Bayan watanni 6 na ci gaba saki kayan rarrabawa don ƙirƙirar firewalls , wanda shine cokali mai yatsa na aikin pfSense, wanda aka halicce shi tare da manufar samar da cikakkiyar rarrabawa wanda zai iya samun ayyuka na hanyoyin kasuwanci don ƙaddamar da wutan wuta da hanyoyin sadarwa. Ba kamar pfSense ba, aikin yana matsayin matsayin kamfani ɗaya ba wanda ke sarrafa shi, wanda aka haɓaka tare da haɗin kai kai tsaye na al'umma kuma yana da tsarin ci gaba gaba ɗaya a bayyane, tare da ba da damar yin amfani da duk wani ci gabansa a cikin samfuran ɓangare na uku, gami da kasuwanci. wadanda. Rubutun tushen abubuwan da aka rarraba, da kuma kayan aikin da ake amfani da su don haɗuwa, ƙarƙashin lasisin BSD. Majalisai a cikin nau'i na LiveCD da hoton tsarin don yin rikodi akan faifan faifai (290 MB).
Babban abun ciki na rarraba yana dogara ne akan lambar , wanda ke goyan bayan cokali mai yatsa na FreeBSD, wanda ke haɗa ƙarin hanyoyin tsaro da dabaru don magance cin gajiyar rauni. Daga cikin OPNsense za a iya bambanta ta hanyar kayan aikin buɗewa gaba ɗaya, ikon shigarwa a cikin nau'ikan fakiti akan saman FreeBSD na yau da kullun, kayan aikin daidaita kaya, ƙirar gidan yanar gizo don tsara hanyoyin haɗin mai amfani zuwa cibiyar sadarwa (Portal Captive), kasancewar hanyoyin don jihohin haɗin sa ido (tacewar wuta ta jiha bisa pf), saita ƙuntatawa bandwidth, tace zirga-zirga, ƙirƙirar VPN dangane da IPsec, OpenVPN da PPTP, haɗin kai tare da LDAP da RADIUS, tallafi ga DDNS (Dynamic DNS), tsarin rahotanni na gani da jadawali. .
Bugu da ƙari, rarraba yana ba da kayan aiki don ƙirƙirar ƙayyadaddun ƙayyadaddun kuskure dangane da yin amfani da ka'idar CARP da kuma ba ku damar ƙaddamarwa, ban da babban Tacewar zaɓi, kullin madadin da za a daidaita shi ta atomatik a matakin daidaitawa kuma zai dauki nauyin. da lodi a cikin taron na primary kumburi gazawar. Ana ba wa mai gudanar da aiki na zamani da sauƙi don daidaita bangon wuta, wanda aka gina ta amfani da tsarin gidan yanar gizon Bootstrap.
A cikin sabon sigar:
- Ƙarfin ginawa don aika rajistan ayyukan zuwa uwar garken nesa ta amfani da Syslog-ng;
- Ƙara lissafin daban don duba ƙa'idodin tace fakiti ta atomatik;
- Ƙara ƙididdiga don duk dokokin tace fakiti;
- Ingantaccen gudanarwa a cikin dokokin Tacewar zaɓi (ba ka damar amfani da masu canji maimakon runduna, lambobi na tashar jiragen ruwa da kuma subnets). Ƙara ikon shigo da fitarwa da laƙabi a cikin tsarin JSON. Akwai damar zaɓi don kula da ƙididdiga don ƙididdiga;
- An sake rubuta lambar don sarrafawa da sauya ƙofofin;
- An aiwatar da ikon daidaita ƙungiyoyin LDAP;
- Ƙara ikon aika buƙatun sa hannun takardar shaida;
- Ƙara tallafi don isar da hanyoyin ta hanyar IPsec (VTI);
- Ana aiwatar da aiki tare na laƙabi, VHIDs da widgets ta hanyar XMLRPC;
- Ƙara ikon tantancewa a cikin wakili na yanar gizo da IPsec ta hanyar PAM;
- Ƙara goyon baya don haɗawa ta hanyar sarkar wakili;
- Gabatar da ikon yin amfani da ƙungiyoyi don saita gata na haɗin wakili;
- Plugins don Netdata, WireGuard, Maltrail da Mail-Ajiyayyen (PGP) an shirya. An aika sabobin Dpinger da DHCP zuwa tsarin plugin;
- Sabunta fassarorin zuwa Rashanci;
- Ana amfani da sabbin nau'ikan Bootstrap 3.4, LibreSSL 2.9, Unbound 1.9, PHP 7.2, Python 3.7 da Squid 4.
source: budenet.ru