{"id":15947,"date":"2018-11-30T08:51:49","date_gmt":"2018-11-30T08:51:49","guid":{"rendered":"https:\/\/www.firewallhardware.it\/pfsense-2-4-note-di-rilascio\/"},"modified":"2019-11-11T10:59:00","modified_gmt":"2019-11-11T10:59:00","slug":"pfsense-2-4-release-notes","status":"publish","type":"page","link":"https:\/\/blog.miniserver.it\/en\/pfsense-2-4-release-notes\/","title":{"rendered":"pfSense\u00ae 2.4 release notes"},"content":{"rendered":"<p>[vc_row full_width=&#8221;stretch_row&#8221; css=&#8221;.vc_custom_1522327087646{margin-top: 60px !important;}&#8221;][vc_column width=&#8221;2\/3&#8243; css=&#8221;.vc_custom_1522327136322{margin-bottom: 30px !important;}&#8221;]<\/p>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 30px;\">pfSense\u00ae 2.4 release notes<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<img decoding=\"async\" class=\"alignleft size-full wp-image-12914\" src=\"https:\/\/blog.miniserver.it\/wp-content\/uploads\/firewallhardware-pfSense-sistema-operativo.png\" alt=\"pfSense\" width=\"311\" height=\"90\" srcset=\"https:\/\/blog.miniserver.it\/wp-content\/uploads\/firewallhardware-pfSense-sistema-operativo-300x87.png 300w, https:\/\/blog.miniserver.it\/wp-content\/uploads\/firewallhardware-pfSense-sistema-operativo.png 311w\" sizes=\"(max-width: 311px) 100vw, 311px\" \/><strong>pfSense\u00ae<\/strong> is a free distribution based on <strong>FreeBSD open-source<\/strong>, customized to be a <strong>firewall<\/strong> and <strong>router<\/strong>. Besides being a powerful <strong>firewall<\/strong> and <strong>router<\/strong> platform, it includes a long list of packages that allow you to easily expand the functionality without compromising system security.<\/p>\n<p><strong>pfSense\u00ae<\/strong> is a thoroughly tested project which now has more than 1,000,000 (end of first quarter 2011) downloads and <strong>countless installations<\/strong> around the world ranging from domestic up to <strong>large companies<\/strong>, <strong>public organizations<\/strong>, <strong>ministries<\/strong> and <strong>universities<\/strong>.JTVCYWRyb3RhdGUlMjBiYW5uZXIlM0QlMjIzJTIyJTVE<\/p>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Operating System \/ Architecture changes<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul class=\"simple\">\n<li>Upgrade of base OS to FreeBSD <strong>11.1-RELEASE-p1<\/strong><\/li>\n<li>Added support for Netgate ARM-based systems such as the SG-1000<\/li>\n<li><strong>32-bit support has been deprecated and removed<\/strong> \u2013 There are no images available for 32-bit (x86\/i386) Intel architecture systems<\/li>\n<li><strong>NanoBSD has been deprecated and removed<\/strong> \u2013 There are no images available for NanoBSD, use a full install instead\n<ul>\n<li>For 64-bit systems running NanoBSD, see <a class=\"reference internal\" href=\"https:\/\/www.netgate.com\/pricing-pfsense-plus\" target=\"_blank\" rel=\"noopener noreferrer\"><span class=\"doc\">Upgrading 64-bit NanoBSD 2.3 to 2.4<\/span><\/a> for information on how to upgrade in-place from NanoBSD to a full installation<\/li>\n<\/ul>\n<\/li>\n<li>Started using the FreeBSD installer instead of the old style installer (installation procedures have all changed)\n<ul>\n<li>The installer now supports UEFI <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/4044\" target=\"_blank\" rel=\"noopener noreferrer\">#4044<\/a><\/li>\n<li>If the new installer image will not boot on a specific piece of hardware, see <a class=\"reference internal\" href=\"https:\/\/docs.netgate.com\/pfsense\/en\/latest\/hardware\/tune.html\" target=\"_blank\" rel=\"noopener noreferrer\"><span class=\"doc\">Troubleshooting Boot Issues<\/span><\/a><\/li>\n<li>The installer now supports ZFS<\/li>\n<li>Added support to the new installer to copy an existing config.xml off an MS DOS formatted USB drive (formerly known as \u201cPFI\u201d) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7689\" target=\"_blank\" rel=\"noopener noreferrer\">#7689<\/a><\/li>\n<li>Added support to the new installer to optionally recover config.xml off an existing installation drive (works with UFS and ZFS) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7708\" target=\"_blank\" rel=\"noopener noreferrer\">#7708<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Fixed issues with major version base upgrades via pkg<\/li>\n<li>Changed cryptodev to load as a kernel module <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/5976\" target=\"_blank\" rel=\"noopener noreferrer\">#5976<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Security \/ Errata<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Converted various parts of the GUI to use POST instead of GET when performing actions that change the firewall state (e.g. delete or enable\/disable an item) to avoid potential issues with cross-site request forgery and unintentional repeating of actions <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/4083\" target=\"_blank\" rel=\"noopener noreferrer\">#4083<\/a><\/li>\n<li>FreeBSD 11.1 includes MAP_GUARD protection to protect against attacks such as Stack Clash<\/li>\n<li><a class=\"reference external\" href=\"https:\/\/www.pfsense.org\/security\/advisories\/pfSense-SA-17_07.packages.asc\" target=\"_blank\" rel=\"noopener noreferrer\">pfSense-SA-17_07.packages<\/a><\/li>\n<li>A number of base system packages have been updated to address security issues, including <a class=\"reference external\" href=\"https:\/\/www.netgate.com\/blog\/no-plan-survives-contact-with-the-internet\" target=\"_blank\" rel=\"noopener noreferrer\">dnsmasq, perl<\/a>, cURL, and others.<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Firmware Branch Behavior \/ Upgrading From Snapshots<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>To control how a firewall obtains updates, visit <strong>System &gt; Update<\/strong>, <strong>Update Settings<\/strong> tab:<\/li>\n<li>For users currently running 2.3.x-RELEASE:\n<ul>\n<li><em>Stable<\/em>, which is the default behavior, will upgrade the firewall to 2.4-RELEASE when it is complete, but will not upgrade to 2.4-RC<\/li>\n<li><em>Development Snapshots<\/em> will upgrade the firewall to 2.3.5 development snapshots<\/li>\n<li><em>Next major version<\/em> will upgrade the firewall to 2.4-RC<\/li>\n<\/ul>\n<\/li>\n<li>For users tracking pfSense 2.4 snapshots:\n<ul>\n<li><em>Stable<\/em>, which is the default behavior, will upgrade the firewall to 2.4-RC and eventually 2.4-RELEASE<\/li>\n<li><em>Development Snapshots<\/em> will cause the firewall to continue tracking snapshots, bypassing 2.4-RELEASE and continuing on to 2.4.1 development images<\/li>\n<\/ul>\n<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Known Issues<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Some systems may not be able to boot 2.4 installation images, for example, due to UEFI compatibility changes. These are primarily BIOS issues and not issues with the installer images. Upgrading from 2.3.x should still work on affected hardware.