We have planned something like that, and when we want to release the
webGUI to use we can have a console option to release all firewall
rules. But we are concerned that not having the webGUI running is secure
like this solution, but needs less resources.
Mine GO BOOM wrote:
>> Another thing wre need to change in m0n0wall is the automatic starting
>>of the webGUI. We need to disable it, as we do with console. Some of our
>>clients think that keeping the admin web port open is a security flaw.
>>How can we start to do this? is there some documentation about the
>>m0n0wall XML Schema to us to include this setting there?
> If you plan on never changing the configuration file again, you can
> always block access to the site on the LAN side. If you really want to
> be able to access it again, you could always have another network card
> in there setup to be m0n0wall only for access change.