h0sch1
Well-Known Member
Hi
pfSense 2.0 ist seit heute Nacht da.
New Features and Changes:
Interfaces:
IPsec:
Firewall:
NAT:
Alle Changes:
http://doc.pfsense.org/index.php/2.0_New_Features_and_Changes
Download:
http://blog.pfsense.org/?p=598
pfSense 2.0 ist seit heute Nacht da.
New Features and Changes:
Interfaces:
- GRE tunnels
- GIF tunnels
- 3G support
- Dial up modem support
- Multi-Link PPP (MLPPP) for bonding PPP connections (ISP/upstream must also support MLPPP)
- LAGG Interfaces
- Interface groups
- IP Alias type Virtual IPs
- IP Alias VIPs can be stacked on CARP VIPs to go beyond the 255 VHID limit in deployments that need very large numbers of CARP VIPs.
- QinQ VLANs
- Can use Block Private Networks / Block Bogon Networks on any interface
- All interfaces are optional except WAN
- All interfaces can be renamed, even LAN/WAN
- Bridging enhancements - can now control all options of if_bridge, and assign bridge interfaces
IPsec:
- Multiple IPsec p2's per p1 (multiple subnets)
- IPsec xauth support
- IPsec transport mode added
- IPsec NAT-T
- Option to push settings such as IP, DNS, etc, to mobile IPsec clients (mod_cfg)
- Mobile IPsec works with iOS and Android (Certain versions, see Mobile IPsec on 2.0)
- More Phase 1/2 options can be configured, including the cipher type/strength
- ipsec-tools version 0.8
Firewall:
- Traffic shaper rewritten - now handles any combination of multi-WAN and multi-LAN interfaces. New wizards added.
- Layer7 protocol filtering
- EasyRule - add firewall rules from log view (and from console!)
- Floating rules allow adding non-interface specific rules
- Dynamically sized state table based on amount of RAM in the system
- More Advanced firewall rule options
- FTP helper now in kernel
- TFTP proxy
- Schedule rules are handled in pf, so they can use all the rule options.
- State summary view, report shows states grouped by originating IP, destination IP, etc.
NAT:
- All of the NAT screens were updated with additional functionality
- Port forwards can now handle create/update associated firewall rules automatically, instead of just creating unrelated entries.
- Port forwards can optionally use "rdr pass" so no firewall rule is needed.
- Port forwards can be disabled
- Port forwards can be negated ("no rdr")
- Port forwards can have source and destination filters
- NAT reflection improvements, including NAT reflection for 1:1 NAT
- Per-entry NAT reflection overrides
- 1:1 NAT rules can specify a source and destination address
- 1:1 NAT page redesigned
- Outbound NAT can now translate to an address pool (Subnet of IPs or an alias of IPs) of multiple external addresses
- Outbound NAT rules can be specified by protocol
- Outbound NAT rules can use aliases
- Improved generation of outbound NAT rules when switching from automatic to manual.
Alle Changes:
http://doc.pfsense.org/index.php/2.0_New_Features_and_Changes
Download:
http://blog.pfsense.org/?p=598
Zuletzt bearbeitet: