Ukufika de IPFire 2.29 - I-Core Update 200 Lokhu kuphawula ukuguquka ekuthuthukisweni kwalokhu kusabalala kwe-firewall kanye ne-router yomthombo ovulekile. Kuyisibuyekezo esikhulu esethula i-kernel yesimanje, siqinise ukuphepha, sithuthukise ukusebenza kwenethiwekhi, futhi sivuselela inani elikhulu lamaphakheji nama-plugin. Ngaphezu kwalokho, sinezela ubuchwepheshe obusezingeni eliphezulu njenge-WiFi 7 kanye nokusekelwa kokutholwa kwenethiwekhi okuthuthukisiwe.
Lokhu kubuyekezwa Okuyinhloko akugcini nje "emaphethini amancane"; kuyi- inguqulo egcwele izinguquko zesakhiwoUhlelo olusha lokuvimba isizinda (i-IPFire DBL), ukuthuthukiswa okuphawulekayo ku-Suricata kanye nohlelo lokubika lwe-IPS, izinguquko ezinkulu ku-OpenVPN, ummeleli oqinile ngokumelene nobuthakathaka bamuva, ukwesekwa komdabu kwe-LLDP/CDP, kanye nohlu olude lwemitapo yolwazi namathuluzi abuyekeziwe. Konke lokhu kugcina ukugxila kwe-IPFire ekuzinzeni, ukuphepha, kanye nokuphathwa kalula ngokusebenzisa isikhombimsebenzisi sewebhu.
Isibuyekezo Esiyinhloko se-IPFire 2.29 200: Izinguquko ezintsha ze-kernel ye-IPFire kanye neplatifomu
Esinye sezisekelo zalokhu kukhishwa isibuyekezo se-kernel ye-IPFire. Igatsha eliyinhloko lesistimu liye laba kunqotshiwe I-Linux 6.18.x LTSLokhu kuletha igagasi lokuthuthuka ekuphepheni, ekusebenzeni, kanye nokuhambisana kwehadiwe. Umugqa we-6.18 LTS uhlanganisa ukulungiswa kokuzinza okuqongelelwe, ama-patches okuphepha amanje, kanye nokwenza ngcono okunciphisa ukubambezeleka futhi kuthuthukise ukusebenza kokuhlunga amaphakethe—okubaluleke kakhulu ezimweni ezinabantu abaningi noma lezo ezinemithetho eminingi ye-firewall kanye ne-NAT.
I-kernel entsha iletha ukuthuthukiswa okuvamile ekusebenzeni kwenethiwekhiInikeza amandla aphezulu okusebenzisa i-passout, i-latency ephansi, kanye namakhono okuhlunga amaphakethe athuthukile. Iphinde ihlanganise izindlela zakamuva zokunciphisa ubungozi behadiwe bamuva, iqinise ukuvikelwa ekuhlaselweni okusebenzisa amaphutha kuma-CPU anamuhla. Lokhu kubalulekile ezindaweni lapho i-IPFire isetshenziswa khona njenge-firewall ezungeze noma engqalasizinda ebalulekile enezidingo zokuphepha eziphezulu.
Ngaphakathi kwalolu shintsho kukhona nesinqumo esibalulekile: sinaso Ukusekelwa kohlelo lwefayela le-ReiserFS kususiweI-kernel ye-Linux ngokwayo iphawule lobu buchwepheshe njengobuphelelwe yisikhathi, futhi iphrojekthi ye-IPFire ilandelile. Uma ukufakwa kwakho kwe-IPFire kwamanje kusebenzisa i-ReiserFS, ngeke ukwazi ukusebenzisa i-Core Update 200 ngqo. Esikhundleni salokho, kuzodingeka ufake kabusha okuhlanzekile usebenzisa uhlelo lwefayela olusekelwayo (njenge-ext4, i-XFS, noma ezinye ezisekelwa yizithombe zakamuva ze-IPFire). I-web interface ibilokhu ixwayisa abasebenzisi ngalokhu isikhathi esithile, ngakho-ke lo mkhawulo awulindelekile ngokuphelele.
I-IPFire DBL: Uhlu olusha lokuvimba isizinda ku-IPFire 2.29 Core Update 200
Selokhu uhlu oludumile lwe-Shalla lwangatholakali, i-web proxy ye-IPFire yashiywa ingenawo umthombo ozinzile wezizinda zokuhlunga okuqukethwe okunonya, izinkundla zokuxhumana, noma amawebhusayithi abantu abadala. Ngenxa yokuntuleka kwezindlela eziphelele nezigcinwe kahle, ithimba le-IPFire linqume ukudala nokugcina uhlu lwalo lokuvimba isizinda: I-IPFire DBL.
I-IPFire DBL itholakala ku- isigaba sokuqala se-betaNoma kunjalo, ingasetshenziswa kakade ngokusebenza emaphuzu amabili abalulekile ohlelweni:
- Isihlungi se-URL yephroksiUmlawuli angakhetha i-IPFire DBL njengomthombo wezizinda okufanele azivimbele. Ngale ndlela, noma yikuphi ukufinyelela okudlula kuphrokzi ye-HTTP/HTTPS kuzohlolwa ohlwini, kuvimbele ukufinyelela ezigabeni zamasayithi angaba yingozi noma angafuneki.
- Ukuhlanganiswa neSuricata (IPS)Ngokufika kwe-IPFire DBL, iphrojekthi iphinde ibe ngumhlinzeki wemithetho weSuricata. Ngokuhlanganisa isizindalwazi sesizinda nokuhlolwa kwephakethe okujulile (i-DNS, i-TLS, i-HTTP, i-QUIC), i-IPS ingavimba ngokuphelele ukuxhumana nezizinda ezingavunyelwe, noma ngabe zidlula iphrokzi yendabuko.
Nakuba isizindalwazi sisakhula, inhloso ukunikeza abasebenzisi be-IPFire uhlu oluqinile, olusesikhathini, noluklanywe ngokukhethekile ukuhlanganiswa ne-firewall ecosystem. Ithimba likhuthaza umphakathi ukuthi uyihlole, ubike izinkinga, futhi unikeze iziphakamiso zokuyilungisa ezinguqulweni zesikhathi esizayo, lapho kulindeleke khona intuthuko ebalulekile kanye namakhono amasha.
Isibuyekezo se-IPFire 2.29 Core 200 sethula ukuthuthukiswa kohlelo lokuvimbela ukungena (i-IPS)
I-IPS esekelwe eSuricata ithola uchungechunge lwezinguquko ezibalulekile ezihlose ukuthuthukisa ukusebenza, ukuthembeka, kanye nokusebenza kahle kwemibiko yayo. Isibuyekezo sangaphambilini sethule ikhono lokwenza gcina amasignesha ahlanganiswe kusengaphambili ku-cache ukusheshisa ukulayisha kweSuricata. Kodwa-ke, leyo cache ingakhula ngokungalawuleki futhi ithathe isikhala esiningi kakhulu sediski.
Ukuze kulungiswe lokhu kuziphatha, i-Core Update 200 ifaka i- I-Patch evumela i-Suricata ukuthi isuse ngokuzenzakalelayo izisayini ezingasetshenziswangaLokhu kugcina izinzuzo zezikhathi zokuqalisa ngokushesha ngaphandle kokubeka engcupheni isitoreji sesikhathi eside, okubalulekile kumadivayisi anamadiski amancane noma izinto zikagesi ezinikezelwe.
Ingxenye yokubika (i-suricata-reporter) nayo inwetshiwe: manje, ngezexwayiso ezihlobene I-DNS, i-HTTP, i-TLS noma i-QUICUlwazi olwengeziwe, njengegama lomethuleli kanye neminye imininingwane efanele, luyangezwa. Lolu lwazi luvela kokubili kuma-imeyili okuxwayisa kanye nemibiko ye-PDF, okusiza abaphathi ukuthi baphenye ngokunembile izehlakalo zokuphepha ezingaba khona noma ukwephulwa kwenqubomgomo yenkampani.
