Software Update: M0n0wall 1.3.2

Version 1.3.2 of M0n0wall was released last weekend. M0n0wall is a extensive and very complete open source firewall package, made for PCs and embedded computers. It is based on a bare-bones version of FreeBSD 6.2 and uses a web server and PHP for configuration. An installation needs less than 12MB and therefore fits perfectly on a compact flash card. Below is what has changed in the program since the previous entry in Meuktracker:

Changes in version 1.32:

  • Add kernel patch for vr(4) lockups after link flaps (eg on ALIX boards)
  • Make motherboard monitor off by default, and switchable in advanced/misc
  • Allow both a v4 and a v6 entry for the same host in DNS forwarder overrides
  • Fix nameserver handling when IPv6 PPP WAN is enabled
  • Fix auto suggested IPv6 address
  • Add wildcard information text for DNS forwarder
  • Add Fahrenheit support for system temperatures
  • Add support for DNS forwarder wildcard, use * as hostname
  • Add SixXS interface to traffic graph
  • Fix IPv6 link local filter rule
  • Fix DHCPv4 having IPv6 address inserted in dhcpd.conf

Changes in version 1.31:

  • IPv6 improvements
    • Allow IPv6 addresses for domain overrides in DNS forwarder
    • Added ‘strict order’ to DNS forwarder (useful when using SixXS DNS)
    • Initial support for AYIYA for SixXS tunnels
    • Fix for DHCPv6 firewall rules
    • Allow link-local addresses to communicate
    • Allow input of DUID in MAC address field of a DHCPv6 reservation
    • DHCPv6 reservations are now also added to DHCPv4
  • Fix to WAN DHCP (release/renew button)
  • Added option to disable spoof check on bridge (use to enable non-m0n0wall DHCP servers and/or multicast traffic)
  • Added system fans/temperature monitoring on status page – should work on a reasonable set of PC hardware (but not on Soekris/PC Engines boards)
  • Improved handling of accesses to pages that the user is not authorized for
  • Added fix for OpenSSL session renegotiation vulnerability
  • Added patch to ISC-DHCP to rewrite lease file every 5 minutes (reduce growth rate and occurrence of MFS exhaustion)

Changes in version 1.3:

  • WARNING: this version (any platform) no longer fits on 8 MB CF cards! (>= 16 MB required)
  • When upgrading from generic-pc 1.2x, you must install 1.3b7 first before you install this image. Other platforms are not affected.
  • Fixed DHCP server “deny unknown clients” option with known clients without a statically assigned IP address
  • Fixed a security issue in the DHCP client (CVE-2009-0692)

Version number 1.3.2
Release status Final
Website M0n0wall
Download http://m0n0.ch/wall/downloads.php
File sizes 7.15MB – 17.56MB
License type Conditions (GNU/BSD/etc.)
Comments
Loading...