OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 19.1 Legacy Series »
  • 19.1 development milestones
« previous next »
  • Print
Pages: [1] 2 3 4

Author Topic: 19.1 development milestones  (Read 74813 times)

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1172
    • View Profile
19.1 development milestones
« on: November 03, 2018, 01:47:24 pm »
Hi there,

Important milestones for us, partly shipped in 18.7.x:

* firewall alias API conversion
* collapsible side bar menu in the default theme
* arbitrary ZFS pool importer
* HardenedBSD 11.2
* LibreSSL 2.7
* Unbound 1.8
* Suricata 4.1
* Phalcon 3.4
* Perl 5.28
* Python 3.6 as an optional package for later 2.7 removal
* Realtek NIC driver version 1.95
* multiple DH groups and hash algorithms in IPsec phase 1
* redesigned interface binding for web GUI, Dnsmasq, Unbound, OpenSSH, Syslog export
* firmware health check extended to include kernel and base files
* firmware now embeds version and build information into core package
* firmware package mirror changes to HTTPS by default
* firmware obsolete base set removal, embedded into base set
* opnsense-version to read base, kernel, core and plugin info
* interface iteration function consolidation / simplification
* special interface address filter selectors moved to kernel-time resolving
* WPAD / PAC support in the web proxy
* updates are browser cache-safe regarding CSS and JavaScript assets
* MVC gained single-select, set-if-constraint and compared-to constraints
* captive portal connect API action
* PIE shaper support
* 2FA via LDAP-TOTP combination
* OpenVPN client export API
* Dnsmasq DNSSEC support
* extended IPv6 DUID support
* language updates for  Chinese, Czech, French, German, Japanese, Portuguese and Russian
* P12 certificate export with custom passwords
* Unified and improved anti-lockout behaviour
* web proxy parent proxy support
* Dpinger is now the default gateway monitor with Apinger being removed
* system notifications have been removed in favour of Monit service
* discontinued intrusion detection GeoIP support has been removed (use firewall aliases instead)
* Unbound statistics page
* console menu port configuration now allows to skip LAN and configure additional OPT interfaces (anti-lockout moves to OPT1 in this case)
* GRE IP alias support
* firewall NAT rule log support
* new plugins: os-api-backup, os-bind, os-dmidecode, os-nginx, os-ntopng, os-vnstat, os-dnscrypt-proxy
* rewritten plugins: os-wol

Questions, thoughts? Don't hesitate to ask!


Cheers,
Franco
« Last Edit: January 31, 2019, 12:40:44 pm by franco »
Logged

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: 19.1 development milestones
« Reply #1 on: November 03, 2018, 02:08:03 pm »
* nginx plugin
* ntopng plugin
* alias API
Logged

miroco

  • Full Member
  • ***
  • Posts: 106
  • Karma: 8
    • View Profile
Re: 19.1 development milestones
« Reply #2 on: November 03, 2018, 03:18:22 pm »
How about ad-blocking, is it on the 19.1 roadmap?
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6286
  • Karma: 432
    • View Profile
Re: 19.1 development milestones
« Reply #3 on: November 03, 2018, 03:26:37 pm »
It's in Bind Plugin already and I'll add Dome stuff to a new dnscrypt-proxy. Unbound may follow, but no idea before 19.1
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

fabian

  • Hero Member
  • *****
  • Posts: 2768
  • Karma: 199
  • OPNsense Contributor (Language, VPN, Proxy, etc.)
    • View Profile
    • Personal Homepage
Re: 19.1 development milestones
« Reply #4 on: November 03, 2018, 03:30:13 pm »
Quote from: miroco on November 03, 2018, 03:18:22 pm
How about ad-blocking, is it on the 19.1 roadmap?

that is already supported at multiple places (web proxy, bind plugin, …). Somebody has started his own plugin but nothing happened since (https://github.com/opnsense/plugins/pull/808)
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1172
    • View Profile
Re: 19.1 development milestones
« Reply #5 on: November 03, 2018, 07:04:36 pm »
Updated the list with things already shipped in 18.7.1 - 18.7.6 and 19.1-BETA.
Logged

l0rdraiden

  • Jr. Member
  • **
  • Posts: 58
  • Karma: 4
    • View Profile
Re: 19.1 development milestones
« Reply #6 on: November 04, 2018, 10:01:59 am »
More pfblockerng features and better integrated by default.
Sensei as an official plugin
The ability to create allow block or temporary rules from a log entry
And something similar to SELKS in terms of reporting would be fantastic, maybe integrating it from plugins or creating something similar dedicated to opnsense
The ability to introduce range of IPs like 192.168.1.25-192.168.1.12. In alias
The ability to add more lines in a rule to introduce several IP ranges por port ranges
Alias creation should be something similar to pfsense with is better in this area
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6286
  • Karma: 432
    • View Profile
Re: 19.1 development milestones
« Reply #7 on: November 04, 2018, 10:17:03 am »
Quote from: l0rdraiden on November 04, 2018, 10:01:59 am
More pfblockerng features and better integrated by default.

