Ukukhutshwa kwekhithi yokusabalalisa yokudala i-firewall OPNsense 22.1 yenzeka, eyisebe leprojekthi ye-pfSense, eyenziwe ngenjongo yokudala ikiti yokusabalalisa evuleleke ngokupheleleyo enokuthi ibe nokusebenza kwinqanaba lezisombululo zorhwebo zokuthumela i-firewall kunye ne-network gateways. . Ngokungafaniyo ne-pfSense, iprojekthi ibekwe njengengalawulwa yinkampani enye, iphuhliswe ngokuthatha inxaxheba ngokuthe ngqo koluntu kwaye inenkqubo yophuhliso ecacileyo ngokupheleleyo, kunye nokubonelela ngethuba lokusebenzisa nayiphi na intuthuko yayo kwiimveliso zomntu wesithathu, kuquka urhwebo. enye. Ikhowudi yomthombo yamacandelo okusabalalisa, kunye nezixhobo ezisetyenziselwa ukudibanisa, zihanjiswa phantsi kwelayisensi ye-BSD. Iindibano zilungiselelwe ngendlela ye-LiveCD kunye nomfanekiso wenkqubo yokurekhoda kwi-Flash drives (339 MB).
Umxholo osisiseko wokusabalalisa usekelwe kwikhowudi ye-FreeBSD. Phakathi kweempawu ze-OPNsense kukho i-toolkit yokwakha evuleke ngokupheleleyo, ukukwazi ukufaka ngendlela yeepakethe phezulu kwe-FreeBSD eqhelekileyo, izixhobo zokulinganisa umthwalo, ujongano lwewebhu lokuququzelela uxhulumaniso lomsebenzisi kwinethiwekhi (i-Captive portal), ubukho beendlela. ukulandelela uxhulumaniso lwamazwe (i-firewall esemthethweni esekelwe kwi-pf), ukubeka umda we-bandwidth, ukucoca i-traffic, ukudala i-VPN esekelwe kwi-IPsec, i-OpenVPN kunye ne-PPTP, ukudibanisa ne-LDAP kunye ne-RADIUS, inkxaso ye-DDNS (Dynamic DNS), inkqubo yeengxelo ezibonakalayo kunye iigrafu.
Ukuhanjiswa kunika izixhobo zokudala ukucwangciswa kokunyamezela okuphosakeleyo ngokusekelwe ekusebenziseni iprotocol yeCARP kunye nokuvumela ukuba uqalise, ngaphezu kwe-firewall engundoqo, i-node yogcino oluya kulungelelaniswa ngokuzenzekelayo kwinqanaba loqwalaselo kwaye luya kuthatha umthwalo isiganeko sokungaphumeleli kwendawo yokuqala. Umlawuli unikezwa ujongano lwangoku kunye olulula lokuqwalasela i-firewall, eyakhiwe kusetyenziswa i-Bootstrap web framework.
Phakathi kotshintsho:
- Ukutshintshwa kwi-FreeBSD ye-13-STABLE yesebe yenziwe (inguqulo yangaphambili yayisekelwe kwi-HardenedBSD 12.1).
- Kunikezelwe ngesalathiso kwilog yolwazi malunga nomphakamo wobungqongqo bomyalezo (ubungqongqo) wokucoca amalogi ngeli xabiso.
- Isixhobo se-opnsense-log sibandakanyiwe ukuhlola iilog.
- Izixhobo ze-sysctl ezingaphezulu zongeziweyo kwisakhelo se-tunables.
- Inkqubo yokulayisha kunye nokuqwalasela ujongano lwenethiwekhi ikhawulezisiwe. Utshintsho ekusebenziseni i-LUA bootloader yenziwe.
- Iinguqulelo ezihlaziyiweyo zeenkqubo ezongezelelweyo ezivela kumachweba, umzekelo, filterlog 0.6, hostapd 2.10, lighttpd 1.4.63, nss 3.74, openssl 1.1.1m, openvpn 2.5.5, php 7.4.27, sqlite 3.37.2. 3.35.1, khulula 1.14.0, wpa_supplicant 2.10.
umthombo: opennet.ru