> -----Original Message-----
> From: David Kitchens [mailto:spider at webweaver dot com]
> Sent: Thursday, 15 June 2006 5:56 AM
> > question 2 - much more technical.
> > is there or will there ever be uPnP support - like in
> > smoothwall and the previously mentioned $$$$ systems (ie.
> > 192.168.xx IP will still work behind m0n0 if it has a
> > default GW even if the LAN of m0n0 is 10.71.x.x - can m0n0
> > inject its MAC address to unanswered GW ARP requests?)
> Doubtful in this lifetime, uPnP has been discussed many times
> on this list and is generally considered evil.
UPnP is about as evil as you can get. Take Celene Dion, breed her with
any of the members of Lordi, add some Dr Peppers and leave the result in
the Big Brother house for the next year. Take the resultant creature
and put it on American Idol. Now, look at *anyone* who's voting to keep
that creature in American Idol. UPnP is even more evil than that.
Any security company or device that supports UPnP is a complete and
utter joke. UPnP is a massive vulnerability waiting to happen. I'm
still surprised to this day that it hasn't been exploited due to its
inherent and mind numbingly stupid weaknesses.
> > question 3
> > Will the the m0n0wall route traffic to public IPs behind the
> > server...
> > for example let say I have an public subnet of 10.0.0.2 -
> > 10.0.0.24 (lets assume this is a public routable subnet)and I
> > want to have the ability of users behind m0n0 (10.0.0.2) that
> > may perhaps need a public IP, if I give them a public IP of
> > 10.0.0.4 with the default GW of
> > 10.0.0.1 (ISP device) and the public subnet mask, will m0n0
> > auto route traffic to them?? Is this possible, If so, how do
> > I make these routables work??
> That depends on how you set it up, you can bridge an opt
> interface to the WAN and put static machines there, or use
> NAT and proxy arp to let a LAN machine answer to a live IP.
Totally - configure things properly and it works a treat.
Hilton Travis Phone: +61 (0)7 3344 3889
(Brisbane, Australia) Phone: +61 (0)419 792 394
Manager, Quark IT http://www.quarkit.com.au
Quark AudioVisual http://www.quarkav.net
http://www.threatcode.com/ <-- its now time to shame poor coders
into writing code that is acceptable for use on today's networks
War doesn't determine who is right. War determines who is left.
This document and any attachments are for the intended recipient
only. It may contain confidential, privileged or copyright
material which must not be disclosed or distributed.
Quark Group Pty. Ltd.
T/A Quark Automation, Quark AudioVisual, Quark IT