Download pfSense 2.4.5-p1

An update for version 2.4.5 of pfSense has been released. This package is based on the FreeBSD operating system and focuses on router and firewall tasks. It started in 2004 as a fork of m0n0wall due to differing views among the developers and over the years has grown into a router and firewall package that can be deployed in both small and very large environments. For more information, please refer to this page. The highlights for this release are as follows:

Security / Errata

pfSense software release version 2.4.5-p1 addresses several security issues:

• Addressed an issue with large pf tables causing system instability and high CPU usage during filter reload events on some multi-CPU platforms (eg Hyper-V, Proxmox, some bare metal systems)
• Fixed an issue with SSHGuard which could prevent it from protecting against brute force logins
• Updated Unbound to address CVE-2020-12662 and CVE-2020-12663
• Updated json-c to address CVE-2020-12762
• Added protection against misconfigured group privileges preventing the admin account from making configuration changes
• >Addressed issues with Suricata and FRR failing to start on some platforms (notably Netgate SG-1100, arm64/aarch64)
• Addressed FreeBSD Security Advisories & Errata Notices including:
  • FreeBSD-SA-20:10.ipfw
  • FreeBSD-SA-20:12.libalias
  • FreeBSD-SA-20:13.libalias
  • FreeBSD-SA-20:15.cryptodev

Notable Bug Fixes

In addition to security fixes, pfSense software version 2.4.5-p1 also includes important bug fixes.

• Fixed language selection for Chinese (Taiwan) / HK Translations
• Added support for Intel iwm(4) wireless cards (client mode only)
• Added support for QLogic 10Gbit/s Ethernet interfaces (qlxgb)
• Updated DNS Resolver EDNS buffer sizes for DNS flag day

For a complete list of corrected bugs, see the Release Notes.