[ previous ] [ next ] [ threads ]
 
 From:  Hilton Travis <Hilton at QuarkAV dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Feature request which would make m0n0wall even better ;)
 Date:  Tue, 27 Jan 2004 23:33:49 +1000 
Hi Nik,

On Tue, 2004-01-27 at 22:43, Nik Clayton wrote:
> On Sun, Jan 25, 2004 at 07:14:12AM +1000, Hilton Travis wrote:
> > Nope, it wouldn't.  Adding extra functionality to a firewall is like
> > asking that your toaster also boil the kettle.  It is just not designed
> > for that.
> > 
> > Adding NTP will then have people asking for ident, then eventually
> > Samba.  Believe me, I've seen this happen before.  :)
> 
> What I think a lot of these requests are expressing is a need for
> either:
> 
>   a) A mono<foo> that's not designed to be a firewall, but that is 
>      designed to provide these sorts of 'small' services for smallish
>      networks.
> 
>         NTP
> 	DNS
> 	WINS
> 	Authentication
> 
>      and so on, or

m0n0wall is a firewall.  It isn't a file server, nor is it a BSD distro
designed to run as a fish tank controller.  I cannot understand why
people want to compromise the security of a security device by running
additional software on it that is not designed, suited, or even safe to
be running on a firewall.

>   b) A plugin framework that lets people write these things themselves,
>      safe in the knowledge that the next update isn't going to stomp
>      all over them.

Ever heard of E-Smith, Clark Connect, BSD, Linux, Windows SBS, etc? 
These are designed to be modular systems that run extremely well behind
a secure firewall, work as a modular system, and can easily provide all
the functionality that a firewall shouldn't.

Personally, I want a firewall that is a firewall.  I'll have another
internal, protected, server to run these server functions.  Security is
paramount for a security device, and for your network.

-- 

Regards,

Hilton Travis                   Email: Hilton at QuarkAV dot com
Manager, Quark AudioVisual      Phone: +61-(0)7-3343-3889
         Quark Computers        Phone: +61-(0)419-792-394
(Brisbane, Australia)            http://www.QuarkAV.com/

Open Source Projects:		http://www.ares-desktop.org/
				http://www.mamboband.org/

Non Linear Video Editing Solutions & Digital Audio Workstations
 Network Administration, SmoothWall Firewalls, NOD32 AntiVirus
  Conference and Seminar AudioVisual Production and Recording

War doesn't determine who is right. War determines who is left.