<\/li>\n<li>Users with ESXi or VMware Workstation may experience a <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7925\" target=\"_blank\" rel=\"noopener noreferrer\">boot-time crash during hardware detection<\/a>, due to <a class=\"reference external\" href=\"https:\/\/bugs.freebsd.org\/bugzilla\/show_bug.cgi?id=217282\" target=\"_blank\" rel=\"noopener noreferrer\">a race condition in the FreeBSD VT console code<\/a>. This crash is infrequent and does not affect most users or most boot attempts, but since it is a race condition it can manifest randomly. To avoid the crash, configure the VM to use the <strong>syscons<\/strong> console rather than <strong>vt<\/strong> by editing <strong>\/boot\/loader.conf.local<\/strong> and adding this line:<strong>kern.vty=sc<\/strong><br \/>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Cleanup<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Misc code cleanup, removal of patches that were no longer necessary or were inefficient<\/li>\n<li>Replaced multiple local copies of PHP PEAR libraries with updated copies using their official sources <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/3734\" target=\"_blank\" rel=\"noopener\">#3734<\/a>\n<ul>\n<li>Notably, local static copies were replaced by their FreeBSD ports counterparts: pear, pear-XML_RPC2, pear-Net_IPv6, pear-Crypt_CHAP, pear-Mail, pear-Net_Growl<\/li>\n<li>Code that relied on the old files was updated to use the current or replaced versions<\/li>\n<\/ul>\n<\/li>\n<li>Removed all references to GLXSB (it was 32-bit only) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6755\" target=\"_blank\" rel=\"noopener\">#6755<\/a><\/li>\n<li>Removed all code in the builder and pfSense for handling the NanoBSD platform<\/li>\n<li>Removed all calls to conf_mount_rw \/ conf_mount_ro, since they were only required for NanoBSD<\/li>\n<li>Improved help text in various parts of the GUI<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Wireless<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul class=\"simple\">\n<li>FreeBSD 11 contains an updated 802.11 stack with <a class=\"reference external\" href=\"https:\/\/svnweb.freebsd.org\/base?view=revision&amp;revision=287197\" target=\"_blank\" rel=\"noopener noreferrer\">numerous improvements<\/a><\/li>\n<li>Wireless interfaces <strong>must<\/strong> be created on the <strong>Wireless<\/strong> tab under <strong>Interfaces &gt; Assignments<\/strong> before they can be assigned! <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6770\" target=\"_blank\" rel=\"noopener noreferrer\">#6770<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Firewall \/ Rules \/ NAT \/ Aliases<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul class=\"simple\">\n<li>Fixed issues with synproxy rules on a WAN\/LAN style bridge <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6769\" target=\"_blank\" rel=\"noopener noreferrer\">#6769<\/a><\/li>\n<li>Fixed issues with limiters on rules that utilize NAT <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/4326\" target=\"_blank\" rel=\"noopener noreferrer\">#4326<\/a><\/li>\n<li>Fixed issues with limiters used in conjunction with a transparent proxy or other local redirect rule <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7050\" target=\"_blank\" rel=\"noopener noreferrer\">#7050<\/a><\/li>\n<li>Fixed expansion of \u201cOther\u201d type VIP subnet entries in NAT destination drop-down selections <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6094\" target=\"_blank\" rel=\"noopener noreferrer\">#6094<\/a><\/li>\n<li>Fixed NAT rules so that when a port forward is disabled, its associated firewall rule is also disabled <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6472\" target=\"_blank\" rel=\"noopener noreferrer\">#6472<\/a><\/li>\n<li>Fixed handling of \u201cURL Table (IPs)\u201d and \u201cURL (IPs)\u201d when the file is hosted a server using HTTPS with a self-signed certificate <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/4766\" target=\"_blank\" rel=\"noopener noreferrer\">#4766<\/a><\/li>\n<li>Show firewall rule descriptions in a column when viewing the log on new installs, upgrades retain their existing setting <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7323\" target=\"_blank\" rel=\"noopener noreferrer\">#7323<\/a><\/li>\n<li>Fixed firewall states showing a negative value for total bytes processed <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7075\" target=\"_blank\" rel=\"noopener noreferrer\">#7075<\/a><\/li>\n<li>Fixed handling of Port Forwards so they do not make up new destination information when a configured against a DHCP interface that does not currently have an address<\/li>\n<li>Fixed VLAN Priority pf syntax <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7744\" target=\"_blank\" rel=\"noopener noreferrer\">#7744<\/a><\/li>\n<li>Fixed a problem where pf scrub did not properly re-fragment unusual but valid IPv6 fragments, resulting in overlapping fragments <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7485\" target=\"_blank\" rel=\"noopener noreferrer\">#7485<\/a><\/li>\n<li>Fixed confirmation prompt handling when deleting a firewall state from diag_dump_states.php <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7827\" target=\"_blank\" rel=\"noopener noreferrer\">#7827<\/a><\/li>\n<li>Changed display of 1:1 NAT rules to match other firewall pages <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7728\" target=\"_blank\" rel=\"noopener noreferrer\">#7728<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Traffic Shaping<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Added extra warnings to traffic shaping pages when the firewall has no interfaces capable of using ALTQ shaping <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7032\" target=\"_blank\" rel=\"noopener noreferrer\">#7032<\/a><\/li>\n<li>Fixed handling removal of shaping rules when deleting an interface <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7231\" target=\"_blank\" rel=\"noopener noreferrer\">#7231<\/a><\/li>\n<li>Added upgrade code to work around broken shaper rules from older wizard code <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7434\" target=\"_blank\" rel=\"noopener noreferrer\">#7434<\/a><\/li>\n<li>Fixed the Traffic Shaper so it shows interface names for disabled interfaces, rather than an \u2018empty\u2019 placeholder.<\/li>\n<li>Fixed handling of the priority field for different ALTQ shaper types<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">OpenVPN<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Upgraded OpenVPN to 2.4.x. <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7054\" target=\"_blank\" rel=\"noopener noreferrer\">#7054<\/a>\n<ul>\n<li>This is a significant upgrade which includes support for a wide variety of new features, including AEAD ciphers such as AES-GCM.