IPFire

Software Screenshot:
IPFire
Software Details:
Version: 2.19 Core 120 / 3.0 Alpha 1 updated
Upload Date: 22 Jun 18
Developer: ipfire.org
Distribution Type: Freeware
Downloads: 527
Download

Rating: 3.7/5 (Total Votes: 3)

IPFire is an open source operating system that has been designed from the ground up to act as a dedicated, secure and flexible firewall system based on some of the best Linux technologies, such as iptables, OpenSSL and OpenSSH.

Distributed as a 32-bit ISO image

This tiny OS can be downloaded via Softoware or from its official website (see link above) as a single, installable only CD ISO image of approximately 150MB in size, tagged only for the 32-bit (i586) instruction set architecture. While the distro will boot and install on 64-bit hardware platforms, it will only accept 32-bit applications.

Boot options

The beautifully designed and well organized boot menu will allow you to directly and permanently install the distribution on a local drive. In addition, you’ll be able to install the OS in text mode, perform an unattended installation, run a memory diagnostic test with the Memtest86+ utility, as well as to view detailed hardware information with the Hardware Detection Tool (HDT).

Very easy-to-use text-mode installation program

The entire installation process is text-based and will require the user to only select a language (supported languages include English, Turkish, Polish, Russian, Dutch, Spanish, French and German), accept the license, and partition the disk (supported filesystems include EXT2, EXT3, EXT4 and ReiserFS).

After installation, it is a must to select a keyboard layout and timezone, enter the machine’s hostname and domain name, enter a password for the root (system administrator) and admin accounts, as well as to configure the network (includes DNS, Gateway, IP Address, Drivers and Network Card settings).

Bottom line

Summing up, IPFire is one of the world’s best open source firewall distributions of Linux, engineered to deliver state-of-the-art firewall, VPN gateway and proxy server components. Its design is modular and flexible, which means that its functionality can be extended through plugins.

What is new in this release:

  • RAM-only Proxy:
  • In some installations it might be desirable to only let the proxy cache objects in memory and not on disk. Especially when Internet connectivity is fast and storage is slow this is most useful.
  • The web UI now allows to set the disk cache size to zero which will disable the disk cache entirely. Thanks to Daniel for working on this.
  • OpenVPN 2.4:
  • IPFire has migrated to OpenVPN 2.4 which introduces new ciphers of the AES-GCM class which will increase throughput on systems that have hardware acceleration for it. The update also brings various other smaller improvements.
  • Erik has been working on integration this which has required some work under the hood but is compatible with any previous configurations for both roadwarrior connections and net-to-net connections.
  • Improved Cryptography:
  • Cryptography is one of the foundations to a secure system. We have updated the distribution to use the latest version of the OpenSSL cryptography library (version 1.1.0). This comes with a number of new ciphers and major refacturing of the code base has been conducted.
  • With this change, we have decided to entirely deprecate SSLv3 and the web user interface will require TLSv1.2 which is also the default for many other services. We have configured a hardened list of ciphers which only uses recent algorithms and entirely removes broken or weak algorithms like RC4, MD5 and so on.
  • Please check before this update if you are relying on any of those, and upgrade your dependent systems.
  • Various packages in IPFire had to be patched to be able to use the new library. This major work was necessary to provide IPFire with the latest cryptography, migrate away from deprecated algorithms and take advantage of new technology. For example the ChaCha20-Poly1305 ciphersuite is available which performs faster on mobile devices.
  • The old version of the OpenSSL library (1.0.2) is still left in the system for compatibility reasons and will continue to be maintained by us for a short while. Eventually, this will be removed entirely, so please migrate any custom-built add-ons away from using OpenSSL 1.0.2.
  • Misc:
  • Pakfire has now learned which mirror servers support HTTPS and will automatically contact them over HTTPS. This improves privacy.
  • We have also started phase one of our planned Pakfire key rollover.
  • Path MTU Discovery has been disabled in the system. This has continuously created issues with the stability of IPsec tunnels that have chosen paths over networks that were incorrectly configured.
  • The QoS template could miscalculate the bandwidth which has now been fixed that the sum of the guaranteed bandwidth over all classes does not exceed 100%
  • Updated packages:
  • bind 9.11.3, curl 7.59.0, dmidecode 3.1, gnupg 1.4.22, hdparm 9.55, logrotate 3.14.0, Net-SSLeay 1.82, ntp 4.2.8p11, openssh 7.6p1, python-m2crypto 0.27.0, unbound 1.7.0, vnstat 1.18
  • Add-ons:
  • These add-ons have been updated: clamav 0.99.4, htop 2.1.0, krb5 1.15.2, ncat 7.60, nano 2.9.4, rsync 3.1.3, tor 0.3.2.10, wio 1.3.2

