Ho lokolloa ha lisebelisoa bakeng sa ho theha li-firewall OPNsense 22.1 ho etsahetse, e leng lekala la morero oa pfSense, o entsoeng ka sepheo sa ho theha lisebelisoa tse bulehileng ka ho feletseng tse ka bang le ts'ebetso boemong ba tharollo ea khoebo bakeng sa ho kenya li-firewall le li-gateway tsa marang-rang. . Ho fapana le pfSense, morero ona o behiloe ha o sa laoloe ke k'hamphani e le 'ngoe, e ntlafalitsoeng ka ho kenya letsoho ka ho toba ha sechaba' me e na le ts'ebetso ea nts'etsopele e hlakileng ka ho feletseng, hammoho le ho fana ka monyetla oa ho sebelisa leha e le efe ea tsoelo-pele ea eona lihlahisoa tsa batho ba boraro, ho kenyeletsa le khoebo. tse ling. Khoutu ea mohloli oa likarolo tsa kabo, hammoho le lisebelisoa tse sebelisoang bakeng sa kopano, li ajoa tlasa laesense ea BSD. Likopano li lokiselitsoe ka mokhoa oa LiveCD le setšoantšo sa sistimi bakeng sa ho rekota ho li-flash drives (339 MB).
Litaba tsa mantlha tsa kabo li thehiloe ho khoutu ea FreeBSD. Har'a likarolo tsa OPNsense ke sesebelisoa sa ho haha se bulehileng ka ho feletseng, bokhoni ba ho kenya ka mokhoa oa liphutheloana ka holim'a FreeBSD e tloaelehileng, lisebelisoa tsa ho leka-lekanya thepa, sebopeho sa websaete bakeng sa ho hlophisa likhokahano tsa basebelisi ho marang-rang (Captive portal), boteng ba mekhoa. bakeng sa ho latela melao ea khokahano (firewall e hlakileng e thehiloeng ho pf), ho beha meeli ea bandwidth, ho sefa sephethephethe, ho theha VPN e thehiloeng ho IPsec, OpenVPN le PPTP, ho kopanngoa le LDAP le RADIUS, tšehetso bakeng sa DDNS (Dynamic DNS), tsamaiso ea litlaleho tsa pono le kerafo.
Kabo e fana ka lisebelisoa tsa ho theha litlhophiso tse mamellang liphoso tse thehiloeng ts'ebelisong ea protocol ea CARP le ho u lumella ho qala, ntle le firewall e kholo, node ea "backup" e tla hokahanngoa ka bo eona boemong ba tlhophiso mme e tla nka mojaro ho. ketsahalo ya ho hloleha hoa node ya mantlha. Mookameli o fuoa sebopeho sa morao-rao le se bonolo bakeng sa ho lokisa firewall, e hahiloeng ho sebelisoa Bootstrap web framework.
Har'a liphetoho:
- Phetoho ho ea lekaleng la FreeBSD 13-STABLE e entsoe (phetolelo e fetileng e ne e thehiloe ho HardenedBSD 12.1).
- Ho fanoe ka pontšo ho logi ea tlhahisoleseding mabapi le boemo ba ho teba ba molaetsa (boima) bakeng sa ho sefa lintlha ka boleng bona.
- Ts'ebeliso ea li-opsense-log e kenyellelitsoe bakeng sa ho hlahloba li-log.
- Lisebelisoa tsa ho fetisa sysctl li kentsoe moralong oa li-tunables.
- Ts'ebetso ea ho kenya le ho lokisa likhokahano tsa marang-rang e potlakisitsoe. Phetoho ea ho sebelisa bootloader ea LUA e entsoe.
- Liphetolelo tse ntlafalitsoeng tsa mananeo a eketsehileng ho tloha likoung, mohlala, filterlog 0.6, hostapd 2.10, lighttpd 1.4.63, nss 3.74, openssl 1.1.1m, openvpn 2.5.5, php 7.4.27, sqlite 3.37.2, 3.35.1. 1.14.0, unbound 2.10, wpa_supplicant XNUMX.
Source: opennet.ru