<\/li>\n<li>AES-GCM can be accelerated by AES-NI, and is supported in SSL\/TLS modes (not shared key) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7068\" target=\"_blank\" rel=\"noopener noreferrer\">#7068<\/a><\/li>\n<li>Added support for TLS Encryption as an optional TLS Key usage type. This encrypts the control channel, providing privacy and protocol obfuscation <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7071\" target=\"_blank\" rel=\"noopener noreferrer\">#7071<\/a><\/li>\n<li>Added ECDH options to OpenVPN server and client options (\u201cECDH Only\u201d choice for DH, ECDH Curve selection) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7063\" target=\"_blank\" rel=\"noopener noreferrer\">#7063<\/a><\/li>\n<li>Restructured the compression options to include LZ4 support and the new \u201ccompress\u201d directive which replaces \u201ccomp-lzo\u201d which has been deprecated. The old options remain for now, but are labeled \u201cLegacy\u201d <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7064\" target=\"_blank\" rel=\"noopener noreferrer\">#7064<\/a><\/li>\n<li>Changed protocol selection for OpenVPN clients and servers because OpenVPN 2.4 treats \u201cudp\u201d and \u201ctcp\u201d as dual stack now <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7062\" target=\"_blank\" rel=\"noopener noreferrer\">#7062<\/a>\n<ul>\n<li>Added \u201cmultihome\u201d option in relevant protocol cases so OpenVPN will reply back using the address used to receive a packet <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7062\" target=\"_blank\" rel=\"noopener noreferrer\">#7062<\/a><\/li>\n<\/ul>\n<\/li>\n<li>Changed the DNS Server fields in the OpenVPN server options so they can define either IPv4 or IPv6 DNS servers to push to clients <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7061\" target=\"_blank\" rel=\"noopener noreferrer\">#7061<\/a><\/li>\n<li>Added IPv6 support to status_openvpn.php and the OpenVPN widget <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/2766\" target=\"_blank\" rel=\"noopener noreferrer\">#2766<\/a><\/li>\n<li>Removed uses of the deprecated \u201ctun-ipv6\u201d OpenVPN directive, OpenVPN now always assumes IPv6 is enabled <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7054\" target=\"_blank\" rel=\"noopener noreferrer\">#7054<\/a><\/li>\n<li>Replaced uses of the deprecated \u201cclient-cert-not-required\u201d directive with its functional replacement \u201cverify-client-cert none\u201d <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7073\" target=\"_blank\" rel=\"noopener noreferrer\">#7073<\/a><\/li>\n<li>Added support for Negotiable Crypto Parameters (NCP) to control automatic cipher selection between clients and servers <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7072\" target=\"_blank\" rel=\"noopener noreferrer\">#7072<\/a><\/li>\n<li>NOTE: OpenVPN 2.4 handles CRL verification differently than previous versions, passing through validation to the library rather than handling it internally. This can cause some certificates to fail validation that may have passed previously. In particular, if a certificate is removed from a CRL, it may still fail validation until all copies of the CRL have been rewritten.<\/li>\n<\/ul>\n<\/li>\n<li>Improved the help text on OpenVPN Client-Specific Overrides <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7053\" target=\"_blank\" rel=\"noopener noreferrer\">#7053<\/a><\/li>\n<li>Fixed issues with OpenVPN clients on dynamic or tunneled IPv6 interfaces (e.g. GIF) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6663\" target=\"_blank\" rel=\"noopener noreferrer\">#6663<\/a><\/li>\n<li>Added locking to prevent issues with OpenVPN instance startup <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6132\" target=\"_blank\" rel=\"noopener noreferrer\">#6132<\/a><\/li>\n<li>Check OpenVPN server\/client option visibility changes per mode <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7331\" target=\"_blank\" rel=\"noopener noreferrer\">#7331<\/a> <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7451\" target=\"_blank\" rel=\"noopener noreferrer\">#7451<\/a><\/li>\n<li>Added an OpenVPN GUI option for \u201cfast-io\u201d to clients and servers <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7507\" target=\"_blank\" rel=\"noopener noreferrer\">#7507<\/a><\/li>\n<li>Added an OpenVPN GUI Option for \u201csndbuf\u201d and \u201crcvbuf\u201d, using the same value for both <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7507\" target=\"_blank\" rel=\"noopener noreferrer\">#7507<\/a><\/li>\n<li>Removed references to the defunct OpenVPN client manager port <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7568\" target=\"_blank\" rel=\"noopener noreferrer\">#7568<\/a><\/li>\n<li>Removed references to unused \u201cAddress Pool\u201d setting in OpenVPN <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7567\" target=\"_blank\" rel=\"noopener noreferrer\">#7567<\/a><\/li>\n<li>Fixed OpenVPN server port validation to disallow \u201c0\u201d, while still allowing it for a client port, which is the same meaning as blank\/empty <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7565\" target=\"_blank\" rel=\"noopener noreferrer\">#7565<\/a><\/li>\n<li>Fixed OpenVPN help text for route_no_exec <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7575\" target=\"_blank\" rel=\"noopener noreferrer\">#7575<\/a><\/li>\n<li>Fixed description of the address assignment behavior for Tunnel Network fields in OpenVPN clients and servers <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7573\" target=\"_blank\" rel=\"noopener noreferrer\">#7573<\/a><\/li>\n<li>Remove the GUI option for \u201cresolv-retry infinite\u201d from OpenVPN, it is always enabled <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7572\" target=\"_blank\" rel=\"noopener noreferrer\">#7572<\/a><\/li>\n<li>Fixed the OpenVPN wizard so it better handles a user choosing a different type of authentication server than a previous run of the wizard <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7569\" target=\"_blank\" rel=\"noopener noreferrer\">#7569<\/a><\/li>\n<li>Fixed OpenVPN Auth Digest Algorithm selection so it does not use duplicate\/alias names in the list, and added upgrade code to fix existing entries on upgrade so they use the actual digest name and not an alias <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7685\" target=\"_blank\" rel=\"noopener noreferrer\">#7685<\/a><\/li>\n<li>Fixed show\/hide behavior of fields on vpn_openvpn_client.php in chrome <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7451\" target=\"_blank\" rel=\"noopener noreferrer\">#7451<\/a><\/li>\n<li>Changed OpenVPN wizard certificate input validation and encoding so it matches the standards of the current certificate manager <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7854\" target=\"_blank\" rel=\"noopener noreferrer\">#7854<\/a><\/li>\n<li>Fixed the OpenVPN wizard so it creates an OpenVPN server instance using current proper defaults <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7864\" target=\"_blank\" rel=\"noopener noreferrer\">#7864<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">IPsec<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Upgraded strongSwan to version 5.6.0<\/li>\n<li>Changed the default strongSwan logging levels such that IKE SA, IKE Child SA, and Configuration Backend all default to \u201cDiag\u201d <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7007\" target=\"_blank\" rel=\"noopener noreferrer\">#7007<\/a><\/li>\n<li>Added