Re: [m0n0wall] Disable WebGUI and use Shell only?

From:	"Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
To:	"Ryan Wagoner" <Ryan at wgnrs dot dynu dot com>
Cc:	"Lee Sharp" <leesharp at hal dash pc dot org>, m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Disable WebGUI and use Shell only?
Date:	Fri, 10 Mar 2006 13:46:17 -0500

Oh yeah, don't get me wrong, I enjoy the m0n0 GUI very much. This is just a
limited scope type of a situation that I thought others might also have
encountered.


On 3/10/06, Ryan Wagoner <Ryan at wgnrs dot dynu dot com> wrote:
>
> If you really want the option to SSH in and gain access to the console
> pfsense has what you are looking for.
>
> I really don't see the need to do this since the config is stored in
> config.xml. It would be more of a pain to edit through the console than
> through the web gui. Honestly on my linux server I do everything throug hte
> command line it doesn't even have an x server running, but with monowall I
> like the gui. Its not a after thought like normal linux guis are and
> everything is tightly integrated.
>
>
> -----Original Message-----
> From: Jimmy Bones (Mhottie) [mailto:mhottie at gmail dot com]
> Sent: Thu 3/9/2006 11:23 PM
> To: Lee Sharp
> Cc: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] Disable WebGUI and use Shell only?
>
> It might be, but the client in question is a small business, and everyone
> shares roles. There are some nosy people in the office that think they
> know
> how to "fix" computers, and to alleviate larger problems and issues it
> would
> be best to avoid them from seeing a webGUI.
>
> I never really noticed this until now, but why can you not ssh into a
> m0n0wall box for manual config and/or status monitoring w/o a gui?
>
> Thanks for your replies.
>
>
>
> On 3/9/06, Lee Sharp <leesharp at hal dash pc dot org> wrote:
> >
> > From: "Jimmy Bones (Mhottie)" <mhottie at gmail dot com>
> >
> > > Is there a way to disable the webgui and configure/access via
> shell/ssh
> > > only?
> >
> > No.  First, m0n0wall has no shell.  Second, the web GUI is not a config
> > tool, but the backbone of the system.
> >
> > > Or maybe run the webgui on an odd port, etc? Have the console menu
> dump
> > > into
> > > a shell login prompt instead of console menu, etc?
> >
> > Pick any port.  And run it with ssl if you want.
> >
> > > I ask because we are going to setup a m0n0 box in a small office that
> > has
> > > several nosy people in it that will want to start "playing with
> > settings".
> > > I
> > > would like to do the inital config in the webgui, then disable it and
> > > continue to configure via a shell, etc. and keep it that way.
> >
> > This is not a technical problem, and can not be solved with a technical
> > solution.  However, the new Sarbanes Oxley regulations can be your
> friend
> > here.  "I am not sure about this.  Isn't giving access to the firewall
> to
> > people not on the security team a violation of Sarbanes-Oxley?  Should
> we
> > ask legal, or the auditors?"
> >
> >                         Lee
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> > For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> >
> >
>
>