Kuburitswa kweiyo dynamically controlled firewall firewalld 1.2 yakaburitswa, inoitwa muchimiro chekuputira pamusoro pe nftables uye iptables packet mafirita. Firewalld inomhanya seyekumashure maitiro ayo inokutendera iwe kuti uchinje zvine simba mitemo yepakiti yefirita kuburikidza neD-Bhazi pasina kurodha zvakare iyo packet sefa yemitemo kana kutyora yakamiswa kubatana. Iyo purojekiti yakatoshandiswa mukugovera kwakawanda kweLinux, kusanganisira RHEL 7+, Fedora 18+ uye SUSE/openSUSE 15+. Iyo firewalld kodhi yakanyorwa muPython uye ine rezinesi pasi peGPLv2 rezinesi.
Kugadzirisa firewall, iyo firewall-cmd inoshandiswa inoshandiswa, iyo, pakugadzira mitemo, haibvi pa IP kero, network interfaces uye nhamba dzechiteshi, asi pamazita emasevhisi (semuenzaniso, kuvhura mukana weSSH unofanirwa mhanya "firewall-cmd -add -service= ssh", kuvhara SSH - "firewall-cmd -remove -service=ssh"). Kushandura firewall configuration, firewall-config (GTK) graphical interface uye firewall-applet (Qt) applet inogona kushandiswawo. Tsigiro ye firewall manejimendi kuburikidza neD-BUS API firewalld inowanikwa mumapurojekiti akadai seNetworkManager, libvirt, podman, docker uye fail2ban.
Shanduko huru:
- Iwo snmptls ββββuye snmptls-musungo masevhisi akaiswa kuti agadzirise kupinda kune iyo SNMP protocol kuburikidza yakachengeteka yekutaurirana chiteshi.
- Sevhisi yakaitwa inotsigira protocol inoshandiswa muiyo decentralized file system IPFS.
- Akawedzera masevhisi ane rutsigiro rwe gpsd, ident, ps3netsrv, CrateDB, checkmk, netdata, Kodi JSON-RPC, EventServer, Prometheus node-exporter, kubelet-readonly, pamwe neshanduro yakachengeteka ye k8s controller-ndege.
- Yakawedzerwa "--log-target" sarudzo.
- A failsafe startup mode yakawedzerwa, iyo inobvumira, kana paine matambudziko nemirairo yakatarwa, kudzoreredza kumashure kune yakasarudzika dhizaini pasina kusiya muenzi asina kudzivirirwa.
- Bash ikozvino inotsigira kupedzisa kwekuraira kwekushanda nemitemo.
Source: opennet.ru