ProHoster > Блог > izindaba ze-inthanethi > Ikhithi yokusabalalisa yokudala i-OPNsense 20.7 firewall iyatholakala

Ikhithi yokusabalalisa yokudala i-OPNsense 20.7 firewall iyatholakala

Wabona ukukhanya ikhithi yokusabalalisa yokudala ama-firewall I-OPNsense 20.7, okuyimfoloko yephrojekthi ye-pfSense, edalwe ngenhloso yokwenza ukusabalalisa okuvuleke ngokuphelele okungaba nokusebenza kwezixazululo zezentengiselwano zokuthumela izindonga zomlilo kanye namasango enethiwekhi. Ngokungafani ne-pfSense, iphrojekthi ibekwe njengengalawulwa yinkampani eyodwa, ithuthukiswe ngokubamba iqhaza okuqondile komphakathi futhi inenqubo yentuthuko esobala ngokuphelele, kanye nokunikeza ithuba lokusebenzisa noma yikuphi ukuthuthukiswa kwayo emikhiqizweni yezinkampani zangaphandle, okuhlanganisa nezohwebo. eyodwa. Imibhalo yomthombo yezingxenye zokusabalalisa, kanye namathuluzi asetshenziselwa ukuhlanganisa, ukubhebhetheka ngaphansi kwelayisensi ye-BSD. Imihlangano ilungisiwe ngesimo se-LiveCD nesithombe sohlelo sokuqoshwa kuma-Flash drives (420 MB).

Okuqukethwe okuyisisekelo kokusabalalisa kusekelwe kukhodi I-HardenBSD 12.1, esekela imfoloko evumelanisiwe ye-FreeBSD, ehlanganisa izindlela zokuphepha ezengeziwe nezindlela zokulwa nokuxhashazwa kobungozi. Phakathi amathuba I-OPNSense ifaka ithuluzi lokwakha elivulekile ngokuphelele, ikhono lokufaka amaphakheji phezu kwe-FreeBSD evamile, amathuluzi okulinganisa umthwalo, isikhombimsebenzisi sewebhu sokuhlela ukuxhumana komsebenzisi kunethiwekhi (i-Captive portal), ukuba khona kwezindlela zokuqapha izimo zokuxhumeka (i-firewall ecacile esekelwe ku-pf), ukubeka imikhawulo ye-bandwidth, ukuhlunga ithrafikhi, kanye nokudala i-VPN esekelwe ku-IPsec. OpenVPN kanye ne-PPTP, ukuhlanganiswa ne-LDAP kanye ne-RADIUS, ukwesekwa kwe-DDNS (Dynamic DNS), uhlelo lwemibiko ebonakalayo namagrafu.

Ngaphezu kwalokho, ukusatshalaliswa kunikeza amathuluzi okudala ukucushwa okubekezelela amaphutha okusekelwe ekusetshenzisweni kwephrothokholi ye-CARP futhi kukuvumela ukuthi uqalise, ngaphezu kwe-firewall eyinhloko, i-node yokusekelayo ezovumelaniswa ngokuzenzakalelayo ezingeni lokucushwa futhi izothatha izintambo. umthwalo uma kwenzeka ukwehluleka kwenodi eyinhloko. Umlawuli unikezwa isixhumi esibonakalayo sesimanje nesilula sokumisa i-firewall, eyakhiwe kusetshenziswa uhlaka lwewebhu lwe-Bootstrap.

Ikhithi yokusabalalisa yokudala i-OPNsense 20.7 firewall iyatholakala

Enguqulweni entsha:

  • Ukwesekwa okwengeziwe kwe-DHCPv6 Multi-WAN yokuxhuma ngeziteshi eziningi;
  • Kungenzeka ukuchaza amakhasi akho aboniswa uma kwenzeka kuba namaphutha okuxhumana nge-proxy yewebhu;
  • Ukuqaliswa kwesistimu yokuthola nokuvinjelwa kokungena kwenethiwekhi kubuyekezwe ukuze I-Meerkat 5;
  • Isistimu yesisekelo ivunyelaniswa ne-HardenedBSD 12.1, imfoloko ye-FreeBSD 12.1, ehlanganisa izindlela zokuphepha ezengeziwe namasu ukuze kuliwe nokuxhashazwa kobungozi;
  • Kwengezwe umbiko onombono wesihlahla wolwazi mayelana noxhumo lwenethiwekhi;
  • Kusetshenziswe i-API yokuphathwa kodonga lomlilo;
  • Amakhono athuthukisiwe okuhlunga izingodo ngokuhamba kwesikhathi.

Source: opennet.ru

Thenga ukusingathwa okuthembekile kwamasayithi anokuvikelwa kwe-DDoS, amaseva e-VPS VDS 🔥 Thenga ukusingathwa kwewebhusayithi okuthembekile ngokuvikelwa kwe-DDoS, amaseva e-VPS VDS | ProHoster