Firewalld 2.2, firewall yoyendetsedwa bwino yomwe imagwiritsidwa ntchito ngati chophimba kuzungulira ma ftables ndi ma iptables packet filters, yatulutsidwa. Firewalld imagwira ntchito ngati njira yakumbuyo, kulola kusintha kwa malamulo a dynamic packet filter kudzera pa D-Bus, popanda kuyikanso malamulo a packet filter kapena kusokoneza ma connections omwe akhazikitsidwa. Pulojekitiyi ikugwiritsidwa kale ntchito m'magawo ambiri. Linux, kuphatikizapo RHEL 7+, Fedora 18+, ndi SUSE/openSUSE 15+. Khodi ya firewalld imalembedwa mu Python ndipo imagawidwa pansi pa layisensi ya GPLv2.
Kuti muyang'anire firewall, chida cha firewall-cmd chimagwiritsidwa ntchito, chomwe sichidalira Ma adilesi a IP, ma network interfaces, ndi ma port numbers, komanso mayina a service (monga, kuti mutsegule SSH access, yendetsani "firewall-cmd --add --service=ssh"; kuti mutseke SSH, yendetsani "firewall-cmd --remove --service=ssh"). Firewall-config graphical interface (GTK) ndi firewall-applet (Qt) zingagwiritsidwenso ntchito kusintha firewall config. Thandizo la firewall management kudzera mu firewalld D-BUS API likupezeka m'mapulojekiti monga NetworkManager, libvirt, podman, docker, ndi fail2ban.
Zosintha zazikulu:
- Ntchito zowonjezera zothandizira ma protocol a STUN ndi STUNS.
- Ntchito yowonjezeredwa ya traffic ya Steam pamaneti akomweko.
- Ntchito zowonjezera za MNDP (MikroTik Neighbor Discovery Protocol).
- Utumiki wa fayilo wawonjezeredwa Seva XRootD.
- Onjezani ntchito ya protocol ya WS-Discovery (Web Services Dynamic Discovery).
- Ntchito zowonjezeredwa za ntchito ya netiweki ya iperf2 ndi iperf3 zoyezera bandwidth.
- Zimaloledwa kugwiritsa ntchito matebulo okhala ndi mbendera "mwini" ndi "kulimbikira" mu nftables.
- Thandizo lowonjezera la machitidwe a rpfilter (Reverse Path Filter): kutsogolo-kutsogolo, kusuntha ndi kumasuka.
Source: opennet.ru
