OPNSense/plugins 6ef3facnet/relayd Makefile, net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api SettingsController.php

by Franco Fichtner on ⎇
net/relayd: removed isEmptyAndRequired()
DeltaFile
+25-26net/relayd/src/opnsense/mvc/app/controllers/OPNsense/Relayd/Api/SettingsController.php
+1-1net/relayd/Makefile
+26-272 files

OPNSense/plugins 565bd02security/wazuh-agent/src/opnsense/mvc/app/controllers/OPNsense/WazuhAgent/forms settings.xml, security/wazuh-agent/src/opnsense/mvc/app/models/OPNsense/WazuhAgent WazuhAgent.xml

by mbedworth via GitHub on ⎇
[wazuh-agent] Add repeated_offenders config, fix template issues (#5116)

- Add repeated_offenders field to active response settings
- Remove 'without context' from ossec.conf include loop to allow
  variable access in config fragments
- Fix opnsense-fw.conf template bug: wazuh_command -> active_response
- Bump model version to 1.0.3
DeltaFile
+10-0security/wazuh-agent/src/opnsense/mvc/app/controllers/OPNsense/WazuhAgent/forms/settings.xml
+6-1security/wazuh-agent/src/opnsense/mvc/app/models/OPNsense/WazuhAgent/WazuhAgent.xml
+3-0security/wazuh-agent/src/opnsense/service/templates/OPNsense/WazuhAgent/ossec_config.d/005-active-response.conf
+1-1security/wazuh-agent/src/opnsense/service/templates/OPNsense/WazuhAgent/ossec.conf
+1-1security/wazuh-agent/src/opnsense/service/templates/OPNsense/WazuhAgent/opnsense-fw.conf
+21-35 files

OPNSense/plugins f34410bnet/ndp-proxy-go pkg-descr, net/ndp-proxy-go/src/etc/rc.syshook.d/carp 20-ndpproxy

by Monviech via GitHub on ⎇
net/ndp-proxy-go: Add depend on CARP syshook (#5108)

* net/ndp-proxy-go: Add depend on CARP syshook

* net/ndp-proxy-go: When carp_depend_on is enabled, prevent service start on BACKUP

* Depend on CARP is advanced mode, sort other more advanced options under headers

* Use model instead of global config

* Use custom variable for carp check

* Change label and adjust help text
DeltaFile
+53-0net/ndp-proxy-go/src/etc/rc.syshook.d/carp/20-ndpproxy
+19-1net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms/general.xml
+5-1net/ndp-proxy-go/src/opnsense/mvc/app/models/OPNsense/NdpProxy/NdpProxy.xml
+3-0net/ndp-proxy-go/src/opnsense/service/templates/OPNsense/NdpProxy/ndp_proxy_go
+1-0net/ndp-proxy-go/pkg-descr
+81-25 files

OPNSense/plugins 8895dd9net/frr pkg-descr Makefile, net/frr/src/opnsense/service/conf/actions.d actions_quagga.conf

by Monviech via GitHub on ⎇
net/frr: Prevent errors in diagnostics view when a frr daemon is not started (#5119)

* net/frr: Prevent errors in diagnostics view when a frr daemon is not started

* Add revision
DeltaFile
+23-0net/frr/src/opnsense/service/conf/actions.d/actions_quagga.conf
+1-0net/frr/pkg-descr
+1-0net/frr/Makefile
+25-03 files

OPNSense/plugins be46e83net/frr pkg-descr Makefile

by Monviech on ⎇
Bump version and changelog
DeltaFile
+4-0net/frr/pkg-descr
+1-1net/frr/Makefile
+5-12 files

OPNSense/plugins e5bbdafnet/frr/src/opnsense/service/conf/actions.d actions_quagga.conf

by Monviech on ⎇
net/frr: Prevent errors in diagnostics view when a frr daemon is not started
DeltaFile
+23-0net/frr/src/opnsense/service/conf/actions.d/actions_quagga.conf
+23-01 files

OPNSense/plugins d3cbedasecurity/wazuh-agent/src/opnsense/scripts/wazuh opnsense-fw

by mbedworth via GitHub on ⎇
security/wazuh-agent: Fix active response duplicate key causing false aborts (#5104)

When multiple IPs trigger the same rule simultaneously, they were
sharing the same check_keys value (only rule ID), causing the manager
to abort all but the first execution.

Changed the key to include both rule_id and srcip to make it unique
per source IP, allowing multiple simultaneous blocks while still
preventing duplicate blocks of the same IP.

