The developers of the OPNsense project recently announced the release of the new version of "OPNsense 21.7" which they classify as one of the largest iterations of code changes. And it is that in this new version various changes and updates were made Of which it stands out that the installer which was replaced to offer native ZFS installations and avoid failures in virtual machines that use UEFI.
For those unfamiliar with OPNsense, they should know that is a fork of the pfSense project, created with the objective of forming a completely open distribution kit that could have functionality at the level of commercial solutions for the deployment of firewalls and network gateways.
Unlike pfSense, the project is positioned as not controlled by a single company, since it is developed with the direct participation of the community and has a completely transparent development process, in addition to providing the opportunity to use any of its developments in third-party products, including commercial ones.
Among the OPNsense possibilities you can distinguish the fully open compilation tool, as well as the ability to install packages on top of an ordinary FreeBSD system, the load balancer, a web interface for organizations to connect users to the network, a system of visual and graphical reports, among other things.
Main new features of OPNsense 21.7 "Noble Nightingale"
This new version of OPNsense 21.7 arrives with more than 1000 confirmations in your main and plugin repository since the last major version. This version of the distribution builds on developments in HardenedBSD 12.1, while for the next version, 22.1, it is planned to migrate to FreeBSD 13.
Among the improvements that stand out in this new version is newly designed firewall status diagnostics, Besides that templates that allow associating a set of networks, hosts and ports with a certain symbolic name in the firewall rules, added the ability to specify bit masks in netmasks.
Also in this OPNsense 21.7 Introducing new and updated community-friendly plugins, such as the Radius Proxy plugin which, in addition to the usual UDP transport, also supports TLS (RadSec), as well as RADIUS over TCP and DTLS.
We can also find that a new installer has been proposed that provides integrated support for installation on partitions with the file system ZFS and is suitable for use on virtual machines using UEFI.
Another novelty that stands out is for business users, since new syslog-ng TLS transport options have been implemented and the new audit trail, for compliance requirements, are welcome additions.
Of the other changes that stand out from this new version:
- The main component of MVC, Phalcon, has been updated to version 4.
- Redesigned interface for firmware updates.
- In the log reflecting the traffic filtering activity, the current rule identifiers are displayed to avoid misinterpretation after changing the rule set.
- Removed NextCloud backup from core functionality
- The PHP memory limit has been increased to 1GB
- Unused Traffic API dashboard feed removed
- The use of client certificates in the web GUI is now prevented
- Fixed PHP 7.4 deprecated warning in IPv6 library
Finally if you are interested in knowing more about it, you can check the details In the following link.
Download the new version of OPNsense 21.7
Si do you want to get this new version only You must go to its official website and in the download section where you can find the compiled image in the form of LiveCD and an image of the system to write to Flash drives (422 MB) in the following link.
The source code of the components of the distribution, as well as the tools used for the construction, are distributed under the BSD license.