Emva kweenyanga ezi-6 zophuhliso ukukhutshwa kwekhithi yokuhambisa ekudaleni iindonga zomlilo , eyifolokhwe yeprojekthi ye-pfSense, eyenziwe ngenjongo yokwenza ukusabalalisa okuvulekileyo ngokupheleleyo okunokuthi kube nokusebenza kwezisombululo zorhwebo zokuthumela i-firewall kunye ne-network gateways. Ngokungafaniyo ne-pfSense, iprojekthi ibekwe njengengalawulwa yinkampani enye, iphuhliswe ngokuthatha inxaxheba ngokuthe ngqo koluntu kwaye inenkqubo yophuhliso ecacileyo ngokupheleleyo, kunye nokubonelela ngethuba lokusebenzisa nayiphi na intuthuko yayo kwiimveliso zomntu wesithathu, kuquka urhwebo. enye. Izicatshulwa zomthombo wamacandelo osasazo, kunye nezixhobo ezisetyenziselwa ukuhlanganisa, phantsi kwelayisensi ye-BSD. Iindibano ngendlela ye-LiveCD kunye nomfanekiso wenkqubo yokurekhoda kwi-Flash drives (290 MB).
Umxholo osisiseko wokusabalalisa usekelwe kwikhowudi , exhasa ifolokhwe elungelelanisiweyo ye-FreeBSD, edibanisa iindlela ezongezelelweyo zokhuseleko kunye nobuchule bokuchasana nokusetyenziswa kobuthathaka. Phakathi I-OPNsense inokwahlulwa nge-toolkit yendibano evuleke ngokupheleleyo, ukukwazi ukufaka ngendlela yeepakethe ngaphezulu kwe-FreeBSD eqhelekileyo, izixhobo zokulinganisa umthwalo, ujongano lwewebhu lokuququzelela unxibelelwano lomsebenzisi kwinethiwekhi (i-Captive portal), ubukho beendlela ukulandelela indawo yokunxibelelana (i-firewall esemthethweni esekelwe kwi-pf), ukubeka izithintelo kwi-bandwidth, ukucoca i-traffic, ukudala i-VPN esekelwe kwi-IPsec, i-OpenVPN kunye ne-PPTP, ukudibanisa ne-LDAP kunye ne-RADIUS, inkxaso ye-DDNS (Dynamic DNS), inkqubo yeengxelo ezibonakalayo kunye neegrafu. .
Ukongezelela, ukusabalalisa kunika izixhobo zokudala ukucwangciswa kokunyamezela kwephutha ngokusekelwe ekusebenziseni i-protocol ye-CARP kunye nokuvumela ukuba uqalise, ngaphezu kwe-firewall engundoqo, i-node yokulondoloza eya kulungelelaniswa ngokuzenzekelayo kwinqanaba lokucwangcisa kwaye iya kuthatha. umthwalo xa kwenzeka ukusilela kwendawo yokuqala. Umlawuli unikezwa ujongano lwangoku kunye olulula lokuqwalasela i-firewall, eyakhiwe kusetyenziswa i-Bootstrap web framework.
Kwinguqulelo entsha:
- Ukukwazi okwakhelwe ngaphakathi ukuthumela iilog kwiseva ekude usebenzisa iSyslog-ng;
- Yongeza uluhlu olwahlukileyo lokujonga imithetho yokucoca ipakethi eyenziwe ngokuzenzekelayo;
- Iinkcukacha-manani ezongeziweyo zayo yonke imithetho yokucoca ipakethi;
- Ukuphuculwa kolawulo kwimigaqo yomlilo (ikuvumela ukuba usebenzise iinguqu endaweni yenginginya, amanani ezibuko kunye nee subnets). Kongezwe ukukwazi ukungenisa kunye nokuthumela ngaphandle iziteketiso kwifomathi ye-JSON. Kukho amandla okuzikhethela ukugcina izibalo zee-pseudonyms;
- Ikhowudi yokusetyenzwa kunye nokutshintsha amasango ibhalwe ngokutsha;
- Kuphunyezwe ukukwazi ukulungelelanisa amaqela e-LDAP;
- Kongezwe ukukwazi ukuthumela izicelo zokusayina isatifikethi;
- Inkxaso eyongeziweyo yokuthunyelwa kweendlela nge-IPsec (VTI);
- Ungqamaniso lweziteketiso, ii-VHID kunye neewijethi ziphunyezwa nge-XMLRPC;
- Yongeza amandla okuqinisekisa kwi-Web proxy kunye ne-IPsec ngePAM;
- Inkxaso eyongeziweyo yokudibanisa ngekhonkco lommeli;
- Yazisa amandla okusebenzisa amaqela ukuqwalasela amalungelo oqhagamshelwano lommeli;
- Iiplagi ze-Netdata, i-WireGuard, i-Maltrail kunye ne-Mail-Backup (PGP) zilungiselelwe. Iiseva ze-Dpinger kunye ne-DHCP zifakwe kwi-plugin system;
- Iinguqulelo ezihlaziyiweyo zesiRashiya;
- Iinguqulelo ezintsha zeBootstrap 3.4, LibreSSL 2.9, Unbound 1.9, PHP 7.2, Python 3.7 kunye nesquid 4 zisetyenziswa.
umthombo: opennet.ru