[ previous ] [ next ] [ threads ]
 
 From:  "Neil A. Hillard" <m0n0 at dana dot org dot uk>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] If you use linux before.... why m0n0 now?
 Date:  Sun, 30 Oct 2005 21:32:49 +0000
Hi,

>> Hi folks...
>>
>> "m0n0 ? why m0n0 and not IPCOP" ?
>
>My reason for leaving IPCOP was, that IPCOP seems to call home every time you
>call your routers main admin page. I don't know the aktual version, but I
>don't like this undokumentated features.

I was happily running Smoothwall and then IPCop for several years
(probably 4 in total) before moving to m0n0wall.

IPCop tends to have a lot of functionality built in and therefore tends
to have more problems.

IPCop also has to work round buggy USB ADSL devices in order to get them
working properly or recovering from errors correctly - I don't believe
that this is a fault of IPCop, just the devices it deals with.  m0n0wall
gets around this issue by not allowing the use of USB peripherals.

I moved to m0n0wall for a number of reasons:

1) m0n0wall will run from a small CF card - my IPCop machine had a 6Gb
hard disk, that came with the machine, and wasn't particularly quiet.
Now it has an 8Mb CF card and is virtually silent (apart from the fan in
the PSU).  For the record, I'm running it on a Compaq EN SFF 350MHz with
64Mb RAM.  IPCop will run from a CF card but it's not ideal and has a
much bigger footprint.

2) Real rulebase / NAT rules.  IPCop has implied rules - green can
access all, orange can access red, etc.  I wanted the flexibility of
managing my own rules.

3) Bridging support - I have a DMZ on real IP addresses, bridged with my
WAN network.

4) Multiple DMZs.

5) Ease of updates - m0n0wall updates the complete image every time
whereas IPCop replaces individual files (and the latest update was split
due to its size).

6) Ease of backup / restore - m0n0wall has a single configuration file
whereas IPCop has many configuration files.

7) Cleanliness of user interface.

8) VLAN support - finally got around to testing one of my spare boxes
with my 3com 3300 switch with VLAN tagging and all works OK.  Just need
to get some nice quiet fans for the 3300 and it'll be live very soon.
With that I can span one of the ports and then be able to packet capture
what's going on on any other port.


If you want to run a web proxy and other services then IPCop is the one
to go for as m0n0wall doesn't include them.  Now I have an ADSL line, a
cacheing proxy isn't an issue for me now but when I had POTS dial-up and
ISDN it was.


These are just a few of my reasons but you should ultimately go for the
one that solves your requirements.  If the one they're currently using
does the job then why change?  Had IPCop still met my criteria then I'd
still be using it and wouldn't have looked elsewhere.

Hope this helps,


                                Neil.

-- 
Neil A. Hillard                E-Mail:   m0n0 at dana dot org dot uk