Archive > 15.7 Legacy Series
15.7 Development Milestones
franco:
Hi everyone,
as promised, here are the achievements of the last 6 months of work, ever since we've released 15.1 in January. The MVC work as well as the frontend/backend split is progressing at a reasonable pace, eventually leading to an architecture that has true privilege separation. The Bootstrap GUI received initial tweaks, but hasn't been the focus of this iteration. Our biggest additions are the Proxy, Intrusion Detection and Traffic Shaper, which have been rewritten from scratch using standard components of the FreeBSD ecosystem.
Here is a full list of key points:
o Added i386 and NanoBSD images
o OpenSSL and LibreSSL production-ready flavours
o Introduced opnsense-update utility for base system, kernel and package updates
o Completely rewrote of the firmware backend code and rebuilt its GUI in MVC
o Moved from FreeBSD 10.0 to 10.1, managing to lose the majority of custom patches
o Replaced the legacy backend daemon with a Python rewrite including a template engine
o Bsdinstaller can adapt its installation parameters for embedded devices
o Added OpenDNS support in the GUI (impeccable timing on that one)
o Stripped the legacy code for platform awareness and NanoBSD images
o Brought back the crash reporter
o Added GoogleDrive backup option for the configuration history
o Rewrote server-side parts of the XMLRPC service
o Unused ports in ports.git are now kept fully in sync with FreeBSD ports
o Kickstart of user-contributed translation projects with e.g. Simplified Chinese at 49% completed and German at 30%
o Config.xml handling code was refactored to enable simultaneous operation of the legacy PHP pages and the new MVC features
o Removed the unmaintained and dysfunctional Layer 7 filtering code
o Traffic shaper feature was rewritten using IPFW/MVC instead of ALTQ
o Upgrade package are now signed and verified for authenticity
o The GUI menu has been converted to MVC and enables legacy and new GUI components to coexist peacefully
o The bulk of custom kernel patches has been stripped to minimise the code distance to FreeBSD
o Proxy server implementation in MVC using squid
o IDS implementation in MVC using suricata
o Cron implementation in MVC
o HTTP API support for firmware updates, proxy server, intrusion detection and traffic shaper
o Reworked the port assignment section also support non-interactive setups for headless systems
Feel free to discuss, comment or ask questions. There's always room for improvement. :)
Cheers,
Ad, Franco and Jos
chol:
--- Quote from: franco on July 02, 2015, 03:19:54 pm ---as promised, here are the achievements of the last 6 months of work, ever since we've released 15.1 in January
--- End quote ---
Thank you very much, and "Hipp hipp huray!"
Do you have scheduled a release date so far?
franco:
We are testing the final images now. Hopefully in two hours. We have the doubled amount of testing because we are also releasing official LibreSSL images. :)
weust:
Looking forward to trying IDS. Wonder if I can manage to set it up properly.
There is a nice topic from Zedestructor over at pfsense forums I've been meaning to give a proper go.
Which requires suricata :-)
chol:
--- Quote from: weust on July 02, 2015, 07:23:52 pm ---There is a nice topic from Zedestructor over at pfsense forums I've been meaning to give a proper go.
Which requires suricata :-)
--- End quote ---
Weust, would you mind giving the hyperlink?
--- Quote from: franco on July 02, 2015, 05:54:43 pm ---We are testing the final images now. Hopefully in two hours. We have the doubled amount of testing because we are also releasing official LibreSSL images. :)
--- End quote ---
Thumbs up, Franco! Brave!
Navigation
[0] Message Index
[#] Next page
Go to full version