ntọhapụ nke nkesa kọmpat maka ịmepụta firewalls na ọnụ ụzọ netwọkụ . Nkesa a dabere na ntọala koodu FreeBSD site na iji mmepe nke ọrụ m0n0wall yana iji PF na ALTQ arụ ọrụ. Maka nbudata ọtụtụ onyonyo maka amd64 architecture, sitere na nha site na 300 ruo 360 MB, gụnyere LiveCD na onyonyo maka ntinye na Flash USB.
A na-ejikwa nkesa site na ntanetị weebụ. Iji hazie ohere onye ọrụ na netwọk wired na ikuku, enwere ike iji Portal Captive, NAT, VPN (IPsec, OpenVPN) na PPPoE. A na-akwado ikike dị iche iche maka ịmachi bandwit, na-amachi ọnụ ọgụgụ nke njikọ n'otu oge, nzacha okporo ụzọ na ịmepụta nhazi nkwụsịtụ na-adabere na CARP. A na-egosipụta ọnụ ọgụgụ ọrụ n'ụdị eserese ma ọ bụ n'ụdị tabular. A na-akwado ikike site na iji ntọala onye ọrụ mpaghara, yana site na RADIUS na LDAP.
Igodo :
- Emelitela akụkụ sistemụ ntọala na FreeBSD 11-STABLE;
- Ụfọdụ ibe weebụ, gụnyere onye njikwa akwụkwọ, ndepụta nke njikọ DHCP na tebụl ARP/NDP, na-akwado nhazi na ịchọ;
- Agbakwunyela onye na-edozi DNS dabere na Unbound na ngwaọrụ ntinye ederede Python;
- Maka IPsec DH (Diffie-Hellman) na PFS (Nzuzo Nzuzo zuru oke) agbakwunyere 25, 26, 27 na 31;
- Na ntọala sistemụ faịlụ UFS maka sistemụ ọhụrụ, ọnọdụ noatime na-arụ ọrụ site na ndabara iji belata ọrụ ide na-enweghị isi;
- agbakwunyere njirimara "autocomplete=ọhụrụ-paswọọdụ ọhụrụ" na ụdị nyocha iji gbanyụọ ntinye data nke nwere mmetụta akpaaka;
- agbakwunyere ndị na-eweta ndekọ DNS dị ike ọhụrụ - Linode na Gandi;
- Edozila ọtụtụ adịghị ike, gụnyere ihe iseokwu dị na interface weebụ nke na-enye onye ọrụ akwadoro ohere ịnweta wijetị nbulite onyonyo iji mebie koodu PHP ọ bụla wee nweta ohere ịnweta ibe nwere oke nke interface nchịkwa.
Na mgbakwunye, ohere nke ịde ederede saịtị (XSS) ewepụla na ntanetị weebụ.
isi: opennet.ru