| Sidebar Sponsor |
 |
| Random Distribution | 
Draco GNU/Linux
Draco GNU/Linux was a distribution based on Slackware Linux and pkgsrc, a package management system developed by NetBSD. It was distributed in the form of a minimal base system, but a range of additional software packages was available for installation from the project's FTP server.
Status: Discontinued
|
|
 Latest News and Updates |
|
|
| 2022-01-27 |
NEW • BSD Release: OPNsense 22.1 |
Rate this project
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project's latest release is OPNsense 22.1; it is based on FreeBSD 13 and it improves boot speed while removing older, insecure cryptography components. "22.1, nicknamed 'Observant Owl', features the upgrade to FreeBSD 13, switch to logging supporting RFC 5424 with severity filtering, improved tunable sysctl value integration, faster boot sequence and interface initiation and dynamic IPv6 host alias support amongst others. On the flip side major operating system changes bear risk for regression and feature removal, e.g. no longer supporting insecure cryptography in the kernel for IPsec and switching the Realtek vendor driver back to its FreeBSD counterpart which does not yet support the newer 2.5G models. Circular logging support has also been removed. Here are the full patch notes against version 21.7.7: improved visibility and flexibility of tunables; move multiple sysctl manipulations to tunables framework to allow overriding them; prevent more than one default route by default; sync recovery utility contents with FreeBSD 13...." Additional information and a complete list of changes can be found in the release announcement. Download: OPNsense-22.1-OpenSSL-dvd-amd64.iso.bz2 (339MB, SHA256, signature). |
|
| About OPNsense
|
| OPNsense is a FreeBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. It is developed by Deciso B.V. in the Netherlands. Some of the features of OPNsense include forward caching proxy, traffic shaping, intrusion detection, two-factor authentication and easy OpenVPN client setup. The project's focus on security brings a number of unique features, such as the option to use LibreSSL instead of OpenSSL (selectable in the GUI). OPNsense also includes an update mechanism that delivers important security updates in a timely fashion.
|
| Screenshots | 
| |
| Recent Related News and Releases |
| 2023-07-31 |
BSD Release: OPNsense 23.7 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project has published version 23.7 which is based on FreeBSD 13.2 and includes OpenVPN group alias support, deferred authentication for OpenVPN, and PHP 8.2. The release announcement offers some insight into changes and tips for migrating: "The Unbound ACL now defaults to accept all traffic and no longer generates automatic entries. This was done to avoid connectivity issues on dynamic address setups -- especially with VPN interfaces. If this is undesirable you can set it to default to block instead and add your manual entries to pass. Dpinger no longer triggers alarms on its own as its mechanism is too simplistic for loss and delay detection as provided by apinger a long time ago. Delay and loss triggers have been fixed and logging was improved. The rc.syshook facility 'monitor' still exists but is only provided for compatibility reasons with existing user scripts. IPsec "tunnel settings" GUI is now deprecated and manual migration to the 'connections' GUI is recommended. An appropriate EoL announcement will be made next year. The new OpenVPN instances pages and API create an independent set of instances more closely following the upstream documentation of OpenVPN." Download (SHA256): OPNsense-23.7-dvd-amd64.iso.bz2 (394MB). |
|
| 2023-01-26 |
BSD Release: OPNsense 23.1 |
|
OPNsense is a FreeBSD-based specialist operating system designed for firewalls and routers. The project has published a new release, OPNsesne 23.1, which includes networking improvements from FreeBSD and updated packages. "23.1, nicknamed "Quintessential Quail", features Unbound DNS statistics with a blocklist rewrite in Python, improved WAN SLAAC operability, firewall alias BGP ASN type support, PHP 8.1, assorted FreeBSD networking updates, MVC/API pages for packet capture/virtual IPs/IPsec connection management, IPsec configuration file migration to swanctl.conf, new sslh plugin, ddclient custom backend support (including Azure), WireGuard kernel module plugin variant as the new default plus much more. Here are the full patch notes against 22.7.11: replaced log_error() use with log_msg() and adjusted logging levels accordingly; introduced a service boot log; the LibreSSL flavour has been discontinued; simplify gateway monitoring setup code...." A complete list of changes along with download links can be found in the project's release announcement with additional information provided in the release notes. Download: OPNsense-23.1-OpenSSL-dvd-amd64.iso.bz2 (399MB, SHA256, signature). |
|
| 2022-07-28 |
BSD Release: OPNsense 22.7 |
|
OPNsense is a FreeBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release is OPNsense 22.7 which includes an updated FreeBSD base and PHP 8: "22.7, nicknamed "Powerful Panther", features the upgrade to FreeBSD 13.1, PHP 8.0, Phalcon 5, stacked VLAN and Intel QuickAssist (QAT) support, DDoS protection using SYN cookies, MVC/API pages for IPsec status and Unbound overrides, new APCUPSD and CrowdSec plugins plus much more. LibreSSL flavour is scheduled for removal at the end of this series and will likely receive no further maintenance. Software failing to work properly starting with Tor will have its plugin removed from the flavour from now on to be able to keep updating the software to their latest versions in the OpenSSL flavour. The next major upgrade will automatically transition to the OpenSSL flavour, but we would encourage everyone to switch between 22.7.x for the least amount of possible impact." Additional information can be found in the project's release announcement. Download (SHA256): OPNsense-22.7-OpenSSL-dvd-amd64.iso.bz2 (346MB). |
|
| 2021-07-29 |
BSD Release: OPNsense 21.7 |
|
OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release, OPNsense 21.7, will be the last version based on HardenedBSD and introduces a new installer with ZFS support. "For more than six and a half years, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. OPNSense 21.7, nicknamed 'Noble Nightingale', is one of the largest iterations of code changes in our recent history. It will also be the last release on HardenedBSD 12.1. We are planning to start the work on FreeBSD 13 as soon as next week for the 22.1 series. The installer was replaced to offer native ZFS installations and prevent glitches in virtual machines using UEFI. Firmware updates were partially redesigned and the UI layout consolidated between static and MVC pages. The live log now contains the actual rule ID to avoid mismatches after adjusting your ruleset and the firewall aliases now also support wildcard netmasks." The release announcement offers further details. Download: OPNsense-21.7-OpenSSL-dvd-amd64.iso.bz2 (422MB, SHA256, signature). |
|
| 2021-01-28 |
BSD Release: OPNsense 21.1 |
|
OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest version is OPNsense 21.1. This new release introduces a number of improvements to firewall configuration and monitoring. "21.1, nicknamed Marvelous Meerkat, is the relentless continuation of open source dedication. The last 6 years were not always easy, but we are happy to be where we are now and have the community to thank for it. New and improved are the firewall rules and NAT categories, the traffic graphs supporting IPv6 along with a visual refresh, intrusion detection rule management by policies, an alias for MAC addresses and NAT over IPsec with all phase 2 you could ever want. Last but not least, the serial image now supports UEFI as well. For those wondering, the WireGuard plugin has been available since 2019 and receives continuous improvements by its maintainer and various users alike. And that is unlikely to change in the future. As we continue to deprecate custom configuration inputs for a number of reasons, Dnsmasq has been switched to a pluggable file-based approach with Unbound to follow in the upcoming 21.7 series." Further details are available in the release announcement. Download: OPNsense-21.1-OpenSSL-dvd-amd64.iso.bz2 (421MB, SHA256, signature). |
|
| 2020-07-30 |
BSD Release: OPNsense 20.7 |
|
Jos Schellevis has announced the release of OPNsense 20.1, the latest stable version of the project's open-source, easy-to-use, HardenedBSD-based firewall and routing platform. This version is based on HardenedBSD 12.1 and it ads several interesting enhancements to its web-based user interface: "For five and a half years, OPNsense has been driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. 20.7, nicknamed 'Legendary Lion', is a major operating system jump forward on a sustainable firewall experience. This release adds DHCPv6 multi-WAN, custom error pages for the web proxy, Suricata 5, HardenedBSD 12.1, netstat tree view, basic firewall API support (via plugin) and extended live log filtering, amongst other new features. Here are the full patch notes against version 20.7-RC1: system - syslog-ng RFC5424 on FreeBSD 12 needs flags (syslog-protocol); installer - welcome users as genuine 20.7 installer...." Read the full release announcement for a changelog and known issues. Download: OPNsense-20.7-OpenSSL-dvd-amd64.iso.bz2 (420MB, SHA256, signature). |
|
| 2020-01-30 |
BSD Release: OPNsense 20.1 |
|
Jos Schellevis has announced the release of OPNsense 20.1, which carries the code name "Keen Kingfisher". OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest introduces a number of security improvements and updates the default Python version to 3.7. "OPNsense 20.1, nicknamed 'Keen Kingfisher', is a subtle improvement on sustainable firewall experience. This release adds VXLAN and additional loopback device support, IPsec public key authentication and elliptic curve TLS certificate creation amongst others. Third party software has been updated to their latest versions. The logging front-end was rewritten for MVC with seamless API support. On the far side the documentation increased in quality as well as quantity and now presents itself in a familiar menu layout. These are the most prominent changes since version 19.7: Captive portal performance improvements; IPsec public key authentication support; Elliptic curve TLS certificate creation; CARP service demotion hook; VXLAN device support...." Additional details, along with a list of changes and known issues, can be found in the project's release announcement. Download: OPNsense-20.1-OpenSSL-dvd-amd64.iso.bz2 (280MB, SHA256, signature). |
|
| 2019-07-17 |
BSD Release: OPNsense 19.7 |
|
OPNsense is a HardenedBSD-based specialist operating system (and a fork of pfSense) designed for firewalls and routers. The project's latest release is OPNsense 19.7 carries the codename "Jazzy Jaguar" and offers several new features. "For four and a half years now, OPNsense is driving innovation through modularising and hardening the open source firewall, with simple and reliable firmware upgrades, multi-language support, HardenedBSD security, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. 19.7, nicknamed "Jazzy Jaguar", embodies an iteration of what should be considered enjoyable user experience for firewalls in general: improved statistics and visibility of rules, reliable and consistent live logging and alias utility improvements. Apart from the usual upgrades of third party software to up-to-date releases, OPNsense now also offers built-in remote system logging through Syslog-ng, route-based IPsec, updated translations with Spanish as a brand new and already fully translated language and newer Netmap code with VirtIO, VLAN child and vmxnet support." Additional information can be found in the project's release announcement. Download (SHA256): OPNsense-19.7-OpenSSL-dvd-amd64.iso.bz2 (291MB). |
|
|
| Sidebar Sponsor |
 |
|
• 
• 
• 
• 
• 
• 
• 
bc1qtede6f7adcce4kjpgx0e5j68wwgtdxrek2qvc4 
lnurl1dp68gurn8ghj7ampd3kx2ar0veekzar0wd5xjtnrdakj7tnhv4kxctttdehhwm30d3h82unvwqhhxarpw3jkc7tzw4ex6cfexyfua2nr 
86fA3qPTeQtNb2k1vLwEQaAp3XxkvvvXt69gSG5LGunXXikK9koPWZaRQgfFPBPWhMgXjPjccy9LA9xRFchPWQAnPvxh5Le