By rssfeeds-admin 
The release comes as the project prepares for its major 26.1 upgrade scheduled for January 28, marking an important milestone in the firewall platform’s evolution.
Host Discovery Service Enhances Network Visibility
The standout feature of this release is the new host discovery service, which automatically resolves and caches MAC addresses
This capability integrates directly with the firewall’s MAC alias system and captive portal functionality, enabling administrators to maintain dynamic host inventories without manual configuration.
The service leverages the hostwatch utility (version 1.0.4) for neighbor monitoring and is enabled by default, though users can disable automatic discovery through the interface settings if preferred.
The host discovery implementation demonstrates OPNsense’s commitment to practical network administration features.
By automatically identifying and tracking network devices, administrators gain improved visibility into network topology and can configure firewall rules based on device identities rather than relying solely on static IP assignments.
The integration with both MAC aliases and captive portal systems creates a unified approach to host-based security policies.
IPv6 Infrastructure Overhaul and Kernel Updates
Significant development effort during the holiday period yielded substantial IPv6 improvements across multiple system layers.
The kernel received multiple fixes addressing address prefix lifetime handling, specifically correcting off-by-one errors in prefix lifetime and valid lifetime expiration checks.
Additional kernel patches address netlink functionality, IPv6 divert packet handling, and address configuration updates.
The dhcp6c daemon will receive a larger update in the forthcoming 26.1 release to further enhance IPv6 capability.
Version 25.7.11 serves primarily as a staging release for the 26.1 upgrade, which introduces fundamental architectural changes, including the removal of ISC-DHCP from the core system.
A replacement plugin is available through the development version and will auto-install on most systems, though administrators should verify installation before rebooting.
The stable release maintains backward compatibility with existing configurations during this transition period.
The release notes document 80+ individual changes across system components, including refinements to firewall automation rules, captive portal JSON handling, and intrusion detection interfaces.
Backend optimization efforts continue with the removal of unsafe exec() calls throughout the codebase, improving both security posture and execution efficiency.
The UI framework received updates to bootgrid conditional command rendering, while the MVC layer underwent performance optimizations in base field classes.
OPNsense 26.1-RC1 is scheduled for release early in the week following this announcement, with RC2 anticipated shortly thereafter.
The final 26.1 release remains targeted for January 28, providing a structured path for administrators to test and deploy the major version update.
Version 25.7.11 offers stability for production environments while organizations prepare for the transition to the next major release cycle.
Follow us on Google News , LinkedIn and X to Get More Instant Updates. Set Cyberpress as a Preferred Source in Google.
The post Open-Source Firewall OPNsense 25.7.11 Introduces Host Discovery Feature appeared first on Cyber Security News.
Discover more from RSS Feeds Cloud
Subscribe to get the latest posts sent to your email.