I-ProHoster > Блог > izindaba ze-inthanethi > Ikhithi yokusabalalisa yokudala i-OPNsense 20.7 firewall iyatholakala

Ikhithi yokusabalalisa yokudala i-OPNsense 20.7 firewall iyatholakala

Wabona ukukhanya ikhithi yokusabalalisa yokudala ama-firewall I-OPNsense 20.7, okuyimfoloko yephrojekthi ye-pfSense, edalwe ngenhloso yokwenza ukusabalalisa okuvuleke ngokuphelele okungaba nokusebenza kwezixazululo zezentengiselwano zokuthumela izindonga zomlilo kanye namasango enethiwekhi. Ngokungafani ne-pfSense, iphrojekthi ibekwe njengengalawulwa yinkampani eyodwa, ithuthukiswe ngokubamba iqhaza okuqondile komphakathi futhi inenqubo yentuthuko esobala ngokuphelele, kanye nokunikeza ithuba lokusebenzisa noma yikuphi ukuthuthukiswa kwayo emikhiqizweni yezinkampani zangaphandle, okuhlanganisa nezohwebo. eyodwa. Imibhalo yomthombo yezingxenye zokusabalalisa, kanye namathuluzi asetshenziselwa ukuhlanganisa, ukubhebhetheka ngaphansi kwelayisensi ye-BSD. Imihlangano ilungisiwe ngesimo se-LiveCD nesithombe sohlelo sokuqoshwa kuma-Flash drives (420 MB).

Okuqukethwe okuyisisekelo kokusabalalisa kusekelwe kukhodi I-HardenBSD 12.1, esekela imfoloko evumelanisiwe ye-FreeBSD, ehlanganisa izindlela zokuphepha ezengeziwe nezindlela zokulwa nokuxhashazwa kobungozi. Phakathi amathuba I-OPNsense ingahlukaniswa ngekhithi yamathuluzi yomhlangano evuleke ngokuphelele, amandla okufaka ngendlela yamaphakheji ngaphezulu kwe-FreeBSD ejwayelekile, amathuluzi okulinganisa ukulayisha, isixhumi esibonakalayo sewebhu sokuhlela ukuxhumana kwabasebenzisi kunethiwekhi (ingosi yokuthunjwa), ukuba khona kwezinqubo ze ukulandelela ukuxhumanisa (i-firewall esemthethweni esekelwe ku-pf), ukubeka imikhawulo yomkhawulokudonsa, ukuhlunga kwethrafikhi, ukudala i-VPN esekelwe ku-IPsec, i-OpenVPN ne-PPTP, ukuhlanganiswa ne-LDAP ne-RADIUS, ukusekelwa kwe-DDNS (Dynamic DNS), uhlelo lwemibiko ebonakalayo namagrafu. .

Ngaphezu kwalokho, ukusatshalaliswa kunikeza amathuluzi okudala ukucushwa okubekezelela amaphutha okusekelwe ekusetshenzisweni kwephrothokholi ye-CARP futhi kukuvumela ukuthi uqalise, ngaphezu kwe-firewall eyinhloko, i-node yokusekelayo ezovumelaniswa ngokuzenzakalelayo ezingeni lokucushwa futhi izothatha izintambo. umthwalo uma kwenzeka ukwehluleka kwenodi eyinhloko. Umlawuli unikezwa isixhumi esibonakalayo sesimanje nesilula sokumisa i-firewall, eyakhiwe kusetshenziswa uhlaka lwewebhu lwe-Bootstrap.

Ikhithi yokusabalalisa yokudala i-OPNsense 20.7 firewall iyatholakala

Enguqulweni entsha:

  • Ukwesekwa okwengeziwe kwe-DHCPv6 Multi-WAN yokuxhuma ngeziteshi eziningi;
  • Kungenzeka ukuchaza amakhasi akho aboniswa uma kwenzeka kuba namaphutha okuxhumana nge-proxy yewebhu;
  • Ukuqaliswa kwesistimu yokuthola nokuvinjelwa kokungena kwenethiwekhi kubuyekezwe ukuze I-Meerkat 5;
  • Isistimu yesisekelo ivunyelaniswa ne-HardenedBSD 12.1, imfoloko ye-FreeBSD 12.1, ehlanganisa izindlela zokuphepha ezengeziwe namasu ukuze kuliwe nokuxhashazwa kobungozi;
  • Kwengezwe umbiko onombono wesihlahla wolwazi mayelana noxhumo lwenethiwekhi;
  • Kusetshenziswe i-API yokuphathwa kodonga lomlilo;
  • Amakhono athuthukisiwe okuhlunga izingodo ngokuhamba kwesikhathi.

Source: opennet.ru

Engeza amazwana