What if you add checkbox in the global settings or even per interface
config with option to enable/disable spoof checking? How do you think
does it make sense?
Returning to my config, I need m0n0 as a transparent bandwidth limiter (
no ips on WAN and OPT, no NAT, static routes, etc.) with management
over LAN interface that is placed in the admin net. The point is that
admin net has its own firewall and accesses internet over m0n0's WAN and
OPT1 interfaces so spoof checking of LAN net on WAN interface blocks it.
The workaround is to assign some public IP address (like 192.168.x.x)
and use it for management in the admin net along with real IP addresses
but it isn't nice solution.
Another issue is 'queue' parameter (not queue itself) of pipe in
DUMMYNET shaper. It allows creation of custom queues for certain pipe
thus making shaper smoother. m0n0 doesn't allow to do this. I'm willing
to add this parameter in the pipe config so could you be so kind to
point me places that should be changed? So far I found 'shaper.inc',
'firewall_shaper_pipes.php' and 'firewall_shaper_pipes_edit.php'. Do I
need any other file? By the way with which 'HZ' parameter is kernel
Sorry to bother you with my problems (you've already done a great job!)
but maybe this will help you to improve even best m0n0wall.