Fixes #4738
DeltaFile
+2-1security/wazuh-agent/src/opnsense/scripts/wazuh/opnsense-fw
+2-11 files

OPNSense/plugins 809f2aenet/ndp-proxy-go pkg-descr Makefile, net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms general.xml

by Monviech via GitHub on ⎇
net/ndp-proxy-go: Add ratelimit for pfctl operations (#5096)
DeltaFile
+9-2net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms/general.xml
+4-0net/ndp-proxy-go/pkg-descr
+3-0net/ndp-proxy-go/src/opnsense/mvc/app/models/OPNsense/NdpProxy/NdpProxy.xml
+3-0net/ndp-proxy-go/src/opnsense/service/templates/OPNsense/NdpProxy/ndp_proxy_go
+1-1net/ndp-proxy-go/Makefile
+20-35 files

OPNSense/plugins 320563dnet/ndp-proxy-go pkg-descr Makefile, net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms general.xml

by Monviech on ⎇
net/ndp-proxy-go: Add ratelimit for pfctl operations
DeltaFile
+9-2net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms/general.xml
+4-0net/ndp-proxy-go/pkg-descr
+3-0net/ndp-proxy-go/src/opnsense/mvc/app/models/OPNsense/NdpProxy/NdpProxy.xml
+3-0net/ndp-proxy-go/src/opnsense/service/templates/OPNsense/NdpProxy/ndp_proxy_go
+1-1net/ndp-proxy-go/Makefile
+20-35 files

OPNSense/plugins d987a7edns/dnscrypt-proxy/src/opnsense/scripts/OPNsense/Dnscryptproxy dnsbl.sh, security/q-feeds-connector pkg-descr Makefile

by Q-Feeds via GitHub on ⎇
Feature/dnscrypt proxy blocklist support (#5083)

* Add ports to Events page

* fixes race condition updating the blocklist

* Native integration with DNSCrypt-proxy

Added Q-Feeds domains to the DNSBL list of DNSCrypt-Proxy. Changed since the initial way, this is more native. Q-Feeds domains txt files only created if DNSCrypt-proxy is installed and if the list (qf) is selected.
DeltaFile
+92-0security/q-feeds-connector/src/opnsense/scripts/dnscryptproxy/blocklists/qfeeds_bl.py
+20-1security/q-feeds-connector/src/opnsense/scripts/qfeeds/lib/__init__.py
+10-0dns/dnscrypt-proxy/src/opnsense/scripts/OPNsense/Dnscryptproxy/dnsbl.sh
+8-0security/q-feeds-connector/pkg-descr
+1-1security/q-feeds-connector/src/opnsense/service/conf/actions.d/actions_qfeeds.conf
+1-1security/q-feeds-connector/Makefile
+132-31 files not shown
+133-37 files

OPNSense/plugins 1d60f3bmisc/theme-rebellion Makefile, misc/theme-rebellion/src/opnsense/www/themes/rebellion/build/css opnsense-bootgrid.css

by Franco Fichtner on ⎇
misc/theme-rebellion: sync with master
DeltaFile
+276-0misc/theme-rebellion/src/opnsense/www/themes/rebellion/build/css/opnsense-bootgrid.css
+1-1misc/theme-rebellion/Makefile
+277-12 files

OPNSense/plugins 711a8bfnet/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/Api GeneralController.php, net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms dialogAlias.xml general.xml

by Franco Fichtner on ⎇
net/ndp-proxy-go: sync with master
DeltaFile
+33-2net/ndp-proxy-go/src/opnsense/mvc/app/views/OPNsense/NdpProxy/general.volt
+27-1net/ndp-proxy-go/src/opnsense/mvc/app/models/OPNsense/NdpProxy/NdpProxy.xml
+25-0net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/Api/GeneralController.php
+22-0net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms/dialogAlias.xml
+11-0net/ndp-proxy-go/src/opnsense/service/templates/OPNsense/NdpProxy/ndp_proxy_go
+7-1net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms/general.xml
+125-43 files not shown
+135-69 files

OPNSense/plugins d24e3b9net/udpbroadcastrelay Makefile, net/udpbroadcastrelay/src/opnsense/mvc/app/views/OPNsense/UDPBroadcastRelay index.volt

by Franco Fichtner on ⎇
net/udpbroadcastrelay: sync with master
DeltaFile
+10-10net/udpbroadcastrelay/src/opnsense/mvc/app/views/OPNsense/UDPBroadcastRelay/index.volt
+1-1net/udpbroadcastrelay/Makefile
+11-112 files

OPNSense/plugins 81f3e21www/squid/src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms main.xml

by Franco Fichtner on ⎇
www/squid: remove old link reference; closes #9537
DeltaFile
+1-1www/squid/src/opnsense/mvc/app/controllers/OPNsense/Proxy/forms/main.xml
+1-11 files

OPNSense/plugins 8e4cf22. README.md, www/web-proxy-sso Makefile

by Franco Fichtner on ⎇
www/web-proxy-sso: sync with master
DeltaFile
+19-19www/web-proxy-sso/src/opnsense/mvc/app/models/OPNsense/ProxySSO/ProxySSO.xml
+0-2www/web-proxy-sso/Makefile
+1-1README.md
+20-223 files