Ngaphezu kwalezi zinguquko, kwethulwe isibuyekezo sakamuva esiseduze ne-Core Update 200 Ukuthuthukiswa kokuphathwa kwe-IPS uma kwenzeka ukwehlulekaKumasistimu anememori elinganiselwe, kwaphawulwa ukuthi uma iSuricata iphahlazeka noma ivalwa uhlelo ukuze kukhululwe i-RAM, i-firewall ingashiywa ivulekile kakhulu kunalokho okufiswayo, okuveza izinsizakalo zangaphakathi. Nakuba kungekho ukuhlaselwa kwangempela okusebenzisa lokhu kuziphatha okubonwe, kwabhekwa njengengozi enkulu yokuphepha.
Ukuze kuncishiswe lokhu, manje sekukhona inqubo yokuqapha eqondisa i-IPS futhi iyiqala kabusha uma ithola ukwehla okungalindelekile. Ithrafikhi ephawulwe ngokuthi "i-whitelisted" ayisathunyelwa ku-IPS ukuze ikhishwe: yeqiwe ngqo kuchungechunge lwe-iptables, okwenza ngcono ukusebenza futhi kunciphisa ubunzima. Ikhono lokuhlunga ithrafikhi ye-IPsec nalo lengeziwe; ngaphambilini, le thrafikhi yayikhishwe ekuhlaziyweni kwe-IPS ngaphandle kwamacala ambalwa athile, futhi manje ingahlolwa noma nini lapho idluliselwa ngokusebenzisa izixhumi ezilungiselelwe.
Isici esisha sifakiwe ku-interface yewebhu ye-IPS ishadi elisha lokusebenza Lokhu kubonisa ithrafikhi ecutshunguliwe ehlukaniswe ngezigaba ezintathu: ithrafikhi eskeniwe (engenayo nephumayo), ithrafikhi egunyaziwe, kanye nethrafikhi edlulayo. Lokhu kunikeza umbono ocacile wokusetshenziswa kwangempela kwe-IPS futhi kuvumela ukulungiswa kwemithetho nenqubomgomo okunolwazi oluthe xaxa.
I-OpenVPN: Izinguquko ekucushweni nasekuqinisekisweni
Imojula ye-OpenVPN ku-IPFire ithola isethi ebalulekile yokulungiswa ukuze kwenziwe ukucushwa kweklayenti neseva kube lula futhi kuvumelane nemikhuba emihle yamanje. Kusukela kule nguqulo, i- Amafayela okucushwa kweklayenti awasafaki inani le-MTU elihleliweEsikhundleni salokho, iseva "izocindezela" i-MTU efanele kuklayenti ngalinye, okuvumela umphathi ukuthi ashintshe leli nani ngaphandle kokuvuselela konke ukucushwa komsebenzisi. Kubalulekile ukuqaphela ukuthi amanye amaklayenti amadala kakhulu angase angakuqondi ngokugcwele lokhu kuziphatha.
Uma kusetshenziswa ukuqinisekiswa kwezinyathelo ezimbili nge-OTP, Ithokheni yesikhathi esisodwa manje ithunyelwa kusuka kuseva. uma iklayenti linikwe amandla i-OTP. Lokhu kuhlanganisa i-logic ohlangothini lweseva, kugwenywe ukungahambisani futhi kube lula ukuphathwa kweziqinisekiso zesikhashana.
