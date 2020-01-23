OPNsense 20.1-RC1 Released For Popular BSD-Based Firewall / Routing OS
The release candidate of OPNsense 20.1 is available this weekend, the FreeBSD/HardenedBSD-based networking/firewall OS that forked from pfSense now a half-decade ago.
The OPNsense 20.1 release has been working on a variety of security improvements, VXLAN device support, working on the transition to a fully plug-able device infrastructure, plug-in updates, and many other changes.
For over 5 years now, OPNsense is driving innovation through modularising
and hardening the open source firewall, with simple and reliable firmware
upgrades, multi-language support, HardenedBSD security, fast adoption of
upstream software updates as well as clear and stable 2-Clause BSD licensing.
We thank all of you for helping test, shape and contribute to the project!
We know it would not be the same without you.
Download links, an installation guide[1] and the checksums for the images
can be found below as well.
o Europe: https://opnsense.c0urier.net/releases/20.1/
o US East Coast: http://mirrors.nycbug.org/pub/opnsense/releases/20.1/
o US West Coast: https://mirror.sfo12.us.leaseweb.net/opnsense/releases/20.1/
o South America: http://mirror.upb.edu.co/opnsense/releases/20.1/
o South-East Asia: https://ftp.yzu.edu.tw/opnsense/releases/20.1/
o Full mirror list: https://opnsense.org/download/
Here are the full patch notes against 19.7.9_1:
o system: support for manually removing static route entries
o system: migrated logging to MVC
o system: regenerate default DH parameters
o system: randomize session ID in test cookie
o system: remove legacy XMLRPC push on changes
o system: deprecate the use of services.inc
o system: opt-out on "Allow DNS server list to be overridden by DHCP/PPP on WAN" for selected interfaces
o system: increase PHP memory limit to 512 MB
o system: opnsense-auth can now respond with extended properties in JSON on successful authentication
o interfaces: loopback device support
o interfaces: VXLAN device support
o interfaces: first steps toward fully pluggable device infrastructure
o interfaces: remove default load of netgraph framework on bootup
o interfaces: interfaces: move description into top block and rename titles
o interfaces: only trigger newwanip event for affected interfaces
o firmware: revoke 19.1, trust 20.1 fingerprint
o firmware: new mirror in Zurich, CH contributed by ServerBase AG
o firmware: add live search to mirror selection
o dhcp: add OMAPI configuration support (contributed by Yuri Moens)
o ipsec: add configurable dpdaction (contributed by Marcel Menzel)
o ipsec: refactor tunnel settings page
o unbound: add options for logging queries and extended statistics (contributed by Flightkick)
o mvc: BaseListField ignoring empty selected field
o ui: jQuery 3.4.1
o plugins: os-dyndns 1.19 adds dynv6 and Azure DNS support (contributed by Ralf Zerres and martgras)
o plugins: os-haproxy 2.20[2]
o plugins: os-zabbix-agent 1.7[3][4]
o ports: ca_root_nss 3.49.1
o ports: curl 7.68.0[5]
o ports: openssl 1.1.1d[6]
Known issues and limitations:
o HardenedBSD 12.1 has been postponed to the next major release
o Nano growfs does not work on this release candidate, but a fix for 20.1 already exists
o Installer still advertises 19.7, but a fix for 20.1 already exists
o Legacy MPD5 plugins os-l2tp, os-pppoe and os-pptp have been deprecated and will no longer receive updates
o i386 has not been deprecated for the time being
Mesa 20.0 Work by Intel and AMD
Patches written two months ago for Intel's ANV open-source Vulkan driver have now been merged ahead of the imminent Mesa 20.0 feature freeze and branching.
The work worth mentioning is allowing HiZ in read-only depth layouts. "These layouts don't mean "sampled" they mean the same thing as DEPTH_STENCIL_OPTIMAL only the client promises to not write the depth or stencil buffer as indicated. Since HiZ depth testing is much faster than non-HiZ depth testing, we really don't want to disable HiZ for these."
In addition to the AMD RadeonSI Gallium3D driver's on-disk shader cache and in-memory shader cache there is now a "live shader cache" to help with deduplication of compiled shader objects.
AMD's Marek Olšák landed this live shader cache on Friday. The introduction of this new caching level stems from the behavior of when games concert separate D3D shaders into linked GLSL shaders, the same vertex shader is often used with many different fragment shaders. In introducing this live shader cache of the compiled shader objects, for affected titles there should now be fewer resident shaders and fewer shader state changes.
Programming: Perl/Raku, Python and More
Perl / Raku
We are really happy to announce that Curtis “Ovid” Poe will present a keynote at the 22nd Perl/Raku workshop in March in Erlangen!
