Sidebar Sponsor |
|
Random Distribution |
VortexBox
VortexBox is a Fedora-based Linux distribution that turns an unused computer into an easy-to-use music server or jukebox. Once VortexBox has been loaded it will automatically rip CDs to FLAC and MP3 files, ID3-tag the files, and download the cover art. VortexBox will then serve the files to network media player. The file can also be streamed to a Windows or Mac OS X system.
Status: Dormant
| Tips, Tricks, Q&As | Questions and answers: Improving manual pages, advantages of Flatpak/Snap |
Questions and answers: What to do in the wake of Red Hat phasing out CentOS |
Tips and tricks: Gathering system information with osquery |
Questions and answers: Working with Bash completion |
Questions and answers: Creating ISO images |
Tips and tricks: Basename, for loop, dirname, aliases, bash history, xsel clipboard |
Questions and answers: E-book management |
Questions and answers: Basic and practical security tips |
Tips and tricks: Finding the right words, sorting filesystem snapshots, truncating audio files |
More Tips & Tricks and Questions & Answers | |
Latest News and Updates |
|
2020-01-30 |
NEW • BSD Release: OPNsense 20.1 |
Rate this project
|
Jos Schellevis has announced the release of OPNsense 20.1, which carries the code name "Keen Kingfisher". OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest introduces a number of security improvements and updates the default Python version to 3.7. "OPNsense 20.1, nicknamed 'Keen Kingfisher', is a subtle improvement on sustainable firewall experience. This release adds VXLAN and additional loopback device support, IPsec public key authentication and elliptic curve TLS certificate creation amongst others. Third party software has been updated to their latest versions. The logging front-end was rewritten for MVC with seamless API support. On the far side the documentation increased in quality as well as quantity and now presents itself in a familiar menu layout. These are the most prominent changes since version 19.7: Captive portal performance improvements; IPsec public key authentication support; Elliptic curve TLS certificate creation; CARP service demotion hook; VXLAN device support...." Additional details, along with a list of changes and known issues, can be found in the project's release announcement. Download: OPNsense-20.1-OpenSSL-dvd-amd64.iso.bz2 (280MB, SHA256, signature). |
|
About OPNsense
|
OPNsense is a FreeBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. It is developed by Deciso B.V. in the Netherlands. Some of the features of OPNsense include forward caching proxy, traffic shaping, intrusion detection, two-factor authentication and easy OpenVPN client setup. The project's focus on security brings a number of unique features, such as the option to use LibreSSL instead of OpenSSL (selectable in the GUI). OPNsense also includes an update mechanism that delivers important security updates in a timely fashion.
|
Screenshots |
| |
Recent Related News and Releases |
2024-07-25 |
BSD Release: OPNsense 24.7 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release focuses on performance improvements anda new dashboard. The release announcement shares details: "FreeBSD 14.1: Leveraging the latest FreeBSD 14.1, OPNsense 24.7 ensures a stable and secure foundation, significantly enhancing system performance and compatibility. Performance Increase: Major performance improvements have been implemented, ensuring faster, more efficient processing and a smoother user experience. Modern New Dashboard: Users can now enjoy a sleek and intuitive dashboard, designed for ease of use and enhanced user experience, reflecting the latest trends in UI/UX design. Enhanced VPN Technologies. WireGuard: Performance Boost: Significant increases in connection speeds and reliability, enhancing overall user experience and QR Code Generation: Simplifies mobile client configuration with QR code generation, enabling quick and secure setup. OpenVPN: Data Channel Offload (DCO): Introducing revolutionary performance improvements for VPN servers and clients, significantly boosting throughput and efficiency." A forum post includes a more detailed changelog. Download (SHA256): OPNsense-24.7-dvd-amd64.iso.bz2 (488MB). |
|
2024-01-30 |
