The IPFire project has announced the release of IPFire 2.29 Core Update 198, which introduces a host of enhancements to this open-source, hardened Linux firewall distribution. This update comes just over five weeks after the previous Core Update 197 and focuses primarily on improving the Intrusion Prevention System (IPS).
One significant change in this release is the upgrade to the Suricata 8 series, which enhances detection performance and reliability, allowing for real-time email reporting. According to IPFire developer Michael Tremer, this update is a significant game changer for users relying on their firewall for network security. It now supports sending detailed alerts and reports beyond the firewall itself, creating a reliable paper trail even if the firewall is eventually compromised.
New features of the IPFire IPS include immediate email notifications for alerts surpassing a defined threshold, scheduled PDF reports summarizing alerts on a daily, weekly, or monthly basis, and the ability to forward alerts to remote syslog servers for secure external logging and long-term storage. The Suricata 8.0.1 update also introduces support for caching compiled rules, sturdier memory management, and expanded protocol support, including DNS-over-HTTP/2 and Multicast DNS.
Beneath the surface, this update includes an updated toolchain featuring GCC 15.2.0, GNU Binutils 2.42, and glibc 2.42. Furthermore, it incorporates many updated packages, such as BIND 9.20.13, cURL 8.16.0, and SQLite 3.5.4, alongside various add-ons including Samba 4.22.4 and Git 2.51.0.
For more details, users can check out the release announcement page and can download IPFire 2.29 Core Update 198 from the official website as ISO or USB images for both 64-bit (x86_64) and ARM64 (AArch64) architectures. Existing IPFire users will only need to update their installations to benefit from the latest improvements.