IPFire 2.29 Core Update 201 introduces a new DNS Firewall feature that blocks malware, phishing, and ads at the network gateway, eliminating the need for separate URL filters or Pi-hole setups. This update enhances security by routing all domain queries through an updated proxy that automatically pulls fresh blocklists, ensuring threats are blocked before they reach devices on the network. Additionally, the update includes a rebase of the core toolchain for improved stability, fixes for web proxy rule issues, and the removal of unmaintained packages like 7zip to reduce vulnerabilities. Users are encouraged to install the update via Pakfire and reboot their systems to fully implement the changes and improvements

IPFire 2.29 - Core Update 201 with DNS Firewall released

IPFire 2.29 Core Update 201 finally delivers the DNS Firewall feature that blocks malware, phishing, and ads at the network gateway before any malicious traffic ever reaches connected devices. This new system replaces clunky URL filters and external Pi-hole setups by routing all domain queries through an updated proxy that pulls fresh blocklists automatically via IXFR transfers. Beyond the headline feature, the update rebases the core toolchain on newer glibc and binutils versions, patches a web proxy rule race condition, and drops unmaintained packages like 7zip to shrink the attack surface. 

IPFire 2.29 - Core Update 201 with DNS Firewall released @ Linux Compatible