Ngaphezu kwalokho, amaphrofayili amakhasimende awasafaki Igunya lesitifiketi (CA) elifakwe ngaphandle kwesitsha se-PKCS#12Ngaphambilini, lokhu kungabangela izinkinga lapho kungeniswa ukuxhumana ngamathuluzi afana ne-NetworkManager kusuka kulayini womyalo, ngenxa yezitifiketi eziphindaphindwayo. Njengoba i-CA manje isifakiwe kufayela le-PKCS#12, lokhu kuphindaphindwa kususiwe ukuze kwenziwe lula inqubo futhi kuvinjelwe amaphutha.
Izilungiselelo ezengeziwe zengezwe ekucushweni kweseva ethi "roadwarrior". Uma iseva ye-OpenVPN iqhubeka nokusebenzisa ama-cipher abhekwa njengefaI-IPFire manje igcizelela lokhu ukuze ixwayise umphathi ukuthi ukuthuthela kuma-suite esimanje kungaba ngcono. Iphinde ivumele ukusunduza amaseva amaningi e-DNS kanye ne-WINS kumakhasimende, okuwusizo kakhulu kumanethiwekhi ayinkimbinkimbi lapho izizinda eziningana zangaphakathi noma amaseva athile egama ekhona ndawonye.
Iseva ye-OpenVPN iyasebenza manje njalo ikumodi yasekhaya eminingiLokhu kunengqondo ku-firewall enezixhumi eziningi. Kuqinisekisa ukuthi iseva iphendula kumakhasimende isebenzisa ikheli le-IP elifanayo ababexhumeke kulo ekuqaleni, noma ngabe umshini unezindlela eziningi eziphumayo eziya ku-inthanethi noma amanethiwekhi angaphakathi. Iphutha elivimbele umzila wokuqala owenziwe ngokwezifiso ochazwe kumakhasimende ukuthi ungacindezelwa kahle nalo lilungisiwe, futhi ukugeleza kokuqinisekiswa kwe-OTP kuthuthukisiwe ukuze kushukumise iklayenti ukuthi liqedele isici sesibili uma libhajwa.
Ekugcineni, inqubomgomo isusiwe ekucushweni kweklayenti auth-nocache, ngoba Umphumela wangempela wawucishe ungabi bikho Empeleni, lokhu kwadala umuzwa wokulondeka ongamanga. Ngalezi zinguquko, i-OpenVPN ku-IPFire manje isihambisana kakhulu nemikhuba emihle yamanje futhi yenza impilo ibe lula kubaphathi.
I-WiFi 7 ne-WiFi 6: ukukhuphuka kwesizukulwane kumanethiwekhi angenantambo
Esinye sezici ezihlaba umxhwele kakhulu ngalesi sibuyekezo ukuthi i-IPFire ekugcineni sebenzisa ngokugcwele amakhono e-WiFi 7 (802.11be) kanye ne-WiFi 6 (802.11ax) ngendima yayo njengendawo yokufinyelela engenantambo. Nakuba ihadiwe yayingase isebenze kakade ngaphambili, izici ezintsha zalezi zindinganiso manje seziveziwe futhi ziphathwa kahle.
Kuzilungiselelo ezingenantambo ungakhetha Imodi ye-WiFi ekhethwayo futhi uvumele i-IPFire iphathe okunye. Uhlelo lunezela ukwesekwa okugcwele kwe-802.11be kanye ne-802.11ax, kanye nezindlela ze-802.11ac/agn ezisekelwe kakade. Lokhu kufaka phakathi ukusetshenziswa kweziteshi ezifika ku-320 MHz, okuvumela ama-bandwidth angaphezu kuka-5,7 Gbps ngemifudlana emibili yendawo noma kufika ku-11,5 Gbps ngemifudlana emine, konke ngaphandle kwentambo. Lezi zibalo ngokusobala zincike endaweni yehadiwe kanye nomsakazo, kodwa ukwesekwa kukhona futhi kulungele ukusizakala ngokugcwele ngesizukulwane sakamuva semishini.