an option to set the Rekey Margin for IPsec tunnels in the Phase 1 settings<\/li>\n<li>Added RADIUS accounting support for mobile IPsec when accounting is enabled on the Authentication Server entry<\/li>\n<li>Added checks to prevent simultaneous\/repeated calling of vpn_ipsec_configure() by \/etc\/rc.newipsecdns<\/li>\n<li>Added DH Groups 22, 23, 24 to IPsec Phase 2 selection for compatibility, but they should not normally be used for security reasons <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6967\" target=\"_blank\" rel=\"noopener noreferrer\">#6967<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Certificate Management<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Added a check to ensure that the public key of the Certificate matches its private key when importing Certificate Authority and Certificate entries to prevent mismatching keys from being imported <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6953\" target=\"_blank\" rel=\"noopener noreferrer\">#6953<\/a><\/li>\n<li>Fixed error handling when creating a Certificate from the User Management section, failed actions will no longer fail silently <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6953\" target=\"_blank\" rel=\"noopener noreferrer\">#6953<\/a><\/li>\n<li>Fixed handling of Certificates generated from an imported CA when no starting serial number was set <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6952\" target=\"_blank\" rel=\"noopener noreferrer\">#6952<\/a><\/li>\n<li>Fixed handling of Certificate Authority deletion so that it does not remove associated certificates <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6947\" target=\"_blank\" rel=\"noopener noreferrer\">#6947<\/a><\/li>\n<li>Added \u201cin-use\u201d testing for Certificate Authority entries and disabled the delete action for CAs which are actively in use <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6947\" target=\"_blank\" rel=\"noopener noreferrer\">#6947<\/a><\/li>\n<li>Fixed choosing an existing user certificate when adding a certificate to an existing user <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7297\" target=\"_blank\" rel=\"noopener noreferrer\">#7297<\/a><\/li>\n<li>Added the ability for the certificate manager to sign a CSR using an internal CA <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7383\" target=\"_blank\" rel=\"noopener noreferrer\">#7383<\/a><\/li>\n<li>Added the ability to set the certificate type and SAN attributes in a Certificate Signing Request <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7527\" target=\"_blank\" rel=\"noopener noreferrer\">#7527<\/a><\/li>\n<li>Restructured how certificate types and SANs are handled in the cert manager when making a Cert\/CSR\/Signing, so each section can properly use the controls <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7527\" target=\"_blank\" rel=\"noopener noreferrer\">#7527<\/a> <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7677\" target=\"_blank\" rel=\"noopener noreferrer\">#7677<\/a>\n<ul>\n<li>It is now possible to add SANs and EKUs to certificates when signing using the certificate manager<\/li>\n<li>NOTE: Attributes such as SANs and KU\/EKU cannot be copied from a CSR when signing due to a deficiency in OpenSSL\u2019s x509 functions (they do not support \u201ccopy_extensions\u201d at this time); These attributes must be specified manually when signing<\/li>\n<\/ul>\n<\/li>\n<li>Fixed \u201cserver\u201d certificate detection to key off of the EKU For \u201cTLS Web Server Authentication\u201d since nsCertType has been deprecated<\/li>\n<li>Added SAN, KU, and EKU information in an info block for each entry in the the certificate list <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7505\" target=\"_blank\" rel=\"noopener noreferrer\">#7505<\/a><\/li>\n<li>Added the ability to use a wider range of characters in certificate fields as laid out by RFC 4514 <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7540\" target=\"_blank\" rel=\"noopener noreferrer\">#7540<\/a><\/li>\n<li>Added a useful error message when there is no private CA with which to create a new user certificate from within the user manager <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7585\" target=\"_blank\" rel=\"noopener noreferrer\">#7585<\/a><\/li>\n<li>Fixed the User Manager so it adds the username as the first SAN when making a user certificate at the same time a user is created <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7666\" target=\"_blank\" rel=\"noopener noreferrer\">#7666<\/a><\/li>\n<li>Added another possible Certificate Signing Request Armor string when validating on import <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7383\" target=\"_blank\" rel=\"noopener noreferrer\">#7383<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Dynamic DNS<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Fixed response parsing for DNSimple Dynamic DNS <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6874\" target=\"_blank\" rel=\"noopener noreferrer\">#6874<\/a><\/li>\n<li>Fixed handling of password in Dynamic DNS entries to allow special characters <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6688\" target=\"_blank\" rel=\"noopener noreferrer\">#6688<\/a><\/li>\n<li>Changed CloudFlare and GratisDNS to use separate hostname and domain entry to handle TLDs with multiple components <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6778\" target=\"_blank\" rel=\"noopener noreferrer\">#6778<\/a><\/li>\n<li>Fixed the Save and Force Update button for RFC2136 Dynamic DNS <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7291\" target=\"_blank\" rel=\"noopener noreferrer\">#7291<\/a><\/li>\n<li>Fixed RFC2136 Dynamnic DNS updates at boot time <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7295\" target=\"_blank\" rel=\"noopener noreferrer\">#7295<\/a><\/li>\n<li>Added the \u2018local\u2019 directive to RFC2136 Dynamic DNS so updates are sourced correctly <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7446\" target=\"_blank\" rel=\"noopener noreferrer\">#7446<\/a><\/li>\n<li>Fixed options text and display for IPv4 DNS and Verify SSL on Dynamic DNS clients <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7588\" target=\"_blank\" rel=\"noopener noreferrer\">#7588<\/a><\/li>\n<li>Fixed issues with Dynamic DNS entries utilizing gateway groups for their interface <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7719\" target=\"_blank\" rel=\"noopener noreferrer\">#7719<\/a><\/li>\n<li>Added DreamHost Dynamic DNS support <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7321\" target=\"_blank\" rel=\"noopener noreferrer\">#7321<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">DHCP Server \/ Relay<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Fixed handling of DHCPv6 lease status when there are no leases <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6717\" target=\"_blank\" rel=\"noopener noreferrer\">#6717<\/a><\/li>\n<li>Fixed issues with DHCP Relay not working <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6658\" target=\"_blank\" rel=\"noopener noreferrer\">#6658<\/a><\/li>\n<li>Added