SOLDIERX.COM Nobody Can Stop Information Insemination

I've published a new build of OPNSense 16.1.1 with HardenedBSD 11-CURRENT! You can grab the build from here: download.

Future things to work on:

1. Wireless isn't working. This is likely due to the new 802.11 stack in FreeBSD 11-CURRENT causing issues with the network interface code in OPNSense. Part of the problem is that the raw wireless device is now hidden from `ifconfig`.
2. binary updates are now not supported. I've yet to get time to work on binary updates. So, to update to a future version, you'll need to do the usual config backup, reinstall, config restore.
3. pfsync is still disabled. I'm unsure as to why this causes a kernel panic. If you are a C developer with time on your hands and want to tackle this, that'd be freaking awesome and very much appreciated.

For item #1, I've started work on getting wireless working with this commit. I need to ping Adrian Chadd to figure out how to get the MAC address and the other bits from ifconfig that are now hidden that the network interface code expects without having to do a temporary clone of the device.

For item #2, OPNSense recently revamped how they provide binary updates for base. HardenedBSD now has an official binary updating mechanism as well (thanks G2, Inc for sponsoring the work!). Instead of using OPNSense's updating mechanism, I'd rather eat my own dogfood and use hbsd-update. More info about hbsd-update can be found here.

For item #3, I'll need help with this one. If I were to tackle this, I'd first redo the build, but with FreeBSD 11-CURRENT instead of HardenedBSD 11-CURRENT and see if the behavior matches. If it does, then it's not a problem with HardenedBSD. If it doesn't, then the behavior is specific to HardenedBSD. I currently don't have the time it would take to do these steps, but I'd certainly love to help someone debug this if they have the time.

If anyone wants to dig into the pfsync issue, here's the crash I got: