On May 1, 2005, at 10:14 PM, Peter Allgeyer wrote:
> Hi Jim!
> Am Sonntag, den 01.05.2005, 12:31 -1000 schrieb Jim Thompson:
>> On Apr 30, 2005, at 10:32 PM, Brian wrote:
>>> I actually prefer using an access point as opposed to integrated wifi
>>> drivers anyway, this allows you to focus on, umm, building a
>> But it makes it more difficult to do things like open a firewall rule
>> for any authenticated wireless STA.
> Sorry for asking, but I can't agree to your assertion. Can you please
> more specific on this point?
Suppose you were to create a system that, using 802.1x or (better) WPA,
or (still better) WPA2 (aka 802.11i)
on the stand-alone AP, but you want the authentication (when
successful) to open a little 'path' through the firewall
for that AP.
On the AP, you don't know:
1) The IP address
2) where the 'router' (firewall) might be
3) what communication protocol (if any) is used between the AP(s!!) and
the m0n0wall firewall.
4) several other things. For instance, the AP might not have routing
information sufficient to reach the firewall.
Were you to combine the AP with the firewall, then you could (easily)
closely couple the two. Further, you
would know when the "AP" (now integrated) de-authenticated or
disassociated the STA(tion), and could
then *close* that same path through the firewall.
Further, there are other uses for 802.11 cards than associating with an
AP. Consider adhoc routing, (aka 'mesh')
At the end of the day, 802.11 and m0n0 are both just technology, and
you can assemble and exploit them as you wish.
If you prefer to use a standalone AP, thats cool by me. I'd like to
have the option to do it 'my way' too.
Manuel's reasoning for the move back to 4.11 for the mono-1.2 series is
just. I, for one, will continue to forge ahead with 5.4 and 6.0.