I use monowall as a router for my home network.
It is very helpful tool. Thanks a lot!
But I found 3 issues missing in monowall.
The first is DHCP + PPTP.
Our ISP uses PPTP to connect to Internet.
But in base (ethernet) network address is received via DHCP.
('Local IP address' in PPTP configuration tab)
After that PPTP connection can be made.
I did not find any workaround for it, so I spend some time to write a patch.
'Local IP address' is left blank and received dynamically.
It is under testing now. Seems working.
Searching info I found many users wanting this feature.
It is easy to adopt this patch to handle PPPoE mode, but I have no PPPoE
server in the neighbourhood to test.
The second issue is accessing base ethernet network when PPTP or PPPoE
Out ISP has a lot of resources placed in local network (not through PPTP
Setting WAN to PPTP leads to inability of these resources, because all the
traffic goes via ng0 and ethernet interface is blocked.
I have made another patch that adds appropriate ipfilter rules for ethernet
Also automatic NAT rules are generated for ethernet interface based on
network address (standard 192.168.0.0/16, 172.16.0.0/12, 10.0.0.0/8).
This patch works fine but I want to add checkbox to disable this feature
(default monowall behavior).
It should be admitted that this feature can be very helpful for many users
at least in Russian Internet.
And the third issue is connected with previous.
I realize that automatic network detection for NAT may not work fine under
For example, networks could have different masks than listed above.
In this case NAT should be specified manually by setting rules and mark
'advanced outbound NAT' checkbox.
But for all the NAT rules only WAN interface is available.
For PPTP mode it is ng0, and no opportunity to assign ethernet interface.
I think patch should be written allowing users to choose desired interface
when tunnel is created (WAN ng0, WAN em0).
I have skills and will to do it.
According to this fix firewall should be fixed in the same manner to keep
It is additional work and should be coordinated with main developers (hi,
Finally, I made these two patches for 1.23 version.
I know this branch is closed, but described features are required by many
people using 1.2x as a stable solution.
1.3 is still beta. AFAIK there are still problems.
Today I've received letter from Manuel about new concept. This is great!
I do not know German but browsing pictures I was excited about new ideas.
This new monowall generation will be excellent but it will take some time to
release stable version.
I want to suggest releasing 1.24 version with the following features:
1) DHCP + PPTP (already done, needs testing)
2) DHCP + PPPoE (can be ported easily but needs testing)
3) additional NAT and firewall WAN interface features described above
I am ready to spend my time to release these features.
Current patches can be obtained here (applies to rootfs):
What do you think?