Lub OPNsense 24.1 firewall distribution tau tso tawm lawm. Nws yog ib qho ntawm pfSense project, tsim los nrog lub hom phiaj ntawm kev tsim kom muaj qhov chaw qhib tag nrho uas muaj peev xwm xa cov haujlwm sib piv rau cov kev daws teeb meem lag luam rau kev xa cov firewalls thiab network gateways. Tsis zoo li pfSense, qhov project tso nws tus kheej ua ywj pheej ntawm ib lub tuam txhab, tsim nrog kev koom tes ncaj qha ntawm zej zog, thiab khav txog cov txheej txheem kev tsim kho pob tshab tag nrho. Nws kuj tso cai rau kev siv txhua yam ntawm nws cov kev tsim kho hauv cov khoom lag luam thib peb, suav nrog cov lag luam. Cov lej qhov chaw rau cov khoom faib tawm, nrog rau cov cuab yeej siv rau kev tsim lawv, tau faib tawm raws li daim ntawv tso cai BSD. Cov qauv tsim muaj nyob rau hauv LiveCD thiab cov duab system rau flash drives (443 MB).
Cov software tseem ceeb ntawm qhov kev faib tawm yog raws li FreeBSD code. Cov yam ntxwv ntawm OPNsense suav nrog cov cuab yeej tsim kho qhib tag nrho, lub peev xwm los teeb tsa cov pob khoom rau saum FreeBSD ib txwm muaj, cov cuab yeej sib npaug ntawm kev thauj khoom, lub vev xaib rau kev teeb tsa cov neeg siv kev sib txuas rau lub network (Captive portal), cov txheej txheem taug qab kev sib txuas (stateful firewall raws li pf), kev txwv bandwidth, kev lim tsheb, thiab lub peev xwm los tsim VPN Raws li IPsec, OpenVPN thiab PPTP, kev koom ua ke nrog LDAP thiab RADIUS, DDNS (Dynamic DNS) kev txhawb nqa, ib lub kaw lus ntawm cov ntawv qhia pom thiab cov duab kos.
Kev faib tawm muab cov cuab yeej tsim cov teeb tsa tsis raug cai raws li kev siv CARP raws tu qauv thiab tso cai rau koj tso tawm, ntxiv rau qhov tseem ceeb ntawm qhov hluav taws xob, ib qho chaw thaub qab uas yuav tau txais synchronized ntawm theem teeb tsa thiab yuav siv sij hawm dhau qhov kev thauj khoom hauv qhov tshwm sim ntawm qhov ua tsis tiav ntawm lub hauv paus node. Tus thawj tswj hwm tau muab qhov niaj hnub thiab yooj yim interface rau kev teeb tsa lub firewall, tsim siv lub vev xaib Bootstrap.
Ntawm cov kev hloov pauv:
- Qhov kev hloov mus rau lub tsev qiv ntawv OpenSSL 3 tau ua tiav lawm.
- Ib ceg tshiab ntawm Suricata 7 intrusion detection system tau raug qhib lawm.
- Los ntawm lub neej ntawd, Wireguard VPN kernel module uas muab nrog FreeBSD 13.2 tau teeb tsa ua ntej lawm.
- Kev txhawb nqa netmap sim tau siv rau Wireguard.
- Cov plugins os-firewall thiab os-wireguard tau raug ntxiv rau hauv qhov kev faib tawm tseem ceeb. Kev txhawb nqa rau os-wireguard-go plugin tau raug tso tseg lawm.
- Ntxiv lub peev xwm siv Kea DHCP server nrog kev txhawb nqa failover es tsis txhob ISC DHCP.
- Cov qauv hloov tshiab ntawm libxml 2.11.6, php 8.2.15, py-duckdb 0.9.2 thiab sqlite 3.45.0.
- Cov neeg siv uas tsis yog tus thawj coj tsis pub nkag mus rau hauv lub plhaub hais kom ua thiab nkag mus rau hauv daim nplaub tshev thaub qab.
- Ntxiv kev txhawb nqa rau OCSP (Online Certificate Status Protocol) protocol rau kev kuaj xyuas kev tshem tawm daim ntawv pov thawj.
- Cov nplooj ntawv piav qhia thiab cov khoom siv rau kev teeb tsa lub rooj vag, NPTv6, ARP, thiab NDP tau raug tsiv mus rau MVC framework, uas tso cai rau lawv los txhawb kev tswj hwm API.
- Ntxiv "maxfilesize" teeb tsa los tig lub cav tom qab mus txog qhov loj me.
- Kev sib koom ua ke nrog lub web proxy tau raug tsiv mus rau os-squid plugin.
Tau qhov twg los: opennet.ru
