Maybe we should begin dialog about m0n0 branches. I like the purist idea of
m0n0 as a firewall only but what if there were branches like m0n0IDS and
m0n0Proxy and m0n0AP?
I strip the captive portal stuff outta my vanilla firewalls.....
Of course the burdeon would not be on Manuel to maintain these "ports".
Pitbull Technologies <http://www.pittech.com/>
Protecting your Digital Assets
Quoting Ziekke <ziekke at ziekke dot net>:
> I would be interested in the Snort and Squid patches. Are they available
> anywhere right now? Along with, perhaps, instructions on their use?
> I'd rather run snort right off my firewall than run something against
> the filter log, for obvious reasons.
> Please let me know!
> > sylikc wrote:
> >> Jean,
> >>> I'm replying this message cause I fully desagree with the
> >>> statement
> >>> that m0n0 whould not evolve with new and very usefull things just cause
> >>> people use it inside soekris or wrap boards.
> >>> I personally use it in most cases within wrap boards, but I
> >>> have some
> >>> cases where I run mono inside Dual Xeon 2.8 - 4 Gb RAM. Why we can not
> >>> have this stuff in m0n0, but disabled? if you choose to run m0n0 inside
> >>> a SBC board, no problem, just keep this features disabled, but if you
> >>> have machine power why not?
> >> Wow, I think you're one of the few that would run m0n0 on a Xeon, much
> >> less a dual Xeon with 4G of RAM. Sheesh... How much RAM does your
> >> modded m0n0 use in that environment? I can't get my base m0n0 to use
> >> any more than 47MB ;)
> > Easy, what is needed is a systcl configuration and a kernel rebuild,
> > even to work with SMP. In this machines I also have 4 Gigabit interfaces
> > and keep more than 200 VPNs simultaneously with a 10Mbit/s internet
> > link, and behind this m0n0 I have more than 700 computers and 20 servers.
> >>> the problem may be the U$3,00 plus to go from a 32MB CF to a
> >>> 64MB? I
> >>> don't think so. Or may have more RAM, but this is a real problem?
> >>> I developed lots of stuff to m0n0 in the last 3 months, but I
> >>> gave up
> >>> to post here, cause the answer is allways the same: "Bullshit, m0n0
> >>> isn't developed for this purpose". Among this things I have squid
> >>> integration in 1.2b1, snort integration in 1.2b1, database support for
> >>> logging purposes, an even the internationalization. All of them ( don't
> >>> really think this ) too heavy for SBC boards, but not to the PC case.
> >> I think m0n0's design goal started from gearing towards embedded, and
> >> the main developers continue their work geared towards an embedded
> >> platform. This has, for the most part kept the m0n0 distro small and
> >> the core requirements as lean as possible.
> >> We should get another list going, called the "m0n0 for full power PC"
> >> list, where people share their mods in patching up m0n0 with the
> >> latest squid or snort. There's always a few posts every here and
> >> there about integrating some full powered package into m0n0. I can
> >> see how the main distribution branch of m0n0 might not want to have
> >> this complication as m0n0 serves it's purpose quite well in its
> >> current minimalistic form. However, a new list where all the PC
> >> developers coming together might just end up being a branch of
> >> m0n0wall.
> > I've already thought about this. I've also already started a SF project
> > called m0n0Patches (not aproved yet, but in meanigs of being). But one
> > thing I don't really want is to fork this effort into a new project. As
> > you said M0n0 core team has developed a great package, and they are not
> > open to new ideias, but this is not sufficient to undeserve their work.
> > The other thing is that every single patch I wrote to m0n0 was
> > discarded(ignored, not even commented), even those ones that had not the
> > purpose of changing m0n0, but let it able to certify ICSA. I had the
> > oportunity to pay to m0n0 to be ICSA Firewall certified, but with I had
> > to say to my client to by a netscream firewall, cause m0n0 would never
> > be ICSA certifiable.
> > One thing that can really stop this problems is m0n0 having a WELL
> > DEFINED API to integrate modules, like a new feture in menu to upload
> > modules. I was figuring out about how to do this, and I can say that it
> > is not easy, but it is possible (maybe having new filesystems mounted
> > for each module). And with this API defined and people writing the
> > modules, the users can chose what they use, all this without a fork in
> > m0n0 project.
> >> I, personally would be quite interested to see your patches for squid,
> >> snort, and full database logging capabilities. (I'm sure others would
> >> too, seeing as there were posts earlier about it). I've seen other
> >> commercial solutions out there that aren't half as feature rich as
> >> m0n0 but just happen to have extensive logging and proxy support where
> >> I've had to recommend it to a client while I would have much rather
> >> implemented a m0n0wall instead.
> > this was what I tried to meant earlier. I really thing m0n0 is cool, but
> > to be really usefull everywhere it needs some new features.
> > I will release my patches in more one month. Cause I'm working heavelly
> > on squid patch to have NTLM integration, and to have a good ACL edition
> > system. The Internationalization patch is done, what I need are the
> > translators(anyone?). The snort one is just a copy of one patch that was
> > posted here aplied to m0n0 1.2b1. The security patch I have is just to
> > close m0n0 to the ICSA labs certification.
> > Jean
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch