1.2 Release Candidate 1 released!

July 21st, 2007 by Scott Ullrich

1.2-RC1 has been released! Here are just a few of the new improvements and features that have made their way into this new version:

New features/improvements present in 1.2-RC1:

  • Many IPSEC improvements when you have more than 40+ IPSEC tunnels
  • RRD Queues Graphing fixes
  • DNS Forwarder (DNS Masq) has been updated to version 2.39
  • Miniupnpd should now shutdown correctly when disabled
  • Minor RRD graph fixes for periods longer than 8 months
  • DHCPD now started before DNS Forwarder on embedded platform
  • pftpx processes now killed correctly after the queue changes (ALTQ)
  • ftpsesame recompiled against libevent-1.3

Features/improvements presnet in 1.2-BETA3:

  • Restart filter logging subsystem after time zone changes
  • Remove extra SSH password authentication line
  • IPSEC filter rule tab now hidden when IPSEC is disabled
  • Dyanmic log viewer removed due to too many issues (will reappear in 1.3)
  • Increase ephemeral port range for busy firewalls
  • More IPSEC /CARP cleanups
  • Misc logging viewer fixes

Features/improvements present in 1.2-BETA2:

  • Advanced outbound NAT fixes
  • UPNP now works on LiveCD
  • Misc log viewing fixes
  • Password field lengths now line up on nervecenter theme
  • IPSEC now works correctly on CARP interfaces out of the box
  • Routed hosts behind a policy-routed segment can now reach the LAN interface correctly when the anti-lockout rule is enabled
  • pfSync and CARP now will work correctly on extremely restrictive rulesets
  • Captive portal images fixed
  • SLBD 100% utilization fixes
  • 64 megabyte memory improvements (works but not supported)
  • Misc packet capture fixes
  • Dashboard package added
  • Update static routes on filter reload
  • Miniupnpd version bump to 20070521
  • Turn off antispoof on bridges
  • NAT reflection timeout extended to 2000 which is roughly 33 minutes
  • use_rrd_gateway location fixes
  • Fixed advanced firewall rule tunables

And the features/fixes that where introduced in 1.2-BETA-1:

  • FreeBSD updated to 6.2
  • Reworked load balancing pools which allow for round robin or failover
  • miniupnpd has proven to work so well that it is now in the base install but deactivated by default (uninstall the miniupnpd package before upgrading to avoid duplicate menu items)
  • Much enhanced RRD graphs
  • Numerous Squid Package fixes
  • PPTP Server includes WINS server settings correctly now
  • General OpenVPN stability improvements
  • “Nervecenter” theme added as default
  • Status -> DHCP leases now 1500% faster
  • Captive portal now allows traffic to port 8000 and 8001 behind the scenes
  • Multiple miscellaneous pf rule fixes to prevent broken rulesets
  • DNS server with active failover will show up when 1.2 releases (Screen shot of test >here<.)
  • dnsmasq updated to 2.36
  • olsrd updated to 0.4.10
  • Alias line item descriptions backported from -HEAD
  • Enhanced cron handling backported from -HEAD
  • dhclient changes backported from FreeBSD 7
  • miniupnpd updated
  • Speed NAT apply page up 100%
  • PPPoE auto disconnect (for our German users)
  • Soekris/WRAP error light usage now when a problem or alert occurs
  • TCPDump interface
  • VLAN assign interface improvements
  • SLBD/load balancing ping times increased to a timeout of 2 seconds
  • Package infrastructure to safely sync package data between CARP nodes added
  • Miscellaneous DHCP Server OPT interface fixes
  • 1:1 NAT outgoing FTP fixes
  • OpenVPN stability fixes
  • Traffic shaper wizard now displays errors correctly
  • BandwidthD package added
  • Pinger framework improved
  • Dynamic filter log viewer added
  • IPSec filtering is now possible. You need to create rules before traffic will pass!!
  • Individual kill state feature back ported from HEAD on Diagnostics, Show States screen
  • Fix for DHCP Load balancing edge case where monitor IP’s would be mapped through the wrong gateway.
  • Option added to turn off TX and RX hardware checksums. We are finding more and more hardware that this feature just simply doesn’t work very well.
  • OpenVPN PPPoE fixes
  • Reload VLAN interfaces correctly after adding a new one
  • Multiple client OpenVPN fixes
  • PHP upgraded to 4.4.6
  • Synchronized captive portal with m0n0wall
  • CARP IP addresses can be used on IPSec VPN connections and multi-WAN IPSec now works correctly
  • config.xml stability improvements to drastically reduce chances of corruption
  • Packages auto-fix themselves if a problem arises in the installation
  • Lighttpd upgraded to 1.4.15
  • PPPoE server subnet fixes
  • OpenVPN outgoing bandwidth limits added
  • Firewall schedules feature added
  • Server load balancing pool page added
  • Multi-WAN NAT configuration now correct in non-Advanced Outbound NAT mode
  • Load balancing ping now uses fping

1.2-RC1 will appear at a mirror near you very soon. Please let us know what you think on the forum or mailing list.

9 Responses to “1.2 Release Candidate 1 released!”

  1. paul.mansfield Says:

    my first observation is that it fixes a problem I was having with USB keyboards – previously a USB keyboard would not be detected when the machiune booted, and I’d have to re-plug the keyboard and even then it might not work.

  2. Jason Says:

    good work as usual guys, how long till we see the actual release?

  3. baskin Says:

    Any news about the wireless issues?

  4. Chris Buechler Says:

    No news on wireless.

    If you can reliably replicate wireless problems with 1.2x releases, please drop me an email (cbuechler@gmail.com).

    No clue on release date yet.

  5. António Says:

    I found pfSense when looking for a gateway solution for our community wireless network (serving as the main gateway on an outdated pc).
    The mix of MAC/IP address “pass-through”, or even Radius/802.1x for local “subscribers” – enabling VoIP solutions – and captive portal for “guest” users is an excellent combination.
    I thought this release would our remaining problem: attributing per user bandwidth… I was hoping the BandwidthD package would solve this issue (I didn-t know it before), but well… maybe next release…

    Thanks to all you dev’s and all additional cooperators!

  6. Chris Buechler Says:

    For bandwidth accounting on a per-user basis, pfflowd has been available in packages for ages now. It exports NetFlow, and there are many packages available to collect and report on NetFlow data (it’s what Cisco routers use).

  7. António Says:

    Something apparently new I found that could also do the bandwidth control: the “penalty” section… It wasn’t included in v.1.0.1, was it?
    My problem solved! Excellent work, guys! Make me wish I could learn all the programming needed to help you!

  8. Wally Says:

    I am trying to download the full and embedded RC1 from the mirrors. Each time the file is downloaded and then I use Winzip to open it, I get crc errors, file is corrupt. I have tried different download sites and still have the same problem. But, if I download the RC1 LIVECD iso, I do not have that problem.

  9. Christopher Olson Says:

    Wally.

    Try using 7Zip to extract the file. I’m pretty sure your issue is with “Winzip” and not the files.

Please don’t post technical questions or off-topic comments. It is far more likely that your questions and concerns will be addressed effectively through one of our support channels.

Leave a Reply