Software 42770 Published by

A new version of IPFire is available for testing. IPFire is a powerful and professional Open Source firewall solution.





IPFire 2.27 - Core Update 159 available for testing

And another update is available for testing, with a brand new kernel and an updated toolchain.

This is a major update for IPFire, as it rebases the IPFire kernel on Linux 5.10, the latest long-term supported release of the Linux kernel. Arne has been working through a long spring getting IPFire ported on this release and it is now finally ready for prime-time. It features:

  • Support for many new drivers, improved support and performance for existing drivers making IPFire more compatible with new, and powerful with existing hardware. Most notably are many network drivers as well as virtualised communication with the hypervisor in the cloud.
  • Networking throughput has been increased through  zero-copy TCP receive and  UDP and  Bottleneck Bandwidth and RTT congestion control (BBR). Those changes will also decrease the latency of the firewall in the network when forwarding packets.
  • Wireless will have improved throughput and better latency with  Airtime Queue Limits which practically enables use of all the "Bufferbloat" algorithms on wireless
  • Support for 64-bit ARM hardware has been massively improved and we were able to drop a large amount of custom patches who have been upstreamed into the Linux kernel.
  • Furthermore we have improved security of the system through improved protection against CPU hardware bugs additional hardening from attacks from the user-space.

This update is a huge step for everything that is going on under the hood of IPFire. We are hopeful to build many new features on this and make IPFire a much more modern and better to use system. If you want to support this effort,  please help us with your donation.

Another important part of every distribution is the toolchain. This is what developers call the collection of compilers, linkers, the C standard library and basic tools that are required to build the distribution. These tools have been updated to GCC 11.1, glibc 2.33, binutils 2.36.1

The 32 bit ARM architecture has been changed from armv5tel to armv6l. We originally selected the ARMv5 instruction set as a common denominator for all ARM systems. There were only a few systems on the the market which have now all long been discontinued. To be able to remain compatible with existing setups and code, we remained with this architecture which is however  not very well supported any more. This release changes to the slightly more modern ARMv6 instruction set which allows us to make a seamless transition; but eventually we will drop support for 32 bit ARM altogether. If you are using hardware on either ARM or x86 that is capable of running a 64 bit system but still running a 32 bit version of IPFire,  we recommend to upgrade as soon as possible.

Misc.

  • The system image on the ISO installation image is now compressed using Zstandard for faster decompression during installation and faster compression during the build process
  • Installer: The unattended mode is now started correctly even on EFI systems

Add-ons

  • Updated packages: clamav 0.103.3, samba 4.14.6, tftpd 5.2, tshark 3.4.7


IPFire 2.27 - Core Update 159 available for testing - The IPFire Blog