ProHoster > Blog > internet nhau > Kuburitswa kwekiti yekugovera yekugadzira IPFire 2.25 firewalls

Kuburitswa kwekiti yekugovera yekugadzira IPFire 2.25 firewalls

Inowanikwa kusunungurwa kwekiti yekugovera yekugadzira ma routers uye firewalls IP Moto 2.25 Core 141. IPFire inosiyaniswa neyakareruka yekumisikidza maitiro uye kurongeka kwekugadzirisa kuburikidza neiyo intuitive web interface, izere nemifananidzo yekuona. Saizi yekuisa iso mufananidzo is 290 MB (x86_64, i586, ARM).

Iyo sisitimu ndeye modular, mukuwedzera kune ekutanga mabasa epacket kusefa uye traffic traffic yeIPFire, ma modules anowanikwa nekushandiswa kwehurongwa hwekudzivirira kurwiswa kwakavakirwa paSuricata, kugadzira faira server (Samba, FTP, NFS), a mail server (Cyrus-IMAPd, Postfix, Spamassassin, ClamAV uye Openmailadmin) uye printa server (CUPS), kuronga VoIP gedhi rakavakirwa paAsterisk uye Teamspeak, kugadzira isina waya yekupinda nzvimbo, kuronga kutenderera odhiyo uye vhidhiyo server (MPFire, Videolan , Icecast, Gnump3d, VDR). Kuisa ma-add-ons muIPFire, akakosha pasuru maneja, Pakfire, anoshandiswa.

Mukuburitswa kutsva:

  • Reworked interface zvikamu uye kugovera zvinyorwa zvine chekuita neDNS:
    • Yakawedzera rutsigiro rweDNS-pamusoro-TLS.
    • DNS marongero akabatanidzwa pamapeji ese ewebhu interface.
    • Izvozvi zvinogoneka kutsanangura anopfuura maviri maseva eDNS uchishandisa iyo inokurumidza server kubva kune yakasarudzika runyorwa.
    • Yakawedzera QNAME Minimization mode (RFC-7816) kudzikisa kufambiswa kweruzivo rwekuwedzera muzvikumbiro kuitira kudzivirira kuburitswa kweruzivo nezve domain yakakumbirwa uye kuwedzera kuvanzika.
    • Sefa yakashandiswa kusefa nzvimbo dzevakuru chete padanho reDNS.
    • Kurodha nguva yakakwidziridzwa nekudzikisa huwandu hweDNS cheki.
    • A workaround yakaitwa kana mupi akasefa zvikumbiro zveDNS kana tsigiro isiriyo yeDNSSEC (mune dambudziko, chekufambisa chinochinjirwa kuTLS neTCP).
    • Kugadzirisa matambudziko nekurasikirwa kwemapaketi akatsemuka, saizi yeEDNS buffer inoderedzwa kusvika 1232 bytes (iyo kukosha 1232 yakasarudzwa nekuti ndiyo yakanyanya kunaka iyo saizi yeDNS mhinduro, uchifunga nezve IPv6, inokodzera mune shoma MTU kukosha. (1280).
  • Shanduro dzepasuru dzakagadziridzwa, kusanganisira GCC 9, Python 3, knot 2.9.2, libhtp 0.5.32, mdadm 4.1, mpc 1.1.0, mpfr 4.0.2, rust 1.39, suricata 4.1.6. kusunungurwa 1.9.6.
  • Yakawedzera rutsigiro rwemitauro yeGo uye Rust. Iko kuumbwa kukuru kunosanganisira elinks browser uye package rfkill.
  • Yakagadziridzwa ma-add-ons dehydrated 0.6.5, libseccomp 2.4.2, nano 4.7, openvmtools 11.0.0, tor 0.4.2.5, tshark 3.0.7. Yakawedzera imwe itsva amazon-ssm-agent yekuwedzera kuti uvandudze kubatanidzwa neAmazon gore.
  • Debugging ruzivo mumafaira anogoneka akacheneswa kuderedza saizi yekugovera mushure mekuiswa.
  • Yakawedzera rutsigiro rweLVM zvikamu.
  • Yakawedzerwa rutsigiro rwekusefa network mapaketi kubva kuOpenVPN vatengi kuenda kuIPS (Intrusion Prevention System);
  • MuPakfire, HTTPS inoshandiswa kurodha runyorwa rwezvionioni (kare, chikumbiro chekutanga chaive kuburikidza neHTTP, uye sevha yaizoburitsa redirect kuHTTPS).

Source: opennet.ru

Voeg