Software Update: OPNsense 22.1

The package OPNsense is a firewall with extensive possibilities. It is based on the FreeBSD operating system and is originally a fork of m0n0wall and pfSense. The package can be set up completely via a web interface and has support for 2fa, openvpn, ipsec, carp and captive portal, among others. In addition, it can apply packet filtering and has a traffic shaper. The developers have released OPNsense 22.1 with the following announcement:

OPNsense 22.1 released

For more than 7 years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing.

22.1, nicknamed “Observant Owl”, features the upgrade to FreeBSD 13, switch to logging supporting RFC 5424 with severity filtering, improved tunable sysctl value integration, faster boot sequence and interface initiation and dynamic IPv6 host alias support amongst others.

On the flip side major operating system changes bear risk for regression and feature removal, eg no longer supporting insecure cryptography in the kernel for IPsec and switching the Realtek vendor driver back to its FreeBSD counterpart which does not yet support the newer 2.5G models. Circular logging support has also been removed. Make sure to read the known issues and limitations below before attempting to upgrade.

Version number 22.1
Release status Final
Operating systems Linux, BSD
Website OPNsense
License type GPL