|
||||||||
OK, here's a summarized update: Jesse Guardiani wrote: > Hello, > > I've been working a lot with m0n0wall lately, and > since I've run both 1.11 and 1.2b3, and I read this > list, I have come up with a minimal list of things > that are broken in 1.2b3. This list is not meant to > be all-inclusive. It is merely my observations. > However, I hope we can get together a list of > outstanding 1.2b3 issues to fix before 1.2 final > based on this list or something similar. In no > particular order: > > 1.) bridging > This seems totally broken in 1.2b3. I've > been testing all night on a soekris 4801 > and I can't get any form of bridging working > in 1.2b3. I can downgrade my firmware to > 1.11, get a working config, then upgrade to > 1.2b3 and it's instantly broken. I was testing with the OPT1 interface bridged to the WAN interface, and a static IP bound to the WAN interface. I've found that if I remove the static IP from the WAN interface that bridging becomes truly transparent under 1.11, and works equally well under 1.2b3. I've asked Manuel if we can add a knob to the webGUI to make it easier to assign "no IP" to the WAN interface. I had to clear mine by manually editing my config.xml file and then restoring it to my running m0n0wall box. In addition, we need to confirm that creating bridge under 1.2b3 between OPT1 and WAN and a static IP on WAN does *NOT* work. If this is the case then perhaps we need to find some way to disallow this sort of misconfiguration or otherwise fix to underlying problem, if any. > 2.) lockups on WRAP hardware > for some reason 1.2b3 causes lockups on WRAP > hardware. I didn't see any resolutions to this > in the archive, so I'm guessing this is an > ongoing problem. I've seen two possible explanations: a.) a bad batch of WRAPS was supposedly produce around Sept 2004. (this seems a bit unlikely as 1.2b2 seems to work fine on the affected WRAPs) b.) perhaps the kernel HZ bump between 1.2b2 and 1.2b3 to 1000hz is bringing out flaws in some WRAP older/buggy hardware/firmware? It might help if we could collect the BIOS revision and hardware revision numbers of the affected boards. > 3.) TCP/IP connection drops > My SSH connections die after about 2 hours > under 1.2b3. I don't think this used to happen > under 1.11. Someone else confirmed that this > happens to them too. The connection isn't > denied. It seems like it times out. I think this one can be considered "resolved". I believe it was necessary due to the kernel HZ change, correct? Please see the new FAQ: http://m0n0.ch/wall/docbook/faq-ssh-timeout.html > 4.) Captive Portal flakiness > Captive Portal fails to honor MAC pass-through > sometimes under 1.2b3. This is strange as it > seems intermittent, but I've had it happen at > least twice. Also, I've seen a lot of other > posts regarding Captive Portal lately. Are > there any other confirmed issues in 1.2b3? No progress on this yet. I'll try to get some more concrete data soon. In addition, I think we can add these to the list: 5.) In both 1.11 and 1.2b3, Traffic Shaper appears to *NOT* affect uploads on filtered, bridged connections. Please see this thread for more info: http://thread.gmane.org/gmane.comp.security.firewalls.m0n0wall/13358 6.) The CPU meter on the status page is a bit quirky due to the way CPU is sampled. The first time the meter is displayed it reads higher than it should. In addition, if the refresh button is clicked on the browser instead of the Status -> System hyperlink then CPU usage reads higher than it should by about 30%. We can always write an FAQ about this, but I think it would be better to fix the algorithm or polling method. Have I missed any issues? I try to read all of the posts, but I can't always be sure what's user error and what's a bug/issue. -- Jesse Guardiani, Systems Administrator WingNET Internet Services, P.O. Box 2605 // Cleveland, TN 37320-2605 423-559-LINK (v) 423-559-5145 (f) http://www.wingnet.net |