OPNSense/plugins 716e75edns/ddclient/src/opnsense/mvc/app/models/OPNsense/DynDNS DynDNS.xml, dns/ddclient/src/opnsense/scripts/ddclient checkip

by Ad Schellevis on ⎇
ddclient: Cloudflare - add Cloudflare dns ip check option, merge https://github.com/opnsense/plugins/pull/4184 with minor modifications.
DeltaFile
+29-4dns/ddclient/src/opnsense/scripts/ddclient/lib/address.py
+2-2dns/ddclient/src/opnsense/scripts/ddclient/checkip
+1-1dns/ddclient/src/opnsense/scripts/ddclient/lib/__init__.py
+1-0dns/ddclient/src/opnsense/mvc/app/models/OPNsense/DynDNS/DynDNS.xml
+33-74 files

OPNSense/plugins b943ea3www/nginx/src/opnsense/mvc/app/models/OPNsense/Nginx Nginx.xml

by Franco Fichtner on ⎇
www/nginx: bump model version
DeltaFile
+1-1www/nginx/src/opnsense/mvc/app/models/OPNsense/Nginx/Nginx.xml
+1-11 files

OPNSense/plugins dcaf201www/nginx/src/opnsense/mvc/app/controllers/OPNsense/Nginx/forms httpserver.xml, www/nginx/src/opnsense/mvc/app/models/OPNsense/Nginx Nginx.xml

by Jan Chlouba via GitHub on ⎇
nginx: add optional HTTP/3 support with dynamic Alt-Svc (#5071)
DeltaFile
+14-0www/nginx/src/opnsense/service/templates/OPNsense/Nginx/http.conf
+7-0www/nginx/src/opnsense/mvc/app/controllers/OPNsense/Nginx/forms/httpserver.xml
+4-0www/nginx/src/opnsense/mvc/app/models/OPNsense/Nginx/Nginx.xml
+25-03 files

OPNSense/plugins 89b8cdddns/ddclient/src/opnsense/scripts/ddclient/lib/account hetzner.py

by Michael J. Arcan via GitHub on ⎇
ddclient: add Hetzner DNS provider (#5082)

Add native support for Hetzner Cloud DNS API (api.hetzner.cloud).
  Hetzner is migrating from dns.hetzner.com to Cloud Console,
  with the old API shutting down in May 2026.

  Features:
  - Bearer token authentication
  - A and AAAA record support
  - Multiple hostnames (comma-separated)
  - Configurable TTL
DeltaFile
+545-0dns/ddclient/src/opnsense/scripts/ddclient/lib/account/hetzner.py
+545-01 files

OPNSense/plugins 2cf65f8sysutils/nextcloud-backup/src/opnsense/mvc/app/library/OPNsense/Backup Nextcloud.php

by Nuadh123 via GitHub on ⎇
Rewrite plugin, so it backs up the content of /conf/backup/ instead, (#4952)

this makes it only upload configs that have actually changed.

fixes #4945

Co-authored-by: Daniel Lysfjord <lysfjord.daniel at smokepit.net>
DeltaFile
+45-26sysutils/nextcloud-backup/src/opnsense/mvc/app/library/OPNsense/Backup/Nextcloud.php
+45-261 files

OPNSense/plugins 4b80067net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius mods-enabled-eap

by schreibubi via GitHub on ⎇
net/freeradius: Change TLS max version to 1.3 (#4883)
DeltaFile
+1-1net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/mods-enabled-eap
+1-11 files

OPNSense/plugins 2ea658anet/udpbroadcastrelay Makefile, net/udpbroadcastrelay/src/opnsense/mvc/app/views/OPNsense/UDPBroadcastRelay index.volt

by Martin Wasley via GitHub on ⎇
index.volt changes (#4719)

Removed fixed size grid data-width specifiers.
DeltaFile
+10-10net/udpbroadcastrelay/src/opnsense/mvc/app/views/OPNsense/UDPBroadcastRelay/index.volt
+1-1net/udpbroadcastrelay/Makefile
+11-112 files

OPNSense/plugins 592a2femisc/theme-rebellion Makefile, misc/theme-rebellion/src/opnsense/www/themes/rebellion/build/css opnsense-bootgrid.css

by Martin Wasley via GitHub on ⎇
Opnsense-Bootgrid.css added (#4718)

Added file to correct colours in new areas of GUI
DeltaFile
+276-0misc/theme-rebellion/src/opnsense/www/themes/rebellion/build/css/opnsense-bootgrid.css
+1-1misc/theme-rebellion/Makefile
+277-12 files

