published the release of the distribution for creating inters grinding screens opensense 22.7 , which is a branch from the PFSENSE project, created to form a fully open distribution that could have functionality at the level of commercial solutions for the deployment of inter -grid screens and network gateways. Unlike PFSENSE, the project is positioned as an uncontrolled one company, developed with the direct participation of the community and has a completely transparent development process, as well as providing the possibility of using any of its developments in third -party products, including commercial ones. The initial texts of the components of the distribution, as well as the tools used for assembly, are distributed under the BSD license. Assemblies prepared in the form of LiveCd and a systemic image for recording on Flash-boaters (347 MB).
The base filling of the distribution is based on the FreeBSD code. Among the capabilities OPNSENSE you can distinguish a fully open assembly tooling, the possibility of installation on top of the usual FreeBSD, load balancing tools, Web interface for organization Captive Portal Connections, the availability of mechanisms to monitor the states of the PF based on PF), the task restrictions, traffic filtering, creating IPSEC, OpenVPN and PPTP, integration with LDAP and RADIS, support for DDNS (Dynamic DNS), a system of visual reports and graphs.
Distribution provides means of creating fault -tolerant configurations based on the use of the CARP protocol and allowed to start in addition to the main inter -grinding screen of the spare knot, which will be automatically synchronized at the configuration level and will take over the load in case of failure of the primary assembly. For the administrator, a modern and simple interface is offered for setting up an inter-grid screen, built using the Bootstrap Web-frame.
Among the changes:
- The transition to the FreeBSD branch 13.1.
- Updated versions of additional programs from ports, for example, PHP 8.0.20, Phalcon 5, SQLite 3.39.0, Suricata 6.0.6, Unbound 1.16.1.
- Added Support Intel Quickassist (QAT).
- Added support for Stacked Vlan technology (multilayer encapsulation of VLAN tags).
- Implementation of the DDOS protection mechanism using Syn Cookie.
- Added plugins APCUPSD and CROWDSEC.