Uhlobo olusha lwefayela le- icompact system yokwakha izibhulamlilo namasango enethiwekhi "I-PfSense 2.4.5". Le nguqulo entsha yethula ukuthuthuka okuthile, kepha ngaphezu kwakho konke iza ukuxazulula amaphutha athile akhonjwe enguqulweni edlule.
Kulabo abangazi nge-pfSense kufanele bazi ukuthi lokhu ukusatshalaliswa kwe-FreeBSD ngokwezifiso, okusho ukuthi eguqulelwe ukusetshenziswa njenge-Firewall ne-Router. Ibonakala ngokuba ngumthombo ovulekile, ingafakwa kumakhompyutha anhlobonhlobo futhi ine-interface elula yewebhu yokumiswa kwayo.
Mayelana ne-pfSense
pfSense isebenzisa intuthuko evela kuphrojekthi ye-m0n0wall nokusetshenziswa okusebenzayo kwe-pf ne-ALTQ. Ukusabalalisa kuphathwa ngokusebenzisa isikhombimsebenzisi sewebhu.
I-Captive Portal, i-NAT, i-VPN (i-IPsec, i-OpenVPN), ne-PPPoE ingasetshenziselwa ukuhlela ukufinyelela komsebenzisi kunethiwekhi enentambo nengenantambo. Ububanzi obubanzi bamakhono busekelwa ukukhawulela umkhawulokudonsa, ukunciphisa inani lokuxhumeka ngasikhathi sinye, isiminyaminya sethrafikhi, nokwakha ukumiswa okususelwa ekubhekaneni namaphutha kwe-CARP.
Izibalo zomsebenzi zikhonjiswa kumagrafu noma ngefomu letafula. Ukugunyazwa kusekelwa kumininingo egciniwe yomsebenzisi wendawo, kanye nange-RADIUS ne-LDAP.
Phakathi kwezici zayo eziyinhloko itholakele:
- firewall
- Ithebula Lombuso
- Ukuhumusha Ikheli Lenethiwekhi (NAT)
- Ukutholakala okuphezulu
- Ama-Multi-WAN
- Ukulayisha umthwalo
- I-VPN engakhiwa ku-IPsec, OpenVPN naku-PPTP
- Iseva ye-PPPoE
- Iseva ye-DNS
- Ingosi yokuthunjwa
- Iseva ye-DHCP
PfSense inomphathi wephakeji ukwandisa ukusebenza kwayoLapho ukhetha iphakheji oyifunayo, isistimu iyalanda ngokuzenzakalela bese iyifaka. Kunamamojula angaba ngamashumi ayisikhombisa atholakalayo, phakathi kwawo kukhona ummeleli we-Squid, IMSpector, Snort, ClamAV, phakathi kwabanye.
Izici ezintsha eziyinhloko pfSense 2.4.5
Kulo magazini omusha singakuthola lokho izingxenye zohlelo lwesisekelo zibuyekezelwe i-FreeBSD 11-STABLE.
Ngokwengxenye yokuthuthuka okuvela kule nguqulo entsha, singakuthola kwamanye amakhasi esibonakalayo sewebhu, kufaka phakathi umphathi wesitifiketi, uhlu olubophezelayo lwe-DHCP, namatafula we-ARP / NDPUkusekelwa kokuhlungwa nokuseshwa kuvele.
Kuzilungiselelo zohlelo lwefayela le-UFS zezinhlelo ezintsha, ngokuzenzakalela, imodi yesikhathi sasemini inikwe amandla ukunciphisa imisebenzi yokubhala engadingekile.
Ngakolunye uhlangothi, kufayela le- Isixazululo se-DNS esingaboshiwe, esingezwe kumathuluzi wokuhlanganisa wokubhala we-Python.
Ngenkathi nge-IPsec DH (Diffie-Hellman) ne-PFS (Perfect Forward Secrecy), amaqembu e-Diffie-Hellman angama-25, 26, 27 no-31 angeziwe.
Ngaphezu kwalokhu, isimemezelo sisho lokho "autocomplete = new-password" imfanelo ingezwe kumafomu okuqinisekisa ukukhubaza ukuqedela ngokuzenzakalela kwezinkambu ezinedatha ebucayi futhi kungeze nabahlinzeki berekhodi abanamandla be-DNS: uLinode noGandi.
Ngasohlangothini lokulungiswa, isimemezelo sisho ukuthi ukukhubazeka okuningana kulungisiwe, kufaka phakathi inkinga kusixhumi esibonakalayo esuselwe kuwebhu esivumela umsebenzisi oqinisekisiwe ukufinyelela iwijethi yokulayisha isithombe ukusebenzisa noma iyiphi ikhodi ye-PHP futhi athole ukufinyelela kumakhasi anelungelo lomlawuli isikhombimsebenzisi. Ngokwengeziwe, i-cross-site scripting (XSS) isusiwe kusixhumi esibonakalayo sewebhu.
Landa bese uthola pfSense
Ekugcineni, kulabo abanentshisekelo yokukwazi ukulanda nokufaka noma bakwazi ukuhlola lolu hlelo.
Ungasithola isithombe salokhu, kusuka kuwebhusayithi yakho futhi esigabeni sayo sokulanda ungathola izixhumanisi zokulanda isithombe sohlelo.
Esigabeni sokulanda singathola izithombe eziningana zokwakhiwa kwe-amd64, ezihluka ngosayizi kusuka ku-300 kuye ku-360 MB, phakathi kwazo singathola i-LiveCD nesithombe esizosifaka ku-USB Flash.
Isithombe se-usb singarekhodwa ne-Etcher okuyithuluzi le-multiplatform. Noma maqondana neWindows bazokwazi ukuqopha isithombe ngosizo lukaRufus.
Ngenkathi sisuka eLinux singakwazi ukuzisekela kusuka esigungwini ngomyalo we-dd.