"Quintessential Quail" features unlimited DNS statistics with
a rewrite of the block list in python
Few days ago announced the release of the new version of OPNsense 23.1 with codename «"Quintessential Quail" and in this version it includes a DNS blocklist implementation that supports large lists and provides an easy way to block ads and malicious content, plus the new version comes with a DNS information panel, which gives users a comprehensive view of your traffic and DNS activity.
For those unfamiliar with OPNsense, they should know that is a fork of the pfSense project, created with the objective of forming a completely open distribution kit that could have functionality at the level of commercial solutions for the deployment of firewalls and network gateways.
Unlike pfSense, the project is positioned as not controlled by a single company, since it is developed with the direct participation of the community and has a completely transparent development process, in addition to providing the opportunity to use any of its developments in third-party products, including commercial ones.
Main new features of OPNsense 23.1 “Quintessential Quail”
The new version of OPNsense 23.1 introduces ported changes from the FreeBSD 13-STABLE branch, whereupon OpenZFS now provides the ZFS implementation on FreeBSD 13. In other words, you'll get the same version of ZFS on Linux and FreeBSD, and the 64-bit ARM architecture known as arm64 or AArch64 is promoted to tier status. 1 for FreeBSD 13.
Regarding the system packaging, the updated versions of additional ports programs stand out, such as php 8.1.14 and sudo 1.9.12p2.
Besides that added a new BGP ASN type firewall, also added isolated PPPoEv6 mode to selectively enable IPv6 Control Protocol and added support for SLAAC WAN interfaces without DHCPv6.
The packet capture and IPsec management components were transferred to the MVC framework, which made it possible to implement support for management via API.
Another of the changes that stands out in the new version is that a new DNS-based blocklist implementation, rewritten in Python and compatible with various ad and malicious content block lists.
It is also noted that theaccumulation and display of statistics on the operation of the Unbound DNS server, which allows you to track DNS traffic in relation to users.
Of the other changes that stand out from the new version:
- IPsec settings have been moved to the swanctl.conf file.
- The os-sslh plugin is included to allow multiplexing of HTTPS, SSH, OpenVPN, tinc, and XMPP connections over a single 443 network port.
- The os-ddclient (Dynamic DNS Client) plugin now has the ability to use your own backends, including Azure.
- The os-wireguard with VPN WireGuard plugin was changed to use the kernel module by default (the old user-level mode of operation was moved to a separate os-wireguard-go plugin).
- Virtual IPs converted to MVC/API
- Added a MAC filter to the packet capture
- Converting ARP/NDP pages to a server-side lookup variant
- Reinforced the concept of hardware interfaces and automatically pull supported plugin devices on the mappings page
- Hidden deprecated source OS rule setting in advanced
- Added group option to avoid grouping in interfaces menu
Finally if you are interested in knowing more about it, you can check the details In the following link.
Download the new version of OPNsense 23.1 "Quintessential Quail"
Si do you want to get this new version only You must go to its official website and in the download section where you can find the compiled image in the form of a LiveCD and a system image to write to Flash drives in the following link.
The source code of the components of the distribution, as well as the tools used for the construction, are distributed under the BSD license.