[ previous ] [ next ] [ threads ]
 
 From:  Daniele Guazzoni <daniele dot guazzoni at gcomm dot ch>
 To:  m0n0wall list <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Re: FreeBSD 5.3 Released
 Date:  Sat, 20 Nov 2004 16:21:49 +0100
I absolutely agree with Manuel.

I'm not developing for m0n0wall (not yet, although I have some ideas for 
central management) but here my 2 cents:

I think the base concept of m0n0wall (this include architecture and 
management) is rock-solid.
I see it as some sort of KISS (Keep It Simple and Stupid) project.
It's small, cute, simple, open-source and best of all it works very well.
Shure there still are some corners to round-up but all in all it is great.

Everybody is screaming about adding this and adding that to m0n0wall.
I guess most of those people forgot that m0n0wall is a firewall and not 
an access-point, hotspot, server, filer, ...
It offers some functionality that goes above the basic firewall but this 
are not the stenghts of m0n0wall, they are just nice to have goodies.
The captive portal, for instance, for all old-school firewall admins is 
already a dangerous feature.
(Oh my god ! They have web server running on a firewall !!!)

I guess the next major release (Manuel correct me if I'm wrong) should 
bring the modular concept.
I think Manuel and the core developing team should concentrate their 
efforts on providing a stable m0n0wall base.
All the goodies and 
led-blinking-universal-network-toaster-dish-heater-razor-car-wash 
features can be developed apart and added as needed.
So if you find someone on this list willing to develop a disco light 
machine module for m0n0wall it's ok.
Do that and all guys who cannot live without it can insert the module 
but all others can still use the base m0n0wall package.

Regarding the OS:
Of course I use the cutting edge Fedora Core 3 on my workstation but my 
servers are using Enterprise Linux 3.0 (which is based on RedHat Linux 7.3).
The same applies for m0n0wall.
Shure 5.3 has some nice features but do we really need them ?
For instance you can have 802.11g and WPA already with the actual 
release of m0n0wall:
connect an external access-point to it and here you go.


Daniele


Manuel Kasper wrote:

>On 19.11.2004 16:22 -0500, Jesse Guardiani wrote:
>
>  
>
>>Sorry to revive an old thread like this, but this is on my mind a
>>lot now that FreeBSD 5.3 is RELEASE quality and so far I haven't
>>seen any mention of m0n0wall developers considering 5.x yet.
>>    
>>
>
>Not true. I've mentioned 5.x several times in the past, including
>here:
>
><http://m0n0.ch/wall/list-dev/?action=show_msg&actionargs[]=5&actionargs[]=35>
>
>Please, I'm absolutely sick of people begging for 5.3. I've said it
>enough: yes, we will move to 5.3 eventually, and it's also likely
>that one of the next betas will have 5.3 as the base system. But
>begging for it is not going to make it happen sooner, and only pisses
>me off, so please STOP!
>
>Still, the only important advantage I can see right now is ath
>support. And again, I think hostap is a very inferior alternative to
>"real" APs that don't rely on a mostly unsupported feature and should
>only be used where it's absolutely necessary to do everything on one
>box. Besides, 5.3 isn't going to give us things like WPA either.
>
>  
>
>>I've seen a few companies making T1 CSU/DSU cards available for
>>FreeBSD too. This adds to the core router idea. They're not likely
>>to work under 4.x.
>>    
>>
>
>I assume you're talking about Sangoma cards. They do work under 4.x,
>but it involves just a little more than compiling a driver into the
>kernel (same with 5.x).
>
>  
>
>>So are the primary developer(s) thinking about 5.3 yet? How
>>difficult would it be to move to 5.x, or better yet, support both
>>kernels with the same base system?
>>    
>>
>
>You can't just use the kernel but not the base system. Even with 4.x
>compatibility installed, some tools (like ifconfig) would break.
>
>- Manuel
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
>For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>  
>