From mboxrd@z Thu Jan 1 00:00:00 1970 From: The IPFire Project To: ipfire-announce@lists.ipfire.org Subject: IPFire 2.21 - Core Update 129 released Date: Mon, 08 Apr 2019 19:35:33 +0100 Message-ID: MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="===============1775662696318862092==" List-Id: --===============1775662696318862092== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable https://blog.ipfire.org/post/ipfire-2-21-core-update-129-released This is the official release announcement for IPFire 2.21 - Core Update 129 -= an update that introduces routed IPsec VPNs and comes with various other cha= nges that update the core system and fix several bugs. IPsec Reloaded IPsec has been massively extended. Although IPsec in IPFire is already quite = versatile and delivered high performance [1], some features for experts were = required and are now available through the web UI: =E2=80=A2 Routed VPNs with GRE & VTI [2] =E2=80=A2 Transport Mode for net-to-net tunnels =E2=80=A2 IPsec connections can now originate from any public IP address of t= he IPFire installation. This can be selected on a per-connection basis. The code has also been cleaned up the UI has been made a little bit tidier to= accommodate for the new settings. Smaller changes include: =E2=80=A2 The "On-Demand" mode is finally the default setting. Tunnels will s= hut down when they are not used and they will be established again when they = are required. Misc. =E2=80=A2 DHCP: A crash has been fixed when filenames containing a slash have= been entered for PXE boot. =E2=80=A2 DHCP: Editing static leases has been fixed =E2=80=A2 Domains in the "DNS Forwarding" section can now be disabled for DNS= SEC validation. This is a dangerous change, but has been requested by many us= ers. =E2=80=A2 Updated packages: bind 9.11.6, groff 1.22.4, ipset 7.1, iptables 1.= 8.2, less 530, libgcrypt 1.8.4, openssl 1.1.1b, openvpn 2.4.7, squid 4.6, tar= 1.32, unbound 1.9.0, wpa_supplicant 2.7 =E2=80=A2 New commands: kdig 2.8.0 =E2=80=A2 The build system has been optimised to reduce build time of the who= le distribution to around 4-5 hours on a fast machine. Add-Ons =E2=80=A2 Alexander Koch has contributed zabbix_agentd which is the agent tha= t is installed on the monitored machine. With this [3], IPFire can now be int= egrated into an environment that is monitored by Zabbix. =E2=80=A2 On that note, the SNMP daemon has also been updated to version 5.8 = for people who use the SNMP protocol for monitoring. =E2=80=A2 tor has been updated to 0.3.5.8 and some minor bugs have been fixed= in the web user interface =E2=80=A2 The spectre-meltdown-checker script is available as an add-on which= allows IPFire users to test their hardware for vulnerabilities =E2=80=A2 Other updates: amavisd 2.11.1, hostapd 2.7, postfix 3.4.3 Thank you very much to everyone who contributed to this Core Update. Please s= upport our project and donate today [4] so that we can keep up our work! [1] https://blog.ipfire.org/post/feature-spotlight-galois-counter-mode-ipsec-= with-10g [2] https://blog.ipfire.org/post/routed-ipsec-vpns-are-landing-in-ipfire-2-21= -core-update-129 [3] https://wiki.ipfire.org/addons/zabbix_agentd [4] https://www.ipfire.org/donate --===============1775662696318862092==--