Kutulutsidwa kwatsopano kofunikira kwa kugawa kwa OpenWrt 21.02.0 kwayambika, komwe kumagwiritsidwa ntchito pazida zosiyanasiyana zama netiweki monga ma rauta, masiwichi ndi malo olowera. OpenWrt imathandizira mapulatifomu osiyanasiyana ndi zomangamanga ndipo ili ndi dongosolo la msonkhano lomwe limalola kuphatikizika kosavuta komanso kosavuta, kuphatikiza magawo osiyanasiyana pamisonkhano, zomwe zimapangitsa kuti zikhale zosavuta kupanga fimuweya yokonzeka kapena chithunzi cha disk chokhala ndi seti yofunikira ya pre-. mapaketi oikidwa osinthidwa kuti agwire ntchito zinazake. Misonkhano imapangidwira nsanja 36 zomwe mukufuna.
Zina mwa zosintha mu OpenWrt 21.02.0 zotsatirazi ndizodziwika:
- Zofunikira zochepa za hardware zawonjezeka. Pomanga osasintha, chifukwa chophatikizira ma Linux kernel subsystems, kugwiritsa ntchito OpenWrt tsopano kukufunika chipangizo chokhala ndi 8 MB Flash ndi 64 MB RAM. Ngati mungafune, mutha kupangabe msonkhano wanu wovumbulutsidwa womwe ungagwire ntchito pazida zomwe zili ndi 4 MB Flash ndi 32 MB RAM, koma magwiridwe antchito a msonkhano wotere adzakhala ochepa, ndipo kukhazikika kwa ntchito sikutsimikizika.
- Phukusi loyambira limaphatikizapo phukusi lothandizira ukadaulo wa chitetezo chamtaneti wa WPA3, womwe umapezeka mwachisawawa pogwira ntchito yamakasitomala komanso popanga malo ofikira. WPA3 imapereka chitetezo ku kulosera kwa mawu achinsinsi (sizingalole kulosera mawu achinsinsi pa intaneti) ndipo imagwiritsa ntchito protocol yotsimikizira ya SAE. Kutha kugwiritsa ntchito WPA3 kumaperekedwa m'madalaivala ambiri pazida zopanda zingwe.
- Phukusi loyambira limaphatikizapo chithandizo cha TLS ndi HTTPS mwachisawawa, chomwe chimakupatsani mwayi wofikira mawonekedwe a Webusaiti ya LuCI pa HTTPS ndikugwiritsa ntchito zida monga wget ndi opkg kuti mutengenso zambiri pamakina olumikizirana obisidwa. Ma seva omwe mapaketi amatsitsidwa kudzera pa opkg amagawidwa amasinthidwanso kutumiza zidziwitso kudzera pa HTTPS mwachisawawa. Laibulale ya mbedTLS yomwe imagwiritsidwa ntchito pobisalira yasinthidwa ndi wolfSSL (ngati kuli kofunikira, mutha kukhazikitsa pamanja malaibulale a mbedTLS ndi OpenSSL, omwe akupitiliza kuperekedwa ngati zosankha). Kukonzekera kutumiza ku HTTPS, mawonekedwe apaintaneti amapereka mwayi "uhttpd.main.redirect_https=1".
- Thandizo loyambirira lakhazikitsidwa ku DSA (Distributed Switch Architecture) kernel subsystem, yomwe imapereka zida zosinthira ndi kuyang'anira ma cascades a ma switch olumikizidwa a Ethernet, pogwiritsa ntchito njira zomwe zimagwiritsidwa ntchito pokonza ma network okhazikika (iproute2, ifconfig). DSA ikhoza kugwiritsidwa ntchito kukonza madoko ndi ma VLAN m'malo mwa chida cha swconfig chomwe chinaperekedwa kale, koma si madalaivala onse omwe amathandizira DSA panobe. Pakutulutsidwa komwe akufuna, DSA imathandizidwa ndi ath79 (TP-Link TL-WR941ND), bcm4908, gemini, kirkwood, mediatek, mvebu, octeon, ramips (mt7621) ndi madalaivala a realtek.
- Zosintha zapangidwa ku syntax ya mafayilo osinthika omwe ali mu /etc/config/network. Mu "config interface" block, njira ya "ifname" yasinthidwa kukhala "chipangizo", ndipo mu "config device" block, "mlatho" ndi "ifname" zosankha zasinthidwa kukhala "madoko". Pakuyika kwatsopano, mafayilo osiyana okhala ndi zoikamo pazida (wosanjikiza 2, block "config device") ndi ma network (wosanjikiza 3, "config interface" block) tsopano apangidwa. Kusunga kugwirizana kumbuyo, kuthandizira kwa syntax yakale kumasungidwa, i.e. makonda omwe adapangidwa kale safuna kusintha. Pankhaniyi, mu mawonekedwe a intaneti, ngati mawu akale apezeka, malingaliro osamukira ku syntax yatsopano adzawonetsedwa, zomwe ndizofunikira kusintha zosintha kudzera pa intaneti.
Chitsanzo cha syntax yatsopano: config device option name 'br-lan' option type 'bridge' option macaddr '00:01:02:XX:XX:XX' list ports 'lan1' list ports 'lan2' list ports 'lan3' list ports 'lan4' config interface 'lan' option device 'br-lan' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' option ip6assign '60' config device option name 'eth1' option macaddr '00 :01:02:YY:YY:YY' config interface 'wan' njira chipangizo 'eth1' njira proto 'dhcp' config interface 'wan6' njira chipangizo 'eth1' njira proto 'dhcpv6'
Poyerekeza ndi mafayilo osinthika /etc/config/network, mayina a minda omwe ali mu board.json asinthidwa kuchoka ku "ifname" kukhala "chipangizo".
- Pulatifomu yatsopano ya "realtek" yawonjezedwa, kulola OpenWrt kuti igwiritsidwe ntchito pazida zokhala ndi madoko ambiri a Ethernet, monga D-Link, ZyXEL, ALLNET, INABA ndi NETGEAR Ethernet masiwichi.
- Anawonjezera bcm4908 yatsopano ndi nsanja za rockchip pazida zozikidwa pa Broadcom BCM4908 ndi Rockchip RK33xx SoCs. Nkhani zothandizira zida zathetsedwa pamapulatifomu omwe adathandizidwa kale.
- Thandizo la nsanja ya ar71xx lathetsedwa, m'malo mwake nsanja ya ath79 iyenera kugwiritsidwa ntchito (pazida zotengera ar71xx, tikulimbikitsidwa kuyikanso OpenWrt kuchokera poyambira). Thandizo la cns3xxx (Cavium Networks CNS3xxx), rb532 (MikroTik RB532) ndi samsung (SamsungTQ210) nsanja nazonso zathetsedwa.
- Mafayilo ogwiritsiridwa ntchito a mapulogalamu omwe akuphatikizidwa pakukonza ma netiweki amapangidwa mu mawonekedwe a PIE (Position-Independent Executables) ndi chithandizo chonse cha adilesi space randomization (ASLR) kuti zikhale zovuta kugwiritsa ntchito zovuta pazogwiritsa ntchito ngati izi.
- Mukamanga kernel ya Linux, zosankha zimathandizidwa mwachisawawa kuthandizira matekinoloje odzipatula, kulola zida za LXC ndi procd-ujail mode kuti zigwiritsidwe ntchito mu OpenWrt pamapulatifomu ambiri.
- Kuthekera komanga mothandizidwa ndi njira yowongolera yofikira ya SELinux kumaperekedwa (olemala mwachisawawa).
- Mitundu yosinthidwa ya phukusi, kuphatikiza kutulutsidwa kwa musl libc 1.1.24, glibc 2.33, gcc 8.4.0, binutils 2.34, hostapd 2020-06-08, dnsmasq 2.85, dropbear 2020.81, busybox1.33.1. Linux kernel yasinthidwa kukhala mtundu 5.4.143, kuyika cfg80211/mac80211 stack opanda zingwe kuchokera ku 5.10.42 kernel ndi porting Wireguard VPN thandizo.
Source: opennet.ru