14 DAY TRIAL // A new security and bug fix maintenance update just landed today for the pfSense 2.3.4 stable release of the open-source and free firewall distribution based on the FreeBSD technologies.
The pfSense 2.3.4-p1 patch is being released two and a half months after the launch of pfSense 2.3.4, and it looks like it attempts to inject new security fixes in pfSense and several of its components, including OpenVPN, as well as to fix various bugs that have been reported during this time. For example, it fixes Hover Dynamic DNS updates to be able to verify the SSL peer.
It also addresses issues with CloudFlare Dynamic DNS and with wildcard CNAME records, which disappeared from Loopia when attempting to update the DNS, updates the Captive Portal RADIUS Authentication function to only cache credentials when performing a reauthentication operation, and repairs the CARP status display so that it won't overmatch VIP numbers.
The pid file handling for choparp (Proxy ARP Daemon) was improved as well in pfSense 2.3.4-p1, which adds warning screen to the GUI to prevent access to the firewall when the client IP address is currently in the lockout table, also removing the client's connection states. To enable status display and control for the firewall, the update implements a syslogd service definition.
pfSense is now capable of sorting the Virtual IP address list, and it better detects APU2 for devices running coreboot 4.x. Check out the full changelog attached below if you want to know what exactly was fixed, added, or changed in this minor patch for pfSense 2.3.4, which you should install on your machines as soon as possible by running a system update. pfSense 2.3.4 installation images are available here.