Ua paʻi ʻia ka hoʻokuʻu ʻia ʻana o ka firewall dynamically controlled firewalld 1.2, i hoʻokō ʻia ma ke ʻano o kahi wīwī ma luna o nā kānana packet nftables a me iptables. Holo ʻo Firewalld ma ke ʻano he kaʻina hana hope e hiki ai iā ʻoe ke hoʻololi ikaika i nā lula kānana packet ma o D-Bus me ka ʻole e hoʻouka hou i nā lula kānana packet a i ʻole ka haki ʻana i nā pilina paʻa. Ua hoʻohana mua ʻia ka papahana ma nā māhele Linux he nui, me RHEL 7+, Fedora 18+ a me SUSE/openSUSE 15+. Ua kākau ʻia ka code firewalld ma Python a ua laikini ʻia ma lalo o ka laikini GPLv2.
No ka mālama ʻana i ka pā ahi, hoʻohana ʻia ka hāmeʻa firewall-cmd, ka mea, i ka wā e hana ai i nā lula, ʻaʻole i hoʻokumu ʻia ma nā IP address, nā kikowaena pūnaewele a me nā helu port, akā ma nā inoa o nā lawelawe (no ka laʻana, e wehe i ke komo i ka SSH pono ʻoe e holo "firewall-cmd -add -service = ssh", e pani iā SSH - "firewall-cmd -remove -service = ssh"). No ka hoʻololi ʻana i ka hoʻonohonoho ʻana o ka pā ahi, hiki ke hoʻohana ʻia ke kiʻi kiʻi firewall-config (GTK) a me ka applet firewall-applet (Qt). Loaʻa ke kākoʻo no ka hoʻokele pā ahi ma o ka D-BUS API firewalld i nā papahana e like me NetworkManager, libvirt, podman, docker a me fail2ban.
Nā hoʻololi nui:
- Ua hoʻokō ʻia nā lawelawe snmptls a me snmptls-trap e hana i ke komo ʻana i ka protocol SNMP ma o kahi kaila kamaʻilio paʻa.
- Ua hoʻokō ʻia kahi lawelawe e kākoʻo ana i ka protocol i hoʻohana ʻia i ka decentralized file system IPFS.
- Nā lawelawe i hoʻohui ʻia me ke kākoʻo no ka gpsd, ident, ps3netsrv, CrateDB, checkmk, netdata, Kodi JSON-RPC, EventServer, Prometheus node-exporter, kubelet-readonly, a me kahi mana palekana o k8s controller-plane.
- Hoʻohui ʻia ke koho "--log-target".
- Ua hoʻohui ʻia kahi ʻano hoʻomaka failsafe, kahi e hiki ai, inā pilikia me nā lula i kuhikuhi ʻia, e ʻōwili hou i ka hoʻonohonoho paʻamau me ka waiho ʻole ʻana i ka mea hoʻokipa me ka pale ʻole.
- Kākoʻo ʻo Bash i ka hoʻopau kauoha no ka hana ʻana me nā lula.
Source: opennet.ru