[ previous ] [ next ] [ threads ]
 
 From:  Brett Dikeman <brett at cloud9 dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  USB keys for configuration data storage
 Date:  Thu, 17 Mar 2005 14:12:04 -0500
Hello all,

After my old laptop firewall blew a gasket (literally- after 6 years, 
the capacitors in the motherboard let the magic smoke out), I had to 
drag out the linksys router (ugh) to get back up, and I've been hunting 
for alternatives.

After a half hour or so googling, I found some mentions of installing 
m0n0wall on a USB key, but no details on how to do so.  I think that may 
be moot as I doubt the bios on the new host system will boot off USB, 
but it's something I might still like to hear about.

   The next best thing is a CDROM boot with configuration data on a USB 
flash key.  They're cheap (especially when you don't care too much about 
size; even 1MB would be enough), practically available at the corner 
drugstore, and secure- many have write-lock switches.  They're also 
reliable, unlike floppies and floppy drives.  No CF adapter needed- for 
the host or wherever you do your configuration.  Heck, I don't even have 
a floppy drive in most of my systems! :-)

However, I found nothing about support for this after checking release 
notes, documentation, and a list archive/FAQ search.  I did find 
mentions of saving configuration data in the install guide, but they 
indicate configuration saving is something the user has little control 
over- it just 'happens', you have no way to tell it -where- to save the 
data.

So am I being silly, in that it 'just works' if m0n0wall sees a USB mass 
storage device with a FAT partition?  Special tricks needed?  Not 
supported? (if so, I smell feature request ;-)  Another nice alternative 
would be remote config retrieval so you could burn a CD with enough of a 
config (say, the inside interface config) to get up and download the 
configuration file from another host.  I may want to change my port 
forwards a lot, but I haven't changed my router's internal IP in half a 
decade :-)

Thanks!
Brett