[ previous ] [ next ] [ threads ]
 From:  "Bruce A. Mah" <bmah at acm dot org>
 To:  Dinesh Nair <dinesh at alphaque dot com>
 Cc:  m0n0wall dash dev at lists dot m0n0 dot ch, Manuel Kasper <mk at neon1 dot net>, bmah at acm dot org
 Subject:  Re: [m0n0wall-dev] FreeBSD 6.0-based alpha version 1.3a1 available
 Date:  Mon, 21 Nov 2005 22:08:30 -0800
If memory serves me right, Dinesh Nair wrote:
> On 11/19/05 20:13 Manuel Kasper said the following:
> > Just to make it clear: this is an *ALPHA* version, and it is only
> > intended for use by people with some knowledge about FreeBSD. Certain
> and to doubly stress, it's EXPERIMENTAL and that it's only released as a 
> prototype possible OS platform for m0n0wall as we progress forward. do not 
> use 1.3a1 in any production environment in any way.

I was wondering if you're still doing the m0n0bsd-style build?  I've
been experimenting with nanobsd on a net4801 and I like it.  It's pretty
tunable as to what parts of the system you want to include, but I feel
like it's a little more heavyweight.  A nice thing is that it uses dual
boot partitions (so you have a way to back out a failed upgrade.  It
might be worth investigating.

The project, ironically, is a system to replace my m0n0wall box.  I'm
outgrowing what m0n0wall is designed to do, and I'm actually more
comfortable with a more "stock" FreeBSD system anyway.  This is not a
knock on m0n0wall, which has done a great job of making a firewall
appliance accessible to a lot of people.

One thing I've learned along the way is that the filtering bridge
feature that got me involved with m0n0wall in the first place is a lot
easier to implement and use with the new if_bridge(4) driver, which was
ported from OpenBSD.  For starters, this makes it possible to solve the
"can't do NAT and bridging on the same box" problem.  It also integrates
with PF (presumably other firewalls too) fairly nicely.


signature.asc (0.2 KB, application/pgp-signature)