发布于 2016-01-20 03:33:01 | 220 次阅读 | 评论: 0 | 来源: 网友投递

这里有新鲜出炉的精品教程，程序狗速度看过来！

OPNsense 防火墙和路由平台

OPNsense 是一个开源易用，而且易于构建的基于 FreeBSD 的防火墙和路由平台。包括大多数商业防火墙的特性。提供功能完整却易用的 GUI 管理界面。

---

OPNsense 15.7.24 发布，此版本改进内容如下：

• ports: suricata 2.0.11[2], dhcp6 20080615_5[3], lighttpd 1.4.39[4]

• ports: syslogd 10.2, mpd 5.8[5], ca_root_nss 3.21, dnsmasq 2.75_1[6]

• ports: ntp 4.2.8p5[7], php 5.6.17[8], python 2.7.11_1[9]

• ports: miniupnpd 1.9.20151212, openvpn 2.3.10[10]

• opnsense-update: add opnsense-verify and opnsense-sign

• opnsense-update: improve verification of signatures of kernel and base upgrades

• menu: bring back dashboard entry due to popular demand

• menu: fix interface listing error when its description is empty

• menu: moved license file to lobby section for visibility

• menu: order VPN services for icon adjustment (contributed by Fabian Franz)

• menu: renamed “config manager” to “configuration” and “certificate manager” to “trust”

• language: multiple translation improvements (contributed by Fabian Franz and Andreas Martin)

• language: fix behaviour of numerous apply buttons when using a non-English translation

• dashboard: don’t display widget headers when the actual widgets are no longer installed

• backend: fix issue when configd target pattern cannot be found

• carp: fix support for OpenVPN clients

• system: remove the old FTP proxy implementation (use proxy server service instead)

• system: pin down listbox size to unhide the search field

• health: tidy up the layout by removing visual blockers and general bumpiness

• access: fix setting of default values for new users

• access: fix padding on user listing page

• access: adjusted file type of API credentials to fix Chrome’s download blues (contributed by Fabian Franz)

• configuration: fix replay of configuration backups

• interfaces: fix redirect after applying an interface’s configuration

• trust: properly set certificate digest algorithm in form after creation error

• gateways: bring back display of descriptions (contributed by Frank Wall)

• load balancer: bring back display of descriptions (contributed by Frank Wall)

• ipsec: fix RSA authentication method check

• ipsec: finally brought back lease display in widgets and status page

• proxy: add configurable cache_mem setting

• unbound: honour the “register DHCP leases in DNS” option (contributed by Manuel Faux)

• unbound: reorder advanced features inclusion

• dynamic dns: allow custom entries to set hostname to be used in e.g. OpenVPN exports

• dynamic dns: updated cloudflare service binding

• firewall: fix saving of zero values on virtual IP page

• firewall: fix label for option source/invert in rules edit page (contributed by Frank Wall)

• firewall: show warning banner on related pages when firewall is globally disabled (contributed by Manuel Faux)

• firewall: add interface groups to firewall rules and port forwarding

• firewall: add matching behaviour indicator for floating rules (contributed by Fabian Franz)

• firewall: make quick matching behaviour the default for floating rules

• firewall: fix spurious error when migrating alias from one interface to the next

• firewall: sort alias listing for better overview

• firewall: fix header alignment for schedule repeat section

• firmware: added display of major announcements on the firmware page

• firmware: added reinstall / (un)lock buttons for installed packages

• firmware: added plugin listing to page with install / remove buttons

• firmware: restructured the backend and improved its resilience

• firmware: show the download size of the pending update in the update check response

• firmware: added update verification signature for the upcoming 16.1 release series

• captive portal (devel): fix text of two help messages (contributed by Fabian Franz)

详细改进内容请看更新日志。

OPNsense 15.7.25 发布，此版本改进内容如下：

• src: SCTP ICMPv6 error message vulnerability[1]

• src: ntp panic threshold bypass vulnerability[2]

• src: Linux compatibility layer incorrect futex handling[3]

• src: Linux compatibility layer setgroups(2) system call vulnerability[4]

• src: TCP MD5 signature denial of service[5]

• src: Insecure default snmpd.config permissions[6]

• src: OpenSSH client information leak[7]

• src: Invalid TCP checksums with pf(4)[8]

• src: YP/NIS client library critical bug[9]

• ports: sqlite3 3.10.0[10], easy-rsa 3.0.1[11], openssh-portable 7.1p2[12]

• traffic graphs: fix truncation of IP address to 14 characters

• firmware: EOL announcement for 15.7 added, ready for upgrading to 16.1 on January 28

• firmware: added mirror provided by RageNetwork (Munich, DE)

• menu: fix navigation after editing IPsec mobile clients (contributed by Manuel Faux)

• trust: properly reference CA in intermediate CAs (contributed by Manuel Faux)

详细改进内容请看更新日志。

OPNsense 是一个开源易用，而且易于构建的基于 FreeBSD 的防火墙和路由平台。包括大多数商业防火墙的特性。提供功能完整却易用的 GUI 管理界面。

最小硬件要求：

• 1GHz dual core cpu

• 1 GB RAM

• 40GB SSD

• Serial console or video

推荐配置：

• 1.5GHz multi core cpu

• 4 GB RAM

• 120GB SSD

• Serial console or video

历史版本 :
OPNsense 18.1 RC1 发布，防火墙和路由平台
OPNsense 17.7 发布，防火墙和路由平台
OPNsense 17.1 发布，防火墙和路由平台
OPNsense 17.1 rc1 发布，防火墙和路由平台
OPNsense 17.1 Beta 发布，防火墙和路由平台
OPNsense 16.7 RC1 发布，防火墙和路由平台
OPNsense 16.1 发布，防火墙和路由平台
OPNsense 15.7.24/25 发布，防火墙和路由平台
OPNsense 15.7.24 发布，防火墙和路由平台
OPNsense 15.7.25 发布，防火墙和路由平台
OPNsense 15.7.23 发布，防火墙和路由平台
OPNsense 15.7.22 发布，防火墙和路由平台