Firewalld 2.2, firewall inodzorwa nenzira inochinja-chinja yakavakirwa pa mafirita e nftables ne iptables packet, yaburitswa. Firewalld inoshanda senzira yekumashure, ichibvumira shanduko dzemutemo we dynamic packet filter kuburikidza neD-Bus, pasina kurodha pasi mitemo ye packet filter kana kukanganisa ma connection aripo. Chirongwa ichi chatove kushandiswa mumabasa akawanda ekugovera. Linux, kusanganisira RHEL 7+, Fedora 18+, uye SUSE/openSUSE 15+. Kodhi yefirewalld yakanyorwa muPython uye inogoverwa pasi peGPLv2 rezinesi.
Kugadzirisa firewall, chinhu chinoshandiswa che firewall-cmd chinoshandiswa, chisingavimbi ne Kero dze IP, network interfaces, uye port numbers, pamwe nemazita ebasa (semuenzaniso, kuti uvhure SSH access, mhanyisa "firewall-cmd --add --service=ssh"; kuvhara SSH, mhanyisa "firewall-cmd --remove --service=ssh"). Iyo firewall-config graphical interface (GTK) uye firewall-applet (Qt) zvinogonawo kushandiswa kushandura firewall configuration. Rutsigiro rwekutarisira firewall kuburikidza nefirewalld D-BUS API runowanikwa mumapurojekiti akadai seNetworkManager, libvirt, podman, docker, uye fail2ban.
Kuchinja kukuru:
- Akawedzera masevhisi kutsigira STUN uye STUNS protocol.
- Yakawedzerwa sevhisi yeSteam traffic pane yemuno network.
- Yakawedzerwa sevhisi yeMNDP (MikroTik Neighbor Discovery Protocol).
- Yakawedzera sevhisi yemafaira server XRootD.
- Yakawedzera sevhisi yeWS-Discovery protocol (Web Services Dynamic Discovery).
- Akawedzera masevhisi etiweki chiitiko che iperf2 uye iperf3 bandwidth kuyerwa kwezviyero.
- Inotenderwa kushandisa matafura ane "muridzi" uye "ramba" mireza mune nftables.
- Yakawedzera tsigiro ye rpfilter (Reverse Path Filter) inoshanda modhi: yakasimba-mberi, yakasununguka-mberi uye yakasununguka.
Source: opennet.ru
