kuburitswa kwekugovera compact yekugadzira firewall uye network magedhi . Kugovera kunoenderana neiyo FreeBSD kodhi base uchishandisa kuvandudza kweiyo m0n0wall purojekiti uye kushandiswa kwekushanda kwe pf uye ALTQ. Zvekurodha mifananidzo yakati wandei yeamd64 architecture, kubva pakukura kubva pa300 kusvika 360 MB, kusanganisira LiveCD uye mufananidzo wekuiswa pa USB Flash.
Iyo kit yekugovera inotungamirwa kuburikidza newebhu interface. Yakasungwa Portal, NAT, VPN (IPsec, OpenVPN) uye PPPoE inogona kushandiswa kuronga kubuda kwevashandisi mune wired uye isina waya network. Inotsigira zvakasiyana-siyana zvezvisarudzo zvekudzikamisa bandwidth, kuderedza nhamba yekubatanidza panguva imwe chete, kusefa traffic uye kugadzira kukanganisa-kushivirira zvigadziriso zvinoenderana neCARP. Nhamba dzebasa dzinoratidzwa muchimiro chegirafu kana mune tabular fomu. Mvumo inotsigirwa nedhatabhesi remushandisi wenzvimbo, pamwe neRADIUS uye LDAP.
Key :
- Base system zvikamu zvakagadziridzwa kuFreeBSD 11-STABLE;
- Mamwe mapeji ewebhu interface, kusanganisira maneja wezvitupa, rondedzero yeDHCP inosungirwa uye matafura eARP/NDP, zvino anotsigira kuronga nekutsvaga;
- DNS solver yakavakirwa pane Unbound yakawedzerwa kune Python script yekubatanidza maturusi;
- YeIPsec DH (Diffie-Hellman) uye PFS (Perfect Forward Secrecy) yakawedzerwa 25, 26, 27 uye 31;
- Mune iyo UFS faira system marongero ehurongwa hutsva, noatime modhi inogadziriswa nekukasira kudzikisa zvisina basa kunyora mabasa;
- Iyo "autocomplete = nyowani-password" hunhu hwawedzerwa kune echokwadi mafomu kudzima otomatiki kuzadza minda ine data inonzwisisika;
- Yakawedzera itsva ine simba DNS rekodhi vanopa - Linode uye Gandi;
- Kukanganisa kwakati kwakagadziriswa, kusanganisira nyaya iri muwebhu interface iyo inobvumira mushandisi ane chokwadi nekuwana iyo yemifananidzo yekuisa widget kuti aite chero PHP kodhi uye kuwana akasarudzika mapeji eiyo administrator interface.
Pamusoro pezvo, mukana wekuyambuka-saiti scripting (XSS) wakabviswa muwebhu interface.
Source: opennet.ru