Software Update: OPNsense 21.1.1

The package OPNsense is a firewall with extensive opportunities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 21.1.1 with the following announcement:

OPNsense 21.1.1 released

The 21.1 series debut looks pretty good so far. Thanks again for your input and comments! We will be spending a lot of time this year improving and adapting the code base. As a first glimpse, the changes of this stable update are a mix of security and reliability updates coupled with preparations for the update framework revamp we have planned for 21.7. The roadmap is still not final, but will likely contain long-yearned-for features. Stay tuned.

Here are the full patch notes:

  • firewall: change order of shaper delay parameter to prevent parser errors
  • firewall: fix multiple PHP warnings regarding category additions
  • firewall: fix icon toggle for block and reject (contributed by ElJeffe)
  • interfaces: unhide primary IPv6 in overview page
  • interfaces: fix IPv6 misalignment in get_interfaces_info()
  • reporting: fix sidebar menu collapse for NetFlow link (contributed by Maurice Walker)
  • captive portal: validate that static IP address exists when writing the configuration
  • firmware: add product status backend for upcoming firmware page redesign
  • firmware: opnsense-code will now check out the default release branch
  • firmware: opnsense-update adds “-R” option for major release selection
  • firmware: opnsense-update will now update repositories if out of sync
  • firmware: opnsense update will attempt to recover from fatal pkg behavior
  • firmware: opnsense-update now correctly redirects stderr on major upgrades
  • firmware: opnsense update now retains vital flag on faulty release type transition
  • intrusion detection: clean up rule based additions to prevent collisions with the new policies
  • monit: minor bug fixes and UI changes (contributed by Manuel Faux)
  • unbound: update documentation URL (contributed by xorbital)
  • ui: format packet count with toLocaleString() in interface statistics widget (contributed by bleetsheep)
  • ui: add compatibility for JS replaceAll() function
  • rc: support reading JSON metadata from plugin version files
  • plugins: provide JSON metadata in plugin version files
  • plugins: os-dyndns Free DNS apex domain fix (contributed by Fredrik Rambris)
  • plugins: os-nginx upstream TLS verification fix (contributed by kulikov-a)
  • plugins: os-theme-cicada 1.26 (contributed by Team Rebellion)
  • plugins: os-theme-vicuna 1.2 (contributed by Team Rebellion)
  • src: panic when destroying VNET and repair simultaneously
  • src: uninitialized file system kernel stack leaks
  • src: Xen guest-triggered out of memory
  • src: update timezone database information
  • ports: dnsmasq 2.84
  • ports: lighttpd 1.4.59
  • ports: krb5 1.19
  • ports: monitor 5.27.2
  • ports: perl 5.32.1
  • ports: sqlite 3.34.1

Version number 21.1.1
Release status Final
Operating systems Linux, BSD
Website OPNsense
License type GPL