[ previous ] [ next ] [ threads ]
 From:  "Manuel Kasper" <mk at neon1 dot net>
 To:  "Michael DeMan" <michael at staff dot openaccess dot org>
 Cc:  list at m0n0wall dot neon1 dot net
 Subject:  Re: [m0n0wall] MiniBSD binary (was: LAN - DMZ - WAN Firewall rules
 Date:  Tue, 22 Apr 2003 21:20:42 +0200 (CEST)
Hi Michael,

> boxes as much as possible.  Having ssh, perl and other stuff makes the
> image a lot bigger, but is very handy to have.

Who cares now that one has a hard time finding CF cards that are smaller
than 64 MBs... ;)

> B) routers/appliances we manage.  Frequently we need to do things like
> support 40+ VLANs (and 40+ bpf for DHCP), multiple WiFi interfaces with
> complex routing, etc.

See, that's where I DON'T want to see m0n0wall being used - it was just
never made to be so flexible. You can't have all the flexibility and a
nice fool-proof GUI on top of it - that's why command line/text
configuration stuff like BSD is still successful... And that's when people
ask me to implement <insert-obscure-feature-here> (not all features that
have been suggested so far are "obscure", of course!) in m0n0wall - and
then I really can't find any reason to do it. This is where "m0n0BSD"
would fit in. Complex problems warrant the need for enough knowledge of
those who try to solve them anyway - I'm not a big friend of the "Next ->
Next -> Finish Wizards try-and-click-till-it-works" approach.

I know that everybody can follow my guide and build an image on their own,
and I don't know about others, but I know that I have not even given
other, similar projects a single try if they didn't have a ready-made
downloadable image available that was suitable for flashing to a CF card.
Besides, who wants to do all the work over and over again as newer
versions of FreeBSD are released? I don't know if I want to, but if I'd do
it, it would at least be for the benefit of all (besides, I have to do it
anyway for m0n0wall).

> Fat = loaded up with extras.  Image is larger, but with the price of
> compact
> flash nowadays it doesn't really matter.  Root file system is on compact
> flash.  The 'extras' are configured via SSH and default is to not run
> them.

Yep, that's about the way I see it.

m0n0wall will be continued the way it is now and at about the same pace.
Besides, I welcome the thought of doing something that doesn't involve PHP
for a change (my other [paid] projects are all about it, too...).

> So you're thinking that m0n0BSD = 'fat' version?

m0n0BSD - the fat dough that's perfect for your customized pastry! :))
Let's bake!