I-IPFire manje ithola ngokuzenzakalelayo i- amakhono e-hardware e-WiFi athuthukileLokho okwakuhlelwe ngesandla ngaphambilini njenge-“HT Capabilities” kanye ne-“VHT Capabilities”—inqubo eyisicefe nevame ukwenza amaphutha—manje iphathwa ngaphakathi. Uhlelo luvumela ngokuzenzakalelayo zonke izici ezisekelwa yidivayisi (i-MU-MIMO, iziteshi ezibanzi, njll.), okuholela kumanethiwekhi angenantambo azinzile, asheshayo, futhi alula ukuwaphatha.
Ezindaweni lapho i-WPA2 noma i-WPA1 zisasetshenziswa khona, i-IPFire manje ivumela ukusetshenziswa kwe I-SHA256 enqubweni yokuqinisekisa Ukuqinisa ukuxhawulana kwamakhasimende angakwazi ukusebenza ne-WPA3. Ngaphezu kwalokho, ukuvikelwa kwe-SSID kuvunyelwe ngokuzenzakalelayo: uma kusetshenziswa ozimele bokuphatha abavikelwe (802.11w), uhlelo luvumela ngokuzenzakalelayo ukuvikelwa kwe-beacon kanye nokuqinisekiswa kwesiteshi sokusebenza, okuvimbela ukuhlaselwa okuthile okulawula ukusayina kwenethiwekhi.
Ukuze kuthuthukiswe ukusebenza kahle komoya, Amaphakethe e-Multicast aguqulwa abe yi-unicast Lesi yisimiso esizenzakalelayo lapho inethiwekhi ihlanganisa ngokuyinhloko amaklayenti esimanje, asheshayo. Le ndlela inciphisa isikhathi somoya esichithwa kuthrafikhi yendabuko yokusakaza okuningi futhi ithuthukisa ulwazi oluphelele, ikakhulukazi kumanethiwekhi aminyene. Uma ihadiwe ivuma, ukutholwa kwe-radar (okudingekayo ku-DFS kumabhendi athile) kwenziwa ngemuva, kuvinjelwa noma yikuphi ukuphazamiseka okubonakalayo kwisevisi ye-Wi-Fi.
Nakuba ifomu le-web interface lingashintshile kakhulu, iningi lomlingo lenzeka ngemuva kwezigcawu, lenza ngcono amapharamitha futhi lenze ngcono ukusebenza kwehadiwe. Imishini ye-Lightning Wire Labs ehlanganisa i-IPFire Lawa makhono asebenza ngokuzenzakalelayo.ngakho abasebenzisi balawo madivayisi bazobona ukuthuthuka ngaphandle kokuthinta izilungiselelo kakhulu.
Ukusekelwa kwe-LLDP kanye ne-Cisco Discovery Protocol
I-Core Update 200 ihlanganisa ngokwendabuko ukwesekwa kwe- I-Link Layer Discovery Protocol (LLDP) kanye ne-Cisco Discovery Protocol version 2 (CDPv2)Lezi zindlela zokulawula zivumela i-IPFire ukuthi "ikhangise" futhi ithole amadivayisi ezingeni lesendlalelo sesi-2 ezigabeni ezixhunywe ngqo, okuwusizo kakhulu ezingqalasizinda zenethiwekhi eziyinkimbinkimbi.
Ngenxa ye-LLDP/CDP, i-firewall ingakwazi ukubona ixhunywe kuziphi izimbobo zokushintshaNgakolunye uhlangothi, amaswishi namathuluzi okuqapha angabona ngokucacile indawo ye-IPFire kumephu yenethiwekhi. Lokhu kuhlangana kalula namapulatifomu afana ne-Observium kanye nezinye izinhlelo zokuhlola nokuhlola inethiwekhi, okwenza kube lula ukuphathwa kwezindawo ezinkulu ngama-VLAN amaningi, izixhumanisi ze-trunk, kanye nemishini esatshalaliswayo.
