Iyo Firezone purojekiti iri kugadzira VPN sevha yekuronga kupinda kune vanogamuchira mune yemukati yakasarudzika network kubva kune mushandisi zvishandiso zviri kunze kwemanetiweki. Iyo purojekiti yakanangana nekuwana yakakwira mwero wedziviriro uye kurerutsa iyo VPN deployment process. Iyo kodhi yeprojekiti yakanyorwa muElixir uye Ruby, uye yakagoverwa pasi peiyo Apache 2.0 rezinesi.
Iyo purojekiti iri kuvandudzwa neakachengeteka otomatiki injiniya kubva kuCisco, uyo akaedza kugadzira mhinduro iyo inogadzirisa kushanda neanotambira masisitimu uye inobvisa matambudziko aifanirwa kusangana pakuronga yakachengeteka kupinda kune Cloud VPC. Firezone inogona kufungidzirwa seyakavhurika sosi shamwari kune OpenVPN Access Server, yakavakirwa pamusoro peWireGuard pane OpenVPN.
Nekumisikidza, rpm uye deb mapakeji anopihwa kune akasiyana mavhezheni eCentOS, Fedora, Ubuntu uye Debian, kuisirwa kwacho kusingadi kutsamira kwekunze, sezvo zvese zvinodiwa zvakatobatanidzwa uchishandisa Chef Omnibus toolkit. Kuti ushande, iwe unongoda kit yekugovera ine Linux kernel isina mukuru pane 4.19 uye yakaungana kernel module ine VPN WireGuard. Sekureva kwemunyori, kutanga uye kumisikidza sevha yeVPN inogona kuitwa mumaminitsi mashoma. Webhu interface inomhanya pasi pemushandisi asina rombo, uye kuwana kunogoneka chete kuburikidza neHTTPS.
Kuronga nzira dzekutaurirana muFirezone, WireGuard inoshandiswa. Firezone zvakare ine yakavakirwa-mukati firewall mashandiro uchishandisa nftables. Mune chimiro chayo chazvino, firewall inogumira kuvharira inobuda traffic kune chaiwo makabati kana ma subnets emukati kana ekunze network. Kutungamira kunoitwa kuburikidza newebhu interface kana mune yekuraira mutsara modhi uchishandisa firezone-ctl utility. Iyo webhu interface yakavakirwa pane Admin One Bulma.
Parizvino, zvese zvikamu zveFirezone zvinomhanya pane imwe sevha, asi purojekiti iri kutanga kugadzirwa neziso kune modularity uye mune ramangwana rakarongwa kuwedzera kugona kugovera zvikamu zvewebhu interface, VPN uye firewall kune akasiyana mauto. Zvirongwa zvakare zvinosanganisira DNS-level ad blocker yekubatanidza, tsigiro yeanotambira uye subnet block rondedzero, LDAP/SSO hunyanzvi hwekusimbisa, uye humwe hunyanzvi hwekutarisira mushandisi.
Source: opennet.ru