Hi again,

Back already with a bag of security advisories also for FreeBSD which came out just yesterday. We highly appreciate the increased amount of reports we are getting for the core code and we are working through them, but need to improve our process and guidelines somewhat in order to make more sense of the result for all of you. This will probably take additional effort after 26.7 is out.

Note that this update brings the outbound to source NAT migration page, but it is only a formality as outbound NAT will stay in 26.7 although the legacy firewall rules page will move to a plugin during the major upgrade. It is the same process that was employed with ISC-DHCP. Due to this addition, however, the source NAT rules entered in the system will no longer work unless the mode is set to either "manual" or "hybrid".

And thanks everyone for early 26.7-BETA testing! We are content to ship 26.7-RC1 early next week as a follow-up. The final release of 26.7 is planned for July 15.

Here are the full patch notes:


Stay safe,
Your OPNsense team