Firewalld 2.1, firewall yoyendetsedwa bwino yomwe imagwiritsidwa ntchito ngati chophimba kuzungulira ma ftables ndi ma iptables packet filters, yatulutsidwa. Firewalld imagwira ntchito ngati njira yakumbuyo, kulola kusintha kwa malamulo a dynamic packet filter kudzera pa D-Bus, popanda kuyikanso malamulo a packet filter kapena kusokoneza ma connections omwe akhazikitsidwa. Pulojekitiyi ikugwiritsidwa kale ntchito m'magawo ambiri. Linux, kuphatikizapo RHEL 7+, Fedora 18+, ndi SUSE/openSUSE 15+. Khodi ya firewalld imalembedwa mu Python ndipo imagawidwa pansi pa layisensi ya GPLv2.
Kuti muyang'anire firewall, chida cha firewall-cmd chimagwiritsidwa ntchito, chomwe sichidalira Ma adilesi a IP, ma network interfaces, ndi ma port numbers, komanso mayina a service (monga, kuti mutsegule SSH access, yendetsani "firewall-cmd --add --service=ssh"; kuti mutseke SSH, yendetsani "firewall-cmd --remove --service=ssh"). Firewall-config graphical interface (GTK) ndi firewall-applet (Qt) zingagwiritsidwenso ntchito kusintha firewall config. Thandizo la firewall management kudzera mu firewalld D-BUS API likupezeka m'mapulojekiti monga NetworkManager, libvirt, podman, docker, ndi fail2ban.
Zosintha zazikulu:
- Onjezani ntchito yogwiritsa ntchito DNS pa protocol ya QUIC (DNS over QUIC, DoQ, RFC 9250).
- Thandizo lowonjezera la mitundu ya mauthenga a ICMPv6 MLD (Multicast Listener Discovery).
- Njira ya ReloadPolicy yawonjezedwa ku fayilo yosinthira firewalld.conf.
- Anawonjezera ntchito yolandila zopempha za kasitomala za SMTP padoko la TCP 587 (kutumiza makalata).
- Anawonjezera ntchito yothandizira ALVR (kusewerera masewera a VR kuchokera pa PC kupita pazida zonyamula kudzera pa Wi-Fi).
- Ntchito yowonjezera yothandizira VRRP (Virtual Router Redundancy Protocol).
Source: opennet.ru
