Download OPNsense 20.1.4
The package OPNsense is a firewall with extensive opportunities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers previously released OPNsense 20.1.4 with the following announcement:
system:
- add missing strtolower() in LDAP sync response
- fix /var/run/legacy_log socket creation race with Syslog-ng
- add info button to display privilege / ACL endpoints
- make IPsec tap tunables overwriteable
firewall:
- floating means either all interfaces or more than one selected
- simplify group maintenance by only applying them on filter reload
interfaces:
- use primary IPv6 and support VIP tracking
- multiple changes in radvd.conf setup (contributed by maurice-w)
dhcp:
- fix DDNS support in DHCPv6 (contributed by Wagner Sartori Junior)
firmware:
- mirror opnsense.ieji.de renamed to opn.sense.nz
openvpn:
- improve openvpn_port_used() logic
unbound:
- minor cleanup in /api/unbound/diagnostics/stats endpoint
- remove 192.0.0.0/24 from rebinding prevention list (contributed by maurice-w)
mvc:
- simplify reload of captive portal, cron, IDS, alias, loopback, VXLAN, web proxy, routes, syslog and shaper
- limit dropdown size to 10 is none specified
- support inheritance of the ArrayField type
- synchronize backup timestamps with revisions
- fixed width for timestamp column in logging
- init errorMessage to prevent crash reports
shell:
- use interfaces_primary_address6() for correct IPv6 display
- append a newline in pluginctl -g mode
plugin:
- os-acme-client 1.30[1]
- ox-bind 1.13[2]
- os-freeradius 1.9.6[3]
- os-haproxy 2.21[4]
- ox-maltrail 1.5[5]
- os-nginx 1.19[6]
- os-nut 1.7[7]
- os postfix 1.14[8]
- os-tayga 1.0 (contributed by Michael Muenz)
- os-telegraf 1.7.7[9]
- os-unbound-plus 1.0 (contributed by Michael Muenz and Petr Kejval)
long:
- multiple updates to supported languages
- new Turkish translation (contributed by Aydin Yakar)
src:
- work around PCI devices which return all zeros for reads of existing MSI-X table VCTRL registers
- fix incorrect checksum calculations with IPv6 extension headers[10]
- fix TCP IPv6 SYN cache kernel information disclosure[11]
- fix insufficient oce(4) ioctl(2) privilege checking[12]
- fix incorrect user-controlled pointer use in epair[13]
- fix kernel memory disclosure with nested jails[14]
port:
- curl 7.69.1[15]
- krb5 1.18[16]
- openssh 8.2p1[17]
- openssl 1.1.1f[18]
- perl 5.30.2[19]
- php 7.2.29[20]
- python 3.7.7[21]
- strongswan 5.8.3[22]
- sudo 1.8.31p1[23]
Version number | 20.1.4 |
Release status | Final |
Operating systems | BSD |
Website | OPNsense |
Download | https://opnsense.org/download/ |
License type | Conditions (GNU/BSD/etc.) |