ProHoster > Blog > internet nhau > Kuburitswa kwekiti yekugovera yekugadzira OPNsense 22.7 firewalls

Kuburitswa kwekiti yekugovera yekugadzira OPNsense 22.7 firewalls

Kuburitswa kwekiti yekugovera yekugadzira firewalls OPNsense 22.7 yakaburitswa, inova bazi reiyo pfSense purojekiti, yakagadzirwa nechinangwa chekugadzira yakanyatsovhurika yekugovera kit inogona kuve nekushanda padanho rezvigadziriso zvekutengesa zvekuisa firewalls uye network. magedhi. Kusiyana nepfSense, chirongwa ichi chakamisikidzwa sechisiri kudzorwa nekambani imwe chete, yakagadziridzwa nekutora chikamu kwakananga munharaunda uye ine hurongwa hwekuvandudza hwakajeka, pamwe nekupa mukana wekushandisa chero chayakaitika muzvigadzirwa zvebato rechitatu, kusanganisira zvekutengesa. zvimwe. Iyo kodhi kodhi yezvikamu zvekugovera, pamwe nemidziyo inoshandiswa pakuungana, inogoverwa pasi perezinesi reBSD. Magungano akagadzirirwa ari muchimiro cheLiveCD uye system image yekurekodha paFlash drives (347 MB).

Izvo zvakakosha zvemukati zvekugovera zvakavakirwa paFreeBSD kodhi. Pakati pezvinhu zveOPNsense ndeye yakavhurika yekuvaka toolkit, kugona kuisa muchimiro chemapakeji pamusoro penguva dzose FreeBSD, maturusi ekuyera maturusi, webhu interface yekuronga mushandisi kubatana kune network (Captive portal), kuvapo kwemaitiro. yekutevera yekubatanidza nyika (yakajeka firewall yakavakirwa pf), kuseta bandwidth miganhu, traffic kusefa, kugadzira VPN yakavakirwa paIPsec, OpenVPN uye PPTP, kubatanidzwa neLDAP neRADIUS, rutsigiro rweDDNS (Dynamic DNS), hurongwa hwekuona mishumo uye magirafu.

Kugovera kunopa maturusi ekugadzira kukanganisa-kushivirira zvigadziriso zvichibva pakushandiswa kweCARP protocol uye kukubvumira kuti utange, mukuwedzera kune main firewall, iyo backup node iyo inozongoenderana otomatiki padanho rekugadzirisa uye inotora mutoro mukati. chiitiko chekukundikana kwenheyo yekutanga. Iyo maneja inopihwa yemazuva ano uye yakapusa interface yekumisikidza firewall, yakavakwa uchishandisa iyo Bootstrap web framework.

Pakati pekuchinja:

  • Shanduko kuenda kuFreeBSD 13.1 bazi yaitwa.
  • Updated shanduro okuwedzera zvirongwa kubva zviteshi, somuenzaniso, PHP 8.0.20, Phalcon 5, sqlite 3.39.0, suricata 6.0.6, unbound 1.16.1.
  • Yakawedzera rutsigiro rweIntel QuickAssist (QAT).
  • Yakawedzerwa rutsigiro rweStacked VLAN tekinoroji (multilayer encapsulation yeVLAN tags).
  • Yakaitwa DDoS kudzivirira nzira uchishandisa SYN cookie.
  • Yakawedzera APCUPSD uye CrowdSec plugins.

    • Source: opennet.ru

Voeg