Will never happen, pfblocker is also a plugin. The logic of pfblocker is not philosophy of OPN. All plugins a modular and can be combined, this makes more sense than putting all in one plugin and double the work.
Also, 90% of the features are already possible, but not in one location, but this project is not here to be a replica of another :)

Quote from: l0rdraiden on November 04, 2018, 10:01:59 am
Sensei as an official plugin

It' a commercial plugin and it's not stable (1.0). Let's wait what happens ..

Quote from: l0rdraiden on November 04, 2018, 10:01:59 am
The ability to create allow block or temporary rules from a log entry

Good idea, feature requests only on github please.

Quote from: l0rdraiden on November 04, 2018, 10:01:59 am
The ability to add more lines in a rule to introduce several IP ranges por port ranges

You can mix host and port aliases in one rule to fit all ..

Quote from: l0rdraiden on November 04, 2018, 10:01:59 am
Alias creation should be something similar to pfsense with is better in this area

In the long term it will all be done via API, so no need to put extra work for an interim solution.




I'm not sure if this thread is meant as a wishlist, it's more for reporting :)
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

Drinyth

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: 19.1 development milestones
« Reply #8 on: November 04, 2018, 03:19:25 pm »
Any idea if:

https://github.com/opnsense/core/issues/1494

Will be resolved in 19.1 still? I have in the past used that logging feature for debugging and for seeing who is connecting to various open ports on the firewall (outside of the individual service logs for each running service). Hopefully it'll get introduced soon?

Thanks for your continued work on opnsense!
Logged

bob@afrinet.eu

  • Newbie
  • *
  • Posts: 25
  • Karma: 0
  • Lively african security aficionado
    • View Profile
Re: 19.1 development milestones
« Reply #9 on: November 05, 2018, 12:08:00 pm »
Still the same boot problem… when reaching the mmc0 :
Code: [Select]
No compatible cards found on the device.

This is well supported in FreeBSD 11.2 so I guess there is a problem with the driver for mmc and supported devices compiled in the Kernel (probably).
Logged

SiD67

  • Newbie
  • *
  • Posts: 12
  • Karma: 2
    • View Profile
Re: 19.1 development milestones
« Reply #10 on: November 07, 2018, 07:30:26 pm »
Would it be possible to integrate pihole or something similar directly into opnsense? I´m running my pihole on a vm at the moment...
Logged

mimugmail

  • Hero Member
  • *****
  • Posts: 6286
  • Karma: 432
    • View Profile
Re: 19.1 development milestones
« Reply #11 on: November 07, 2018, 10:40:36 pm »
Quote from: SiD67 on November 07, 2018, 07:30:26 pm
Would it be possible to integrate pihole or something similar directly into opnsense? I´m running my pihole on a vm at the moment...


BIND plugin ...
Logged
Twitter: mimu_muc
WWW: www.routerperformance.net
Support plans: https://www.max-it.de/en/it-services/opnsense/
Commercial Plugins (German): https://opnsense.max-it.de/

Nekromantik

  • Jr. Member
  • **
  • Posts: 79
  • Karma: 2
    • View Profile
Re: 19.1 development milestones
« Reply #12 on: November 08, 2018, 10:58:16 pm »
I use stubby and getdns via freebsd ports.
will I still be able to compile this via ports on 19.1?
Logged

franco

  • Administrator
  • Hero Member
  • *****
  • Posts: 13624
  • Karma: 1172
    • View Profile
Re: 19.1 development milestones
« Reply #13 on: November 08, 2018, 11:40:52 pm »
Precompiled getdns package is provided since 18.7.7.

Building a proper plugin around it is pending. Until then, it could still break or revert its configuration on updates (like what happened with our Unbound bump).


Cheers,
Franco
Logged

Nekromantik

  • Jr. Member
  • **
  • Posts: 79
  • Karma: 2
    • View Profile
Re: 19.1 development milestones
« Reply #14 on: November 08, 2018, 11:45:36 pm »
Quote from: franco on November 08, 2018, 11:40:52 pm
Precompiled getdns package is provided since 18.7.7.

Building a proper plugin around it is pending. Until then, it could still break or revert its configuration on updates (like what happened with our Unbound bump).


Cheers,
Franco

ok thanks
Logged

  • Print
Pages: [1] 2 3 4
« previous next »
  • OPNsense Forum »
  • Archive »
  • 19.1 Legacy Series »
  • 19.1 development milestones
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2