Kutulutsidwa kwa zida zogawa zopangira ma firewall OPNsense 21.7 kunachitika, yomwe ndi nthambi ya pulojekiti ya pfSense, yomwe idapangidwa ndi cholinga chopanga zida zogawa zotseguka zomwe zitha kukhala ndi magwiridwe antchito pamlingo wamayankho amalonda pakuyika ma firewall ndi zipata zama network. . Mosiyana ndi pfSense, polojekitiyi ili ngati yosayendetsedwa ndi kampani imodzi, yopangidwa ndi kutenga nawo mbali mwachindunji kwa anthu ammudzi ndipo ili ndi ndondomeko yachitukuko yowonekera bwino, komanso kupereka mwayi wogwiritsa ntchito zomwe zikuchitika muzinthu zamagulu achitatu, kuphatikizapo malonda. omwe. Magwero a magawo ogawa, komanso zida zomwe zimagwiritsidwa ntchito posonkhana, zimagawidwa pansi pa chilolezo cha BSD. Misonkhanoyi imakonzedwa mu mawonekedwe a LiveCD ndi chithunzi chadongosolo chojambulira pa Flash drive (422 MB).
Zomwe zimagawidwe zimatengera code ya HardenedBSD, yomwe imathandizira foloko yolumikizidwa ya FreeBSD, yomwe imaphatikiza njira zowonjezera zodzitetezera ndi njira zothana ndi kugwiritsa ntchito ziwopsezo. Zina mwazinthu za OPNsense ndi zida zomangirira zotseguka, kuthekera koyika ngati mapaketi pamwamba pa FreeBSD nthawi zonse, zida zosinthira katundu, mawonekedwe a intaneti okonzekera kulumikizana ndi maukonde (Captive portal), kukhalapo kwa makina. potsata maiko olumikizirana (firewall yodziwika bwino yozikidwa pa pf), kukhazikitsa malire a bandwidth, kusefa kwamagalimoto, kupanga VPN yozikidwa pa IPsec, OpenVPN ndi PPTP, kuphatikiza ndi LDAP ndi RADIUS, kuthandizira kwa DDNS (Dynamic DNS), kachitidwe ka malipoti owonera ndi zithunzi.
Kugawa kumapereka zida zopangira masinthidwe osagwirizana ndi zolakwika potengera kugwiritsa ntchito protocol ya CARP ndikukulolani kuti muyambitse, kuwonjezera pa firewall yayikulu, node yosunga zobwezeretsera yomwe idzalumikizidwa yokha pamlingo wokonzekera ndipo idzatenga katunduyo. chochitika cha kulephera kwa node yoyamba. Woyang'anira amapatsidwa mawonekedwe amakono komanso osavuta kuti akonze zozimitsa moto, zomangidwa pogwiritsa ntchito Bootstrap web framework.
Zina mwazosintha:
- Kugawa kumatengera zomwe HardenedBSD 12.1. Kutulutsidwa kotsatira, 22.1, kukukonzekera kusamukira ku FreeBSD 13.
- Kwaperekedwa kokhazikitsa kwatsopano komwe kumapereka chithandizo chokhazikika pakuyika magawo ndi fayilo ya ZFS ndipo ndi yoyenera kugwira ntchito pamakina omwe amagwiritsa ntchito UEFI.
- Mawonekedwe osinthira firmware asinthidwanso.
- Mu chipika chosonyeza ntchito zosefera magalimoto, zimatsimikiziridwa kuti zozindikiritsa malamulo apano zimawonetsedwa kuti zipewe kutanthauzira kolakwika pambuyo posintha malamulo.
- M'ma templates omwe amakulolani kuti mugwirizane ndi ma network, makamu ndi madoko omwe ali ndi dzina lophiphiritsira mu malamulo a firewall (aliases), luso lofotokozera masks (chigoba cha wildcard) mu masks a netiweki awonjezedwa.
Source: opennet.ru