1.2 Release Candidate 2 released!

August 17th, 2007 by Scott Ullrich

1.2-RC2 has been released! Here are just a few of the new improvements and features that have made their way into this new version:

New features/improvements present in 1.2-RC2:

  • Automatically restarts racoon (ipsec-tools if it wedges)
  • Ensure CARP status page cache is cleared before load
  • Updated lighttpd to 1.4.15
  • APC updated to 3.0.14
  • Update to DNSMASQ 2.3.9
  • Ensure that rules are cleared from UPNP when service is stopped
  • Correectly show IPSEC firewall rules tab when Mobile IPSEC is enabled
  • Quality graph misc alignments
  • Backport show username on captive portal status screen
  • Do not allow aliases named “pptp”
  • TCP timeout time fixes

New features/improvements present in 1.2-RC1:

  • Many IPSEC improvements when you have more than 40+ IPSEC tunnels
  • RRD Queues Graphing fixes
  • DNS Forwarder (DNS Masq) has been updated to version 2.39
  • Miniupnpd should now shutdown correctly when disabled
  • Minor RRD graph fixes for periods longer than 8 months
  • DHCPD now started before DNS Forwarder on embedded platform
  • pftpx processes now killed correctly after the queue changes (ALTQ)
  • ftpsesame recompiled against libevent-1.3

Features/improvements presnet in 1.2-BETA3:

  • Restart filter logging subsystem after time zone changes
  • Remove extra SSH password authentication line
  • IPSEC filter rule tab now hidden when IPSEC is disabled
  • Dyanmic log viewer removed due to too many issues (will reappear in 1.3)
  • Increase ephemeral port range for busy firewalls
  • More IPSEC /CARP cleanups
  • Misc logging viewer fixes

Features/improvements present in 1.2-BETA2:

  • Advanced outbound NAT fixes
  • UPNP now works on LiveCD
  • Misc log viewing fixes
  • Password field lengths now line up on nervecenter theme
  • IPSEC now works correctly on CARP interfaces out of the box
  • Routed hosts behind a policy-routed segment can now reach the LAN interface correctly when the anti-lockout rule is enabled
  • pfSync and CARP now will work correctly on extremely restrictive rulesets
  • Captive portal images fixed
  • SLBD 100% utilization fixes
  • 64 megabyte memory improvements (works but not supported)
  • Misc packet capture fixes
  • Dashboard package added
  • Update static routes on filter reload
  • Miniupnpd version bump to 20070521
  • Turn off antispoof on bridges
  • NAT reflection timeout extended to 2000 which is roughly 33 minutes
  • use_rrd_gateway location fixes
  • Fixed advanced firewall rule tunables

And the features/fixes that where introduced in 1.2-BETA-1:

  • FreeBSD updated to 6.2
  • Reworked load balancing pools which allow for round robin or failover
  • miniupnpd has proven to work so well that it is now in the base install but deactivated by default (uninstall the miniupnpd package before upgrading to avoid duplicate menu items)
  • Much enhanced RRD graphs
  • Numerous Squid Package fixes
  • PPTP Server includes WINS server settings correctly now
  • General OpenVPN stability improvements
  • “Nervecenter” theme added as default
  • Status -> DHCP leases now 1500% faster
  • Captive portal now allows traffic to port 8000 and 8001 behind the scenes
  • Multiple miscellaneous pf rule fixes to prevent broken rulesets
  • DNS server with active failover will show up when 1.2 releases (Screen shot of test >here<.)
  • dnsmasq updated to 2.36
  • olsrd updated to 0.4.10
  • Alias line item descriptions backported from -HEAD
  • Enhanced cron handling backported from -HEAD
  • dhclient changes backported from FreeBSD 7
  • miniupnpd updated
  • Speed NAT apply page up 100%
  • PPPoE auto disconnect (for our German users)
  • Soekris/WRAP error light usage now when a problem or alert occurs
  • TCPDump interface
  • VLAN assign interface improvements
  • SLBD/load balancing ping times increased to a timeout of 2 seconds
  • Package infrastructure to safely sync package data between CARP nodes added
  • Miscellaneous DHCP Server OPT interface fixes
  • 1:1 NAT outgoing FTP fixes
  • OpenVPN stability fixes
  • Traffic shaper wizard now displays errors correctly
  • BandwidthD package added
  • Pinger framework improved
  • Dynamic filter log viewer added
  • IPSec filtering is now possible. You need to create rules before traffic will pass!!
  • Individual kill state feature back ported from HEAD on Diagnostics, Show States screen
  • Fix for DHCP Load balancing edge case where monitor IP’s would be mapped through the wrong gateway.
  • Option added to turn off TX and RX hardware checksums. We are finding more and more hardware that this feature just simply doesn’t work very well.
  • OpenVPN PPPoE fixes
  • Reload VLAN interfaces correctly after adding a new one
  • Multiple client OpenVPN fixes
  • PHP upgraded to 4.4.6
  • Synchronized captive portal with m0n0wall
  • CARP IP addresses can be used on IPSec VPN connections and multi-WAN IPSec now works correctly
  • config.xml stability improvements to drastically reduce chances of corruption
  • Packages auto-fix themselves if a problem arises in the installation
  • Lighttpd upgraded to 1.4.15
  • PPPoE server subnet fixes
  • OpenVPN outgoing bandwidth limits added
  • Firewall schedules feature added
  • Server load balancing pool page added
  • Multi-WAN NAT configuration now correct in non-Advanced Outbound NAT mode
  • Load balancing ping now uses fping

1.2-RC2 will appear at a mirror near you very soon. Please let us know what you think on the forum or mailing list.

3 Responses to “1.2 Release Candidate 2 released!”

  1. Jonathan Says:

    I don’t see any of these releases listed on the pfsense news page.

  2. Chris Buechler Says:

    Yeah our current website is a nightmare to edit so it doesn’t get nearly the attention it should. For the time being, watch here for updates, a new site is in the works though.

  3. Jonathan Puddle Says:

    Good work guys. What’s the plan now? RC3? Final release?

Please don’t post technical questions or off-topic comments. It is far more likely that your questions and concerns will be addressed effectively through one of our support channels.

Leave a Reply