Ukusebenza kuyasebenza futhi kulungiselelwe kusukela ku- isikhombikubona sewebhu, esigabeni seNethiwekhi → LLDPlapho unganquma khona ukuthi iyiphi i-interface evulwa kuyo iphrothokholi, yiluphi ulwazi olukhangiswayo, nokuthi idatha ihlanganiswa kanjani nokunye ukucushwa kwenethiwekhi.
I-DNS, i-PPP kanye nezinye izinsizakalo eziyinhloko ku-IPFire 2.29 Core Update 200
Iphrokzi ye-DNS esekelwe ku-Unbound ye-IPFire nayo ithole ukuthuthukiswa okuphawulekayo. Esikhundleni sokusebenza kwimodi yochungechunge olulodwa, I-Unbound manje iqala intambo eyodwa nge-CPU core ngayinyeLokhu kukuvumela ukuthi usebenzise amaprosesa amaningi avamile kulezi zinsuku futhi unciphise izikhathi zokuphendula ze-DNS ngaphansi komthwalo, okubonakalayo ezindaweni ezinamaklayenti amaningi noma izicelo eziningi ngasikhathi sinye.
Ekuxhumekeni kokufinyelela kwe-PPP (njengeminye imigqa ye-DSL, 4G, noma ye-5G), i-IPFire ilungisa ukuthunyelwa kwamaphakethe okugcina e-LCP ku Zikhiphe kuphela uma kungekho traffic yangempela emgqeniLolu shintsho oluncane lunciphisa kancane umthwalo wokuxhumeka, okuyinto ethandwa kakhulu ezixhumanini zeselula ezinezinsizakusebenza ezilinganiselwe noma imikhawulo yedatha eqinile.
Imininingwane ebonakalayo isilungisiwe ku-interface yokuphatha: Ikhasi le-DNS manje libonisa njalo inganekwane kwezakhi ezimelelwe, ukugwema ukudideka lapho kuchazwa isimo samaseva, izinqumo noma izindlela zokusebenza ezilungiselelwe.
Ummeleli wewebhu kanye nokuphepha kwakamuva
Ingxenye yommeleli we-HTTP/HTTPS ithole izinguquko ezigxile ekuphepheni. ukunciphisa okuthile ngokumelene nobuthakathaka CVE-2025-62168 ngaphakathi kokucushwa kwe-proxy, okuqinisa ukuvikelwa kumaphethini okuhlasela ahlobene naleyo CVE. Ngale ndlela, abasebenzisi be-proxy ecacile noma eqinisekisiwe ye-IPFire bazuza ezindleleni ezengeziwe ngaphandle kokushintsha amafayela okucushwa ngesandla.
A isimo somjaho enqubweni yokuhlunga i-URLNgaphansi kwezimo ezithile, ngenkathi kuhlanganiswa izizindalwazi zokuhlunga, inqubo ingaqedwa ngokuzumayo, okubangela ukwehluleka kwesikhashana noma ukungahambisani. Njengoba ukulungiswa kufakiwe ku-Core Update 200, ukuhlanganiswa kwezinhlu kwenziwa ngendlela eqinile, kunciphisa ingozi yokuthi inqubo yokuhlunga ingasebenzi ngesikhathi sokubuyekezwa.
I-interface yewebhu kanye nesipiliyoni sokuphatha
I-interface yewebhu ye-IPFire ithuthuke kaningana futhi yalungisa amaphutha. Inkinga ku-[igama lesigaba elingekho] ixazululiwe. i-firewall evimbele ukudalwa kwamaqembu amasha endawo, umsebenzi owusizo kakhulu wokuhlanganisa amazwe noma izifunda kanye nokusebenzisa imithetho esekelwe endaweni.
