IPFire Open-Source Linux Firewall Gets a Revamped DNS System

IPFire 2.25 Core Update 141 released

IPFire, the hardened open-source and free firewall GNU/Linux distribution, just got it’s most exciting update in the new decade, IPFire 2.25 Core Update 141, which brings a revamped DNS system and lots of other goodies.

Rebased on the GCC (GNU Compiler Collection) 9.2 compiler system series, IPFire 2.25 Core Update 141 is here to introduce a brand new DNS (Domain Name Server) system that features a unified settings page, the ability to add more than two DNS servers, DNS-over-TLS support, Safe Search support, faster boot, and other optimizations.

IPFire will now automatically use the fastest DNS server when more are added. Moreover, system administration can now easily filter adult content from the entire network without the need of a web proxy. It is now also possible to use TLS and TCP as transport on networks where the ISP filters DNS responses.

“In order to combat MTU issues, we are following guidelines and have set the EDNS buffer size to 1232 bytes. This avoids large DNS replies being fragmented even on Internet lines with smaller MTUs. All DNS settings will automatically be converted. This is also compatible when older backups are being restored,” said Michael Tremer.

IPFire 2.25 Core Update 141 deprecates Python 2 support

Apart from the DNS goodies, the update also adds support for the Go and Rust programming languages, implements Python 3 support and deprecates Python 2 support, and brings support for LVM (Logical Volume Manager) devices.

Other noteworthy changes include the ability for the built-in IPS (Intrusion Prevention System) to filter packets to and OpenVPN clients, HTTPS support is available for Pakfire to download mirror lists, and the IPsec support has been updated to offer compatibility with more clients.

This release also ships with new components, such as amazon-ssm-agent for better integration with the Amazon cloud and rfkill a command-line tool for enabling and disabling wireless devices.

Among the updated components included in this release, we can mention efivar 35, File 5.38, Knot 2.9.2, libhtp 0.5.32, mdadm 4.1, GNU MPC 1.1.0, GNU MPFR 4.0.2, Rust 1.39, Suricata 4.1.6, and Unbound 1.9.6. Updated add-ons include dehydrated 0.6.5, libseccomp 2.4.2, GNU nano 4.7, open-vm-tools 11.0.0, Tor, and Wireshark 3.0.7.

IPFire 2.25 Core Update 141 is available for download right now from the official website. However, the updated installation image is out only for new installations as existing users will get all these goodies if they install the latest updates available in the stable software repositories.

Last updated 4 years ago

Buy Me a Coffee at ko-fi.com