For more than 9 years now, OPNsense is driving innovation through modularising and hardening the open-source firewall, with simple and reliable firmware upgrades, multi-language support, fast adoption of upstream software updates as well as clear and stable 2-Clause BSD licensing. 24.1, nicknamed 'Savvy Shark', features ports-based OpenSSL 3, Suricata 7, several MVC/API conversions, a new neighbor configuration feature for ARP/NDP, core inclusion of the os-firewall and os-wireguard plugins, CARP VHID tracking for OpenVPN and WireGuard, functional Kea DHCPv4 server with HA support plus much more. Here are the full patch notes against 23.7.12: system - prevent activating shell for non-admins; add OCSP trust extensions and improved authorities implementation; migrate single gateway configuration to MVC/API; use new backend streaming functionality in the log viewer; limit file system /conf/config.xml and backups access to administrators....
Official announcement
Download OPNsense