Thursday, October 13, 2005, 3:49:33 AM, you wrote:
CB> I bet at least 25% of the user base thinks m0n0wall runs on Linux.
CB> You see it on the list all the time. Only a small minority really
CB> care what it runs.
I hope it's not quite like this. m0n0wall's claim to fame largely
consists of being The BSD-based firewall (and this is mentioned almost
everywhere where it's discussed), and the step of actually
discovering, downloading and installing something as complex as
firewall/router should filter out the most clueless users leaving a
few vocal ones to visit the list :-)
>> First - the OS of choice for a firewall/router project would be
>> some kind of BSD. It's not as popular as Linux, but it has an image
>> of industrial-strength OS, and it's already used in the current
>> m0n0wall. I think the final choice would be between OpenBSD (as
>> most stable and solid) and NetBSD (as runnig on most hardware),
>> even though FreeBSD 6 and DragonFlyBSD are strong contenders.
CB> I discussed why Open isn't a good option earlier.
As I wrote in item e), technical issues (such as speed, for example,
or even wireless support) are definitely important right now - and
that's why m0n0wall 1.2 is not based on OpenBSD.
Yet, Moore's law is still at work, and especially so for embedded
devices. On the other hand, I just can't see network speed keeping up,
especially in the places where embedded devices handle the traffic. So
I wouldn't be surprised if in a year or two (by the time the next m0n0
gets stable, polished and ready for public release) OpenBSD's
performance just won't matter anymore. And, of course, hardware
support keeps getting better across the board, so the real question is
not what's available now but what would be available by the release
It would be very interesting if someone would actually measure some
real-world numbers for various OSes on today's top-end (!) embedded
hardware and check out if the performance is acceptable there (just
barely would be definitely enough). If that would be the case, I'd say
forget about speed issues and go to the OS with the most useful public
image and a good set of native tools - hardware will definitely catch
up in a year or so.
"The most secure firewall runs on the most secure OS" or "The firewall
that runs on your toaster" are not just catchy phrases - they help
everybody in the long run (regardless of their actual truth). Every
newspaper, site, or blog that copies such phrase from the official
site adds just that little bit to the overall sanity counter and
promotes not just m0n0wall but a lot more of the good things :-) Feed
the good memes now and they'll grow one day and feed you in return ;-P
Pavel mailto:m0n0wall at abletools dot com