I-Firewalld 1.2, i-firewall elawulwa ngokuguquguqukayo eyakhelwe eduze kwezihlungi zephakethe ze-nftables kanye ne-iptables, ikhishwe. I-Firewalld isebenza njengenqubo yangemuva, ivumela ukushintsha komthetho wesihlungi sephakethe esiguquguqukayo nge-D-Bus, ngaphandle kokulayisha kabusha imithetho yesihlungi sephakethe noma ukuphazamisa ukuxhumana okukhona. Le phrojekthi isivele isetshenziswa ekusabalalisweni okuningi. Linux, kufaka phakathi i-RHEL 7+, i-Fedora 18+, kanye ne-SUSE/openSUSE 15+. Ikhodi ye-firewalld ibhalwe nge-Python futhi isatshalaliswa ngaphansi kwelayisensi ye-GPLv2.
Ukuphatha i-firewall, kusetshenziswa i-firewall-cmd utility, engancikile ku- Amakheli e-IP, izixhumi zenethiwekhi, nezinombolo ze-port, kanye namagama esevisi (isibonelo, ukuvula ukufinyelela kwe-SSH, sebenzisa i-"firewall-cmd --add --service=ssh"; ukuvala i-SSH, sebenzisa i-"firewall-cmd --remove --service=ssh"). I-interface yesithombe se-firewall-config (GTK) kanye ne-applet ye-firewall (Qt) nazo zingasetshenziswa ukushintsha ukucushwa kwe-firewall. Ukusekelwa kokuphathwa kwe-firewall nge-firewalld D-BUS API kuyatholakala kumaphrojekthi afana ne-NetworkManager, libvirt, podman, docker, kanye ne-fail2ban.
Izinguquko eziyinhloko:
- Izinsizakalo ze-snmptls ne-snmptls-trap zenziwe ukuze kusingathwe ukufinyelela kuphrothokholi ye-SNMP ngesiteshi sokuxhumana esivikelekile.
- Isevisi iqaliswe ngokusekelwa kwephrothokholi esetshenziswa kusistimu yefayela ehlukaniselwe i-IPFS.
- Izinsizakalo ezingeziwe ezisekelwa i-gpsd, ident, ps3netsrv, CrateDB, checkmk, netdata, Kodi JSON-RPC, EventServer, Prometheus node-exporter, kubelet-readonly, kanye nenguqulo evikelekile yendiza yesilawuli se-k8s.
- Kwengezwe ipharamitha ethi "--log-target".
- Imodi yokuqalisa ye-failsafe yengeziwe, ekuvumela ukuthi ubuyele emuva ekucushweni okuzenzakalelayo uma kwenzeka kuba nezinkinga ngemithetho eshiwo, ngaphandle kokushiya umsingathi engavikelekile.
- I-Bash manje isekela ukuqedwa komyalo wokusebenza ngemithetho.
Source: opennet.ru
