| Sidebar Sponsor |
 |
|
 Latest News and Updates |
|
|
| 2019-01-31 |
NEW • BSD Release: OPNsense 19.1 |
Rate this project
(9.4)
|
OPNsense is a specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release, OPNsense 19.1, shifts the operating system's base from FreeBSD to HardenedBSD which includes a number of security enhancements. "The 19.1 release, nicknamed "Inspiring Iguana", consists of a total of 620 individual changes since 18.7 came out 6 months ago, spread out over 12 intermediate releases including the recent release candidates. That is the average of two stable releases per month, security updates and important bug fixes included! If we had to pick a few highlights it would be: The firewall alias API is finally in place. The migration to HardenedBSD 11.2 has been completed. 2FA now works with a remote LDAP / local TOTP combination. And the OpenVPN client export was rewritten for full API support as well." Further details and links to the project's download mirrors can be found in the release announcement. Download: OPNsense-19.1-OpenSSL-dvd-amd64.iso.bz2 (265MB, SHA256, signature). |
|
| About OPNsense
|
| OPNsense is a FreeBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. It is developed by Deciso B.V. in the Netherlands. Some of the features of OPNsense include forward caching proxy, traffic shaping, intrusion detection, two-factor authentication and easy OpenVPN client setup. The project's focus on security brings a number of unique features, such as the option to use LibreSSL instead of OpenSSL (selectable in the GUI). OPNsense also includes an update mechanism that delivers important security updates in a timely fashion.
|
| Screenshots | 
| |
| Recent Related News and Releases |
| 2025-07-23 |
BSD Release: OPNsense 25.7 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release, OPNsense 25.7, introduces several changes to the user interface and updates the base system to FreeBSD 14.3. "25.7, nicknamed 'Visionary Viper', features reusable and thoroughly revamped frontend code, an SFTP backup plugin, experimental privilege separation for the GUI, JSON container support for aliases, a new and improved firewall automation GUI, performance enhancements especially for numerous aliases being used at once, Dnsmasq DHCP support, Kea DHCPv6 support, Greek as a new language, FreeBSD 14.3." The release announcement mentions some migration items too: "Deprecated Google Drive backups due to upstream policy changes and moved to plugins for existing users. API URLs registered in the default ACLs have been switched from 'camleCase' to 'snake_case'. API grid return values now offer '%field' for a value description when available. 'field' will now always be the literal value from the configuration. The API previously returned a display value for some field types, but not all. Reverted tunables 'hw.ibrs_disable' and 'vm.pmap.pti' to FreeBSD defaults. If you want these set differently, then add them with an explicit value." Download: OPNsense-25.7-dvd-amd64.iso.bz2 (490MB). |
|
| 2025-01-29 |
BSD Release: OPNsense 25.1 |
|
The OPNsense project develops an operating system for firewalls and routers based on FreeBSD. The project is celebrating its tenth anniversary with a new release, OPNsense 25.1: "For an entire decade now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. 25.1, nicknamed "Ultimate Unicorn", features numerous MVC/API conversions, improved security zones support and documentation, ZFS snapshot support, a new UI look with a light and dark theme, PHP 8.3, FreeBSD 14.2." The release announcement shares a detailed changelog along with migration notes for people performing upgrades from previous versions of the operating system. "The access management was rewritten in MVC and contains behavioural changes including not rendering UNIX accounts for non-shell users. The integrated authentication via PAM has been the default for a long time so the option to disable it has been removed. The manual LDAP importer is no longer available since LDAP/RADIUS authenticators support on-demand creation and default group setup option." Download: OPNsense-25.1-dvd-amd64.iso.bz2 (497MB, SHA256, signature). |
|
| 2024-07-25 |
