

The package OPNsense is a firewall with extensive possibilities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 18.7.10 with the following announcement:

OPNsense 18.7.10 released

happy new year everyone,
2019 means 19.1 is almost here. In the meantime accept this small incremental update with goodies such as Suricata 4.1, custom passwords for P12 certificate export as well as fresh fixes in the FreeBSD base.

A lot of cleanups went into this update to make sure there will be a smooth transition to 19.1-RC for you early birds. We expect RC1 in 1-2 weeks and the final 19.1 on January 29.

Here are the full patch notes:

  • system: P12 certificate export now allows to specify a password
  • system: allow plain IPv6 for LDAP and RADIUS host
  • system: properly sort columns with size units in activity page
  • system: remove references to “automatic” in HA help texts
  • system: add option to only show temperature of one core in widget
  • system: speed up isArraySequential()
  • system: introduce configdp_run() variant
  • system: assorted code cleanups
  • interfaces: only show name servers offered by individual link in status page
  • interfaces: DUID-LL generator fix (contributed by Team Rebellion)
  • interfaces: show disabled and virtual interfaces in groups
  • interfaces: change wireless page interface iterators
  • interfaces: change LAGG page interface iterators
  • interfaces: remove unused get_dns_servers()
  • interfaces: assorted code cleanups
  • firewall: fix an exception error in alias config read
  • firewall: fix typo in outbound NAT destination help text
  • firewall: rename “Localhost” to “Loopback” for clarity in virtual IP pages
  • firewall: unify anti-lockout behavior to match rules and GUI display
  • firewall: switch to tokenizer for shaper source and destination fields
  • firewall: fix alias utility issue when adding into empty alias
  • firewall: correct alias name limit to 31 characters
  • firewall: bring back auto-complete for nested aliases
  • firewall: NAT rules on reflection for port forwards only when address exists on interface
  • firewall: lower bogon download retry attempts to 3
  • firewall: schedule JS code update
  • captive portal: add setting to always send accounting requests
  • captive portal: assorted code cleanups
  • dhcp: DHCPv6 leases not always correctly displayed (contributed by Team Rebellion)
  • dhcp: override IPv6 PD range fix (contributed by Team Rebellion)
  • dhcp: switch subnet verification to new network interface retrieval
  • firmware: individual error messages during base and kernel installation
  • firmware: obsolete set usage has been removed, embedded into base set
  • firmware: always recalculate size returned in the GUI and use pkg-style units
  • firmware: migrate more scripting to opnsense-version
  • firmware: remove defunct dataroute mirror
  • importer: make current zpool visible, but immune to import
  • installer: find all possible configs and include them for startup
  • intrusion detection: change default alert level to notice
  • openvpn: allow empty remote subnet in client
  • openvpn: use new network interface retrieval
  • openvpn: assorted code cleanups
  • unbound: always add global DNS servers in forwarding mode
  • unbound: restart when crashed even if request came from unassociated interface
  • wizard: sync bogon help text with interfaces GUI counterparts
  • wizard: hint at updates after completion
  • wizard: assorted code cleanups
  • mvc: harden setFormData()
  • plugins: os-api-backup 1.0 allows API access to config.xml (contributed by Fabian Franz)
  • plugins: os-bind 1.4 (contributed by Michael Muenz)
  • plugins: os-clamav fixes /var MFS permission mismatch
  • plugins: os-dnscrypt-proxy 1.1 allows manual server selection (contributed by Michael Muenz)
  • plugins: os-dyndns 1.1 fix for using apex domains with CloudFlare DDNS (contributed by Charles Ulrich)
  • plugins: os-frr 1.6 adds OSPF key ID and default route metric, BGP router ID, etc. (contributed by Michael Muenz and Fabian Franz)
  • plugins: os-haproxy 2.13 (contributed by Frank Wall)
  • plugins: os-ntopng fixes HTTPS setup permission
  • plugins: os-openconnect 1.3.2 adds non-inter option, groups and client certificates, etc. (contributed by Diego Rivera and Michael Muenz)
  • plugins: os-postfix 1.8 (contributed by Michael Muenz)
  • plugins: os-theme-cicada 1.12 (contributed by Team Rebellion)
  • plugins: os-theme-tukan 1.11 (contributed by Team Rebellion)
  • plugins: os-upnp 1.3 allows up to 8 user permissions
  • src: bootpd buffer overflow
  • src: kernel panic under load on Intel “Skylake” CPU
  • src: ZFS vnode reclaim deadlock
  • ports: curl 7.63.0
  • ports: libressl 2.7.5
  • ports: libxml 2.9.8
  • ports: phalcon 3.4.2
  • ports: suricata 4.1.2
  • ports: syslogd 11.2
  • ports: unbound 1.8.3

stay safe,
Your OPNsense team

Version number 18.7.10
Release status Final
Operating systems BSD
Website OPNsense
Download
License type Conditions (GNU/BSD/etc.)
You might also like