[ previous ] [ next ] [ threads ]
 
 From:  Shish <shish at shish dot is dash a dash geek dot net>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Some feature requests
 Date:  Sun, 21 May 2006 12:40:28 +0100
I just started usin m0n0wall yesterday, everything works just as well
as the custom debian firewall it took me a week to set up, with the
exception of a couple of things I can't see any way to do:


o) Automatic wake-on-lan messages

Because my server needs internet access for a couple of things in the
boot phase, the router / firewall needs to be completely online and
running before it starts, so setting both to wake-on-power doesn't
work. A setup which works great is having the router wake on power, and
once it's ready, sending wake-on-lan packets to all the other boxes. A
checkbox next to each of my WOL bookmarks for "send a packet here when
m0n0wall boots" would be most appreciated


o) OpenVPN

It was there, and now it isn't? What was wrong with it? Is there any
way to get it back?


o) Firewall rule for connections / sec

Running a shell server for some friends, they want to make outgoing
connections; however I don't want to be part of a DDoS attack if an
account gets broken into. Currently I have rules like HTTP gets 60
connections / min with burst of 200, and IRC gets 1 connection / min
with burst of 10 (to allow just-started clients to connect to all
networks, and periodic reconnction when a connection dies for whatever
reason). It's worked well for normal use (the users don't notice it),
and under attack (only about 100 packets were sent before I noticed,
compared to the several thousand that would've been were it not for
the filtering)


o) Swap space

I still have a partition marked "Linux Swap" for the debian firewall --
can m0n0wall be made to use it? (It can be reformatted if necessary).
My firewall box has 32MB RAM, and is too old for upgrades (I don't
even know what type of RAM it uses, the sticks aren't a type I
recognise...). m0n0wall does work fine on 32MB, so long as I only open
one page at a time...


o) "Move selected rules before this rule" for the traffic shaper

It's *so* much faster than "move rule up / down one position". I got so
fed up I ended up writing a small shell script to automate the upping
and downing for me :P


o) Bootable floppies

Old hardware again -- the CD drive is a bit dodgy, and the box
sometimes gives up too soon and moves on to booting from the hard
drive. Putting GRUB / the BSD equivalent on the floppy and setting it
to boot the CD would be more reliable. I know it's not a m0n0wall thing
per-se, but a note in the docs about how to do it would be nice.


And finally, a tiny bug report -- when adding NAT rules, and ticking
the "Auto-add a firewall rule..." box, if there's an error in the user's
input, the box is un-ticked on the "please correct your errors" page.

    -- Shish