[ previous ] [ next ] [ threads ]
 From:  Frederick Page <fpage at thebetteros dot oche dot de>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Why I left M0N0Wall
 Date:  Tue, 29 Mar 2005 12:00:34 +0200
Hallo Chris,

Chris Buechler schrieb am 28. March 2005:

>Actually he did help us uncover a legitimate problem with m0n0wall
>b5+, in that it takes way more CPU than previous versions did.

I only have a WRAP, that's something like Pentium-1, 266 Mhz. AFAIR
the initiator of the thread had a PC with a more potent CPU. However I
have only 2 mBit SDSL, that's probably the reason why I cannot max-out
my CPU with any version of m0n0.

I also read Manuel's mail here about the issues of FBSD 5.x and his
reluctance to jump onto this platform. As I understand it, the leap to
FBSD 5.3 was a HUGE step, which caused much work. The current ipfw and
ipfilter software might have to be replaced in the future as well,
which probably is another HUGE step.

Would it make any sense to consider e.g. OBSD 3.6 (which already has
pf, CARP, etc.) as a possible alternate platform? The world's safest
OS would make kind of sense on a router platform (from my point of
view), let alone the enhanced security by e.g. pf's "scrub" feature,
the enforced minimum TTL, etc.

ftp://ftp.openbsd.org/pub/OpenBSD/doc/pf-faq.pdf should put up some
argument here. One being performance.

Kind regards   Frederick