OPNsense

OPNsense
DeveloperDeciso B.V.
OS familyFreeBSD (14.1-RELEASE)
Working stateCurrent
Source modelOpen source
Initial release5 January 2015; 9 years ago (2015-01-05)
Latest release24.7.7[1] Edit this on Wikidata / 23 October 2024; 5 days ago (23 October 2024)
Repository
Platformsx86-64
Kernel typeMonolithic kernel
Influenced byM0n0wall. pfSense
LicenseSimplified BSD / FreeBSD License[2]
Official websiteopnsense.org
Support status
Community & Commercial

OPNsense is an open source, FreeBSD-based firewall and routing software developed by Deciso, a company in the Netherlands that makes hardware and sells support packages for OPNsense.

Launched in 2015,[2] it is a fork of pfSense, which in turn was forked from m0n0wall built on FreeBSD.[3] When m0n0wall closed down in February 2015 its creator, Manuel Kasper, referred its developer community to OPNsense.[4]

Features

OPNsense has a web-based interface and can be used on the x86-64 platform.[5] Along with acting as a firewall, it has traffic shaping, load balancing, captive portal and virtual private network capabilities, and others can be added via plugins.[6][7]

The software also offers next-generation firewall capabilities utilizing Zenarmor, a NGFW plugin developed by OPNsense partner[8] Sunny Valley Networks.[9]

Domain dispute

In November 2017, a World Intellectual Property Organization panel found that Netgate, the copyright holder of pfSense, used the domain opnsense.com in bad faith to discredit OPNsense, and obligated Netgate to transfer domain ownership to Deciso.[10]

Releases

The OPNsense version naming system consists of year.month, since the first release took place in January 2015, it was named release 15.1. OPNsense typically uses a 6 month major release cycle with new releases in January and July of each year.[11]