What is new in version :

  • OpenSSL 1.0.2n:
  • One moderate and one low security vulnerability have been patched in OpenSSL 1.0.2n. The official security advisory can be found here.
  • IPsec:
  • It is now possible to define the inactivity timeout time when an idle IPsec VPN tunnel is being closed
  • Support for MODP groups with subgroups has been dropped
  • Compression is now disabled by default because it is not very effective at all
  • strongswan has been updated to 5.6.1
  • OpenVPN:
  • It is now easier to route OpenVPN Roadwarrior Clients to IPsec VPN networks by choosing routes in each client's configuration. This makes hub-and-spoke designs easier to configure.
  • Build toolchain:
  • Some build scripts have been refactored to clean up the build process and the toolchain has been moved from /tools to /tools_< arch >.
  • nasm, the Net Assembler, has been updated to 2.13.2
  • Misc:
  • SSL compression and SSL session tickets have been disabled in Apache. This will improve the security of the web user interface.
  • At various places, GeoIP information is available where IP addresses are shown and that information is useful to know
  • Adding static routes over the web user interface has been fixed
  • Some aesthetic issues on the captive portal configuration pages have been fixed and the captive portal is now working together with the proxy in transparent mode
  • Syslogging to a remove server can now be configured to either use TCP or UDP
  • Add-ons:
  • Samba has been updated to fix several security issues
  • mc has been updated to 4.8.20
  • nano has been updated to 2.9.1
  • sslscan, vsftpd and Pound have been dropped because they are not maintained upstream any more and incompatible with OpenSSL 1.1.0

What is new in version 2.19 Core 116 / 3.0 Alpha 1:

  • openssl 1.0.2m:
  • The OpenSSL project released version 1.0.2m and issued two security advisories in the last week. The two vulnerabilities that were discovered were of moderate and low security, but we have decided to ship you this update as soon as possible. Hence it is recommended to update as soon as possible, too.
  • The more severe vulnerability referenced as CVE-2017-3736 fixes a problem with modern Intel Broadwell and AMD Ryzen processors where OpenSSL uses some modern DMI1, DMI2 and ADX extensions and calculates the square root incorrectly. This could be exploited by an attacker who is able to put significant resources into recover a private key more easy alas this attack is still considered virtually unfeasible by the OpenSSL security team.
  • The less severe vulnerability was caused by overreading certificate data when a certificate has a malformed IPAddressFamily extension. This could lead lead to erroneous display of the certificate in text format. This vulnerability is tracked under CVE-2017-3735.
  • Misc:
  • wget also suffered from two security vulnerabilities that allowed an attacker to execute arbitrary code. They are referenced under CVE-2017-13089 and CVE-2017-13090.
  • apache was updated to version 2.4.29 which fixes a number of bugs.
  • snort has been updated to version 2.9.11.
  • xz has also been updated to version 5.2.3 which brings various improvements.

What is new in version 2.19 Core 113 / 3.0 Alpha 1:

  • Who Is Online?:
  • Who Is Online? (or WIO in short) has finally arrived on IPFire. It has been ported by the original author Stephan Feddersen and Alex Marx and is available as a usual add-on package called wio.
  • It is a builtin monitoring service for the local network showing what devices are connected, which ones are online and can also send alarms on various events. Give it a try!
  • Misc.:
  • The DNS root keys have been updated to make DNS work beyond October 2017 after the DNSSEC key rollover has been performed
  • Serial consoles now automatically detect the baudrate after the kernel has been booted
  • Package updates by Matthias Fischer: bind 9.11.2, gnutls 3.5.14, libgcrypt 1.8.0, logrotate 3.12.3, nano 2.8.6, pcre 8.41, squid 3.5.26, unbound 1.6.4
  • Add-Ons:
  • iftop has been updated to 1.0pre4 by Erik Kapfer
  • Matthias Fischer updated: hostapd 2.6, tor 0.3.0.10

What is new in version 2.19 Core 112 / 3.0 Alpha 1:

