Posts in 2021

As 2021 is nearing its end, I would like to take the opportunity to thank everyone who has helped us making it another successful year. Whether that is by being a loyal user, contributing to the project in any shape or form, or by helping us to promote the project and telling all your colleagues and friends about your most favourite firewall.

Just before Christmas, it is time for the last release of the year: IPFire 2.27 - Core Update 162. It comes with a brand-new kernel based on Linux 5.15, and it will be the last release supporting the i586 architecture.

As you might have already heard in the media, a quite severe security problem in Apache log4j is ripping its way through the world - filed as CVE-2021-44228.

Another release is available for testing: IPFire 2.27 - Core Update 162. It comes with a brand-new kernel based on Linux 5.15, and it will be the last release supporting the i586 architecture.

Today, we are releasing a brand new version of IPFire: 2.27 - Core Update 161. Amongst a huge performance improvement for the Intrusion Prevention System, it comes with a brand new kernel and various security and bug fixes.

A new update is available for testing: IPFire 2.27 - Core Update 161. It comes with a huge performance improvement for the Intrusion Prevention System which allows it to deliver excellent throughput even on smaller hardware. On top of that come a brand new kernel and various security and bug fixes.

Thanks to libloc, the free & open source location database, IPFire comes with an accurate, trustworthy database for mapping IP addresses to countries and Autonomous Systems, and vice versa. This allows us to introduce a new feature: Proactive detection of Fast Flux setups, which are commonly used by ne'er-do-wells for hosting questionable and malicious content on compromised machines around the world, switching from one infected PC, IoT device, or router to another within minutes.

This is the release announcement for IPFire 2.27 - Core Update 160. It comes with a large number of bug fixes and package updates and prepares for removing Python 2 which has reached its end of life.

This is the announcement for IPFire 2.27 - Core Update 160 which is available for testing. It comes with a large number of bug fixes and package updates and prepare for removing Python 2 which has reached its end of life.

This is the official release announcement for the next major release of IPFire: IPFire 2.27 - Core Update 159. It comes with a brand new kernel based on Linux 5.10 and an updated toolchain as well as general bug fixes and a large number of improvements.

And another update is available for testing, with a brand new kernel and an updated toolchain.

IPFire 2.25 - Core Update 158 is generally available. It comes with one-click VPNs for Apple iOS and Mac OS devices as well as with various fixes across the board including security fixes.

Another update is available for testing and it is packed a one-click VPNs for Apple iOS and Mac OS devices as well as with various fixes across the board including security fixes.

After a little break, IPFire 2.25 - Core Update 157 is out! This is the largest release in size we have ever had and updates various parts of the operating system and brings an updated kernel.

I am sure you have already heard that the Freenode IRC Network has been hijacked and lots of people lost control over their IRC channels. So did the IPFire Project.

It is time to test the upcoming release: IPFire 2.25 - Core Update 157. This is the largest release in size we have ever had and updates various parts of the operating system and brings an updated kernel.

Another update is available: IPFire 2.25 - Core Update 156. As usual for this time of the year, it is a spring clear release that updates lots of software and brings a new exciting feature: Live Graphs.

Imagine you are in need of an ISP to host your 100,000 malware distribution sites. Which one would be your first choice? You operate a website for exchanging stolen credit card data, and need a reliable place for web and DNS services. Where do you go? A botnet operation of yours relies on reachable C&C servers, but even the dirtiest ISPs shut them down quickly. What to do?

Another update is available for testing: IPFire 2.25 - Core Update 156. As usual for this time of the year, it is a spring clear release that updates lots of software and brings a new exciting feature: Live Graphs.

Today, we are releasing IPFire 2.25- Core Update 155 which comes with various security fixes to mitigate NAT Slipstreaming attacks and important fixes in the OpenSSL library which allowed that attackers could have crashed services that use TLS on the firewall.

The upcoming release IPFire 2.25 - Core Update 155 is available for testing. It comes with important security fixes for the NAT Slipstreaming attack which might require attention if you are currently using the Application Layer Gateways for SIP or FTP.

Last autumn, we learned about a severe attack called NAT Slipstreaming, which ultimately enables a remote attacker to establish arbitrary TCP and UDP connections to the victim's client behind a NAT firewall, bypassing the firewall ruleset configured. No complex user interaction is required for this, visiting a malicious website - or a legitimate one with malicious content from third parties such as advertisement or tracking servers embedded - while having JavaScript enabled is sufficient.

The first update of the year will be an enormous one. We have been working hard in the lab to update the underlying operating system to harden and improve IPFire and we have added WPA3 client support and made DNS faster and more resilient against broken Internet connections.

The first update of the year will be an enormous one. We have been working hard in the lab to update the underlying operating system to harden and improve IPFire and we have added WPA3 client support and made DNS faster and more resilient against broken Internet connections.

I hope that everyone had a good start into the new year. The last one probably has been tough for most of us in many different ways. It has been for the IPFire Project, too.

I feel that this is a pledge that needs repeating since many projects have recently turned their backs at Open Source software. Here is a quick ready why this is very dangerous to the future of the internet.