Iyo sisitimu ndeye modular, mukuwedzera kune ekutanga mabasa epacket kusefa uye traffic traffic yeIPFire, ma modules anowanikwa nekushandiswa kwehurongwa hwekudzivirira kurwiswa kwakavakirwa paSuricata, kugadzira faira server (Samba, FTP, NFS), a mail server (Cyrus-IMAPd, Postfix, Spamassassin, ClamAV uye Openmailadmin) uye printa server (CUPS), kuronga VoIP gedhi rakavakirwa paAsterisk uye Teamspeak, kugadzira isina waya yekupinda nzvimbo, kuronga kutenderera odhiyo uye vhidhiyo server (MPFire, Videolan , Icecast, Gnump3d, VDR). Kuisa ma-add-ons muIPFire, akakosha pasuru maneja, Pakfire, anoshandiswa.
Mukuburitswa kutsva:
- Reworked interface zvikamu uye kugovera zvinyorwa zvine chekuita neDNS:
- Yakawedzera rutsigiro rweDNS-pamusoro-TLS.
- DNS marongero akabatanidzwa pamapeji ese ewebhu interface.
- Izvozvi zvinogoneka kutsanangura anopfuura maviri maseva eDNS uchishandisa iyo inokurumidza server kubva kune yakasarudzika runyorwa.
- Yakawedzera QNAME Minimization mode (RFC-7816) kudzikisa kufambiswa kweruzivo rwekuwedzera muzvikumbiro kuitira kudzivirira kuburitswa kweruzivo nezve domain yakakumbirwa uye kuwedzera kuvanzika.
- Sefa yakashandiswa kusefa nzvimbo dzevakuru chete padanho reDNS.
- Kurodha nguva yakakwidziridzwa nekudzikisa huwandu hweDNS cheki.
- A workaround yakaitwa kana mupi akasefa zvikumbiro zveDNS kana tsigiro isiriyo yeDNSSEC (mune dambudziko, chekufambisa chinochinjirwa kuTLS neTCP).
- Kugadzirisa matambudziko nekurasikirwa kwemapaketi akatsemuka, saizi yeEDNS buffer inoderedzwa kusvika 1232 bytes (iyo kukosha 1232 yakasarudzwa nekuti ndiyo yakanyanya kunaka iyo saizi yeDNS mhinduro, uchifunga nezve IPv6, inokodzera mune shoma MTU kukosha. (1280).
- Shanduro dzepasuru dzakagadziridzwa, kusanganisira GCC 9, Python 3, knot 2.9.2, libhtp 0.5.32, mdadm 4.1, mpc 1.1.0, mpfr 4.0.2, rust 1.39, suricata 4.1.6. kusunungurwa 1.9.6.
- Yakawedzera rutsigiro rwemitauro yeGo uye Rust. Iko kuumbwa kukuru kunosanganisira elinks browser uye package
rfkill . - Yakagadziridzwa ma-add-ons dehydrated 0.6.5, libseccomp 2.4.2, nano 4.7, openvmtools 11.0.0, tor 0.4.2.5, tshark 3.0.7. Yakawedzera imwe itsva amazon-ssm-agent yekuwedzera kuti uvandudze kubatanidzwa neAmazon gore.
- Debugging ruzivo mumafaira anogoneka akacheneswa kuderedza saizi yekugovera mushure mekuiswa.
- Yakawedzera rutsigiro rweLVM zvikamu.
- Yakawedzerwa rutsigiro rwekusefa network mapaketi kubva kuOpenVPN vatengi kuenda kuIPS (Intrusion Prevention System);
- MuPakfire, HTTPS inoshandiswa kurodha runyorwa rwezvionioni (kare, chikumbiro chekutanga chaive kuburikidza neHTTP, uye sevha yaizoburitsa redirect kuHTTPS).
Source: opennet.ru