The Linux distribution that works as a Firewall, IPFire, has been updated today to version 2.23 Core Update 131, a release that introduces a new intrusion prevention system, various enhancements, and updated components.
The most striking improvement in IPFire 2.23 Core Update 131 is that comes with a new intrusion prevention system (IPS) that thoroughly inspects packets and prevents threats, making networks more secure. IPFire previously used Snort as an intrusion detection system, but in this version it has been replaced by Suricata.
After updating to IPFire 2.23 Core 2.23 Update 131, the Snort settings will be automatically migrated to Suricata, which will be activated in monitoring mode. You will need to disable this mode to activate the new Intrusion Prevention System package.
Component improvements and other adjustments
IPFire 2.23 Core Update 131 also brings many improvements such as ability to activate an SSH agent on the IPFire SSH service, better import of DHCP in the DNS system, better editing of the connection in the IPsec VPN pages, in addition to improvements in the configuration page, local DNS zone and temperature lookup in AWS.
In addition, it comes with an updated Wireless database, a new firmware update tool, a firewall chain for custom TOR rules to allow users to control outgoing traffic, as well as support for enabling client insolation on WAP ( Wireless Access Point) to restrict Wireless clients from communicating with each other on APs.
Under the hood, IPFire 2.23 Core Update 131 you are using Linux kernel 4.14.113 with long term support with debug functionality to improve performance and many updated components including BorgBackup 1.1.9, dnsdist 1.3.3, FreeRADIUS 4.0.18, GnuTLS 3.6.7.1, Lua 5.3.5, Nettle 3.4.1, Nginx 1.15.9, NTP 4.2.8 .13p3.4.5, Postfix 1.7.1, RRDtool 1.9.1, Unbound 4.2.0 and Zabbix XNUMX.
Download: IP Fire 2.23 Core Update 131