[ previous ] [ next ] [ threads ]
 
 From:  "BCW" <santana110 at telstra dot com>
 To:  "'Shish'" <shish at shish dot is dash a dash geek dot net>, <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Some feature requests
 Date:  Sun, 21 May 2006 22:36:43 +1000
Some of the feature will probably pretty hard to put them in.

M0n0wall original intention was to fit as much necessary feature into an 8MB
limit catered for the Soekris box.


-----Original Message-----
From: Shish [mailto:shish at shish dot is dash a dash geek dot net] 
Sent: Sunday, 21 May 2006 9:40 PM
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] Some feature requests

I just started usin m0n0wall yesterday, everything works just as well as the
custom debian firewall it took me a week to set up, with the exception of a
couple of things I can't see any way to do:


o) Automatic wake-on-lan messages

Because my server needs internet access for a couple of things in the boot
phase, the router / firewall needs to be completely online and running
before it starts, so setting both to wake-on-power doesn't work. A setup
which works great is having the router wake on power, and once it's ready,
sending wake-on-lan packets to all the other boxes. A checkbox next to each
of my WOL bookmarks for "send a packet here when m0n0wall boots" would be
most appreciated


o) OpenVPN

It was there, and now it isn't? What was wrong with it? Is there any way to
get it back?


o) Firewall rule for connections / sec

Running a shell server for some friends, they want to make outgoing
connections; however I don't want to be part of a DDoS attack if an account
gets broken into. Currently I have rules like HTTP gets 60 connections / min
with burst of 200, and IRC gets 1 connection / min with burst of 10 (to
allow just-started clients to connect to all networks, and periodic
reconnction when a connection dies for whatever reason). It's worked well
for normal use (the users don't notice it), and under attack (only about 100
packets were sent before I noticed, compared to the several thousand that
would've been were it not for the filtering)


o) Swap space

I still have a partition marked "Linux Swap" for the debian firewall -- can
m0n0wall be made to use it? (It can be reformatted if necessary).
My firewall box has 32MB RAM, and is too old for upgrades (I don't even know
what type of RAM it uses, the sticks aren't a type I recognise...). m0n0wall
does work fine on 32MB, so long as I only open one page at a time...


o) "Move selected rules before this rule" for the traffic shaper

It's *so* much faster than "move rule up / down one position". I got so fed
up I ended up writing a small shell script to automate the upping and
downing for me :P


o) Bootable floppies

Old hardware again -- the CD drive is a bit dodgy, and the box sometimes
gives up too soon and moves on to booting from the hard drive. Putting GRUB
/ the BSD equivalent on the floppy and setting it to boot the CD would be
more reliable. I know it's not a m0n0wall thing per-se, but a note in the
docs about how to do it would be nice.


And finally, a tiny bug report -- when adding NAT rules, and ticking the
"Auto-add a firewall rule..." box, if there's an error in the user's input,
the box is un-ticked on the "please correct your errors" page.

    -- Shish

---------------------------------------------------------------------
To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch