BSD 发布：m0n0wall 1.34

Manuel Kasper已经发布 m0n0wall 1.34，一个微型基于FreeBSD的操作系统，主要用于作为防火墙。


详细内容如下：

There are ready-made binary images for embedded computers from Soekris Engineering and PC Engines, a CF/IDE HD image for most standard PCs (other embedded ones may work, too) with either keyboard/monitor or serial console, a CD-ROM (ISO) image for standard PCs, a VMware image, as well as a tarball of the root filesystem. Refer to the installation instructions for information on how to install these files on the various platforms.

已知的Bug:

• WARNING: this version (any platform) no longer fits on 8 MB CF cards! (>= 16 MB required)
• When upgrading from generic-pc 1.2x, you must install 1.3b7 first before you install this image. Other platforms are not affected.

这次发布的变化：

• Backported from beta branch:
  • Eliminate modifying GETs from webGUI pages.
    
    Note: the API pages exec_raw.php and uploadconfig.php now require different parameters than before. exec_raw.php now requires the cmd to be given in a POST, and both pages need a valid CSRF magic token, which can be obtained by issuing a GET first without any parameters (see example in exec_raw.php comment).
  • Make rule moving and deletion on shaper rules page work like for firewall rules.
  • Add csrf-magic for CSRF protection in webGUI.
  • Fix potential XSS in diag_ping.php and diag_traceroute.php.
  </li>
• Increase key size of auto-generated webGUI certificates to 2048 bits.
• Update default webGUI certificate/key.
• Remove domain name handling from dhclient-script and change ARP command not to use sed (not used/available in m0n0wall).
• Change virtualHW version to 7 for VMWare image to avoid errors in ESX 4
</ul> m0n0wall计划的目标是创建一份完整的、内置的防火墙软件包，当它配合PC使用时，能够提供商用防火墙机器的所有重要功能（连同易用性在内），而其价钱却只是后者的一小部分（因为m0n0wall是自由软件）。m0n0wall基于FreeBSD的一个精简版本，并带有一个web服务器（thttpd）、PHP以及其他一些实用工具。整套系统配置存储于单个的XML文本文件以对系统透明。m0n0wall很可能是首个拥有用PHP实现的启动配置的UNIX系统，而通常这是依靠shell脚本的，此外，它把整个系统配置都用XML格式存储。

下 载：cdrom-1.34.iso (17.8MB, SHA256).