It is time – today we are going to release IPFire 2.7. At first we will only release the ISO files, the update is not yet available via pakfire.
The reason for this is the change of the IPSec software from OpenSwan to StrongSwan and the mandatory changes in the configuration of net2net connections. The update on pakfire will be released next friday 2010-07-09, so there is enough time to change the IPSec tunnels, more information about this is avaiable at the Wiki.
There are about 400 changes in the new IPFire Version. All commits can be found at the GIT.
Changes among others are:
- Updates
- Updated Kernel to stable lts (2.6.32.15)
- Updated openssl to version 0.9.8o
- Updated Net-SSLeay to version 1.36
- Updated smartmontools to version 5.39.1
- Updated usb-modeswitch to version 1.1.2
- Updated alsa to version 1.0.23
- Updated memtest to version 4.10
- Updated v4l-dvb (2010-05-20)
- Updated kvm-kmod to version 2.6.33.1
- Updated compat-wireless to version 2.6.34
- Updated hardware and GeoIP database
- Updated squid to current stable version
- Updated mISDN, mISDNuser (25.5.2010) and lcr to version 1.7
- VPN
- Switched IPSec from OpenSwan to StrongSwan version 4.4.0
- Fixed vpn-watch hang at connection restart
- Many other IPSec fixes
- Updated OpenVPN to current stable version
- New advanced settings for OpenVPN avaiable [bug #490]
- Removed not working tap device
- Load cryptodev modules by default
- Snort
- Updated snort to stable 2.8.6
- Removed snort md5 check, added free space check
- Fixed Snort init script, added sleep before chmod
- Many snort config and script changes
- Fixed detection of snort descriptions
- Replaced snort gpl community rules by emergingthreats
- Many Guardian fixes like ignore file handling and linefead detection
- Hardware
- Added support for alix2 leds
- Added Vodafone K3765 and K4505 usbids to option driver
- Webinterface
- Cosmetic change for the swap and load graphs
- Fixed some naming and length problems in the outgoing firewall
- Fixed naming of firewall groups for webinterface
- Added clearer description for P2P block
- Added links for services on services.cgi [bug #617]
- Added clearer button for stopping services
- Added new iptables GUI
- Fixed white page at first start of ids.cgi
- Fixed update acclerator file download
- Firewall
- Added grouping option to the outgoing firewall – multiport and network group rules
- Added space to logging entries by outgoing firewall
- Language
- Added spanish translation of installer and setup
- Added spanish webif translation
- Others
- Added an config setting to remove netfilter sip modules
- Syslog async logging feature
- Resized /var/log/rrd in fstab
- Changed size of the swapfile
- Done a whole rework on the collectd config
- misc-progs: Cleanup chain creation of wirelessctrl
- Modified modules initscript to softly fail module loads
- Added new led triggers: netdev
- Added e2fsck.conf, this should fix manual superblock checls
- Enabled force setting system time on boot
- Fixed url filter repository for local redirects
- Fixed squidclamav logging [bug #639]
- Increase length of the password dialog to 50 chars
- Added bootoption to skip an initskript
- Blacklistet all framebuffer modules
- Fixed rebuildhost [bug #509]
- Allow also ip/netmask for blue access
- Fixed grub installation on virtio hdd
- Changed the flash serialcon image