BSD Release: OPNsense 24.1 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release, OPNsense 24.1 "Savvy Shark" includes a number of upgrades and fiewall improvements, along with the OpenSSL 3. "For more than 9 years now, OPNsense is driving innovation through modularising and hardening the open-source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. 24.1, nicknamed 'Savvy Shark', features ports-based OpenSSL 3, Suricata 7, several MVC/API conversions, a new neighbor configuration feature for ARP/NDP, core inclusion of the os-firewall and os-wireguard plugins, CARP VHID tracking for OpenVPN and WireGuard, functional Kea DHCPv4 server with HA support plus much more. Here are the full patch notes against 23.7.12: system - prevent activating shell for non-admins; add OCSP trust extensions and improved authorities implementation; migrate single gateway configuration to MVC/API; use new backend streaming functionality in the log viewer; limit file system /conf/config.xml and backups access to administrators...." A change log and additional details can be found in the release announcement. Download: OPNsense-24.1-dvd-amd64.iso.bz2 (443MB, SHA256, signature). |
|
2023-07-31 |
BSD Release: OPNsense 23.7 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project has published version 23.7 which is based on FreeBSD 13.2 and includes OpenVPN group alias support, deferred authentication for OpenVPN, and PHP 8.2. The release announcement offers some insight into changes and tips for migrating: "The Unbound ACL now defaults to accept all traffic and no longer generates automatic entries. This was done to avoid connectivity issues on dynamic address setups -- especially with VPN interfaces. If this is undesirable you can set it to default to block instead and add your manual entries to pass. Dpinger no longer triggers alarms on its own as its mechanism is too simplistic for loss and delay detection as provided by apinger a long time ago. Delay and loss triggers have been fixed and logging was improved. The rc.syshook facility 'monitor' still exists but is only provided for compatibility reasons with existing user scripts. IPsec "tunnel settings" GUI is now deprecated and manual migration to the 'connections' GUI is recommended. An appropriate EoL announcement will be made next year. The new OpenVPN instances pages and API create an independent set of instances more closely following the upstream documentation of OpenVPN." Download (SHA256): OPNsense-23.7-dvd-amd64.iso.bz2 (394MB). |
|
2023-01-26 |
BSD Release: OPNsense 23.1 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project has published a new release, OPNsesne 23.1, which includes networking improvements from FreeBSD and updated packages. "23.1, nicknamed "Quintessential Quail", features Unbound DNS statistics with a blocklist rewrite in Python, improved WAN SLAAC operability, firewall alias BGP ASN type support, PHP 8.1, assorted FreeBSD networking updates, MVC/API pages for packet capture/virtual IPs/IPsec connection management, IPsec configuration file migration to swanctl.conf, new sslh plugin, ddclient custom backend support (including Azure), WireGuard kernel module plugin variant as the new default plus much more. Here are the full patch notes against 22.7.11: replaced log_error() use with log_msg() and adjusted logging levels accordingly; introduced a service boot log; the LibreSSL flavour has been discontinued; simplify gateway monitoring setup code...." A complete list of changes along with download links can be found in the project's release announcement with additional information provided in the release notes. Download: OPNsense-23.1-OpenSSL-dvd-amd64.iso.bz2 (399MB, SHA256, signature). |
|
2022-07-28 |
BSD Release: OPNsense 22.7 |
|
OPNsense is a FreeBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release is OPNsense 22.7 which includes an updated FreeBSD base and PHP 8: "22.7, nicknamed "Powerful Panther", features the upgrade to FreeBSD 13.1, PHP 8.0, Phalcon 5, stacked VLAN and Intel QuickAssist (QAT) support, DDoS protection using SYN cookies, MVC/API pages for IPsec status and Unbound overrides, new APCUPSD and CrowdSec plugins plus much more. LibreSSL flavour is scheduled for removal at the end of this series and will likely receive no further maintenance. Software failing to work properly starting with Tor will have its plugin removed from the flavour from now on to be able to keep updating the software to their latest versions in the OpenSSL flavour. The next major upgrade will automatically transition to the OpenSSL flavour, but we would encourage everyone to switch between 22.7.x for the least amount of possible impact." Additional information can be found in the project's release announcement. Download (SHA256): OPNsense-22.7-OpenSSL-dvd-amd64.iso.bz2 (346MB). |
|
2022-01-27 |
