From: "Philippe Lang" <philippe dot lang at attiksystem dot ch>
> Tim Vaughan wrote:
>>> My understanding of the whole thing is, that a) m0n0wall is a
>>> completely different approach to the whole firewall thing than
>>> pfSense: m0n0wall is meant for lean&mean systems, where pfSense wants
>>> to be a full featured product. So, each of both has it's right to
>>> exist. b) is, that having m0n0wall running with FreeBSD 6.1 brings
>>> the advantage of much more hardware support, which alone is worth
>>> the work in my eyes.
>> If this is the case, isn't the quickest way of getting
>> m0n0wall on FreeBSD 6.1 just to cut out everything that
>> pfSense has added until it has feature parity with current m0n0wall?
> And by the way, is pfSense really a "completely different approach",
> compared to m0n0wall? I had a look at the configuration screen, and it's
> just like m0nowall, with some more features, something you would expect
> from the next version of m0n0wall by the way!
And a Porsche 959 has a windshield, wheel, and speedometer, just like an
SUV. However, they can not remotely do the same things with the same ease.
For example, look at the memory footprint of pfSense vs m0n0.
> In the inside, yes, pfSense runs Altq and Pf, the firewall package FreeBSD
> 6.0 has just inherited from OpenBSD, but really, with such a great user
> interface, we don't care, really.
No, YOU don't care. I do. The UI is fantastic, but that is not why I use
it. I use it for the function it performs.
> Regarding performance, pfSense is maybe not as quick as m0n0wall, but
> be, so would be a port of m0n0wall on FreeBSD 6.0. FreeBSD 4.0 is still
> fastest version.
Yes, there are only two possible speeds of the result... The new m0n0 will
be slower than 4.11, but faster than pfSense. It will also run in less
memory, and with less CPU.
> So, tell me: why on earth don't you want to jump into the pfSense
> development? Manuel, a few months ago, was talking about the future of
> m0n0wall, and proposing some sort of "complete" rewrite... Isn't that what
> pfSense is supposed to (or could) be? Chris Buechler is leading the
> pfSense development, so I think all the elements are here!
It would be a good place to backport a lot of changes from. However, if it
was the solution you are claiming it is, we would all be over there.
Especially Chris, who is active in both projects. Why would he do that if
m0n0 had nothing to offer?