Download OPNsense 21.7.6
The package OPNsense is a firewall with extensive possibilities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 21.7.6 with the following announcement:
OPNsense 21.7.6 released
This smallish update introduces Suricata 5-based versions for Emerging Threats rulesets as well as shipping the latest Suricata 6.0.4 with an additional change for the Netmap API version 14. Please do let us know how that impacts your IPS performance numbers via the forum if you notice anything.
The upgrade to 22.1-BETA2 is also included in the bundled development version.
Here are the full patch notes:
- system: move logging remnants of Relayd/HAProxy to plugin code
- system: support XMLRPC authentication using API keys
- system: escape shell parameters in cron jobs
- system: system log widget auto-refresh (contributed by kulikov-a)
- interfaces: make is_linklocal() properly detect all link-local addresses (contributed by Per von Zweigbergk)
- firewall: properly translate “any” port to upper or lower port bound
- firewall: support any-to-X ranges for rules port input (contributed by kulikov-a)
- firewall: drop policy based routing validation on interface rules
- captive portal: missing tooltip in session window
- captive portal: “connected since” malformed due to datetime already being converted
- dhcp: add current IPv4 address to static lease creation (contributed by Taneli Leppa)
- intrusion detection: switch to ET-Open Suricata 5 rulesets
- intrusion detection: support multiple policy property in metadata
- ipsec: inline only caller or get_configured_vips_list()
- ipsec: avoid VTI device recreation when using hostnames
- backend: add configctl “-d” and “-q” options for future use
- plugins: os-acme-client 3.5
- plugins: os-dyndns 1.27
- plugins: os-etpro-telemetry 1.6 switches to Suricata 5 rulesets
- plugins: os-frr 1.24
- plugins: os-nginx 1.24
- plugins: os-telegraf 1.12.3
- plugins: os wireguard 1.9
- plugins: os-zabbix-agent 1.10
- plugins: os-zabbix-proxy 1.6
- ports: suricata 6.0.4 with Netmap API version 14 enabled
Version number | 21.7.6 |
Release status | Final |
Operating systems | Linux, BSD |
Website | OPNsense |
Download | |
License type | Conditions (GNU/BSD/etc.) |