OPNSense/plugins 8015cbfnet/frr/src/etc/rc.syshook.d/start 50-frr, net/frr/src/opnsense/scripts/frr frr_wrapper.sh

by Andy Binder via GitHub on ⎇
net/frr: watchfrr service handling (#4712)
DeltaFile
+55-0net/frr/src/opnsense/scripts/frr/frr_wrapper.sh
+36-3net/frr/src/etc/rc.syshook.d/start/50-frr
+1-9net/frr/src/opnsense/service/templates/OPNsense/Quagga/frr
+1-1net/frr/src/opnsense/service/conf/actions.d/actions_quagga.conf
+1-1net/frr/src/opnsense/service/templates/OPNsense/Syslog/local/routing_frr.conf
+94-145 files

OPNSense/plugins ea438ednet-mgmt/net-snmp/src/opnsense/service/templates/OPNsense/Netsnmp snmpd.conf

by Andreas via GitHub on ⎇
Set SMUX socket to localhost (#4652)

Defaults to all interfaces and isn't needed. Setting it to the loopback address disables the outdated feature as much as possible.
DeltaFile
+2-0net-mgmt/net-snmp/src/opnsense/service/templates/OPNsense/Netsnmp/snmpd.conf
+2-01 files

OPNSense/plugins 6cee39ddns/ddclient/src/opnsense/mvc/app/controllers/OPNsense/DynDNS/forms dialogAccount.xml, dns/ddclient/src/opnsense/mvc/app/models/OPNsense/DynDNS DynDNS.xml

by An via GitHub on ⎇
Add dnspod.cn ddns support (#4370)

* Add dnspod.cn ddns support

* Add multiple hostname support

* Fix the problem of processing the result returned by ModifyRecordBatch

* Fix using wrong variable

---------

Co-authored-by: AnShen <x at ipy.me>
DeltaFile
+301-0dns/ddclient/src/opnsense/scripts/ddclient/lib/account/dnspod_cn.py
+1-1dns/ddclient/src/opnsense/mvc/app/controllers/OPNsense/DynDNS/forms/dialogAccount.xml
+1-1dns/ddclient/src/opnsense/service/templates/OPNsense/ddclient/ddclient.conf
+1-0dns/ddclient/src/opnsense/mvc/app/models/OPNsense/DynDNS/DynDNS.xml
+304-24 files

OPNSense/plugins 1f1ae51mail/postfix/src/opnsense/service/templates/OPNsense/Postfix main.cf

by Michael via GitHub on ⎇
mail/postfix: align mailbox and message size (#4330)
DeltaFile
+1-0mail/postfix/src/opnsense/service/templates/OPNsense/Postfix/main.cf
+1-01 files

OPNSense/plugins 4b64525net-mgmt/telegraf pkg-descr, net-mgmt/telegraf/src/opnsense/mvc/app/controllers/OPNsense/Telegraf/forms output.xml

by Matou25 via GitHub on ⎇
add Name prefix to influxdb Telegraf plugin (#4198)
DeltaFile
+6-0net-mgmt/telegraf/src/opnsense/mvc/app/controllers/OPNsense/Telegraf/forms/output.xml
+4-0net-mgmt/telegraf/pkg-descr
+3-0net-mgmt/telegraf/src/opnsense/service/templates/OPNsense/Telegraf/telegraf.conf
+1-0net-mgmt/telegraf/src/opnsense/mvc/app/models/OPNsense/Telegraf/Output.xml
+14-04 files

OPNSense/plugins fb27dc4net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms eap.xml, net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius Eap.xml

by Severin Schüller via GitHub on ⎇
net/freeradius: Add option to enable EAP-PWD (#4093)

* Add option to enable EAP-PWD

* also make server_id configurable
DeltaFile
+11-0net/freeradius/src/opnsense/mvc/app/controllers/OPNsense/Freeradius/forms/eap.xml
+9-0net/freeradius/src/opnsense/mvc/app/models/OPNsense/Freeradius/Eap.xml
+5-3net/freeradius/src/opnsense/service/templates/OPNsense/Freeradius/mods-enabled-eap
+25-33 files

OPNSense/plugins 420efa0net/ndp-proxy-go pkg-descr, net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms general.xml dialogAlias.xml

by Monviech via GitHub on ⎇
net/ndp-proxy-go: Add cache file support (#5085)
DeltaFile
+7-1net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms/general.xml
+5-1net/ndp-proxy-go/src/opnsense/mvc/app/models/OPNsense/NdpProxy/NdpProxy.xml
+3-0net/ndp-proxy-go/src/opnsense/service/templates/OPNsense/NdpProxy/ndp_proxy_go
+1-1net/ndp-proxy-go/src/opnsense/mvc/app/controllers/OPNsense/NdpProxy/forms/dialogAlias.xml
+1-0net/ndp-proxy-go/pkg-descr
+17-35 files