BSD 发布:m0n0wall 1.34

jopen 11年前

Manuel Kasper已经发布 m0n0wall 1.34,一个微型基于FreeBSD的操作系统,主要用于作为防火墙。
monowall.png

详细内容如下:

There are ready-made binary images for embedded computers from Soekris Engineering and PC Engines, a CF/IDE HD image for most standard PCs (other embedded ones may work, too) with either keyboard/monitor or serial console, a CD-ROM (ISO) image for standard PCs, a VMware image, as well as a tarball of the root filesystem. Refer to the installation instructions for information on how to install these files on the various platforms.

已知的Bug:

  • WARNING: this version (any platform) no longer fits on 8 MB CF cards! (>= 16 MB required)
  • When upgrading from generic-pc 1.2x, you must install 1.3b7 first before you install this image. Other platforms are not affected.

这次发布的变化:

  • Backported from beta branch:
    • Eliminate modifying GETs from webGUI pages.

      Note: the API pages exec_raw.php and uploadconfig.php now require different parameters than before. exec_raw.php now requires the cmd to be given in a POST, and both pages need a valid CSRF magic token, which can be obtained by issuing a GET first without any parameters (see example in exec_raw.php comment).
    • Make rule moving and deletion on shaper rules page work like for firewall rules.
    • Add csrf-magic for CSRF protection in webGUI.
    • Fix potential XSS in diag_ping.php and diag_traceroute.php.
    </li>
  • Increase key size of auto-generated webGUI certificates to 2048 bits.
  • Update default webGUI certificate/key.
  • Remove domain name handling from dhclient-script and change ARP command not to use sed (not used/available in m0n0wall).
  • Change virtualHW version to 7 for VMWare image to avoid errors in ESX 4
  • </ul> m0n0wall计划的目标是创建一份完整的、内置的防火墙软件包,当它配合PC使用时,能够提供商用防火墙机器的所有重要功能(连同易用性在内),而其价钱却只是后者的一小部分(因为m0n0wall是自由软件)。m0n0wall基于FreeBSD的一个精简版本,并带有一个web服务器(thttpd)、PHP以及其他一些实用工具。整套系统配置存储于单个的XML文本文件以对系统透明。m0n0wall很可能是首个拥有用PHP实现的启动配置的UNIX系统,而通常这是依靠shell脚本的,此外,它把整个系统配置都用XML格式存储。

    下 载cdrom-1.34.iso (17.8MB, SHA256).