[ previous ] [ next ] [ threads ]
 
 From:  sai <sonicsai at gmail dot com>
 To:  S dot F at fantasymail dot de
 Cc:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: Wishlist --> GUI --> Mount options - Good/Bad? (Comments?)
 Date:  Tue, 8 Nov 2005 11:33:42 +0500
as you say m0n0 is mainly for embedded...additionally the philosophy
is that firewalls are for security and so should not have anything on
board that can be handled better elsewhere (like anti spam, IDS etc).
This increases reliability and reduces the chances of software
failure/bugs.

Having a hard disk increases the chances of hardware failure - logs
can be kept on a syslog server.
Everything runs out of memory - so no need for swap.
As for RAID, this is surely way to much for a firewall. At the moment
the HD is used for booting and then is not used at all - I believe
that it is parked.

sai

On 11/7/05, S dot F at fantasymail dot de <S dot F at fantasymail dot de> wrote:
> Hallo Monowall-List,
>
> Currently i use monowall as CD/Floppy version on a
> normal PC x86 Pentium 1 System (166 MHZ w. MMX and
> 128 MB RAM). I know that monowall is mostly for a
> embedded x86-based System but some things are imho
> missing. Maybe Manuel want to say what he think too?
>
> I checked the Developers Handbook (looks very fine!)
> and currently i missing a few functions in monoeall.
>
> What do you think about the possibility to define a
> place where the conf and firewall logs can be local
> saved? Maybe allow to write at the same time on a
> hdd and floppy? In this way no config can get lost.
>
> I already saw that NO_SWAPPING option is compiled in
> the cdversions kernel. Wont be it maybe a good idea
> to add a funktion in the webgui where users can define
> a pre-pared HDD (or maybe directly format and save a
> automatic mounted HDD on boot) that can be used as
> SWAP and log harddrive local? Is there any GOOD reason
> to let swapping disabled for security or stability?
>
> I also saw that all raid drivers are not installed in
> that kernel. Maybe keep iir (ICP/Intel) and 3ware drivers
> in that kernel or you know a easy way to offer a funcation
> to save a kernel modul on the floppy disc that then the
> System load a driver modul, and then mount a file system?
>
> For my self i guess that i can be able (with the use of
> the Developers Handbook) to create my own Monowall image
> with my missed functions and by the way remove drivers that
> i personaly not need for my firewall box.
>
> My "whishes" are maybe for interesting for all who want to
> Use the CD/Floppy version with the way to use a SWAP and 1
> partition (the free hdd space) for firewall logs.
>
> Imho it cant be bad to offer swap space in a normal computer
> system that monowall can use or i am wrong with that?
>
> If i ever create a own monowall image then i will ...
> - Use CD/Floppy Version
> - Add ICP Vortex/Intel Raid Drivers
> - Use a Raid 1 Array with 2 x 4,3 GB IMB Drives
> - Adding 512 MB Swap Partition
> - Use the rest of the Array for Log Space
>
> Of course with modified fstab file and fine tuned Kernel
> (remove all drivers that i never need in that box).
>
> Now i wait hopefully for your comments :)
>
> Regards,
> Stefan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>