Re: [m0n0wall] Monitor and Manage multiple M0n0's

From:	mtnbkr <waa dash m0n0wall at revpol dot com>
To:	German dot Martin at RSES dot rohde dash schwarz dot com
Cc:	m0n0wall at lists dot m0n0 dot ch
Subject:	Re: [m0n0wall] Monitor and Manage multiple M0n0's
Date:	Tue, 04 Apr 2006 10:03:10 -0400
I like the idea of using FWBuilder to manage rules for (multiple) m0n0wall.

I currently use FWbuilder for one of my client sites and would love the
idea of a m0n0wall filter plugin/script for Fwbuilder.. Nice idea.




German dot Martin at RSES dot rohde dash schwarz dot com wrote:
> In that way it would be possible to build a FWbuilder module to manage 
> m0n0wall appliances from this software. M0n0wall user interface is ok when 
> you have no more that 4 or 5 firewalls with static rules, but it is not 
> enough when there are many firewalls with rules that can change 
> frequently. In that case you need some centralized management.
> 
> What do you think about this?
> 
> Best regards,
> Germán Martín
> 
> 
> 
> 
> "Jeroen Visser" <monowall at forty dash two dot nl> 
> 04/04/2006 08:27
> 
> To
> m0n0wall at lists dot m0n0 dot ch
> cc
> 
> Subject
> Re: [m0n0wall] Monitor and Manage multiple M0n0's
> 
> 
> 
> 
> 
> 
> 
> Wouldn't that be more easy to implement if the next version of m0n0wall 
> would have
> separate firewall and management processes. If I remember correctly this 
> was
> something that was discussed when talking about m0n0wall 3.
> 
> Something like a soap-xml access to the config process would be helpful 
> when
> managing large numbers of firewalls from a central point. You could even 
> schedule
> firmware upgrades and copy users (not captive portal but the role manager) 
> from
> one template file on such a management machine.
> 
> The posibilities are endless. However, when you try to create such 
> management
> software now, posting variables to certain php pages, changing the 
> structure even
> a little bit would render such an application useless.
> 
> /2cents
> 
> Regards,
> 
> Jeroen Visser
> 
> 
> On Tue, 4 Apr 2006 18:55:19 -0700, Chris Flugstad wrote
>> As to the people who responded about editing the xml files.  That is a
>> way to do it.  Just very time consuming.  What the question was, was to
>> automate and manage remotely.  Editing a file and logging into each and
>> every box would take hours, as well as confusion of which boxes you had
>> already logged into.  If you had 30 boxes like Lee here, you'd
>> understand why load config files manually would suck.
>>
>> Basically, Im wondering if there is the ability to have a server that
>> could issue config files, and to load the m0n0wall with a basic config
>> file which would allow it to boot up and accept a new config file.  This
>> would make easy for setting up multiple boxes a day.  Also, if you have
>> a change to make across the board, on 30-100 boxes, you dont wanna do
>> that manually.  If you dont have a problem, you can volunteer to work
>> for me ;)
>>
>> thanks guys, and keep me posted lee
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>