IPFire 2.29 has been released with Core Update 199, which brings improvements to network stability and speed. The update supports WiFi standards, including 6E, allowing for faster wireless connections and better performance with modern hardware. Additionally, IPFire now includes native support for LLDP and CDP, making it easier to see connected devices in complex networks, as well as security and stability updates for the kernel and other core components. Other features include improved Intrusion Prevention System (IPS) handling, updated OpenVPN settings, and fixes for proxy vulnerabilities and web UI bugs.

IPFire 2.29 - Core Update 199 released

IPFire 2.29 is out with Core Update 199; it brings network upgrades and general stability improvements.

A big part of the push is support for WiFi standards, including both 7 and 6, especially 6E if you have compatible gear. This means more speed potential for wireless setups and better handling generally. The update helps things integrate smoothly with modern hardware too, letting users get full value out of those advanced features, like 802.11ax (WiFi 6) or the newer 802.11be standard. IPFire should automatically figure out if your router supports it and turn that capability on for you.

For visibility in complex networks, maybe yours is getting big enough to need this stuff; there's now native support for LLDP and CDP directly from the firewall side. This helps by letting you see what devices are connected locally, including their switch ports. It’s another tool available through the web interface, tucked away under Network -> LLDP.

Speaking of core changes, the IPFire kernel has been rebased onto Linux 6.12.58. That includes security and stability updates for the system itself. There are also some config tweaks related to preemption debugging; if you run into performance issues on certain systems before then, these might help behind the scenes.

The Intrusion Prevention System (IPS) got a boost too, mainly through better handling in Suricata. The reporting schedule is now more straightforward: it sends out its daily report at 1 am every day automatically. Also, clients getting pushed onto networks can have their DNS and WINS servers set by IPFire itself; that could simplify things sometimes.

OpenVPN's Roadwarrior setup also got updated internally to flag legacy ciphers for better security awareness on the client side during connection checks or troubleshooting.

The proxy stuff saw action too, with a fix addressing CVE-2025-62168. There was another issue: potential process termination due to race conditions in URL filtering logic that is now ironed out as well. This release is part of making things safer and more dependable online for you generally.

A web UI bug where location groups couldn't be created properly has been fixed, a necessary change because the interface wouldn't let you make new ones sometimes before this update. Other tweaks include aligning the SSH cipher suite list with what upstream projects prefer and just doing some tidy-up work on code organization along the way to help things run better.

Package-wise, core components were upgraded; think c-ares, cURL, boost libraries generally, elfutils plus BIND (the DNS server), btrfs-progs utilities, and kernel bits like cutils. Arpwatch came in as an extra add-on tool this time with a specific fix ensuring it sends off envelope notifications correctly.

So, this latest Core Update 199 for IPFire is another solid step forward for the system, focused on getting your network setup smoother and more secure generally speaking. You can download it from here.