BSD Release: OPNsense 24.7 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release focuses on performance improvements anda new dashboard. The release announcement shares details: "FreeBSD 14.1: Leveraging the latest FreeBSD 14.1, OPNsense 24.7 ensures a stable and secure foundation, significantly enhancing system performance and compatibility. Performance Increase: Major performance improvements have been implemented, ensuring faster, more efficient processing and a smoother user experience. Modern New Dashboard: Users can now enjoy a sleek and intuitive dashboard, designed for ease of use and enhanced user experience, reflecting the latest trends in UI/UX design. Enhanced VPN Technologies. WireGuard: Performance Boost: Significant increases in connection speeds and reliability, enhancing overall user experience and QR Code Generation: Simplifies mobile client configuration with QR code generation, enabling quick and secure setup. OpenVPN: Data Channel Offload (DCO): Introducing revolutionary performance improvements for VPN servers and clients, significantly boosting throughput and efficiency." A forum post includes a more detailed changelog. Download (SHA256): OPNsense-24.7-dvd-amd64.iso.bz2 (488MB). |
|
| 2024-01-30 |
BSD Release: OPNsense 24.1 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release, OPNsense 24.1 "Savvy Shark" includes a number of upgrades and fiewall improvements, along with the OpenSSL 3. "For more than 9 years now, OPNsense is driving innovation through modularising and hardening the open-source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. 24.1, nicknamed 'Savvy Shark', features ports-based OpenSSL 3, Suricata 7, several MVC/API conversions, a new neighbor configuration feature for ARP/NDP, core inclusion of the os-firewall and os-wireguard plugins, CARP VHID tracking for OpenVPN and WireGuard, functional Kea DHCPv4 server with HA support plus much more. Here are the full patch notes against 23.7.12: system - prevent activating shell for non-admins; add OCSP trust extensions and improved authorities implementation; migrate single gateway configuration to MVC/API; use new backend streaming functionality in the log viewer; limit file system /conf/config.xml and backups access to administrators...." A change log and additional details can be found in the release announcement. Download: OPNsense-24.1-dvd-amd64.iso.bz2 (443MB, SHA256, signature). |
|
| 2023-07-31 |
BSD Release: OPNsense 23.7 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project has published version 23.7 which is based on FreeBSD 13.2 and includes OpenVPN group alias support, deferred authentication for OpenVPN, and PHP 8.2. The release announcement offers some insight into changes and tips for migrating: "The Unbound ACL now defaults to accept all traffic and no longer generates automatic entries. This was done to avoid connectivity issues on dynamic address setups -- especially with VPN interfaces. If this is undesirable you can set it to default to block instead and add your manual entries to pass. Dpinger no longer triggers alarms on its own as its mechanism is too simplistic for loss and delay detection as provided by apinger a long time ago. Delay and loss triggers have been fixed and logging was improved. The rc.syshook facility 'monitor' still exists but is only provided for compatibility reasons with existing user scripts. IPsec "tunnel settings" GUI is now deprecated and manual migration to the 'connections' GUI is recommended. An appropriate EoL announcement will be made next year. The new OpenVPN instances pages and API create an independent set of instances more closely following the upstream documentation of OpenVPN." Download (SHA256): OPNsense-23.7-dvd-amd64.iso.bz2 (394MB). |
|
| 2023-01-26 |
BSD Release: OPNsense 23.1 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project has published a new release, OPNsesne 23.1, which includes networking improvements from FreeBSD and updated packages. "23.1, nicknamed "Quintessential Quail", features Unbound DNS statistics with a blocklist rewrite in Python, improved WAN SLAAC operability, firewall alias BGP ASN type support, PHP 8.1, assorted FreeBSD networking updates, MVC/API pages for packet capture/virtual IPs/IPsec connection management, IPsec configuration file migration to swanctl.conf, new sslh plugin, ddclient custom backend support (including Azure), WireGuard kernel module plugin variant as the new default plus much more. Here are the full patch notes against 22.7.11: replaced log_error() use with log_msg() and adjusted logging levels accordingly; introduced a service boot log; the LibreSSL flavour has been discontinued; simplify gateway monitoring setup code...." A complete list of changes along with download links can be found in the project's release announcement with additional information provided in the release notes. Download: OPNsense-23.1-OpenSSL-dvd-amd64.iso.bz2 (399MB, SHA256, signature). |
