ProHoster > Blog > litaba tsa inthanete > Ho lokolloa ha lisebelisoa bakeng sa ho theha li-firewall tsa OPNsense 22.1

Ho lokolloa ha lisebelisoa bakeng sa ho theha li-firewall tsa OPNsense 22.1

Ho lokolloa ha lisebelisoa bakeng sa ho theha li-firewall OPNsense 22.1 ho etsahetse, e leng lekala la morero oa pfSense, o entsoeng ka sepheo sa ho theha lisebelisoa tse bulehileng ka ho feletseng tse ka bang le ts'ebetso boemong ba tharollo ea khoebo bakeng sa ho kenya li-firewall le li-gateway tsa marang-rang. . Ho fapana le pfSense, morero ona o behiloe ha o sa laoloe ke k'hamphani e le 'ngoe, e ntlafalitsoeng ka ho kenya letsoho ka ho toba ha sechaba' me e na le ts'ebetso ea nts'etsopele e hlakileng ka ho feletseng, hammoho le ho fana ka monyetla oa ho sebelisa leha e le efe ea tsoelo-pele ea eona lihlahisoa tsa batho ba boraro, ho kenyeletsa le khoebo. tse ling. Khoutu ea mohloli oa likarolo tsa kabo, hammoho le lisebelisoa tse sebelisoang bakeng sa kopano, li ajoa tlasa laesense ea BSD. Likopano li lokiselitsoe ka mokhoa oa LiveCD le setšoantšo sa sistimi bakeng sa ho rekota ho li-flash drives (339 MB).

Software ea mantlha ea kabo e thehiloe khoutung ea FreeBSD. Likarolo tsa OPNsense li kenyelletsa chain ea lisebelisoa tsa ho haha ​​​​mohloli o bulehileng ka botlalo, bokhoni ba ho kenya liphutheloana holim'a FreeBSD e tloaelehileng, lisebelisoa tsa ho leka-lekanya mojaro, sebopeho sa webo bakeng sa ho hlophisa likhokahano tsa basebelisi le netweke (Captive portal), mekhoa ea ho latela boemo ba khokahano (firewall e ikhethang e thehiloeng ho pf), moeli oa bandwidth, ho sefa sephethephethe, le bokhoni ba ho theha VPN ho latela IPsec, OpenVPN le PPTP, kopanyo le LDAP le RADIUS, tshehetso ya DDNS (Dynamic DNS), tsamaiso ya ditlaleho tse bonahalang le dikerafo.

Kabo e fana ka lisebelisoa tsa ho theha litlhophiso tse mamellang liphoso tse thehiloeng ts'ebelisong ea protocol ea CARP le ho u lumella ho qala, ntle le firewall e kholo, node ea "backup" e tla hokahanngoa ka bo eona boemong ba tlhophiso mme e tla nka mojaro ho. ketsahalo ya ho hloleha hoa node ya mantlha. Mookameli o fuoa sebopeho sa morao-rao le se bonolo bakeng sa ho lokisa firewall, e hahiloeng ho sebelisoa Bootstrap web framework.

Har'a liphetoho:

  • Phetoho ho ea lekaleng la FreeBSD 13-STABLE e entsoe (phetolelo e fetileng e ne e thehiloe ho HardenedBSD 12.1).
  • Ho fanoe ka pontšo ho logi ea tlhahisoleseding mabapi le boemo ba ho teba ba molaetsa (boima) bakeng sa ho sefa lintlha ka boleng bona.
  • Ts'ebeliso ea li-opsense-log e kenyellelitsoe bakeng sa ho hlahloba li-log.
  • Lisebelisoa tsa ho fetisa sysctl li kentsoe moralong oa li-tunables.
  • Ts'ebetso ea ho kenya le ho lokisa likhokahano tsa marang-rang e potlakisitsoe. Phetoho ea ho sebelisa bootloader ea LUA e entsoe.
  • Liphetolelo tse ntlafalitsoeng tsa mananeo a eketsehileng ho tloha likoung, mohlala, filterlog 0.6, hostapd 2.10, lighttpd 1.4.63, nss 3.74, openssl 1.1.1m, openvpn 2.5.5, php 7.4.27, sqlite 3.37.2, 3.35.1. 1.14.0, unbound 2.10, wpa_supplicant XNUMX.

Ho lokolloa ha lisebelisoa bakeng sa ho theha li-firewall tsa OPNsense 22.1


Source: opennet.ru
Reka sebaka se tšepahalang sa libaka tse nang le ts'ireletso ea DDoS, li-server tsa VPS VDS 🔥 Reka sebaka se tšepahalang sa ho amohela webosaete ka tšireletso ea DDoS, li-server tsa VPS VDS | ProHoster