ProHoster > Blog > litaba tsa inthanete > Phatlalatso ea OpenWrt 21.02.0

Phatlalatso ea OpenWrt 21.02.0

Ho hlahisitsoe tokollo e ncha ea bohlokoa ea kabo ea OpenWrt 21.02.0, e reretsoeng ho sebelisoa lisebelisoa tse fapaneng tsa marang-rang tse kang li-routers, li-switches le libaka tsa phihlello. OpenWrt e ts'ehetsa li-platform le meaho e mengata e fapaneng mme e na le sistimi ea kopano e lumellang hore ho bokelloa ha sefapano ho etsoe ka mokhoa o bonolo le o bonolo, ho kenyelletsa le likarolo tse fapaneng tsa kopano, e etsang hore ho be bonolo ho theha firmware e seng e entsoe kapa setšoantšo sa disk ka sete e lakatsehang. ea liphutheloana tse kentsoeng pele tse lokiselitsoeng mesebetsi e itseng. Likopano li etselitsoe li-platform tse 36 tse reriloeng.

Har'a liphetoho tse ho OpenWrt 21.02.0 tse latelang li hlokometsoe:

  • Ho ekelitsoe bonyane litlhoko tsa hardware. Moahong oa kamehla, ka lebaka la ho kenyelletsoa ha li-subsystem tsa Linux kernel, ho sebelisa OpenWrt hona joale ho hloka sesebelisoa se nang le 8 MB Flash le 64 MB RAM. Haeba u lakatsa, u ntse u ka iketsetsa kopano ea hau e hlobotseng e ka sebetsang ho lisebelisoa tse nang le 4 MB Flash le 32 MB RAM, empa ts'ebetso ea kopano e joalo e tla fokola, 'me botsitso ba ts'ebetso ha bo tiisetsoe.
  • Sephutheloana sa mantlha se kenyelletsa liphutheloana tse tšehetsang theknoloji ea ts'ireletso ea marang-rang ea WPA3, e seng e fumaneha ka mokhoa o ikhethileng ha o sebetsa ka mokhoa oa bareki le ha o theha sebaka sa phihlello. WPA3 e fana ka tšireletso khahlanong le litlhaselo tsa ho noha li-password (e ke ke ea lumella ho hakanya phasewete maemong a kantle ho marang-rang) mme e sebelisa protocol ea netefatso ea SAE. Bokhoni ba ho sebelisa WPA3 bo fanoa ho bakhanni ba bangata ba lisebelisoa tse se nang mohala.
  • Sephutheloana sa motheo se kenyelletsa ts'ehetso bakeng sa TLS le HTTPS ka mokhoa o ikhethileng, e u lumellang hore u fihlele sehokelo sa Websaete sa LuCI holim'a HTTPS le ho sebelisa lisebelisoa tse kang wget le opkg ho fumana tlhahisoleseling ka liteishene tsa puisano tse patiloeng. Li-server tseo lipakete tse jarollotsoeng ka opkg li tsamaisoang le tsona li fetoleloa ho romella tlhahisoleseling ka HTTPS ka mokhoa o ikhethileng. Laeborari ea mbedTLS e sebelisoang bakeng sa encryption e nketsoe sebaka ke wolfSSL (ha ho hlokahala, o ka kenya ka letsoho lilaeborari tsa mbedTLS le OpenSSL, tse tsoelang pele ho fanoa joalo ka likhetho). Ho hlophisa phetiso ea boiketsetso ho HTTPS, sehokelo sa Marang-rang se fana ka khetho "uhttpd.main.redirect_https=1".
  • Tšehetso ea pele e kentsoe ts'ebetsong bakeng sa kernel subsystem ea DSA (Distributed Switch Architecture), e fanang ka lisebelisoa tsa ho lokisa le ho laola li-cascades tsa li-switches tsa Ethernet tse hokahaneng, ho sebelisa mekhoa e sebelisoang ho lokisa li-interfaces tse tloaelehileng tsa marang-rang (iproute2, ifconfig). DSA e ka sebelisoa ho lokisa likou le li-VLAN sebakeng sa sesebelisoa sa swconfig se neng se fanoe pele, empa ha se bakhanni bohle ba switch ba tšehetsang DSA hajoale. Tokollong e sisintsoeng, DSA e lumelletsoe ath79 (TP-Link TL-WR941ND), bcm4908, gemini, kirkwood, mediatek, mvebu, octeon, ramips (mt7621) le bakhanni ba realtek.
  • Liphetoho li entsoe ho syntax ea lifaele tsa tlhophiso tse fumanehang ho /etc/config/network. Sebakeng sa "config interface" block, khetho ea "ifname" e rehiloe "sesebelisoa", 'me ho "config device" thibela, khetho ea "bridge" le "ifname" e rehiloe "ports". Bakeng sa lits'ebetso tse ncha, li-file tse arohaneng tse nang le li-setting tsa lisebelisoa (layer 2, "config device" block) le li-interfaces tsa marang-rang (lera 3, "config interface" block) li se li hlahisoa. Ho boloka tumellano ea morao, tšehetso ea syntax ea khale e bolokiloe, ke hore. litlhophiso tse entsoeng pele li ke ke tsa hloka liphetoho. Tabeng ena, ho web interface, haeba syntax ea khale e fumanoa, tlhahiso ea ho fallela syntax e ncha e tla hlahisoa, e leng ho hlokahalang ho hlophisa litlhophiso ka sebopeho sa websaete.

