IPFire 2.29 - Core Update 198 released for testing
IPFire Core Update 198 is now available for testing purposes, and its release is imminent. This update brings crucial improvements to the IPFire Intrusion Prevention System (IPS), an upgraded toolchain, and various smaller bug fixes.
The development team, led by Michael Tremer, invites users to participate in the testing process and help iron out any remaining issues. To do so, navigate to the Pakfire page on your web interface, select the "testing" option at the bottom, and proceed with the installation. Your feedback is invaluable; please report any bugs encountered to Bugzilla.
A significant enhancement has been made to the IPFire IPS, which now offers advanced reporting capabilities. This long-awaited feature will greatly benefit network administrators who rely on their firewalls for security purposes. The enhanced IPS can send detailed alerts and reports beyond its confines, creating a reliable paper trail even if it is compromised in the future.
With this update, you can expect:
- Immediate email notifications for critical events above a threshold defined by you. No longer will crucial logs be hidden from view; instead, you'll receive real-time updates, keeping you informed even when away from your dashboard.
- Scheduled PDF reports on a daily, weekly, or monthly basis. These comprehensive summaries of alerts provide an easy-to-read format that can be archived or shared with team members and management.
- Forwarding alerts to remote syslog servers for secure external logging and long-term storage. This ensures that you have an independent record of IPS activity outside the firewall, facilitating forensic analysis even if the appliance itself is damaged or tampered with.
The combination of real-time notifications, scheduled reporting, and off-device logging dramatically enhances the auditability and accountability of your IPS. Administrators now possess a richer set of tools to track suspicious activity, build historical records, and prove that threats were detected and handled – essential capabilities in worst-case scenarios where an attacker might attempt to cover their tracks.
Whether you manage a small office network or a large enterprise environment, these new reporting features simplify staying on top of security events, responding promptly, and maintaining a trustworthy record of occurrences. This update strengthens the very foundation of your security operations, providing a robust defense against potential threats.
In addition to the enhanced IPS, IPFire 2.29 - Core Update 198 includes several other notable improvements:
- The IPFire IPS has been upgraded to Suricata 8.0.1, which introduces caching for compiled rules, sturdier memory handling, and expanded protocol support (including DNS-over-HTTP/2, Multicast DNS, LDAP, POP3, SDP in SIP, SIP over TCP, and WebSocket). Pattern-matching has also been optimized on ARM architecture with the latest Vectorscan library.
- The IPFire Toolchain has been rebased on the latest versions of the GNU Compiler Collection (GCC), GNU Binutils, and GNU glibc. These updates bring various bug fixes, security enhancements, and performance improvements.
- A large number of packages have been updated to their latest versions, including abseil-cpp, BIND 9.20.13, btrfs-progs 6.16, cmake 4.1.1, dtc 1.7.2, cURL 8.16.0, ed 1.22.2, elinks 0.18.0, ethtool 6.15, expat 2.7.2, fcron 3.4.0, freetype 2.14.1, gdbm 1.26, harfbuzz 11.4.5, hwdata 0.398, iproute2 6.16.0, less 679, libarchive 3.8.1, libconfig 1.8.1, libffi 3.5.2, libinih 61, libgcrypt 1.11.2, libssh 0.11.3, libtirpc 1.3.7, libxml2 2.14.6, lsof 4.99.5, LVM2 2.03.35, lzip 1.25, meson 1.9.0, nano 8.6, p11-kit 0.25.8, PCRE2 10.46, ruby 3.4.5, SQLite 3.5.4, sudo 1.9.17p2, whois 5.6.4, xfsprogs 6.16.0, and zlib-ng 2.2.5.
Furthermore, Intel has released new microcode for their processors to address various security vulnerabilities, and GRUB has been patched against multiple vulnerabilities. The Add-Ons section includes updates to several packages, such as borgbackup, dehydrated, fping, FRR, Git, HAProxy, iotop, iptraf-ng, libogg, libslirp, libusbredir, libvirt, lynis, mtr, mympd, nagios_nrpe, ncat, nfs, nginx, nmap, nut, opus, Postfix, python3-msgpack, QEMU + Guest Agent, rpcbind, Samba, strace, tshark, and wsdd.
Come join us in testing IPFire 2.29 - Core Update 198