  • This Core Update mainly comes with updates under the hood. Core system libraries have been updated to new major versions and the build toolchain got major updates.
  • These are:
  • glibc 2.25
  • GNU Compiler Collection 6.3.0
  • binutils 2.29
  • Python 2.7.13
  • ccache 3.3.4, bc 1.07.1, cmake 3.8.1, flex 2.6.4, fuse 2.9.7, boost 1.64.0, gawk 4.1.4, gnutls 3.5.11, grep 2.27, libarchive 3.3.1, libgcrypt 1.7.7, libgpg-error 1.27, libxml2 2.9.4, mdadm 4.0, openssl 1.0.2l, pkg-config 2.29.2, reiserfsprogs 3.6.25, SDL 1.2.15, squid 3.5.26, strongswan 5.5.3, unbound 1.6.3, util-linux 2.28.2
  • Misc:
  • openvpn (2.3.17) has received some security updates that have been discovered recently.
  • A remote command execution vulnerarbility in ids.cgi has been closed with could be used by authenticated users to run shell commands with non-superuser rights.
  • It is now possible to create networks in the firewall that are a subnet of any of the internal zones.
  • The toolchain and build scripts have also been cleaned up and improved.
  • The IPFire netboot has been updated so that always the best architecture for a system is used (i.e. the 64 bit version is installed when the system supports it).
  • Add-ons:
  • Updated:
  • 7zip 16.02
  • bird 1.6.3
  • cyrus-imapd 2.5.11
  • iperf 2.0.9
  • directfb 1.7.7
  • freeradius 3.0.14
  • monit 5.23.0
  • miniupnpd is now listening on GREEN by default
  • tmux 2.5
  • tor 3.0.8
  • Dropped:
  • imspector and tcpick are not maintained upstream any more

What is new in version 2.19 Core 111 / 3.0 Alpha 1:

  • WPA Enterprise Authentication in Client Mode:
  • The firewall can now authenticate itself with a wireless network that uses Extensible Authentication Protocol (EAP). These are commonly used in enterprises and require a username and password in order to connect to the network.
  • IPFire supports PEAP and TTLS which are the two most common ones. They can be found in the configured on the "WiFi Client" page which only shows up when the RED interface is a wireless device. This page also shows the status and protocols used to establish the connection.
  • The index page also shows various information about the status, bandwidth and quality of the connection to a wireless network. That also works for wireless networks that use WPA/WPA2-PSK or WEP.
  • QoS Multi-Queueing:
  • The Quality of Service is now using all CPU cores to balance traffic. Before, only one processor core was used which caused a slower connection on systems with weaker processors like the Intel Atom series, etc. but fast Ethernet adapters. This has now been changed so that one processor is no longer a bottle neck any more.
  • New crypto defaults:
  • In many parts of IPFire cryptographic algorithms play a huge role. However, they age. Hence we changed the defaults on new systems and for new VPN connections to something that is newer and considered to be more robust.
  • IPsec:
  • The latest version of strongSwan supports Curve 25519 for the IKE and ESP proposals which is also available in IPFire now and enabled by default.
  • The default proposal for new connections now only allows the explicitly selected algorithms which maximises security but might have a compatibility impact on older peers: SHA1 is dropped, SHA2 256 or higher must be used; the group type must use a key with length of 2048 bit or larger
  • Since some people use IPFire in association with ancient equipment, it is now allowed to select MODP-768 in the IKE and ESP proposals. This is considered broken and marked so.
  • OpenVPN:
  • OpenVPN used SHA1 for integrity by default which has now been changed to SHA512 for new installations. Unfortunately OpenVPN cannot negotiate this over the connection. So if you want to use SHA512 on an existing system, you will have to re-download all client connections as well.
  • Various markers have been added to highlight that certain algorithms (e.g. MD5 and SHA1) are considered broken or cryptographically weak.
  • Misc.:
  • IPsec VPNs will be shown as "Connecting" when they are not established, but the system is trying to
  • A shutdown bug has been fixed that delayed the system shutting down when the RED interface was configured as static
  • The DNSSEC status is now shown correctly on all systems
  • The following packages have been updated: acpid 2.0.28, bind 9.11.1, coreutils 8.27, cpio 2.12, dbus 1.11.12, file 5.30, gcc 4.9.4, gdbm 1.13, gmp 6.1.2, gzip 1.8, logrotate 3.12.1, logwatch 7.4.3, m4 1.4.18, mpfr 3.1.5, openssl 1.0.2l (only bug fixes), openvpn 2.3.16 which fixes CVE-2017-7479 and CVE-2017-7478, pcre 8.40, pkg-config 0.29.1, rrdtool 1.6.0, strongswan 5.5.2, unbound 1.6.2, unzip 60, vnstat 1.17
  • Matthias Fischer contributed some cosmetic changes for the firewall log section
  • Gabriel Rolland improved the Italian translation
  • Various parts of the build system have been cleaned up
  • Add-ons:
  • New Add-ons:
  • ltrace: A tool to trace library calls of a binary
  • Updated Add-ons:
  • The samba addon has been patched for a security vulnerability (CVE-2017-7494) which allowed a remote code executing on writable shares.
  • ipset 6.32
  • libvirt 3.1.0 + python3-libvirt 3.6.1
  • git 2.12.1
  • nano 2.8.1
  • netsnmpd which now supports reading temperature sensors with help of lm_sensors
  • nmap 7.40
  • tor 0.3.0.7