|
| 2022-07-28 |
BSD Release: OPNsense 22.7 |
|
OPNsense is a FreeBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release is OPNsense 22.7 which includes an updated FreeBSD base and PHP 8: "22.7, nicknamed "Powerful Panther", features the upgrade to FreeBSD 13.1, PHP 8.0, Phalcon 5, stacked VLAN and Intel QuickAssist (QAT) support, DDoS protection using SYN cookies, MVC/API pages for IPsec status and Unbound overrides, new APCUPSD and CrowdSec plugins plus much more. LibreSSL flavour is scheduled for removal at the end of this series and will likely receive no further maintenance. Software failing to work properly starting with Tor will have its plugin removed from the flavour from now on to be able to keep updating the software to their latest versions in the OpenSSL flavour. The next major upgrade will automatically transition to the OpenSSL flavour, but we would encourage everyone to switch between 22.7.x for the least amount of possible impact." Additional information can be found in the project's release announcement. Download (SHA256): OPNsense-22.7-OpenSSL-dvd-amd64.iso.bz2 (346MB). |
|
| 2022-01-27 |
BSD Release: OPNsense 22.1 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release is OPNsense 22.1; it is based on FreeBSD 13 and it improves boot speed while removing older, insecure cryptography components. "22.1, nicknamed 'Observant Owl', features the upgrade to FreeBSD 13, switch to logging supporting RFC 5424 with severity filtering, improved tunable sysctl value integration, faster boot sequence and interface initiation and dynamic IPv6 host alias support amongst others. On the flip side major operating system changes bear risk for regression and feature removal, e.g. no longer supporting insecure cryptography in the kernel for IPsec and switching the Realtek vendor driver back to its FreeBSD counterpart which does not yet support the newer 2.5G models. Circular logging support has also been removed. Here are the full patch notes against version 21.7.7: improved visibility and flexibility of tunables; move multiple sysctl manipulations to tunables framework to allow overriding them; prevent more than one default route by default; sync recovery utility contents with FreeBSD 13...." Additional information and a complete list of changes can be found in the release announcement. Download: OPNsense-22.1-OpenSSL-dvd-amd64.iso.bz2 (339MB, SHA256, signature). |
|
| 2021-07-29 |
BSD Release: OPNsense 21.7 |
|
OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release, OPNsense 21.7, will be the last version based on HardenedBSD and introduces a new installer with ZFS support. "For more than six and a half years, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. OPNSense 21.7, nicknamed 'Noble Nightingale', is one of the largest iterations of code changes in our recent history. It will also be the last release on HardenedBSD 12.1. We are planning to start the work on FreeBSD 13 as soon as next week for the 22.1 series. The installer was replaced to offer native ZFS installations and prevent glitches in virtual machines using UEFI. Firmware updates were partially redesigned and the UI layout consolidated between static and MVC pages. The live log now contains the actual rule ID to avoid mismatches after adjusting your ruleset and the firewall aliases now also support wildcard netmasks." The release announcement offers further details. Download: OPNsense-21.7-OpenSSL-dvd-amd64.iso.bz2 (422MB, SHA256, signature). |
|
|
| Random Distribution | 
Snal Linux
Snal Linux is a small Linux distribution based on Arch Linux. It features the i3 window manager and it includes the Firefox web browser, as well as a handful of network and filesystem utilities. It is intended to be used as a live image to troubleshoot hard disk, system and network problems.
Status: Active
|
|
• 
• 
• 
• 
• 
• 
• 
bc1qxes3k2wq3uqzr074tkwwjmwfe63z70gwzfu4lx 
lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr 
86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le 
