the new server is finally up and running (FreeBSD 4.8, of course :), and
all the m0n0wall and m0n0BSD related stuff has been moved to the following
The mailing list address is now m0n0wall at lists dot m0n0 dot ch (no need to
resubscribe; all subscribers have been copied over). Redirections have
been set up for the old addresses (URLs and mailing lists). There's now
also a separate mailing list for m0n0BSD, so if you're interested in it,
feel free to subscribe (m0n0bsd dash subscribe at lists dot m0n0 dot ch).
Rudi van Drunen's "m0n0wall Hackers Guide" has finally been published; it
describes how to set up your own m0n0wall development environment to
develop new features and involves netbooting (via PXE) to avoid having to
constantly reflash CF cards. So if you want to do m0n0wall development,
please have a look at it. Thanks, Rudi!
OK, now it's time to let you know that I made an executive decision
concerning SSH in m0n0wall. I decided that I do not want SSH (for logging
in remotely and getting a shell) in m0n0wall. I cannot see the point in
having it - FreeBSD in m0n0wall is so stripped down, there isn't even a
simple text editor. m0n0wall was intended as a "black-box" system, and the
user shouldn't need to (or be able to) worry about the underlying
operating system (FreeBSD, in this case). Besides, due to the custom rc.*
stuff (mostly PHP), there are few hooks where one could easily add his/her
own stuff on a live system.
So if you want a new feature in m0n0wall, I'd suggest you follow Rudi's
guide, implement the feature (including a webGUI page ;), submit the code
for inclusion in m0n0wall and make other m0n0wall users happy. :)
If you don't know PHP and are unwilling to learn, then m0n0BSD is for you.
Note that this doesn't mean that I don't want remote management in
m0n0wall! I've been looking into a solution with stunnel to do secure
remote administration of m0n0wall (also via WAN, of course), and that's
probably what I'm going to implement.
Concerning m0n0BSD, I have decided against the web based image building
system - it posed too many problems (e.g. having mirrors is difficult (PHP
required), vnconfig can only be run as root, tar archives with files that
appear to be owned as root have to be created by a non-root user, etc.).
I'll implement some kind of simple package system that can be used on a
live m0n0BSD system once the base image has been installed and booted. I
guess it could get as simple as a tar xzfvp package.tgz - deinstallation
facilities are probably unnecessary. Finally, I plan on registering
m0n0BSD with SourceForge so I can use their mirrors for distribution of
the files in the future.
That's it for now. pb9 will include a WAN interface MAC address spoofing
feature and probably also some support for setting the system time (+
timezone and NTP). Not sure when I'll release it; if you just want the MAC
address spoofing, you can get a prerelease version at