input validation to prevent the DHCP server from being configured on interfaces that do not have enough addresses for clients (\/31, \/32) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6930\" target=\"_blank\" rel=\"noopener noreferrer\">#6930<\/a><\/li>\n<li>Fixed issues with the DHCP Relay options display getting out of sync with checkbox settings <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7155\" target=\"_blank\" rel=\"noopener noreferrer\">#7155<\/a><\/li>\n<li>Fixed static DHCP lease edits updating BIND zones <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/3710\" target=\"_blank\" rel=\"noopener noreferrer\">#3710<\/a><\/li>\n<li>Fixed checks for DHCP Relay when editing additional DHCP pools<\/li>\n<li>Fixed handling of forced Dynamic DNS hostnames for DHCPv6 static mappings <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7324\" target=\"_blank\" rel=\"noopener noreferrer\">#7324<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">ARP \/ NDP<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Fixed static ARP handling when creating or editing DHCP static mappings <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6821\" target=\"_blank\" rel=\"noopener noreferrer\">#6821<\/a><\/li>\n<li>Added error checking for static ARP entries to ensure both an IP address and MAC address are entered, and to ensure that both exist before an entry is applied <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6969\" target=\"_blank\" rel=\"noopener noreferrer\">#6969<\/a><\/li>\n<li>Improved the detail displayed on the ARP table view <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6822\" target=\"_blank\" rel=\"noopener noreferrer\">#6822<\/a><\/li>\n<li>Added an expiration field to the NDP list<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Captive Portal<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Adapted Captive Portal to work without multi-instance ipfw patches <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6606\" target=\"_blank\" rel=\"noopener noreferrer\">#6606<\/a><\/li>\n<li>Fixed Captive Portal instances to select \u201cNo Authentication\u201d for a zone by default, since it is the default behavior <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7591\" target=\"_blank\" rel=\"noopener noreferrer\">#7591<\/a><\/li>\n<li>Fixed links to the Captive Portal MAC management page so they include the zone name <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7591\" target=\"_blank\" rel=\"noopener noreferrer\">#7591<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">XMLRPC<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Switched to pear-XML_RPC2 and removed the outdated static client files<\/li>\n<li>Fixed handling of XMLRPC sync using a username other than \u201cadmin\u201d <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/809\" target=\"_blank\" rel=\"noopener noreferrer\">#809<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Routing\/Gateways<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Removed \u201croute change\u201d patches and updated code that relied on the deprecated behavior <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6828\" target=\"_blank\" rel=\"noopener noreferrer\">#6828<\/a><\/li>\n<li>Fixed handling of default routes when a default gateway is removed or disabled <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6659\" target=\"_blank\" rel=\"noopener noreferrer\">#6659<\/a><\/li>\n<li>Fixed discovery of IPv6 gateway for assigned OpenVPN interfaces <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6016\" target=\"_blank\" rel=\"noopener noreferrer\">#6016<\/a><\/li>\n<li>Fixed issues with a missing default gateway\/route on certain PPPoE links after reconnect or IP address change <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6495\" target=\"_blank\" rel=\"noopener noreferrer\">#6495<\/a><\/li>\n<li>Fixed some \u2018route: writing to routing socket: Invalid argument\u2019 warnings during boot time<\/li>\n<li>Added a log message for gateway events that shows that an alarm was raised\/cleared<\/li>\n<li>Added a check to not run dpinger when an IPv6 address has the tentative flag even after the timeout<\/li>\n<li>Added a delay to allow dpinger time to properly initialize before using results<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Interfaces \/ Virtual IP Addresses<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Removed Device Polling as it was no longer useful <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7021\" target=\"_blank\" rel=\"noopener noreferrer\">#7021<\/a><\/li>\n<li>Improved stability of the igb(4) driver <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7149\" target=\"_blank\" rel=\"noopener noreferrer\">#7149<\/a> <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7166\" target=\"_blank\" rel=\"noopener noreferrer\">#7166<\/a><\/li>\n<li>Fixed handling of rc.newwanipv6 when run from dhcp6c so it only runs when required and not for any change <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7145\" target=\"_blank\" rel=\"noopener noreferrer\">#7145<\/a><\/li>\n<li>Fixed handling of SIGTERM and SIGKILL in dhcp6c <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7185\" target=\"_blank\" rel=\"noopener noreferrer\">#7185<\/a><\/li>\n<li>Fixed dhcp6c not starting until an RA is received <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/5993\" target=\"_blank\" rel=\"noopener noreferrer\">#5993<\/a><\/li>\n<li>Fixed a PPP service name error with certain providers, such as T-Mobile <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6890\" target=\"_blank\" rel=\"noopener noreferrer\">#6890<\/a><\/li>\n<li>Fixed 3G service status so it does not report misleading information <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/4287\" target=\"_blank\" rel=\"noopener noreferrer\">#4287<\/a><\/li>\n<li>Added support for the IPv6 AUTO_LINKLOCAL flag on bridge interfaces<\/li>\n<li>Disabled DAD on stf interfaces to fix problems with dpinger<\/li>\n<li>Added an option to use static IPv6 over an IPv4 PPP parent (e.g. PPPoE) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7598\" target=\"_blank\" rel=\"noopener noreferrer\">#7598<\/a><\/li>\n<li>Removed unused WINS code for L2TP <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7559\" target=\"_blank\" rel=\"noopener noreferrer\">#7559<\/a><\/li>\n<li>Improved L2TP Server DNS input validation <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7560\" target=\"_blank\" rel=\"noopener noreferrer\">#7560<\/a><\/li>\n<li>Added a test to disable internal L2TP users when activating RADIUS, to follow the behavior stated in the GUI <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7561\" target=\"_blank\" rel=\"noopener noreferrer\">#7561<\/a><\/li>\n<li>Fixed L2TP section log shortcut <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7564\" target=\"_blank\" rel=\"noopener noreferrer\">#7564<\/a><\/li>\n<li>Fixed upgrade handling of wireless interfaces <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7809\" target=\"_blank\" rel=\"noopener noreferrer\">#7809<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">NTP<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Added support for the ntpd \u201cpool\u201d directive to make better use of servers in NTP pools <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/5985\" target=\"_blank\" rel=\"noopener noreferrer\">#5985<\/a><\/li>\n<li>Fixed time display on the NTP widget to show server time <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7245\" target=\"_blank\" rel=\"noopener noreferrer\">#7245<\/a><\/li>\n<li>Added support for NTP to process PGRMF NMEA sentences (Garmin-specific) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7193\" target=\"_blank\" rel=\"noopener noreferrer\">#7193<\/a><\/li>\n<li>Added an absolute offset statistic to NTP monitoring graph display <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7548\" target=\"_blank\" rel=\"noopener noreferrer\">#7548<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">User Management \/ Authentication<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Fixed delays during bootup when LDAP is enabled for user authentication <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6367\" target=\"_blank\" rel=\"noopener noreferrer\">#6367<\/a><\/li>\n<li>Added privileges to control which users can view and\/or clear notices <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7051\" target=\"_blank\" rel=\"noopener noreferrer\">#7051<\/a><\/li>\n<li>Added an authentication cache mechanism for GUI authentication from a remote server (e.g. LDAP, RADIUS) so the authentication is checked periodically (default: 30s) instead of on each page load <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7097\" target=\"_blank\" rel=\"noopener noreferrer\">#7097<\/a><\/li>\n<li>Added protocol selection (PAP, MD5-CHAP, MS-CHAPv1 and MS-CHAPv2) to RADIUS authentication server options <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7111\" target=\"_blank\" rel=\"noopener noreferrer\">#7111<\/a><\/li>\n<li>Added the username to the page to display when adding user privileges <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7586\" target=\"_blank\" rel=\"noopener noreferrer\">#7586<\/a><\/li>\n<li>Standardized privilege page and sorting between users and groups <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7587\" target=\"_blank\" rel=\"noopener noreferrer\">#7587<\/a><\/li>\n<li>Added a log message if a user tries to save the configuration but has the \u2018deny config write\u2019 permission<\/li>\n<li>Added \u201cauth_check\u201d type of simple test that a page can use to verify a user is logged in and has access, using less cpu, which is better for AJAX data polling<\/li>\n<li>Fixed certificate chain verification issues with LDAP authentication using intermediate CAs <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7830\" target=\"_blank\" rel=\"noopener noreferrer\">#7830<\/a><\/li>\n<li>Fixed PHP errors when STARTTLS fails for LDAP authentication<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Packages<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul class=\"simple\">\n<li>Fixed issues with snort, squid\/clamav, and squidGuard when \/var is in a RAM disk <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6878\" target=\"_blank\" rel=\"noopener noreferrer\">#6878<\/a><\/li>\n<li>Fixed handling of custom_php_deinstall_command during post-deinstall of a package <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7401\" target=\"_blank\" rel=\"noopener noreferrer\">#7401<\/a><\/li>\n<li>Changed package related calls to get_pkg_info() to use the new pkg metadata mechanism<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Console \/ Menu<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Added options to the console reboot menu selection to reboot into single user mode or run filesystem checks <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6639\" target=\"_blank\" rel=\"noopener noreferrer\">#6639<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">OS Upgrade<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul class=\"simple\">\n<li>Fixed issues when upgrading to 2.4 with a stale package .inc that caused a PHP error <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6920\" target=\"_blank\" rel=\"noopener noreferrer\">#6920<\/a><\/li>\n<li>Changed the upgrade script to use reroot instead of reboot for updates that do not include a new Kernel <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6045\" target=\"_blank\" rel=\"noopener noreferrer\">#6045<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">SNMP<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Added a workaround to prevent the hostres module from being used with bsnmpd on VMware Virtual Machines that have a cd0 device, which caused 100% CPU usage <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6882\" target=\"_blank\" rel=\"noopener noreferrer\">#6882<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Services<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Converted all mpd-based features (e.g. PPPoE and L2TP server) to MPD5 if they used an older version <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/4706\" target=\"_blank\" rel=\"noopener noreferrer\">#4706<\/a><\/li>\n<li>Removed unused and non-functional SMART service handling and e-mail configuration <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6393\" target=\"_blank\" rel=\"noopener noreferrer\">#6393<\/a><\/li>\n<li>Fixed IGMP Proxy failing to recognize an upstream interface <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6099\" target=\"_blank\" rel=\"noopener noreferrer\">#6099<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">WebGUI<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Added support for multiple languages, currently that list includes:\n<ul>\n<li>US English (Default), Bosnian, Chinese (Simplified, China), Chinese (Taiwan), Dutch, German, Norwegian Bokmal, Polish, Portuguese (Brazil), Russian, Spanish, Spanish (Argentina)<\/li>\n<\/ul>\n<\/li>\n<li>Changed the design of the login page for the WebGUI to a more modern style, with several color choices available<\/li>\n<li>Added URL fingerprinting to JavaScript and CSS file references to improve client-side behavior when files change between versions <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7251\" target=\"_blank\" rel=\"noopener\">#7251<\/a><\/li>\n<li>Updated Logo to the new logo and made it a vectorized SVG image for better scaling<\/li>\n<li>Updated favicon to the new logo and added multiple sizes for different platforms<\/li>\n<li>Completed work to mark required fields on GUI pages <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7160\" target=\"_blank\" rel=\"noopener noreferrer\">#7160<\/a><\/li>\n<li>Fixed long hostnames overlapping the \u201ctime\u201d title in the monitoring graphs <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6138\" target=\"_blank\" rel=\"noopener noreferrer\">#6138<\/a><\/li>\n<li>Fixed CIDR\/Prefix selector handling for IPv4\/IPv6 <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7625\" target=\"_blank\" rel=\"noopener noreferrer\">#7625<\/a><\/li>\n<li>Removed the Gold menu<\/li>\n<li>Fixed handling