Curtis runs Tau Station and is a long time contributor to the workshop.
The list of accepted talks has grown, with varied topics from “Progressing from Humans to Developers”, “A new Lisp, in Perl” and “Querying the Etherum Blockchain Nodes with Raku”. All accepted talks are listed here .
Since we still have some slots free for talks, we have extended the deadline for talk submission to the 3rd February 2020. If you have a topic you want to present, please submit your talk .
Kind of like Moops but with less hacky parsing.
Well it looks like a wrap for PAWS XML as the last thing I am working on is getting the test suite to pass
Python
We are proud to announce the release of the version 1.1.0 of python-sql.
python-sql is a library to write SQL queries in a pythonic way. It is mainly developed for Tryton but it has no external dependencies and is agnostic to any framework or SQL database.
-
The most critical issue of our time is climate change. Yet, when you think about our carbon impact in the software industry, what comes to mind? Business travel? Commuting to the office so you don't miss filing that TPS report? Yeah, those are bad. But data centers, servers, and our apps consume a substantial portion of the total energy used by modern humans.
In this episode, you'll meet Chris Adams. He has been advocating for a greener software environment and has concrete advice to make your Python program more climate-friendly.
What is a function? A function is a block of code used to perform a specific task. It can be a collection of many tasks strung together to perform a single task. It is a block of code which can be re-used elsewhere inside a Software application, helping to build the application, brick by brick, function by function. Python programming language provides the capabilities to build software applications using functions. Through using Python you can build your own functions or use the Python 3 standard library which contains pre-written functions. These functions can help you build your software faster without the reliance on having to build everything from scratch.
Misc.
Armadillo is a powerful and expressive C++ template library for linear algebra aiming towards a good balance between speed and ease of use with a syntax deliberately close to a Matlab. RcppArmadillo integrates this library with the R environment and language–and is widely used by (currently) 680 other packages on CRAN.
A second small Armadillo bugfix upstream update 9.800.4 came out yesterday for the 9.800.* series, following a similar bugfix release 9.800.3 in December. This time just one file was changed (see below).
As part of my role as a senior product marketing manager at an enterprise software company with an open source development model, I publish a regular update about open source community, market, and industry trends for product marketers, managers, and other influencers. Here are five of my and their favorite articles from that update.
A gentle admonishment to accept that shell scripts will appear in your codebases and to lean heavily on automated tools, modern features, safety rails, and best practices whenever possible.
Firefox on Wayland, Spying by Mozilla and Firefox Team "Looks Within to Lead Into the Future"
Some exciting news this week for Firefox users running on Wayland...
Martin Stránský of Red Hat who is on the Fedora Firefox team and was involved in bringing up Wayland support on Firefox has worked on an interesting improvement for the browser. Martin this week posted a patch implementing FFmpeg-based VA-API video acceleration for Firefox on Wayland.
In leveraging the recent Wayland DMA-BUF support within Firefox, it's finally possible with this patch to have Video Acceleration API (VA-API) GPU-accelerated video decoding within the browser when running natively on Wayland.
-
The Firefox Browser is not as private as you may think – especially on iOS and Android. Mozilla recently announced that they would be allowing any Firefox user a means to request Mozilla to delete stored telemetry data that is tied to said user. Mozilla maintains “strict limits” on how long they store this logged telemetry data, but any duration is too long if the telemetry data can be associated with an individual Firefox browser instance on a particular IP address through a government request. Sure, the collection of this telemetry data can be turned off, but the vast majority of Firefox users are not using Firefox with telemetry turned off, and are therefore incredibly vulnerable.
-
For Firefox products and services to meet the needs of people’s increasingly complex online lives, we need the right organizational structure. One that allows us to respond quickly as we continue to excel at delivering existing products and develop new ones into the future.
Today, I announced a series of changes to the Firefox Product Development organization that will allow us to do just that, including the promotion of long-time Mozillian Selena Deckelmann to Vice President, Firefox Desktop.
“Working on Firefox is a dream come true,” said Selena Deckelmann, Vice President, Firefox Desktop. “I collaborate with an inspiring and incredibly talented team, on a product whose mission drives me to do my best work. We are all here to make the internet work for the people it serves.”
I’m extraordinarily proud to have such a strong team within the Firefox organization that we could look internally to identify this new leadership team.
These Mozillians and I, will eventually be joined by two additional team members. One who will head up our Firefox Mobile team and the other who will lead the team that has been driving our paid subscription work. Searches for both roles will be posted.
Alongside Firefox Chief Technology Officer Eric Rescorla and Vice President, Product Marketing Lindsey Shepard, I look forward to working with this team to meet Mozilla’s mission and serve internet users as we build a better web.
