M0n0wall-1.3b6-Release
# 1.3b6 (12/22/2007)* added support for IPsec tunnels with (possibly dynamic) remote host names (instead of fixed IP addresses); the host name is polled at regular intervals (default 60 seconds), and if the IP address that it maps to changes, IPsec is reconfigured. Note that this will also cause other (non-dynamic) tunnels to be briefly interrupted.
* added firewall support for decapsulated IPsec packets (new pseudo-interface "IPsec" in firewall rule editor); this is on by default, but the default configuration contains a "pass all" rule on the new IPsec pseudo- interface (and this is also added automatically for existing configurations), which can then be deleted to actually filter IPsec VPN traffic
* enabled larger client subnet sizes (= more concurrent connections) for PPTP VPN server (up to 256); change subnet size on PPTP VPN setup page if desired
* fixed filtering bridge when used in conjunction with traffic shaper
* captive portal reliability fixes
o ensure that the pruning process is always run on all active users
o properly handle sessions that have not passed any traffic by the time they end
o improve locking
* updated timezone data
* stop discriminating against nge(4) (National Semiconductor PCI Gigabit Ethernet) adapters
* fix DHCP release button on interface status page
* updated FreeBSD to 6.2-RELEASE-p9
* updated ipfilter to 4.1.28 (fixes lockup issues from 1.3b5) 两个重要的更新:
1.PPTP最大连接数提升到256个也就是一个C地址范围
2.ipsec隧道允许使用主机名取代固定IP,可以理解为能够在两个动态IP上建立IPSEC隧道。但是我还没测试过,暂时无法确定是否完全可行。
页:
[1]