of info block content inside tables <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7504\" target=\"_blank\" rel=\"noopener noreferrer\">#7504<\/a><\/li>\n<li>Improved handling of PHP errors for user-entered PHP code on diag_command.php<\/li>\n<li>Fixed alignment of the the IPv6 over IPv4 input fields <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7128\" target=\"_blank\" rel=\"noopener noreferrer\">#7128<\/a><\/li>\n<li>Optimized retrieval of Traffic Graph data to reduce spikes in the graphs and load on the firewall<\/li>\n<li>Fixed a problem with the traffic graphs not respecting the theme colors <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6746\" target=\"_blank\" rel=\"noopener noreferrer\">#6746<\/a><\/li>\n<li>Revised setup wizard wording and links<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Dashboard<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Rewrote Dashboard AJAX updating in a centralized and optimized way to reduce load, improve accuracy, and increase speed<\/li>\n<li>Added a new Customer Support dashboard widget, enabled by default and on upgrade<\/li>\n<li>Changed the way AJAX updates are handled on the Dashboard widgets to improve efficiency and fix issues with some widgets refreshing in a timely manner<\/li>\n<li>Added filters to more dashboard widgets <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7122\" target=\"_blank\" rel=\"noopener noreferrer\">#7122<\/a><\/li>\n<li>Added customization for dashboard widget names<\/li>\n<li>Fixed Interface Statistics dashboard widget issues with interfaces in a \u201cdown\u201d state<\/li>\n<li>Fixed formatting issues with the Interface Statistics dashboard widget <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7501\" target=\"_blank\" rel=\"noopener noreferrer\">#7501<\/a><\/li>\n<li>Added the ability to place multiple copies of widgets on the dashboard, optional for each widget<\/li>\n<li>Added a line to display detected CPU cryptographic hardware, such as AES-NI, in the System Information dashboard widget even if the module isn\u2019t loaded <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7529\" target=\"_blank\" rel=\"noopener\">#7529<\/a><\/li>\n<li>Fixed CPU package\/core count displayed on the System Information dashboard widget<\/li>\n<li>Changed how pkg metadata is handled to reduce the load on the Dashboard and reduce unnecessary calls to the pkg server for the System Information dashboard widget update check, and for the Installed Packages dashboard widget<\/li>\n<li>Changed CPU usage calculation in the System Information dashboard widget to avoid sleep() in an AJAX call<\/li>\n<li>Fixed the IPsec widget tunnel status to handle newer strongSwan childid format <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7499\" target=\"_blank\" rel=\"noopener noreferrer\">#7499<\/a><\/li>\n<li>Fixed error when saving Wake on LAN dashboard widget without any WoL entries<\/li>\n<li>Fixed a problem where traffic could be counted twice in traffic graphs <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7751\" target=\"_blank\" rel=\"noopener noreferrer\">#7751<\/a><\/li>\n<li>Fixed a problem with the Installed Packages dashboard widget when no packages are installed <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7811\" target=\"_blank\" rel=\"noopener noreferrer\">#7811<\/a><\/li>\n<li>Changed date formats of some fields on the Dashboard to be more consistent <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7805\" target=\"_blank\" rel=\"noopener noreferrer\">#7805<\/a><\/li>\n<li>Added an option to the Interface Statistics dashboard widget to rotate the table (put interfaces in rows instead of columns) to improve the display on firewalls with numerous interfaces <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7501\" target=\"_blank\" rel=\"noopener noreferrer\">#7501<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">pftop<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Removed the \u201csize\u201d option from pftop as it had no effect, use the \u201cbytes\u201d option instead <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7579\" target=\"_blank\" rel=\"noopener noreferrer\">#7579<\/a><\/li>\n<li>Removed the \u2018peak\u2019 and \u2018rate\u2019 views for pftop since they only work in interactive mode with cached data, not batch mode which is used by the WebGUI <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7580\" target=\"_blank\" rel=\"noopener noreferrer\">#7580<\/a><\/li>\n<li>Fixed path to an old copy of the pftop WebGUI page in obsolete list <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7581\" target=\"_blank\" rel=\"noopener noreferrer\">#7581<\/a><\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">DNS<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul class=\"simple\">\n<li>Changed \/etc\/hosts such that the FQDN is listed first, except for localhost, so that dnsmasq will properly reverse resolve hostnames <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7771\" target=\"_blank\" rel=\"noopener noreferrer\">#7771<\/a><\/li>\n<li>Fixed a problem where the DNS Search Domain List was not being populated into radvd.conf <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7081\" target=\"_blank\" rel=\"noopener noreferrer\">#7081<\/a><\/li>\n<li>Enabled Python support for Unbound <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7549\" target=\"_blank\" rel=\"noopener noreferrer\">#7549<\/a><\/li>\n<li>Added a control to disable automatically added host entries in Unbound<\/li>\n<li>Changed the way unbound is started at boot time on systems with DHCP6 WANs<\/li>\n<\/ul>\n<h3 style=\"text-align: left; color: #00a0df; font-size: 20px;\">Misc<\/h3>\n<p>[vc_separator align=&#8221;align_left&#8221; border_width=&#8221;2&#8243; css=&#8221;.vc_custom_1522327747370{margin-top: -20px !important;}&#8221;]<\/p>\n<ul>\n<li>Added hardware support and detection for new Netgate models<\/li>\n<li>Changed the User Agent passed to outbound requests from pfSense to include more accurate host information<\/li>\n<li>Added the User Agent to the request data when updating the Bogons list<\/li>\n<li>Fixed growl and SMTP notifications so performing a test saves first, so the new settings are used as expected <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7577\" target=\"_blank\" rel=\"noopener noreferrer\">#7577<\/a><\/li>\n<li>Fixed loading issues with PHP extensions <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6628\" target=\"_blank\" rel=\"noopener noreferrer\">#6628<\/a><\/li>\n<li>Removed symbolic links for configuration files that redirected items from \/etc\/ to \/var\/etc\/ <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/5538\" target=\"_blank\" rel=\"noopener noreferrer\">#5538<\/a><\/li>\n<li>Added the ability to filter Packet Captures by MAC address <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6743\" target=\"_blank\" rel=\"noopener noreferrer\">#6743<\/a><\/li>\n<li>Updated status.php with new info and changed its output organization <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7047\" target=\"_blank\" rel=\"noopener noreferrer\">#7047<\/a><\/li>\n<li>Fixed