Esigabeni sobuthakathaka behadiwe, umlayezo uboniswa lapho uhlelo lungakwenzi lokho isekela i-SMT (i-Multaneous Multithreading)ukucacisela umphathi ukuthi kungani ezinye izindlela zokunciphisa noma izimo zokuphepha zivela ngandlela thile. Ngaphezu kwalokho, iphutha kumojuli ye-imeyili selilungisiwe lapho iziqinisekiso ezinezinhlamvu ezithile ezikhethekile Zinga "bola" uma zigcinwa, okubangela amaphutha okuqinisekisa ngamaseva eposi angaphandle.
Izibuyekezo zokuphepha: i-OpenSSL, i-glibc nokuningi
Ngokuphathelene nama-library abalulekile, i-OpenSSL ibuyekeziwe ku- Inguqulo ye-3.6.1 kanye nobuthakathaka obuningi buyalungiswa, okuhlanganisa i-CVE-2025-11187, i-CVE-2025-15467, i-CVE-2025-15468, i-CVE-2025-15469, i-CVE-2025-66199, i-CVE-2025-68160, i-CVE-2025-69418, i-CVE-2025-69419, i-CVE-2025-69420, i-CVE-2025-69421, i-CVE-2026-22795, kanye ne-CVE-2026-22796. Lokhu kuhlangana kwama-CVE kunikeza umbono we umsebenzi wokuqinisa i-cryptographic okufakiwe kule nguqulo.
Umtapo wolwazi ojwayelekile we-glibc uphinde walungiswa ngokumelene nobuthakathaka obuthile obufanele: I-CVE-2026-0861, i-CVE-2026-0915 ne-CVE-2025-15281Njengoba kuyisici esiyinhloko sohlelo lonke, ukulugcina luvuselelwe futhi lulungisiwe kubalulekile ukunciphisa indawo yokuhlasela nokuqinisekisa ukuthi izinhlelo zokusebenza ziyazuza ezilungisweni zakamuva.
Isibuyekezo esikhulu kumaphakheji ayinhloko kanye nezingxenye
I-Core Update 200 iletha amaphakheji amaningi abuyekeziwe. Phakathi kwalawo aphawuleka kakhulu yile: I-Apache 2.4.66, i-bash 5.3p9, i-BIND 9.20.18, i-coreutils 9.9, i-cURL 8.18.0, i-dhcpcd 10.3.0, izixhumanisi 0.19.0, i-glib 2.87.0, i-GnuPG 2.4.9, i-GnuTLS 3.8.11 kanye neminye imitapo eminingi yezithombe kanye nezinhlelo ezifana ne-harfbuzz 12.3.0, i-hwdata 0.403, i-iana-etc 20251215, i-intel-microcode 20251111 noma i-libarchive 3.8.5.
Zibuyekezwa futhi libcap-ng 0.9, libgpg-error 1.58, libidn2 2.3.8, libjpeg 3.1.3, libpcap 1.10.6, libplist 2.7.0, libpng 1.6.53, libtasn1 4.25cu.0, libpcap 1.10.6, libplist 2.7.0, libpng 1.6.53, libtasn1 4.25cu. 4.5.1kanye namathuluzi okuphatha ivolumu kanye ne-RAID njenge-LVM2 2.03.38 kanye ne-mdadm 4.5. Izinguqulo ezintsha ze-memtest (8.00), i-meson (1.10.1), i-newt (0.52.25), i-ninja (1.13.2), i-swear-toolkit (2.6.13), i-OpenVPN (2.6.17), i-OpenSSL (3.6.1 ku-base stack), i-SQLite (3.51.100), i-tzdata (2025c), i-readline (8.3p3), i-strongSwan (6.0.4), i-suricata (8.0.3), i-suricata-reporter (0.6), i-Rust (1.92.0), i-Unbound (1.24.2), i-wireless-regdb (2025.10.07), i-vim (9.1.2098) kanye ne-xz (5.8.2) zifakiwe.
