kugovera kit yekugadzira firewalls , inova forogo yepurojekiti yepfSense, yakagadzirwa nechinangwa chekugadzira kugovera kwakanyatsozaruka kunogona kuva nekushanda kwezvigadziriso zvekutengeserana zvekuisa firewall uye network network gateways. Kusiyana nepfSense, chirongwa ichi chakamisikidzwa sechisiri kudzorwa nekambani imwe chete, yakagadziridzwa nekutora chikamu kwakananga munharaunda uye ine hurongwa hwekuvandudza hwakajeka, pamwe nekupa mukana wekushandisa chero chayakaitika muzvigadzirwa zvebato rechitatu, kusanganisira zvekutengesa. zvimwe. Zvinyorwa zvekwakabva zvezvikamu zvekugovera, pamwe chete nemidziyo inoshandiswa pakuungana, pasi peBSD rezinesi. Assemblies muchimiro cheLiveCD uye system image yekurekodha paFlash drives (280 MB).
Izvo zvakakosha zvemukati zvekugovera zvinoenderana nekodhi , iyo inotsigira forogo yakawiriraniswa yeFreeBSD, iyo inobatanidza dzimwe nzira dzekuchengetedza uye matekiniki ekupikisa kushandiswa kwekusagadzikana. Pakati OPNsense inogona kusiyaniswa neyakavhurika yakazara musangano toolkit, kugona kuisa muchimiro chemapakeji pamusoro peyenguva dzose FreeBSD, mitoro yekuyera maturusi, webhu interface yekuronga mushandisi kubatana kune network (Captive portal), kuvapo kwemaitiro e tracking connection states (stateful firewall based on pf), kuseta bandwidth, traffic filtering, kugadzira VPN yakavakirwa paIPsec, OpenVPN uye PPTP, kubatanidzwa neLDAP neRADIUS, kutsigirwa kweDDNS (Dynamic DNS), hurongwa hwekuona mishumo uye magirafu. .
Mukuwedzera, kugovera kunopa zvishandiso zvekugadzira kukanganisa-kushivirira zvigadziriso zvichienderana nekushandiswa kweCARP protocol uye kukubvumira kuti utange, kunze kweiyo huru firewall, node yekuchengetedza iyo inozogadziriswa pakarepo pachiyero chekugadzirisa uye ichatora. mutoro muchiitiko chekutadza kweprimary node. Iyo maneja inopihwa yemazuva ano uye yakapusa interface yekumisikidza firewall, yakavakwa uchishandisa iyo Bootstrap web framework.
Mushanduro itsva:
- Kuitwa kwewebhu interface yekubatanidza vashandisi kune isina waya network (Captive portal) yakawedzerwa;
- IPsec ikozvino inotsigira kuvimbiswa kwekiyi yeruzhinji;
- Yakawedzera kugona kugadzira zvitupa uchishandisa elliptic curve algorithms;
- Yakawedzerwa rutsigiro rweVXLAN uye Loopback zvishandiso;
- Firmware performance checks yakasimbiswa;
- Mumitemo inosungirirwa kune network network, zvinokwanisika kuisa chisungo kune kutungamirirwa kwepakiti (inouya / inobuda) uye kushanda mumhepo isiri yekukurumidza (mutemo wekupedzisira unogutsa mamiriro ezvinhu anokonzerwa, kwete wekutanga);
- Iyo yekutema matanda yakanyorwa patsva uchishandisa iyo MVC chimiro uye ikozvino inotsigira API manejimendi;
- Iyo yakasarudzika vhezheni yePython ndeye 3.7;
- Shanduro dzesoftware dzakagadziridzwa, kusanganisira LibreSSL 3.0, OpenSSL 1.1.1, php 7.2.27, isc-dhcp 4.4.2, zabbix4-proxy 1.2 uye jQuery 3.4.1;
- Yakawedzera rutsigiro rweGoogle Backup API 2.4.
Source: opennet.ru