a problem where a proxy defined for use by the firewall could not use HTTPS when using proxy authentication <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6949\" target=\"_blank\" rel=\"noopener noreferrer\">#6949<\/a><\/li>\n<li>Improved RAM disk backups and file management <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7098\" target=\"_blank\" rel=\"noopener noreferrer\">#7098<\/a><\/li>\n<li>Changed the way RAM disk contents are handled when enabled <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/5897\" target=\"_blank\" rel=\"noopener noreferrer\">#5897<\/a><\/li>\n<li>Changed various support functions to better facilitate translation to additional languages<\/li>\n<li>Fixed interface name display on the Router Advertisement configuration page <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7133\" target=\"_blank\" rel=\"noopener noreferrer\">#7133<\/a><\/li>\n<li>Fixed various issues with handling of unusually formatted, but valid, IPv6 addresses <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7147\" target=\"_blank\" rel=\"noopener noreferrer\">#7147<\/a><\/li>\n<li>Improved error handling when a client is logged when it attempts to poll data via rrd_fetch_json.php <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6748\" target=\"_blank\" rel=\"noopener noreferrer\">#6748<\/a><\/li>\n<li>Fixed various issues when the configuration backup count was set to 0 (disabled) <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7273\" target=\"_blank\" rel=\"noopener noreferrer\">#7273<\/a><\/li>\n<li>Fixed handling of \u201c0\u201d for the number of backups to retain in the configuration history <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7273\" target=\"_blank\" rel=\"noopener noreferrer\">#7273<\/a><\/li>\n<li>Fixed an issue with long configuration change descriptions leading to wrapping issues in certain cases such as AutoConfigBackup <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/6363\" target=\"_blank\" rel=\"noopener noreferrer\">#6363<\/a><\/li>\n<li>Fixed an issue with installing packages from a backup when restoring using the External Configuration Locater on the first boot post-install <a class=\"reference external\" href=\"https:\/\/redmine.pfsense.org\/issues\/7914\" target=\"_blank\" rel=\"noopener noreferrer\">#7914<\/a><\/li>\n<\/ul>\n<p>[\/vc_column][vc_column width=&#8221;1\/3&#8243;][vc_tta_accordion c_icon=&#8221;&#8221; active_section=&#8221;1&#8243;][vc_tta_section i_icon_fontawesome=&#8221;fa fa-check&#8221; add_icon=&#8221;true&#8221; title=&#8221;All versions&#8221; tab_id=&#8221;1e176-0b7ea534-a5bf969a-50a5eeb3-efc9feab-68870c33-53871b11-7d9282fb-01217f37-1de25693-9e60b4fe-5de8&#8243;]<\/p>\n<ul>\n<li><a href=\"https:\/\/blog.miniserver.it\/en\/pfsense-ce-2-5-0-beta\/\">pfSense\u00ae CE 2.5.0 Beta<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/en\/pfsense-2-4-3-last-version\/\">pfSense\u00ae CE 2.4.3: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/en\/pfsense-2-4-2-release-notes\/\">pfSense\u00ae CE 2.4.2: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/en\/pfsense-2-4-1-release-notes\/\">pfSense\u00ae CE 2.4.1: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/en\/pfsense-2-4-release-notes\/\">pfSense\u00ae CE 2.4: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-3-3-beta\/\">pfSense\u00ae CE 2.3.3: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-3-2-note-di-rilascio\/\">pfSense\u00ae CE 2.3.2: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-3-1-note-di-rilascio\/\">pfSense\u00ae CE 2.3.1: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-3-note-di-rilascio\/\">pfSense\u00ae CE 2.3: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-2-5-note-di-rilascio\/\">pfSense\u00ae CE 2.2.5: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-2-note-di-rilascio\/\">pfSense\u00ae CE 2.2: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-1-5-note-di-rilascio\/\">pfSense\u00ae CE 2.1.5: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-1-4-note-di-rilascio\/\">pfSense\u00ae CE 2.1.4: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-1-3-note-di-rilascio\/\">pfSense\u00ae CE 2.1.3: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-1-2-note-di-rilascio\/\">pfSense\u00ae CE 2.1.2: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-1-1-note-di-rilascio\/\">pfSense\u00ae CE 2.1.1: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-1-note-di-rilascio\/\">pfSense\u00ae CE 2.1: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-0-3-note-di-rilascio\/\">pfSense\u00ae CE 2.0.3: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/pfsense-2-0-2-note-di-rilascio\/\">pfSense\u00ae CE 2.0.2: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/rilasciata-la-versione-pfsense-2-0-1\/\">pfSense\u00ae CE 2.0.1: release notes<\/a><\/li>\n<li><a href=\"https:\/\/blog.miniserver.it\/en\/pfsense\/\">Main features<\/a><\/li>\n<\/ul>\n<p>[\/vc_tta_section][vc_tta_section i_icon_fontawesome=&#8221;fa fa-external-link&#8221; add_icon=&#8221;true&#8221; title=&#8221;Link utili&#8221; tab_id=&#8221;2e176-0b7ea534-a5bf969a-50a5eeb3-efc9feab-68870c33-53871b11-7d9282fb-01217f37-1de25693-9e60b4fe-5de8&#8243;]<\/p>\n<ul>\n<li><a href=\"https:\/\/blog.miniserver.it\/en\/firewallharware-guide\/\" target=\"_self\" rel=\"noopener noreferrer\">Guide firewallhardware<\/a><\/li>\n<li><a href=\"https:\/\/www.pfsense.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">Sito ufficiale pfSense<sup>\u00ae<\/sup><\/a><\/li>\n<li><a href=\"https:\/\/forum.pfsense.org\/\" target=\"_blank\" rel=\"noopener noreferrer\">Forum pfSense<sup>\u00ae<\/sup><\/a><\/li>\n<li><a href=\"https:\/\/forum.pfsense.org\/index.php?board=8.0\" target=\"_blank\" rel=\"noopener noreferrer\">Forum pfSense<sup>\u00ae<\/sup> in italiano<\/a><\/li>\n<li><a href=\"https:\/\/doc.pfsense.org\/index.php\/Main_Page\" target=\"_blank\" rel=\"noopener noreferrer\">Documentazione pfSense<sup>\u00ae<\/sup><\/a><\/li>\n<li><a href=\"https:\/\/www.pfsense.org\/download\/index\" target=\"_blank\" rel=\"noopener noreferrer\">Download pfSense<sup>\u00ae<\/sup><\/a><\/li>\n<\/ul>\n<p>[\/vc_tta_section][\/vc_tta_accordion][vc_widget_sidebar sidebar_id=&#8221;sidebar-18&#8243;][vc_row]<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>  [&#8230;]<\/p>\n","protected":false},"author":11,"featured_media":0,"parent":0,"menu_order":21,"comment_status":"closed","ping_status":"closed","template":"","meta":{"content-type":"","footnotes":""},"class_list":["post-15947","page","type-page","status-publish","hentry"],"_links":{"self":[{"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/pages\/15947","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/users\/11"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/comments?post=15947"}],"version-history":[{"count":16,"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/pages\/15947\/revisions"}],"predecessor-version":[{"id":18924,"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/pages\/15947\/revisions\/18924"}],"wp:attachment":[{"href":"https:\/\/blog.miniserver.it\/en\/wp-json\/wp\/v2\/media?parent=15947"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}