What is new in version 2.19 Core 109 / 3.0 Alpha 1:

  • DNS Fixes:
  • The DNS proxy which is working inside IPFire has been updated to unbound 1.6.0 which brings various bug fixes. Therefore, QNAME minimisation and hardening below NX domains have been re-activated.
  • At start time, IPFire now also checks if a router in front of IPFire drops DNS responses which are longer than a certain threshold (some Cisco devices do this to "harden" DNS). If this is detected, the EDNS buffer size if reduced which makes unbound fall back to TCP for larger responses. This might slow down DNS slightly, but keeps it working after all in those misconfigured environments.
  • Misc:
  • openssl has been updated to 1.0.2k which fixes a number of security vulnerabilities with "moderate" severity
  • The kernel is now supporting some newer eMMC modules
  • The backup script is now working more reliably on all architectures
  • The network scripts that created MACVTAP bridges for virtualisation among other things now support standard 802.3 bridges, too
  • The firewall GUI denied creating subnets which were a subnet of any of the standard networks which has been fixed
  • Matthias Fischer submitted package updates for: bind 9.11.0-P2 with some security fixes, libpcap 1.8.1, logrotate 3.9.1, perl-GeoIP module 1.25, snort 2.9.9.0, squid 3.5.24 which fixes various bugs, sysklogd 1.5.1, zlib 1.2.11
  • Furthermore, libpng has been updated to 1.2.57 which fixes some security vulnerabilities
  • Add-ons:
  • Jonatan Schlag packaged Python 3 for IPFire
  • He also updated libvirt to version 2.5 and qemu to version 2.8
  • Matthias Fischer submitted a number of updates for the following packages: nano 2.7.2, tcpdump 4.8.1, tmux 2.3
  • tor has been updated to 0.2.9.9 which fixes a number of denial-of-service vulnerabilities
  • sarg has been updated to 2.3.10

What is new in version 2.19 Core 108 / 3.0 Alpha 1:

  • Asynchronous Logging:
  • Asynchronous logging is now enabled by default and not configurable any more. This made some programs that wrote an extensive amount of log messages slow down and possible unresponsive over the network which causes various problems. This was seen on systems with very slow flash media and virtual environments.
  • Miscellaneous:
  • The check that tests DNS servers for any misconfiguration assumed some name servers being validating although they were not and very likely not working at all. This has been fixed now and systems using these broken name servers should fall back to recursor mode.
  • A problem in the firewall GUI was fixed that prohibited adding an IPsec VPN connection and OpenVPN connection with the same name to a firewall group.
  • Updated Core Packages:
  • strongswan was updated to version 5.5.1 which fixes various bugs
  • ntp was updated to version 4.2.8p9 which fixes various security issues
  • ddns was updated to version 008
  • Updated Add-ons:
  • nano, the text editor, was updated to version 2.7.1
  • tor, the anonymity network, was updated to version 0.2.8.10

What is new in version 2.19 Core 107 / 3.0 Alpha 1:

  • This update patches the IPFire Linux kernel against a recently disclosed vulnerability called Dirty COW. This is a local privilege escalation bug which could be used by a local attacker to gain root privileges.
  • A further patch fixes Intel processors with AES-NI which's hardware supports encryption with 256 and 192 bit key length, but was not properly implemented in the Linux kernel
  • A fix to show the new unbound DNS proxy in the log section of the web user interface
  • hdparm 9.5.0 and libjpeg 1.5.1 have been updated

What is new in version 2.19 Core 105 / 3.0 Alpha 1:

  • IPFire 2.19 Core Update 105 patches a number of security issues in two cryptographic libaries: openssl and libgcrypt. We recommend installing this update as soon as possible and reboot the IPFire system to complete the update.