Ngokuphathelene nezengezo, zibuyekeziwe i-alsa 1.2.15.3, i-ClamAV 1.5.1, i-dnsdist 2.0.2, i-fetchmail 6.6.0, i-gdb 17.1, i-Git 2.52.0, i-fort-validator 1.6.7, i-freeradius 3.2.8, i-libtpms 0.10.2, i-opus 1.6.1, i-postfix 3.10.6, i-samba 4.23.4, i-strace 6.18, i-tmux 3.6a, i-Tor 0.4.8.21 kanye ne-tshark 4.6.3Uma sekuhlanganisiwe, le phakheji yokubuyekeza inikeza ukuthuthukiswa kokuphepha, ukwesekwa kwezinqubo ezintsha, ukuhambisana nehadiwe yesimanje, kanye nokulungiswa kwamaphutha okusatshalaliswa kuyo yonke i-stack.
Izengezo ezifakiwe: i-arpwatch, i-ffmpeg, nezinye
Phakathi kwezici ezengeziwe ezifakiwe ne-IPFire, okulandelayo kuyagqama: iwashi le-arp njengesengezo esishaLeli thuluzi liqapha amakheli e-MAC kunethiwekhi futhi lingakwazisa ngezinguquko ezisolisayo (isibonelo, lapho ikheli le-IP lihlotshaniswa nekheli le-MAC elihlukile). Inguqulo efakiwe ilungisa inkinga ngemvilophu yomthumeli kuma-imeyili, okubangele ukuthi amanye amaseva emeyili enqabe imiyalezo. Manje, ikheli lomthumeli elifanele liyathunyelwa, futhi amakheli e-MAC ahlala eboniswa ngaphandle kokufaka i-padding, okuthuthukisa ukufundeka kwemibiko.
Iphakheji I-ffmpeg ibuyekeziwe yaba yinguqulo 8.0 ku-plugin suite. Ihlanganiswe kabusha futhi yaxhunyaniswa kabusha ne-OpenSSL kanye nomtapo wezincwadi we-LAME, okuvumela ukubuyiselwa kokusebenza kokusakaza okuvela emithonjeni yangaphandle kusetshenziswa i-HTTPS kanye ne-MP3 encoding. Lokhu kwenza kube lula ukusetshenziswa kwe-IPFire njengendawo yokuhlanganisa izixazululo ze-multimedia ezidinga ukudlala noma ukudlulisa okuqukethwe okuphephile.
Ezinye izesekeli ezibuyekezwayo zifaka phakathi i-dnsdist 2.0.1, i-fetchmail 6.5.7, i-hostapd enezibuyekezo zakamuva (f747ae0), i-libmpdclient 2.23, i-mpd 0.24.5, i-mympd 22.1.1, i-nano 8.7, i-openvmtools 13.0.5, i-Samba 4.23.2, i-shairport-sync 4.3.7, i-Tor 0.4.8.19, i-tshark 4.6.1 kanye ne-zabbix_agentd 7.0.21 LTSLezi zinguqulo zilungisa amaphutha, zengeza ukwesekwa kwezici ezintsha, futhi zilungise ukuhambisana nezinguqulo zesimanje zamalayibrari ayisisekelo.
Ngazo zonke lezi zinguquko, i-IPFire 2.29 Core Update 200 ihlanganiswe njenge- ipulatifomu yomlilo evuthiwe, evikelekile elungele ihadiwe nezindinganiso zesizukulwane esilandelayoKusukela ku-WiFi 7 kuya ezinguqulweni zakamuva ze-kernel kanye nezingxenye ze-cryptographic, i-IPFire iyahambisana nobuchwepheshe obuningi. Labo asebethembele ku-IPFire ukuvikela amanethiwekhi asekhaya noma ebhizinisi bazothola kule nguqulo intuthuko ebalulekile ekusebenzeni, ukubonakala kwenethiwekhi, kanye namakhono okuhlunga, okusekelwa umphakathi osebenzayo kanye nomjikelezo wokuthuthukiswa oqhubeka nokufaka ukuthuthukiswa okuqhubekayo ekuphepheni nasekusekeleni.
