IPFire 2.13 - Core Update 71 released

The IPFire Project ipfire-announce at lists.ipfire.org
Tue Aug 6 21:54:32 CEST 2013


This is the official release announcement for IPFire 2.13 – Core Update
71. This update comes with some new features and minor bug fixes.

Wireless Client on RED

It is now possible to assign a wireless adapter as the RED interface. A
GUI has been written where you can configure wireless access points, to
which the IPFire system will connect when in reach.

You will be able to configure backup access points, to which IPFire will
switch when the first one is down or out of reach. You can prioritize
them, so that you can connect to the best one when ever that is
possible. All common encryption technologies are supported.

This was funded on the IPFire wishlist [1] a while ago, but was delayed
because of lack of testers.

DNS forwarding GUI

A new GUI has been written on which you are able to define different
name servers than the public name servers for your DNS zones. So, you
can use your internal name server for internal name resolution instead
of the public one on the Internet.

Performance improvement of squidclamav

Scanning all the HTTP traffic that is going through the proxy is very
costly and makes browsing slow. In this update, we put the squidclamav
process “in front of the proxy”. It now trusts the cache and won’t scan
data that’s coming from the cache again which results in a huge
performance increase. You now don’t even reckon that your traffic is
scanned for viruses.

snort 2.9.5

The Intrusion Detection System (IDS) snort has been updated to version
2.9.5. Updating the official ruleset from sourcefire is now possible,

The VRT community rules package which was not available for a long time
has been re-added to the list of rule sources again.

Smaller changes

* The USB modeswitch database has been updated. This software will
configure UMTS/LTE/3G USB adapters that they can be used as modems. Now,
more of this hardware is supported.

* Allow squid, the Web proxy service, to open more files and connections
at once (more open file descriptors). This will result in a higher
performance and better stability under high loads.

* The whois tool for whois lookups has been replaced by GNU jwhois. It
is much more flexible and does not have an outdated database like the
old one.

* squidclamav freezing when accessing sites that are also available over
IPv6 has been fixed.

* MTU negotiation on PPPoE: The default MTU for DSL lines has been 1492
which is not working on all DSL lines. If not configured correctly, your
DSL connection won’t be able to transport big packets. We now allow to
leave that field empty so IPFire will try to negotiate an appropriate
MTU on itself.


* VDR 2.0 has been pushed to the stable tree.

Tor from the IPFire wishlist

Thanks to all the people who donated for integrating Tor into IPFire
[2]. You can still support this wish or support the advanced firewall
GUI [3].

The Tor add-on is already well advanced, because we worked day and night
on it for a couple of days. We are confident that we will be able to
ship it with Core Update 72. For that, we will need testers, so please
stay tuned for that.


[1] http://wishlist.ipfire.org/
[2] http://wishlist.ipfire.org/wish/tor-protecting-online-anonymity
[3] http://wishlist.ipfire.org/wish/advanced-firewall-gui

More information about the IPFire-Announce mailing list