Download OPNsense 22.1.1
The package OPNsense is a firewall with extensive possibilities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 22.1.1 with the following announcement:
OPNsense 22.1.1 released
The first stable release brings in minor fixes from FreeBSD and instant log file visibility for files without severity written which can happen for individual plugins. We have also gone ahead to restructure the interface code further to resolve dependencies between configured devices and interfaces automatically and the bundled development version is worth a try for everyone having issues with GIF/GRE not coming up after boot.
Here are the full patch notes:
- system: changing interface gateway was ignored during route reconfiguration
- system: allow to configure SSH setting PubkeyAcceptedAlgorithms (contributed by Manuel Faux)
- system: add backward compatibility for reading logs without severity by default (contributed by kulikov-a)
- system: fix typo causing PHP warning on IPv6 login (contributed by ppascher)
- system: cron command drop down size was extending below screen
- system: add a sysctl cache to improve tuneable overview load time
- system: replace obsolete find_interface_network*() use in GUI
- system: allow severity levels in PHP log messages and mark authentication success messages as notice
- interfaces: fix default handling for VIP nobind option
- interfaces: allow VIP nobind feature on CARP addresses
- interfaces: stop mpd5 daemon before starting
- interfaces: always show interface in GIF and GRE overview even on VIP use
- interfaces: fix GIF and GRE VIP use loading order in IP alias cases
- interfaces: remove device creation side effect from bridge, LAGG, GIF, GRE and VLAN GUI pages
- interfaces: prevent DHCP from installing name servers when not allowed
- interfaces: get_interface_list() must exclude OpenVPN
- interfaces: replace obsolete find_interface_network*() use in GUI
- firewall: remove ruleset optimization support which did not work since rule labels are mandatory for live log
- firewall: exclude external alias for nesting
- firewall: encode rules names in aliases (contributed by kulikov-a)
- firewall: check state before selecting categories (contributed by kulikov-a)
- firewall: sync “disabled” flag on linked firewall rule of port forward
- firewall: local file corruption might prevent alias to be loaded
- firewall: default pass all loopback without state tracking
- dhcp: change prefix watcher to work without circular logging now that it is gone
- dhcp: replace obsolete find_interface_network*() use in GUI
- dhcp: fix implode() call (contributed by Clement Moulin)
- ipsec: replace obsolete find_interface_network*() use in GUI
- firmware: opnsense-version: support reading lock files operated by opnsense-update
- firmware: patch version / date header in consistently for backend scripts
- mvc: overload __isset() magic method
- plugins: os-bind 1.21
- plugins: os-ddclient 1.1
- plugins: os-dnscrypt-proxy 1.11
- plugins: os-dyndns menu compatibility with os-ddclient
- plugins: os-frr 1.27
- plugins: os-mdns-repeater 1.1
- plugins: os-rspamd 1.12
- plugins: os-zabbix-agent 1.11
- src: pf: set_prio was not set after nvlist conversion
- src: if_vtnet: Restore the ability to set promisc mode
- src: hn: disable Hyper-V vSwitch RSC support
- ports: curl 7.81.0
- ports: expat 2.4.4
- ports: lighttpd 1.4.64
- ports: monit 5.30.0
- ports: nss 3.75
- ports: pcre / pcre2 enable JIT support
- ports: phpseclib 2.0.36
- ports: strongswan 5.9.5
- ports: sudo 1.9.9
Version number | 22.1.1 |
Release status | Final |
Website | OPNsense |
Download | |
License type | GPL |