This is the official release announcement for IPFire 2.13 – Core Update 71. This update comes with some new features and minor bug fixes.

Wireless Client on RED

It is now possible to assign a wireless adapter as the RED interface. A GUI has been written where you can configure wireless access points, to which the IPFire system will connect when in reach.

You will be able to configure backup access points, to which IPFire will switch when the first one is down or out of reach. You can prioritize them, so that you can connect to the best one when ever that is possible. All common encryption technologies are supported.

This was funded on the IPFire wishlist a while ago, but was delayed because of lack of testers.

DNS forwarding GUI

A new GUI has been written on which you are able to define different name servers than the public name servers for your DNS zones. So, you can use your internal name server for internal name resolution instead of the public one on the Internet.

Performance improvement of squidclamav

Scanning all the HTTP traffic that is going through the proxy is very costly and makes browsing slow. In this update, we put the squidclamav process “in front of the proxy”. It now trusts the cache and won’t scan data that’s coming from the cache again which results in a huge performance increase. You now don’t even reckon that your traffic is scanned for viruses.

snort 2.9.5

The Intrusion Detection System (IDS) snort has been updated to version 2.9.5. Updating the official ruleset from sourcefire is now possible, again.

The VRT community rules package which was not available for a long time has been re-added to the list of rule sources again.

Smaller changes

  • The USB modeswitch database has been updated. This software will configure UMTS/LTE/3G USB adapters that they can be used as modems. Now, more of this hardware is supported.
  • Allow squid, the Web proxy service, to open more files and connections at once (more open file descriptors). This will result in a higher performance and better stability under high loads.
  • The whois tool for whois lookups has been replaced by GNU jwhois. It is much more flexible and does not have an outdated database like the old one.
  • squidclamav freezing when accessing sites that are also available over IPv6 has been fixed.
  • MTU negotiation on PPPoE: The default MTU for DSL lines has been 1492 which is not working on all DSL lines. If not configured correctly, your DSL connection won’t be able to transport big packets. We now allow to leave that field empty so IPFire will try to negotiate an appropriate MTU on itself.

Add-ons

  • VDR 2.0 has been pushed to the stable tree.

Tor from the IPFire wishlist

Thanks to all the people who donated for integrating Tor into IPFire. You can still support this wish or support the advanced firewall GUI.

The Tor add-on is already well advanced, because we worked day and night on it for a couple of days. We are confident that we will be able to ship it with Core Update 72. For that, we will need testers, so please stay tuned for that.

Michael Tremer - August 6, 2013 at 7:30 pm