> So you think for the typical installation you should have to *enable*
> outbound NAT? When 99.99% of m0n0wall installs use it? No, you
> destroy usability when you don't enable something by default that
> 99.99% of your user base needs. m0n0wall isn't a router, it's a
> firewall, and hence should NAT by default given the needs of the user
> base. The commercial products it compares to enable NAT by default.
I think the problem here is not whether NAT is turned on or off by default.
That is a strategical decision (that has already been done, obviously). The
disturbing fact is, that the user interface does not imply NAT is switched on
by default. Furthermore, a user needs to enable 'advanced NAT' (a term that
can be discussed) in order to be able to turn NAT off. Sorry, but I can't
find that very logical ...
> > Again, I think m0nowall is a cool project, so take this as a constructive
> > input, please.
> So taken, but when you're doing something that's completely out of the
> ordinary with a given package, you'll find that the default settings
> won't meet your needs -
Sure, but that's fine - as long as the GUI represents that.
> in general, if they did, they wouldn't meet
> the needs of the vast majority of the users.
Absolutely, but as I say: A (good) GUI should show what is enabled and what
not. It should not hide things that are enabled...
Well, just my personal opinion.
Stephan A. Rickauer