What is new in version 2.19 Core 103 / 3.0 Alpha 1:

  • Web Proxy Improvements:
  • The web proxy squid has been updated to the 3.5 series and various improvements for stability and performance were made.
  • On machines with slow harddisks or on installations with very large caches it was likely to happen that the cache index got corrupted when the proxy was shut down. This resulted in an unstable web proxy after the next start.
  • The shutdown routine was improved so that a cache index corruption is now very unlikely. Additionally we have means installed that allow us to detect if the cache index was corrupted and if so have it automatically rebuilt at the next start. This update will delete the presumably corrupted index on all installations and start a rebuild of the index, which could result in slow operation of the proxy for a short time after installing the update.
  • Misc:
  • Fix the setup command to correctly show more than 6 network controllers
  • The timezone database has been updated
  • Generally allow underscores in domain names
  • Updated packages: coreutils 8.25, curl 7.48.0, dnsmasq 2.76, findutils 4.6.0, grep 2.24, less 481, ncurses 6.0, procps 3.2.8, sdparm 1.10, wpa_supplicant 2.5
  • Updated add-ons:
  • 7zip 15.14.1
  • clamav 0.99.2
  • hostapd 2.5
  • Midnight Commander 4.8.17
  • nfs (will replace portmap with rpcbind)
  • tor 0.2.7.6

What is new in version 2.19 Core 102 / 3.0 Alpha 1:

New in IPFire 2.19 Core 101 (May 3rd, 2016)

What is new in version 2.19 Core 100 / 3.0 Alpha 1:

  • This update will bring you IPFire 2.19 which we release for 64 bit on Intel (x86_64) for the first time. This release was delayed by the various security vulnerabilities in openssl and glibc, but is packed with many improvements under the hood and various bug fixes.
  • 64 bit:
  • There will be no automatic update path from a 32 bit installation to a 64 bit installation. It is required to manually reinstall the system for those who want to change, but a previously generated backup can be restored so that the entire procedure takes usually less than half an hour.
  • There are not too many advantages over a 64 bit version except some minor performance increases for some use cases and of course the ability to address more memory. IPFire is able to address up to 64GB of RAM on 32 bit, so there is not much need to migrate. We recommend to use 64 bit images for new installations and stick with existing installations as they are.
  • Kernel Update:
  • As with all major releases, this one comes with an updated Linux kernel to fix bugs and improve hardware compatibility. Linux 3.14.65 with many backported drivers from Linux 4.2 is also hardened stronger against common attacks like stack buffer overflows.
  • Many firmware blobs for wireless cards and other components have been updated just as the hardware database.
  • Hyper-V performance issues:
  • A backport of a recent version of the Microsoft Hyper-V network driver module will allow transferring data at higher speeds again. Previous versions had only very poor throughput on some versions of Hyper-V.
  • Firewall Updates:
  • It is now possible to enable or disable certain connection tracking modules. These Application Layer Gateway (ALG) modules help certain protocols like SIP or FTP to work with NAT. Some VoIP phones or PBXes have problems with those so that they can now be disabled. Some need them.
  • The firewall has also been optimised to allow more throughput with using slightly less system resources.
  • Misc:
  • Many programs and tools of the toolchain that is used have been updated. A new version of the GNU Compiler Collections offers more efficient code, stronger hardening and compatibility for C++11
  • GCC 4.9.3, binutils 2.24, bison 3.0.4, grep 2.22, m4 1.4.17, sed 4.2.2, xz 5.2.2
  • dnsmasq, the IPFire-internal DNS proxy has been updated and many instability issues have been fixed
  • openvpn has been updated to version 2.3.7 and the generated configuration files have been updated to be compatible with upcoming versions of OpenVPN
  • IPFire will now wait with booting up when the time needs to synchronised and DHCP is used until the connection is established and then continue booting up
  • bind was updated to version 9.10.3-P2
  • ntp was updated to version 4.2.8p5
  • tzdata, the database for timezone definitions, was updated to version 2016b
  • Various cosmetic fixes were done on the web user interface
  • A bug causing VLAN devices not being created when the parent NIC comes up has been fixed
  • DHCP client: Resetting the MTU on broken NICs that lose link has been fixed
  • A ramdisk to store the databases of the graphs shown in the web user interface is now used by default again on installations that use the flash image when more than 400MB of memory is available
  • A bug that the Quality of Service could not be stopped has been fixed
  • Some old code has been refurbished and some unused code has been dropped in some internal IPFire components
  • Add-ons:
  • owncloud has been updated to version 7.0.11
  • nano has been updated to version 2.5.1
  • rsync has been updated to version 3.1.2

