Firewalld, kyakkyawan kayan aikin sarrafa ta wuta

Darkcrizt

4 minti

firewalld

firewalld, ingantaccen kayan aiki wanda ke karewa da toshe zirga-zirgar hanyar sadarwa

Mafi yawan Rarraba Linux suna da nasu sabis na Tacewar zaɓi an riga an gina shi, don haka yawanci ba dole ne mai amfani ya shiga cikin wannan ɓangaren ba. Amma wani lokacin wani nau'i na musamman na musamman ya zama dole ko don duk abin da mai amfani ke so.

Kuma shi ya sa a yau muyi magana firewalld, wanda Tacewar zaɓi ce mai ƙarfi mai ƙarfi, Ainihin yana ba ku damar sarrafa Firewall tare da goyan bayan yankunan cibiyar sadarwa don ayyana matakin amincewar cibiyoyin sadarwa ko musaya da kuke amfani da su don haɗawa. Yana da goyan bayan IPv4, IPv6 da ethernet bridging jeri.

Game da Firewalld

Firewalld da aiwatar da shi azaman abin rufewa akan abubuwan tacewa na fakitin nftables da iptables. Firewalld yana gudana azaman tsari na bango wanda ke ba da damar canza ƙa'idodin tace fakiti akan D-Bus ba tare da sake loda ka'idodin tace fakiti ba kuma ba tare da cire haɗin haɗin gwiwa ba.

Don gudanar da Tacewar zaɓi, ana amfani da mai amfani ta Firewall-cmd, wanda, lokacin ƙirƙirar dokoki, ba a dogara da adiresoshin IP ba, musaya na cibiyar sadarwa da lambobin tashar jiragen ruwa, amma akan sunayen ayyuka, misali, don buɗe damar shiga SSH, don rufewa. SSH, da sauransu.

Fahimtar hoto na Firewall-Confi (GTK) da kuma applet ta Firewall-applet (Qt) suma ana iya amfani da su don canza saitunan Firewall. Taimako don gudanarwa ta hanyar D-BUS API Firewalld yana samuwa a cikin ayyuka kamar NetworkManager, libvirt, podman, docker, da fail2ban.

Har ila yau, firewalld yana kula da aiki da tsari na dindindin daban. Don haka, Firewalld kuma yana ba da hanyar sadarwa don aikace-aikace don ƙara ƙa'idodi ta hanya mai dacewa.

Samfurin da ya gabata (system-config-firewall/lokkit) ya tsaya tsayin daka kuma kowane canji yana buƙatar sake yi mai wuya. Wannan yana nufin dole a sauke kayan aikin kwaya (misali: netfilter) kuma a sake loda su a kowane tsari. Bugu da kari, wannan sake kunnawa yana nufin rasa bayanin matsayi na hanyoyin haɗin da aka kafa.

Sabanin haka, Firewalld baya buƙatar sake kunna sabis don amfani da sabon saiti. Saboda haka, ba lallai ba ne a sake shigar da kernel modules. Matsalolin kawai shine don duk waɗannan suyi aiki daidai, dole ne a yi tsarin ta hanyar Firewalld da kayan aikin sa (firewall-cmd ko Firewall-config). Firewalld yana da ikon ƙara ƙa'idodi ta amfani da syntax iri ɗaya da umarnin {ip,ip6,eb} (dokokin kai tsaye).

Firewalld 1.3

A halin yanzu, Firewalld yana cikin sigar sa na 1.3, wanda aka saki kwanan nan kuma yana ba da ƙarin canje-canje masu zuwa:

  • An aiwatar da sabis ɗin da ya dace da aikace-aikacen raba fayil ɗin Warpinator wanda aka haɓaka ta hanyar rarraba Mint na Linux.
  • An ƙara bareos-director, bareos-filedaemon, da bareos-ajiya sabis don tallafawa tsarin madadin Bareos.
  • An aiwatar da dokar rufe fuska don nftables backend, wanda ke ba ku damar ɗaure mu'amalar hanyar sadarwa zuwa yankin da ke aiwatar da zirga-zirgar ababen hawa. Don iptables backend, wannan fasalin ba shi da tallafi.
  • Ƙara sabis don cibiyoyin sadarwar P2P masu rufi na Nebula.
  • Ƙara sabis don tsarin fitarwar ma'aunin Ceph zuwa bayanan bayanan Prometheus.
  • An ƙara sabis wanda ke goyan bayan ka'idar OMG DDS (Sabis ɗin Rarraba Bayanai na Rukunin Gudanar da Abu).
  • An ƙara sabis don aiwatar da buƙatun abokin ciniki don tantance sunayen masu masaukin baki ta amfani da ka'idar LLMNR (Haɗi-Local Multicast Name Resolution).
  • Ƙara sabis don ƙa'idar ps2link da ake amfani da ita don sadarwa tare da na'urorin wasan bidiyo na PlayStation 2.
  • An ƙara sabis don tallafawa aikin uwar garken don tsarin aiki tare fayil na Syncthing.

Idan kuna sha'awar ƙarin sani game da wannan sabon sigar, zaku iya tuntuɓar cikakkun bayanai a cikin bin hanyar haɗi.

Samun Firewalld

Daga karshe ga wadanda suke masu sha'awar samun damar shigar da wannan Firewall, Ya kamata ku san cewa an riga an yi amfani da aikin akan yawancin rarrabawar Linux, ciki har da RHEL 7+, Fedora 18+, da SUSE / openSUSE 15+. An rubuta lambar ta Firewalld a cikin Python kuma an sake shi ƙarƙashin lasisin GPLv2.

Kuna iya samun lambar tushe don ginin ku daga mahaɗin da ke ƙasa.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Alhakin bayanai: AB Internet Networks 2008 SL
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.

  1.   Seba m
    sa 1 shekara

    Shin yana da tallafi ga Wayland?

    Amsa wa Seba
  2.   lusito m
    sa 1 shekara

    Yana da ma'ana cewa ka je tsibirin foxes a Japan kuma ka kawo dukan foxes ka sanya su don kula da kajin ka ... a, maza, wato dbus don sarrafa ka'idodin tacewa.

    Amsa wa luisito