    Mohlala oa syntax e ncha: config device option name 'br-lan' option type 'bridge' option macaddr '00:01:02:XX:XX:XX' list ports 'lan1' list ports 'lan2' list ports 'lan3' list port interface 'lan4' config interface 'lan' option device 'br-lan' option proto 'static' option ipaddr '192.168.1.1' option netmask '255.255.255.0' option ip6assign '60' config device option name 'eth1' option macaddr '00 :01:02:YY:YY:YY' config interface 'wan' kgetho sesebelisoa 'eth1' kgetho proto 'dhcp' config interface 'wan6' kgetho sesebelisoa 'eth1' kgetho proto 'dhcpv6'

    Ka papiso le lifaele tsa tlhophiso /etc/config/network, mabitso a masimo a board.json a fetotsoe ho tloha "ifname" ho "sesebelisoa".

  • Sethala se secha sa "realtek" se kentsoe, se lumellang OpenWrt hore e sebelisoe lisebelisoa tse nang le palo e kholo ea likou tsa Ethernet, joalo ka D-Link, ZyXEL, ALLNET, INABA le NETGEAR Ethernet switch.
  • E kentse bcm4908 e ncha le sethala sa rockchip bakeng sa lisebelisoa tse thehiloeng ho Broadcom BCM4908 le Rockchip RK33xx SoCs. Litaba tsa ts'ehetso ea lisebelisoa li rarollotsoe bakeng sa sethala se neng se tšehetsoa pele.
  • Ts'ehetso ea sethala sa ar71xx e khaotsoe, ho fapana le moo sethala sa ath79 se lokela ho sebelisoa (bakeng sa lisebelisoa tse thehiloeng ho ar71xx, ho khothalletsoa ho kenya OpenWrt ho tloha qalong). Tšehetso ea li-platform tsa cns3xxx (Cavium Networks CNS3xxx), rb532 (MikroTik RB532) le samsung (SamsungTQ210) le eona e khaotsoe.
  • Lifaele tse sebetsang tsa lits'ebetso tse amehang ho sebetsanang le likhokahano tsa marang-rang li hlophisitsoe ka mokhoa oa PIE (Position-Independent Executables) ka ts'ehetso e felletseng ea aterese ea sebaka sa marang-rang (ASLR) ho etsa hore ho be thata ho sebelisa hampe bofokoli lits'ebetsong tse joalo.
  • Ha o haha ​​​​Linux kernel, likhetho li nolofalloa ka ho sa feleng ho tšehetsa theknoloji ea ho itšehla thajana, e lumellang LXC toolkit le mokhoa oa procd-ujail hore o sebelisoe ho OpenWrt lipolaneteng tse ngata.
  • Bokhoni ba ho aha ka ts'ehetso ea sistimi ea taolo ea phihlello ea SELinux bo fanoe (e holofalitsoe ke kamehla).
  • Mefuta e ntlafalitsoeng ea liphutheloana, ho kenyelletsa le litokollo tse reriloeng tsa musl libc 1.1.24, glibc 2.33, gcc 8.4.0, binutils 2.34, hostapd 2020-06-08, dnsmasq 2.85, dropbear 2020.81, busybox 1.33.1. Linux kernel e ntlafalitsoe hore e be mofuta oa 5.4.143, e tsamaisang cfg80211/mac80211 stack e se nang mohala ho tsoa ho 5.10.42 kernel le tšehetso ea Wireguard VPN.

Source: opennet.ru

Eketsa ka tlhaloso