Come join us in testing IPFire 2.29 - Core Update 198

by Michael Tremer, Monday

Do you like what you are reading? Subscribe to our newsletter and don't miss out on the latest...   Join Now

It is time to test the upcoming release of IPFire: IPFire 2.29 - Core Update 198. Join us to iron out the last remaining issues and help everyone to get their hands on this release as soon as possible. It is an important one that brings a major update to the IPFire Intrusion Prevention System, an updated toolchain, as well as various smaller bug fixes.

Head to the Pakfire page on your web UI and change to "testing" at the bottom to install this update with only a few clicks and join the fun. If you find any bugs, please report them to Bugzilla.

Powerful New Reporting for the IPFire Intrusion Prevention System

One of the most requested improvements to the IPFire IPS has finally arrived - and it is a game changer for anyone who relies on their firewall to keep networks safe.
The IPS can now send detailed alerts and reports beyond the firewall itself, creating a reliable paper trail even if the firewall is later compromised. With this update you can:

  • Get immediate email notifications for any alert above a threshold you define. Critical events no longer hide in log files - know about them the moment they happen, even if you are away from the dashboard.
  • Receive scheduled PDF reports every day, week, or month. These reports provide a complete summary of all alerts in an easy-to-read format that you can archive, or share with your team and management.
  • Forward alerts to remote syslog servers for secure external logging and long-term storage. This means you always have an independent record of IPS activity outside the firewall, making forensic analysis possible even if the appliance itself is damaged or tampered with.

This combination of real-time notifications, scheduled reporting, and off-device logging dramatically improves the auditability and accountability of your IPS. Administrators gain a richer set of tools to track suspicious activity, build historical records, and prove that threats were detected and handled—even in worst-case scenarios where an attacker might try to cover their tracks.

Whether you manage a small office network or a large enterprise environment, these new reporting features make it easier than ever to stay on top of security events, respond quickly, and maintain a trustworthy record of what happened and when. It is the kind of change that doesn’t just add convenience - it strengthens the very foundation of your security operations.

Upgraded to Suricata 8.0.1, the IPFire IPS now caches compiled rules for near-instant startup, features sturdier memory handling, and expands protocol support to DNS-over-HTTP/2, Multicast DNS, LDAP, POP3, SDP in SIP, SIP over TCP, and WebSocket. Its pattern-matching just got a speed upgrade on ARM: the latest Vectorscan library introduces optimised algorithms that tap into more vector instructions for sharper performance.

Toolchain Rebase & Package Updates

The IPFire Toolchain has been rebased on the latest versions of the GNU Compiler Collection 15.2.0, GNU Binutils 2.42, and GNU glibc 2.42. They are all bringing various bug and security fixes as well as performance improvements. On top of that, this update comes with a large number of package updates: abseil-cpp 20250814.0, BIND 9.20.13, btrfs-progs 6.16, cmake 4.1.1, dtc 1.7.2, cURL 8.16.0, ed 1.22.2, elinks 0.18.0, ethtool 6.15, expat 2.7.2, fcron 3.4.0, freetype 2.14.1, gdbm 1.26, harfbuzz 11.4.5, hwdata 0.398, iproute2 6.16.0, less 679, libarchive 3.8.1, libconfig 1.8.1, libffi 3.5.2, libinih 61, libgcrypt 1.11.2, libssh 0.11.3, libtirpc 1.3.7, libxml2 2.14.6, lsof 4.99.5, LVM2 2.03.35, lzip 1.25, meson 1.9.0, nano 8.6, p11-kit 0.25.8, PCRE2 10.46, ruby 3.4.5, SQLite 3.5.4, sudo 1.9.17p2, whois 5.6.4, xfsprogs 6.16.0, zlib-ng 2.2.5

Misc.

  • Intel has release new microcode for their processors fixing various more security vulnerabilities
  • GRUB has been patched against a large number of vulnerabilities

Add-Ons

  • Updated packages: borgbackup 1.4.1, dehydrated 0.7.2, fping 5.4, FRR 10.4.1, Git 2.51.0, HAProxy: 3.2.4, iotop 1.30, iptraf-ng 1.2.2, libogg 1.3.6, libslirp 4.9.1, libusbredir 0.15.0, libvirt 11.7.0, lynis 3.1.5, mtr 0.96, mympd 22.0.4, nagios_nrpe 4.1.3, ncat 7.98, nfs .8.4, nginx 1.29.1, nmap 7.98, nut 2.8.4, opus 1.5.2, Postfix 3.10.4, python3-msgpack 1.1.0, QEMU + Guest Agent 10.1.0, rpcbind 1.2.8, Samba 4.22.4, strace 6.16, tshark 4.4.9, wsdd 0.9