OPNsense Forum

Administrative => Announcements => Topic started by: franco on February 21, 2015, 07:50:13 pm

Title: OPNsense released
Post by: franco on February 21, 2015, 07:50:13 pm
Hello everyone,

QUICK UPDATE: A regression sneaked into the release that renders the console unusable when "System: Advanced: Admin Access: Console menu protection" is being disabled. As far as we can see, this does not effect anything but the console login so you should be able to log back in and recheck the option to get it back (even though you will have to type the username/password).

what an intense week. The m0n0wall EoL announcement (http://m0n0.ch/wall/end_announcement.php) leaves us with a long TODO list that goes as far as realigning the project, especially in terms of lowering hardware requirements. We’re slowly getting there, but it has only been a week for us compared to m0n0wall’s 12 year track record. We ask for a little more time and for you to keep discussing challenges and opportunities through the available communication channels.

Speaking of track records, today we bring you, the extra one meaning we’ve caught 3 issues during the release process tests and had to essentially redo the whole thing. No idea if we keep this numbering trick or not, consider it a little experiment.

The highlights (TL;DR): We now run FreeBSD 10.1 with lots of driver updates and security patches on top, addressed two CVEs, introduce our base upgrade tool opnsense-update, new naming scheme for install images and IKEv1 for IPsec.

Acquiring the release:


Explaining the naming scheme:

cdrom: ISO installer image with live system capabilities running in VGA-only mode
vga: USB installer image with live system capabilities running in VGA-only mode
serial: USB installer image with live system capabilities running in serial console (115200) mode with secondary VGA support (no kernel messages there though)

Explaining (experimental) base upgrades:

The preferred method for upgrades is still booting install media, importing the config through the installer and reinstalling as it is a clean fallback. Nevertheless, we’ve pushed a new tool that can be invoked manually on the command line after the firmware upgrade to has been completed.

To upgrade the base system, as root type

Code: [Select]
# opnsense-update
# reboot

The immediate reboot is mandatory, but you are in charge. Again, this is still experimental, so please report any bugs or strange behaviour running an older release that has been upgraded in this way. If all hell breaks loose, the config can still be recovered using the preferred upgrade method even when the system is broken during the upgrade. And you should always keep a backup of your config somewhere else...

Change Log 15.1.6:

Change Log

Stay safe,
The OPNsense team