Chida chogawa chophatikizika chopangira ma firewall ndi network gateways pfSense 2.5.0 chatulutsidwa. Kugawa kumachokera ku code code ya FreeBSD pogwiritsa ntchito chitukuko cha polojekiti ya m0n0wall komanso kugwiritsa ntchito pf ndi ALTQ. Chithunzi cha iso cha zomangamanga za amd64, kukula kwa 360 MB, zakonzedwa kuti zitsitsidwe.
Chigawo chogawa chimayendetsedwa kudzera pa intaneti. Captive Portal, NAT, VPN (IPsec, OpenVPN) ndi PPPoE zitha kugwiritsidwa ntchito kukonza kutuluka kwa ogwiritsa ntchito pamaneti opanda zingwe komanso opanda zingwe. Imathandizira njira zingapo zochepetsera bandwidth, kuchepetsa kuchuluka kwa kulumikizana nthawi imodzi, kusefa magalimoto ndikupanga masinthidwe olekerera zolakwika motengera CARP. Ziwerengero zantchito zimawonetsedwa mu mawonekedwe a ma graph kapena mawonekedwe a tabular. Chilolezo chimathandizidwa ndi nkhokwe ya ogwiritsa ntchito kwanuko, komanso kudzera pa RADIUS ndi LDAP.
Zosintha zazikulu:
- Zida zoyambira zidasinthidwa kukhala FreeBSD 12.2 (FreeBSD 11 idagwiritsidwa ntchito munthambi yapitayi).
- Kusintha kwa OpenSSL 1.1.1 ndi OpenVPN 2.5.0 mothandizidwa ndi ChaCha20-Poly1305 kwapangidwa.
- Kukhazikitsa kwa VPN WireGuard komwe kukuyenda pamlingo wa kernel.
- Kusintha kwamphamvu kwa Swan IPsec backend kwasunthidwa kuchokera ku ipsec.conf kuti agwiritse ntchito swanctl ndi mtundu wa VICI. Zokonda zokongoletsedwa zamakanema.
- Mawonekedwe owongolera a satifiketi. Anawonjezera kuthekera kosintha zolowa mu woyang'anira satifiketi. Kupereka zidziwitso zakutha kwa ziphaso. Kutha kutumiza makiyi a PKCS #12 ndi zolemba zakale zotetezedwa ndi mawu achinsinsi kumaperekedwa. Thandizo lowonjezera la Elliptic Curve Certificates (ECDSA).
- Kumbuyo kwa kulumikizidwa ku netiweki yopanda zingwe kudzera pa Captive Portal kwasinthidwa kwambiri.
- Zida zowonjezera kuti zitsimikizire kulekerera zolakwika.
Source: opennet.ru