Endian Community Releases New Version 3.3.2

Hi to all our Endian Community fans and we've got some great news to share!

First we're releasing a huge set of updates that has a ton of bug fixes and minor feature improvements.

In addition, we're releasing a new ISO for those who want a new install with all the latest and greatest packages. Last, we're switching our development cycle to use rolling releases which means you guys should be hearing (and receiving "update goodies") a whole lot more from us on a much more regular and frequent basis ;-)



für die eiligen .. der Downloadlink

https://sourceforge.net/projec…es/Development/EFW-3.3.2/


Changelog:


Released as Updates to Current 3.3.0 Community Users:

#### CORE Hardware Support

CORE-4237 Improvement: Add kernel module RTL8152/RTL8153

#### Core Kernel

CORE-4249 Improvement: Add NVMe support to kernel

CORE-4266 Bug: Fix igxbe compilation issue

#### UTM Proxy: DNS

UTM-2366 Bug: Onedrive.live.com is blocked by DNS Proxy

#### UTM Antispam: SpamAssassin

UTM-2356 Bug: IMAP training fails if mail is incomplete

#### Core Backup

CORE-4071 Bug: Cannot create backup if the remark field contains only integers

#### Core Base system

CORE-4344 Bug: Body of HA notification mails are sent as attachments

#### Core Firewall

CORE-4335 Bug: setoutgoingfw taking too long to restart, we need to optimize iptables rules using ipset

CORE-4339 Bug: New PROXYOUTGOINGFW drop traffic on http proxy port

CORE-4379 Bug: ipsets not created at boot and after update

#### Core Uplinksdaemon

CORE-3999 Bug: Uplinks daemon doesn't set IP from DHCP with long lease time


Additional (Previous) Packages Released As ISO to 3.3.2:

#### Core Authentication layer

CORE-3133 Bug: Authentication fails is username is numeric and starts with 0

CORE-3287 Improvement: Add user IP address to authentication daemon logs

#### Core Backup

CORE-3154 New Feature: Implement pre and post hooks (run-parts) in Protected link

#### Core Base system

CORE-2996 Bug: Fix documentation url retrieving on version transition

CORE-3318 Improvement: Add crypto module decryption for tcpdump

CORE-2157 Task: Introduce Python requests library

CORE-3320 Improvement: Upgrade to OpenSSH 7.1p2

CORE-3833 Bug: Missing SSH 7.1 dependency and ssh-dss support

CORE-3960 Bug: Conntrack not cleaned when uplink disconnect multiple times

#### Core EMI

CORE-2959 Bug: Cannot generate a certificate on the Management GUI

CORE-3148 Bug: Cannot change language at first boot

#### Core Event Notifications

CORE-3160 Bug: Openvpn login successful event doesn't match log pattern

CORE-3164 Bug: Openvpn logout event not matched with some special characters

#### Core Firewall

CORE-3135 Bug: Typo in Incoming routed traffic source and destination description

CORE-3941 Bug: Established connections on backup link stop working after main uplink comes back online

#### Core Kernel

CORE-2965 Bug: Paket loss when installed on xen hypervisor

#### Core Logging & Monitoring

CORE-2921 Bug: Sarg retention in monthly cron is not working

#### Core Network configuration

CORE-3146 Bug: Uplink check hosts option are reset after modifying network settings

CORE-3170 Bug: Cannot use CIDR /32 or /31 for additional IP addresses

CORE-3194 Bug: Network Wizard from CLI displays main interface when vlans are in use

CORE-3241 Bug: Cannot configure mobile broadband uplink at first wizard

CORE-3305 Improvement: No GUI error given when a static route with default gateway/CIDR notation is added

CORE-3323 Bug: Missing column remark in host configuration

#### Core Translations

CORE-3355 Bug: Italian misleading translation of Snort GUI actions

#### Core Uplinksdaemon

CORE-3343 Bug: Static uplinks have a wrong broadcast and netaddress

CORE-3815 Bug: Uplink failover when main uplink is PPPoE is too slow

CORE-3847 Bug: IP address and subnet assigned to physical interface with PPPoE uplink is currently used by Cloudflare

CORE-4091 Bug: Uplinksdaemon doesn't have to start onboot if HA is enabled

CORE-4093 Bug: Uplinksdaemon have to send GARP on static uplinks

#### Firewall Community Registration

COMMUNITY-355 Bug: Appliance asks for re-registration every time a network configuration is performed

#### UTM Antispam: SpamAssassin

UTM-2144 Improvement: fix run_sa_update invocation

UTM-2154 Bug: Spam Training uses wrong command for connection test

UTM-2261 Improvement: Add support for SSL and custom IMAP server port in Spam training

UTM-2278 Bug: If port is not specified spamtraining imap will not connect

#### UTM Artwork

UTM-2136 Bug: Invalid graphic image for closing button displayed when browsing Firewall Diagrams

#### UTM Certificate Management

UTM-2293 Improvement: Can't import CA generated from Active Directory Certificate Services

#### UTM Monitoring, Reporting

UTM-2108 Bug: Sarg doesn't load language file

UTM-2105 Improvement: Update SARG

#### UTM Proxy: DNS

UTM-2160 Bug: DNS proxy can be enabled on not active zones

UTM-2176 New Feature: Let Proxy DNS service to log antispyware blocked domains

#### UTM Proxy: SMTP

UTM-2191 Improvement: Update Realtime Blacklist (RBL)

#### UTM Service: Intrusion Prevention

UTM-2170 Bug: IPS alerts or Drops are not differentiated in the logs

#### UTM VPN: IPsec

UTM-2156 Bug: Missing option in ipsec.secrets template file for green zone

UTM-2158 Improvement: Set default DPD action to CLEAR for XAUTH and L2TP

UTM-2173 Improvement: Add possibility to choose uplink IP on IPSEC Tunnel

UTM-2189 Bug: DPD Action always set to restart

UTM-2267 Bug: Data not removed from ipsec.secrets when ipsec tunnel is disabled

#### UTM VPN: OpenVPN

UTM-2034 Improvement: Increase DH size for VPN

UTM-2092 Bug: Push block-outside-dns from OpenVPN Server

UTM-1888 Bug: VPN Connections are not shown

UTM-2166 Bug: Add verification on OpenVPN's IP pool range

UTM-2168 New Feature: OpenVPN bridged instance can't set virtual IP pool range on second subnet

UTM-2200 Bug: OpenVPN job crash due to purple_ip_begin parameter handled as mandatory

UTM-2203 Bug: Cannot change OpenVPN instance from TUN/TAP

UTM-2246 Bug: Purple ip range is validated also in not bridged instances

UTM-2249 Bug: The purple subnet for the default Openvpn server is wrong

UTM-2263 Bug: Cannot disable channel encryption to OpenVPN instances