18.7 development milestones

Started by franco, May 03, 2018, 05:41:08 PM

Previous topic - Next topic
May 03, 2018, 05:41:08 PM Last Edit: July 27, 2018, 03:50:52 PM by franco
Hi there,

This is the list of ready-to-use features that have been added to the development version since 18.1 came out. Some of these items have also been shipped in subsequent 18.1.x releases.

o improved default route handling
o improved default gateway switching
o sytem tunables are now also used as loader tunables
o service control buttons for MVC pages (contributed by Smart-Soft)
o password policies for local authentication, also works with TOTP
o unrestricted VLAN usage for e.g. Xen
o OpenVPN default setup improvements for IPv6
o large CPU usage widget (contributed by Team Rebellion)
o improved WAN DHCPv6 (contributed by Team Rebellion)
o dpinger integration (contributed by Team Rebellion)
o captive portal voucher expiry option
o UI cleanups and menu consolidation
o MVC constraint model type for dependent fields
o factory reset improvements
o improved GIF/GRE tunnel flexibility
o web proxy SNMP support (contributed by Smart-Soft)
o generate and permanently save host ID
o traffic data and IP address for RADIUS accounting messages (contributed by fvanroie)
o language updates for Czech, French, German, Portuguese (Brazil)
o switch from dhcp6 to our own lightweight dhcp6c https://github.com/opnsense/dhcp6c
o os-monit core integration to replace the legacy notifications
o OpenSSH access via group instead of privilege
o allow setting a user's shell and recover all know shells on reboot
o removed the GUI authentication fallback in favour of multi-select authentication method
o pluggable backup framework with new Nextcloud backup option
o allow SLAAC on top of IPv4 PPP connectivity
o allow tracking mode for SLAAC (provider 018.net.il)
o SVG branding logo support
o improved VLAN console configuration
o QinQ interface removal
o 404 error page
o custom landing page for users
o firmware GUI speedup and console reboot hint
o UI header security and SSL cipher hardening
o ZFS on root boot support
o ZFS and MSDOS config import support
o stand-alone frontend UI development tools https://github.com/opnsense/ui_devtools
o ISC DHCP version moves from 4.3 to 4.4
o RRDtool version moves from 1.2 to 1.7
o rework rc.syshook facility to use drop-in directories instead of suffixes
o pluggable CARP and backup events through rc.syshook
o limit tokenizer usage, change to supported version 2, several fixes
o manual pages for opnsense-importer, opnsense-installer and opnsense-shell
o unlimited session lifetime is no longer supported
o router advertisements and DHCPv6 on tracking interfaces (contributed by Team Rebellion)
o DH parameter usage selector: follow OPNsense, regenerate using fixed or custom cron, use RFC 7919
o OpenVPN client-specific overrides rework to support RADIUS attributes Framed-IP-Address, Framed-IP-Address, Framed-Route
o Backports of newer Intel NIC drivers
o remote syslog support for intrusion detection
o revived 6RD support
o replace Glyphicon with Font-Awesome icons in static pages
o support single reconfigure step in interface overview instead of split release/renew
o plugins: os-cache, os-lcdproc-sdeclcd, os-net-snmp, os-nut, os-openconnect, os-relayd 2.0, os-shadowsocks, os-theme-cicada, os-theme-rebellion, os-theme-tukan, os-wol 2.0

If you have any questions please ask us below!  :)


Dpinger..  8)
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member

Only items that are properly locked in already. But the list will be updated periodically. :)


May 05, 2018, 11:56:49 AM #3 Last Edit: May 05, 2018, 12:03:43 PM by Nephiria
Hi Franco,

I have probably after the last firmware update a major problem with HAProxy GUI. see my post here in the forum.


I think that it is a bug and hope that I'm here in the forum in the right area to post that.

UPDATE:ok has with Update what has just seen 18.1.7_1 solved.

Best Regards

Hi Nephiria,

Yes it was hotfixed a few hours after it was reported. But it seems you didn't use the -devel version (18.7) before because the bug was in -devel for over a month.

Hopefully this forum helps with reporting such issues before they are added to a release. :)


when is it going to be ready for deployement ?
DEC4240 – OPNsense Owner

Hi Julien,

Late July as planned.

Half of the features listed above, however, are already active on 18.1.x.


Dpinger made it to the list now. ;)

Hi franco. I have question about VIRTIO support. Before I was start new post https://forum.opnsense.org/index.php?topic=8584.0 Do You have more detailed information about fully support of VirtIO NICS and IDS+IPS?  This support absent in related to the problem FreeBSD kernel + drivers or in OPNsense IPS service? By FreeBSD roadmap RELEASE announcement will be from 6 November 2018. I try to understant, it will be solve problem with VirtIO or we need to wait some updates from OPNsense team - dev + patching? If we need wait patching from OPNsense team like IPS patching - maybe do You have a plan, when it will be possible to solve this problem?



That's entirely up to the FreeBSD version you are referring to. We currently run 11.1, next is 11.2 with 19.1 (not this year's 18.7), but there is also 12.0 we don't know yet when to adapt to, closer to 20.1 probably...


@fichtner: plugins: os-theme-tukan (new)

Anywhere to download an image? I want to do a fresh install on my test box, to install with zfs it makes the most sense.

AFAIK there is no image for 18.7.b*

It's beta so updates are done using *live* makes.

It is working without any issues at all on my live and test systems though.
OPNsense 24.7 - Qotom Q355G4 - ISP - Squirrel 1Gbps.

Team Rebellion Member

Yes I know how to switch an existing system to devel but that will not do much for doing a ZFS install as I have the hardware necessary, eg, more than just two disks.

Never tried it but I think you have to install vanilla FreeBSD 11.1 with ZFS and bootstrap OPNsense on it ...