What is new in version 2.17 Core 98 / 3.0 Alpha 1:

  • Due to a recently discovered security vulnerability in glibc, we are releasing this Core Update that contains a fix for CVE-2015-7547.
  • The getaddrinfo() interface is glibc, the system's main C library, is used to resolve names into IP addresses using DNS. An attacker can exploit the process in the system performing this request by sending a forged reply that is too long causing a stack buffer overflow. Code can potentially be injected and executed.
  • IPFire is however not directly exploitable by this vulnerability as it is using a DNS proxy, that rejects DNS responses that are too long. So IPFire itself and all systems on the network that use IPFire as DNS proxy are protected by the DNS proxy. However, we decided to push out a patch for this vulnerability as quickly as we can.

What is new in version 2.17 Core 94 / 3.0 Alpha 1:

  • OpenSSH:
  • OpenSSH was updated to version 7.1p1. With that we added support for elliptic curves (ECDSA and ED25519) and removed support for DSA which is considered broken. Too small RSA keys are removed as well and regenerated. These changes may require to import the keys of the IPFire system on your admin computer again.
  • Internal mail agent
  • An internal mail agent was added that is used by internal services to send out reports or alerts. So far only a few services use this (like the squid accounting add-on), but we expect to add more things in the future.
  • This is a very simple and lightweight mail agent that can be configured on the web user interface and will usually require an upstream mail server.
  • IPsec MOBIKE:
  • A new checkbox in the advanced settings page of an IPsec connections has been added. It allows to force using MOBIKE, a technology for IPsec to traverse NAT better. Sometimes when behind faulty routers, IPsec connections can be established, but no data can be transferred and the connection breaks very quickly (some routers have difficulties with forwarding DPD packets). MOBIKE circumvents that by using UDP port 4500 for IKE messages.
  • Misc:
  • Required fields are now marked with a star. Previously this was the other way round so that optional fields where marked with a star, which is not seen anywhere on the web any more.
  • A monthly forced ddns update is removed since ddns is taking care itself of keeping all records up to date and refreshing them after 30 days if necessary.
  • fireinfo: Some crashes were fixed with IDs that only contain 0xff
  • Updated packages:
  • bind 9.10.2-P4, coreutils 8.24, dnsmasq got the latest changes imported, file 5.24, glibc (security fixes), hdparm 9.48, iproute2 4.2.0, libgcrypt 1.6.4, libgpg-error 1.20, pcre (fixes for more buffer overflows), rrdtool 1.5.4, squid 3.4.14

What is new in version 2.17 Core 93 / 3.0 Alpha 1:

  • DDNS Client Update:
  • ddns, our dynamic DNS update client, has been updated to version 008. This version is more robust against network errors on the path and server errors at the provider. Updates will then be retried frequently.
  • The providers joker.com and DNSmadeEasy are now supported
  • A crash when updating namecheap records has been fixed
  • Misc:
  • Pakfire was fixed and now correctly pulls additional dependencies of add-on packages when updating from an older version.
  • TRIM is disabled on some SSDs with known firmware bugs that cause data loss.
  • squid-accounting: Fix various typos in translations
  • /etc/ipsec.user-post.conf is added to the backup if it exists
  • Updated packages:
  • bind 9.10.2-P3, daq 2.0.6, dnsmasq 2.75, libevent 2.0.22-stable (moved to the core system from add-on), libpcap 1.7.4, nettle 3.1.1, pcre (fixes CVE-2015-5073), squid 3.4.14
  • Add-ons:
  • cups 2.0.4, make 4.1, nano 2.4.2

22 Jun 18 in System Utilities, Linux Distributions

Similar Software

SliTaz GNU/Linux
SliTaz GNU/Linux

2 Oct 16

Mango Linux
Mango Linux

20 Feb 15

Voyager Debian
Voyager Debian

12 Jul 17

ELX Power Desktop
ELX Power Desktop

2 Jun 15

Comments to IPFire

Comments not found
Add Comment
Turn on images!
Search by Category
Popular software