An ƙaddamar da sakin kayan rarraba don ƙirƙirar OPNsense 23.1 firewalls, wanda shine reshe na aikin pfSense, wanda aka ƙirƙira tare da manufar ƙirƙirar kayan rarrabawa gaba ɗaya wanda zai iya samun aiki a matakin mafita na kasuwanci don ƙaddamar da wutan wuta da cibiyar sadarwa. ƙofofin shiga. Ba kamar pfSense ba, aikin yana matsayin matsayin kamfani ɗaya ba shi da iko, wanda aka haɓaka tare da haɗin kai kai tsaye na al'umma kuma yana da tsarin ci gaba gaba ɗaya a bayyane, tare da ba da damar yin amfani da duk wani ci gabansa a cikin samfuran ɓangare na uku, gami da kasuwanci. wadanda. An rarraba lambar tushe na sassan rarraba, da kayan aikin da ake amfani da su don haɗuwa, a ƙarƙashin lasisin BSD. An shirya taron ne a cikin hanyar LiveCD da hoton tsarin don yin rikodi akan filasha (399 MB).
Babban abun ciki na rarraba ya dogara ne akan lambar FreeBSD. Daga cikin fasalulluka na OPNsense akwai kayan aikin ginawa gabaɗaya, ikon shigarwa a cikin nau'ikan fakiti akan saman FreeBSD na yau da kullun, kayan aikin daidaita nauyi, ƙirar gidan yanar gizo don tsara hanyoyin haɗin mai amfani zuwa cibiyar sadarwa (Portal Captive), kasancewar hanyoyin. don bin diddigin jihohin haɗin gwiwa (tacewar wuta ta jaha dangane da pf), saita iyakokin bandwidth, tacewa zirga-zirga, ƙirƙirar VPN dangane da IPsec, OpenVPN da PPTP, haɗin kai tare da LDAP da RADIUS, tallafi ga DDNS (Dynamic DNS), tsarin rahotanni na gani da kuma jadawali.
Rarraba yana ba da kayan aiki don ƙirƙirar ƙayyadaddun ƙayyadaddun kuskure dangane da amfani da ka'idar CARP kuma yana ba ku damar ƙaddamarwa, ban da babban Tacewar zaɓi, kullin madadin wanda za a daidaita shi ta atomatik a matakin daidaitawa kuma zai ɗauki nauyin kaya a ciki. al'amarin gazawar kumburin farko. Ana ba wa mai gudanar da aiki na zamani da sauƙi don daidaita bangon wuta, wanda aka gina ta amfani da tsarin gidan yanar gizon Bootstrap.
Daga cikin canje-canje:
- Canje-canje daga reshen FreeBSD 13-STABLE an canja shi.
- Sabbin nau'ikan ƙarin shirye-shirye daga tashar jiragen ruwa, misali, php 8.1.14 da sudo 1.9.12p2.
- An ƙara sabon aiwatar da toshewar tushen tushen DNS, an sake rubuta shi a cikin Python kuma yana tallafawa talla daban-daban da jerin toshe abun ciki na mugunta.
- An ba da tarawa da nunin ƙididdiga akan aiki na uwar garken DNS mara iyaka, wanda ke ba ku damar bin diddigin zirga-zirgar DNS dangane da masu amfani.
- An ƙara sabon nau'in BGP ASN Firewalls.
- Ƙara yanayin keɓewar PPPoEv6 don zaɓin ba da damar IPV6 Control Protocol.
- Supportara tallafi don musaya na SLAAC WAN ba tare da DHCPv6 ba.
- Abubuwan da aka haɗa don ɗaukar fakiti da sarrafa IPsec an canza su zuwa tsarin MVC, wanda ya ba da damar aiwatar da tallafin sarrafa API a cikinsu.
- An matsar da saitunan IPsec zuwa fayil ɗin swanctl.conf.
- An haɗa plugin ɗin os-sslh, yana ba ku damar haɓaka haɗin HTTPS, SSH, OpenVPN, tinc da XMPP ta hanyar tashar sadarwa guda 443.
- The os-ddclient (Dynamic DNS Client) plugin yanzu yana ba da ikon amfani da naku na baya, gami da Azure.
- The os-wireguard plugin tare da VPN WireGuard an canza ta tsohuwa don amfani da kernel module (tsohon yanayin aiki a matakin mai amfani an koma wani daban os-wireguard-go plugin).
source: budenet.ru