OPNsense Release History
Version Code name General availability Latest minor version Latest release date Major changes
15.1[12] Ascending Albatross 2015-01-05 15.1.12 2015-06-17
  • Initial release
15.7[13] Brave Badger 2015-07-02 15.7.25[14] 2016-01-18
  • Base proxy and IDS support
  • pfSense config importer
  • FreeBSD 10.1
16.1[15] Crafty Coyote 2016-01-28 16.1.18[16] 2016-06-30
  • Firmware mirror location and crypto selection
  • IPS
  • FreeBSD 10.2
16.7[17] Dancing Dolphin 2016-07-28 16.7.14[18] 2017-01-25
  • RFC 4638 support (MTU > 1492 in PPPoE)
  • HTTPS proxy support
  • Active Queue Management (AQM): Controlled delay (CoDel) and FlowQueue-CoDel
  • Two factor authentication using RFC 6238
  • HardenedBSD's ASLR implementation
  • UEFI/GPT boot
  • FreeBSD 10.3
17.1[19] Eclectic Eagle 2017-01-31 17.1.11 2017-07-25
  • PHP 7.0
  • Lets Encrypt plugin
  • Pluggable firewall rules
  • Load Balancer, UPnP, SNMP, IGMP, WOL as plugins
  • FreeBSD 11
17.7[20] Free Fox 2017-07-31 17.7.12[21] 2018-01-18
  • HardenedBSD SafeStack for base applications and selected ports
  • HardenedBSD procfs hardening
  • Interface code speedup
18.1[22] Groovy Gecko 2018-01-29 18.1.13[23] 2018-07-24
  • Debug kernel support
  • PHP 7.1
  • pluggable NAT rules
  • FreeBSD 11.1
18.7[24] Happy Hippo 2018-07-31 18.7.10[25] 2019-01-07
  • Meltdown and Spectre V2 mitigations
  • Intel NIC driver updates
  • IDS/IPS application detection rules
  • FreeBSD 11.2
19.1[26] Inspiring Iguana 2019-01-31 19.1.10[27] 2019-07-03
  • Firewall NAT rule logging support
  • WPAD / PAC and parent proxy support in the web proxy
  • 2FA via LDAP-TOTP combination
  • Dnsmasq DNSSEC support
  • HardenedBSD 11.2
19.7[28] Jazzy Jaguar 2019-07-17 19.7.10[29] 2020-01-09
  • PHP 7.2
  • LibreSSL 2.9
  • WireGuard plugin
  • Firewall rule statistics
20.1[30] Keen Kingfisher 2020-01-30 20.1.9[31] 2020-07-23
  • Google backup API 2.4.0
  • LibreSSL 3.0
  • Support elliptic curve TLS certificate creation
  • VXLAN support
  • Support for additional loopback interfaces
20.7[32] Legendary Lion 2020-07-30 20.7.8[33] 2021-01-19
  • Basic firewall API support (via additional plugin)
  • Suricata 5
  • Unbound + DHCPDv4: Properly support expired leases
  • PHP expand code styling to PSR-12
  • HardenedBSD 12.1
21.1[34] Marvelous Meerkat 2021-01-28 21.1.9[35] 2021-07-27
  • Fix stability and reliability issues with regard to vmx(4), vtnet(4), ixl(4), ix(4) and em(4) Ethernet drivers
  • LibreSSL 3.2
  • New and improved live traffic report
  • IDPS: New policy definition using metadata tags (e.g. drop all critical events aimed at the perimeter)
21.7[36] Noble Nightingale 2021-07-28 21.7.8[37] 2022-01-27
  • Migrate bsdinstaller to bsdinstall
  • AXGBE 10 Gbps network card driver inclusion
  • PHP 7.4
  • NTPD client mode
  • Firmware Update Revamp
  • Firewall states diagnostic API/GUI
22.1[38] Observant Owl 2022-01-27 22.1.10[39] 2022-07-07
  • Authentication / LDAP automatic user creation on login
  • Improve alias hostname resolve performance
  • Improved firewall statistics
  • Support overload table on max new connections
  • FreeBSD 13
22.7[40] Powerful Panther 2022-07-28 22.7.11[41] 2023-01-18
  • Intel QuickAssist (QAT) support
  • Add stacked VLAN support (IEEE 802.1ad / QinQ)
  • Advanced DDoS protection using syncookies
  • PHP 8.0
  • FreeBSD 13.1
23.1[42] Quintessential Quail 2023-01-13 23.1.11[43] 2023-06-28
  • Firewall alias BGP ASN type support
  • DNS insights dashboard
  • PHP 8.1
  • WireGuard kernel module
  • LibreSSL discontinued
23.7[44] Restless Roadrunner 2023-07-31 23.7.12[45] 2024-01-16
  • Support for Importing Encrypted Configuration Files During OPNsense Installation
  • RADIUS Authentication - Add MSCHAPv2 support
  • Intrusion Detection: Suricata Netmap API version 14 enabled
  • PHP 8.2
  • FreeBSD 13.2
24.1[46] Savvy Shark 2024-01-30 24.1.10_8[47] 2024-07-25
  • Suricata 7
  • OpenSSL 3 ports migration
  • NPTv6 migrate to MVC
  • VXLAN: add support for non standard port numbers
  • os-firewall plugin inclusion to ease API usage
  • Improve WireGuard kernel plugin and implement it in core
  • Add Kea DHCP server option as an alternative to ISC DHCP which will eventually be deprecated
24.7[48] Thriving Tiger 2024-07-25 24.7.7[49] 2024-10-23
  • Python 3.11
  • FreeBSD 14.1
  • PHP 8.3
  • Modern dashboard UI improvements
  • Several MVC migrations (GIF, GRE, NAT, dhcrelay)
  • WireGuard VPN performance improvements
  • WireGuard client QR code generation
  • ISC dhcrelay deprecated
  • Captive portal fixes and improvements
Legend:   No longer supported versions   Latest supported release

See also


References

  1. ^ "OPNsense 24.7.7 released". Retrieved 24 October 2024.
  2. ^ a b "Press release: Deciso Launches OPNsense, a New Open Source Firewall Initiative". Deciso via PRNewsWire. January 2, 2015.
  3. ^ Serdar Yegulalp. "Review: 6 slick open source routers". cio.com. Archived from the original on 20 December 2017. Retrieved 20 December 2017.
  4. ^ Richard Chirgwin (16 Feb 2015). "MOnOwall comes tumbling down". The Register. Wayback Machine. Archived from the original on 12 May 2019. Retrieved 12 May 2019.
  5. ^ "DistroWatch.com: OPNsense". DistroWatch. February 12, 2021.
  6. ^ Sharma, Mayank; Drake, Nate (September 26, 2017). "What's the best Linux firewall distro?". Linux Format via TechRadar.
  7. ^ updated, Mayank Sharma last (2022-05-13). "Best Linux firewall of 2024". TechRadar. Retrieved 2024-10-12.
  8. ^ "Partners". Sunny Valley Networks. Retrieved 29 December 2022.
  9. ^ "Zenarmor (Sensei): Overview — OPNsense documentation". OPNsense Documentation. Retrieved 29 December 2022.
  10. ^ "WIPO Domain Name Decision: D2017-1828". WIPO. November 12, 2017.
  11. ^ "OPNsense Roadmap - Planned enhancements and innovations". opnsense.org. Retrieved 2024-01-17.
  12. ^ "OPNsense version 15.1.1 Released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  13. ^ "OPNsense version 15.7 Released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  14. ^ "OPNsense 15.7.25 Released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  15. ^ "OPNsense 16.1 Released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  16. ^ "OPNsense 16.1.18 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  17. ^ "OPNsense 16.7 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  18. ^ "OPNsense 16.7.14 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  19. ^ "OPNsense 17.1 Released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  20. ^ "OPNsense 17.7 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  21. ^ "OPNsense 17.7.12 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  22. ^ "OPNsense 18.1 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  23. ^ "OPNsense 18.1.13 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  24. ^ "OPNsense 18.7 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  25. ^ "OPNsense 18.7.10 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  26. ^ "OPNsense 19.1 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  27. ^ "OPNsense 19.1.10 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  28. ^ "OPNsense 19.7 "Jazzy Jaguar" released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  29. ^ "OPNsense 19.7.10 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  30. ^ "OPNsense 20.1 "Keen Kingfisher" released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  31. ^ "OPNsense 20.1.9 released". forum.opnsense.org. Retrieved 2024-01-17.
  32. ^ "OPNsense 20.7 - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  33. ^ "OPNsense 20.7.8 released". forum.opnsense.org. Retrieved 2024-01-17.
  34. ^ "OPNsense 21.1 Released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  35. ^ "OPNsense 21.1.9 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  36. ^ "OPNsense 21.7 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  37. ^ "OPNsense 21.7.8 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  38. ^ "OPNsense 22.1 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  39. ^ "OPNsense 22.1.10 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  40. ^ "OPNsense 22.7 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  41. ^ "OPNsense 22.7.11 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  42. ^ "OPNsense 23.1 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  43. ^ "OPNsense 23.1.11 released". forum.opnsense.org. Retrieved 2024-01-17.
  44. ^ "OPNsense 23.7 released - OPNsense® is a true open source firewall and more". opnsense.org. Retrieved 2024-01-17.
  45. ^ "OPNsense 23.7.12 released". forum.opnsense.org. Retrieved 2024-01-17.
  46. ^ "OPNsense 24.1 released". forum.opnsense.org. Retrieved 2024-01-30.
  47. ^ "OPNsense 24.1.10 released". forum.opnsense.org. Retrieved 2024-07-12.
  48. ^ "OPNsense 24.7 released". forum.opnsense.org. Retrieved 2024-07-31.
  49. ^ "OPNsense 24.7.7 released". forum.opnsense.org. Retrieved 2024-10-24.

Further reading