Archive > 17.1 Legacy Series
17.1 development milestones
franco:
Hi there,
Here is the (gradually growing) list of important changes we've done for the 17.1 series during its development cycle:
o OpenVPN client exporter windows binaries have been removed
o top GUI package is now marked "vital" to make sure it's not being uninstalled (new feature of pkg 1.8)
o authentication methods are now fully pluggable
o secondary console can now be specified individually in serial mode under System: Settings: Administration
o installer now boots up with SSH for headless remote installation
o Italian as a release language (contributed by Antonio Prado)
o individual MVC config models now have their own versioning/migration system
o config.xml import / export consistency rework
o phalcon MVC 3.0
o PAM authentication for far-reaching 2FA usage
o reverting CARP usage back to BSD standards
o IPsec tunnel isolation mode for interoperability (one tunnel per phase 2 entry)
o pluggable boot loader settings
o sanitisation of header redirects using url_safe()
o firmware updates can now perform major system upgrades (e.g. FreeBSD 10.3 to 11.0)
o FTP proxy plugin (contributed by Frank Brendel)
o all system branding moved to the core package
o Czech as a release language (contributed by Pavel Borecki)
o FreeBSD 11-RELEASE with ASLR and PIE additions from HardenedBSD
o first public test build of OPNsense on armv6
o firewall rules are now fully pluggable
o secure fetching of bogons files as a single set
o HardenedBSD's SEGVGUARD
o configuration model constraints
o Tinc VPN Plugin
o selectable domain override for DNS Forwarder/Resolver
o captive portal custom voucher quantity and validity
o rewritten Nano images with growfs support (3G)
o improved password security (blowfish+salt)
o Mute + EFI console support
o PHP 7.0 compatibility and general GUI speed improvements
o improved firmware update user experience with audits, changelogs, licenses, plugins
o exported several base features to plugins (os-snmp, os-igmp-proxy, os-wol, os-upnp, os-relayd)
o added translation for Portuguese/Portugal (contributed by Carlos Meireles)
o added translation for Portuguese/Brazil (contributed by Thiago Basilio)
o fixed link state interrupt stuck on e1000 82574 chipsets broken in FreeBSD 10.3 and up
o cooperative firewall forwarding rework to fix traffic shaper/captive portal + multi-wan
o fixed emulated IPS (netmap) mode broken in FreeBSD 11.0
o replaced the CSRF implementation in the non-MVC pages
Cheers,
Franco
franco:
Lots of updates on this now. If there are questions please don't hesitate. :)
Cheers,
Franco
tillsense:
...new feature of pkg 1.8 ???
cheers till
franco:
Yeah... pkg 1.8 added the "vital" flag which can prevent accidental removal of the GUI package, which could happen either due to pkg resolver bugs during challenging LibreSSL/OpenSSL transitions, or due to manual errors during a package switch.
The "vital" flag is actually going to be used for FreeBSD's base pkg support where base and kernel components really should not be uninstalled under any circumstances. Base pkg was originally scheduled for 11.0, then rescheduled for 11.1, but maybe we won't see it before 12.0.
But long story short, it's a very useful feature in OPNsense already although one can't appreciate it because it will prevent bad things from happening in the first place. :)
Cheers,
Franco
nikkon:
any possibility to see pfblokerNG in this major release?
Navigation
[0] Message Index
[#] Next page
Go to full version