Download OPNsense 22.7.7
The OPNsense package is a firewall with extensive opportunities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be fully configured via a web interface and includes support for 2fa, openvpn, ipsec, carp and captive portal. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 22.7.7 and this version is accompanied by the following notes:
OPNsense 22.7.7 released
We replaced the packet capture tool with a MVC/API rewrite and updated most plugins to use the new setup script facility when doing a start/restart/reload through the RC system. A number of FreeBSD kernel improvements have been included as well.
Although OpenSSL is being updated keep in mind that the current popular vulnerability only exists in version 3 and we still use 1.1.1.
Here are the full patch notes:
- system: fix getOID() call for phpseclib 3 while processing CSR
- system: avoid error on installer user creation
- system: show booting banner on dashboard
- interfaces: show attached interface for VLAN device in overview
- interfaces: packet capture MVC/API replacement
- interfaces: fix ARP table name resolve backend issue (contributed by soif)
- firewall: off-by-one in regex for target port range parse
- firewall: support Maxmind unclassified “EU” as selectable country
- firewall: fix possible race condition when changing limit in live log
- firewall: fix sorting bug in aliases list
- firewall: allow the use of “dynamic” interface types in shaper, eg IPsec devices
- dnsmasq: remove expired root trust anchor (contributed by Johnny S. Lee)
- firmware: always fetch the signature file to avoid signature issues after upgrades
- firmware: use effective ABI in changelog fetch
- firmware: ignore automatic business plugin and license hint
- intrusion detection: missing OPNsense categories
- ipsec:missing return in controller
- openvpn: use ifctl in link up/down scripts
- unbound: move the removal of pluggable files above the configuration check
- unbound: remove 127/8 from private-address block when rebind protection is enabled
- unbound: make the default private-address items configurable via the advanced page
- unbound: fix possible error while opening DoT page
- mvc: when multiple validation messages are returned wrap each message in a div tag
- mvc: prevent UserExceptions to end up in the crash reporter
- mvc: translate a base field error
- backend: wait 1 second for configd socket to become available
- console: store UUID for VLAN device
- rc: remove obsolete NAME_var_script and NAME_var_mfs support
- plugins: migrate all plugins to NAME_setup script use
- plugins: $verbose argument in plugins_run() is spurious
- plugins: os-acme-client 3.14
- plugins: os-apcupsd 1.1
- plugins: os-frr 1.31
- plugins: os-haproxy 3.12
- plugins: os-maltrail 1.10
- plugins: os-openconnect 1.4.3
- plugins: os-telegraf 1.12.6
- plugins: os-tor 1.9 enables hardware acceleration (contributed by haarp)
- plugins: os-wireguard 1.13
- src: revert “e1000: try auto-negotiation for fixed 100 or 10 configuration”
- src: vxlan: check the size of data available in mbuf before using them
- src: vm_page: fix a logic error in the handling of PQ_ACTIVE operations
- src: cam: provide compatibility for CAMGETPASSTHRU for periph drivers
- src: loader: fix elf lookup_symbol type filtering
- src: zfs: fix a pair of bugs in zfs_fhtovp()
- src:zfs:fix use-after-free in btree code
- src: tcp: finish SACK loss recovery on sudden lack of SACK blocks
- src: igc: remove unnecessary PHY ID checks
- src: ixl: add support for I710 devices and remove non-inclusive language
- src: ixl: fix SR-IOV panics
- src: rc: run NAME_setup before RC_ARG_precmd
- src: u3g: add more USB IDs
- ports: libxml 2.10.3
- ports: nss 3.84
- ports: openssl 1.1.1s
- ports: openvpn 2.5.8
- ports: phalcon 5.1.0
- ports:php 8.0.25
- ports:python 3.9.15
- ports: sudo 1.9.12
- ports: unbound 1.17.0
Version number | 22.7.7 |
Release status | Final |
Operating systems | Linux, BSD |
Website | OPNsense |
Download | |
License type | GPL |