BSD Release: OPNsense 22.1 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release is OPNsense 22.1; it is based on FreeBSD 13 and it improves boot speed while removing older, insecure cryptography components. "22.1, nicknamed 'Observant Owl', features the upgrade to FreeBSD 13, switch to logging supporting RFC 5424 with severity filtering, improved tunable sysctl value integration, faster boot sequence and interface initiation and dynamic IPv6 host alias support amongst others. On the flip side major operating system changes bear risk for regression and feature removal, e.g. no longer supporting insecure cryptography in the kernel for IPsec and switching the Realtek vendor driver back to its FreeBSD counterpart which does not yet support the newer 2.5G models. Circular logging support has also been removed. Here are the full patch notes against version 21.7.7: improved visibility and flexibility of tunables; move multiple sysctl manipulations to tunables framework to allow overriding them; prevent more than one default route by default; sync recovery utility contents with FreeBSD 13...." Additional information and a complete list of changes can be found in the release announcement. Download: OPNsense-22.1-OpenSSL-dvd-amd64.iso.bz2 (339MB, SHA256, signature). |
|
2021-07-29 |
BSD Release: OPNsense 21.7 |
|
OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release, OPNsense 21.7, will be the last version based on HardenedBSD and introduces a new installer with ZFS support. "For more than six and a half years, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. OPNSense 21.7, nicknamed 'Noble Nightingale', is one of the largest iterations of code changes in our recent history. It will also be the last release on HardenedBSD 12.1. We are planning to start the work on FreeBSD 13 as soon as next week for the 22.1 series. The installer was replaced to offer native ZFS installations and prevent glitches in virtual machines using UEFI. Firmware updates were partially redesigned and the UI layout consolidated between static and MVC pages. The live log now contains the actual rule ID to avoid mismatches after adjusting your ruleset and the firewall aliases now also support wildcard netmasks." The release announcement offers further details. Download: OPNsense-21.7-OpenSSL-dvd-amd64.iso.bz2 (422MB, SHA256, signature). |
|
2021-01-28 |
BSD Release: OPNsense 21.1 |
|
OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest version is OPNsense 21.1. This new release introduces a number of improvements to firewall configuration and monitoring. "21.1, nicknamed Marvelous Meerkat, is the relentless continuation of open source dedication. The last 6 years were not always easy, but we are happy to be where we are now and have the community to thank for it. New and improved are the firewall rules and NAT categories, the traffic graphs supporting IPv6 along with a visual refresh, intrusion detection rule management by policies, an alias for MAC addresses and NAT over IPsec with all phase 2 you could ever want. Last but not least, the serial image now supports UEFI as well. For those wondering, the WireGuard plugin has been available since 2019 and receives continuous improvements by its maintainer and various users alike. And that is unlikely to change in the future. As we continue to deprecate custom configuration inputs for a number of reasons, Dnsmasq has been switched to a pluggable file-based approach with Unbound to follow in the upcoming 21.7 series." Further details are available in the release announcement. Download: OPNsense-21.1-OpenSSL-dvd-amd64.iso.bz2 (421MB, SHA256, signature). |
|
2020-07-30 |
BSD Release: OPNsense 20.7 |
|
Jos Schellevis has announced the release of OPNsense 20.1, the latest stable version of the project's open-source, easy-to-use, HardenedBSD-based firewall and routing platform. This version is based on HardenedBSD 12.1 and it ads several interesting enhancements to its web-based user interface: "For five and a half years, OPNsense has been driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. 20.7, nicknamed 'Legendary Lion', is a major operating system jump forward on a sustainable firewall experience. This release adds DHCPv6 multi-WAN, custom error pages for the web proxy, Suricata 5, HardenedBSD 12.1, netstat tree view, basic firewall API support (via plugin) and extended live log filtering, amongst other new features. Here are the full patch notes against version 20.7-RC1: system - syslog-ng RFC5424 on FreeBSD 12 needs flags (syslog-protocol); installer - welcome users as genuine 20.7 installer...." Read the full release announcement for a changelog and known issues. Download: OPNsense-20.7-OpenSSL-dvd-amd64.iso.bz2 (420MB, SHA256, signature). |
|
|
Sidebar Sponsor |
|
|