[ previous ] [ next ] [ threads ]
 From:  "Eric Garnice" <eric at number13 dot com>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Statement regarding m0n0wall features
 Date:  Tue, 27 Jan 2004 13:07:48 -0500
IDS / IPS and I'll be able to put my NetScreen up on eBay.  :-)

----- Original Message ----- 
From: "Manuel Kasper" <mk at neon1 dot net>
To: <m0n0wall at lists dot m0n0 dot ch>
Sent: Tuesday, January 27, 2004 12:38 PM
Subject: [m0n0wall] Statement regarding m0n0wall features

> Hey folks,
> I feel the need to state once and for all what the intention with which 
> I started m0n0wall was. My goal was to create a free/open-source 
> alternative to smaller commercial firewall boxes - no more, no less. I 
> figured that on a Soekris or similar embedded PC, it could be made to 
> look and behave just like a commercial firewall - only cheaper and with 
> me in control of the features. When I started working on it, I 
> especially had the following models in mind:
> - WatchGuard SOHO
> - ZyXEL ZyWALL 10
> - SonicWALL SOHO
> - NetScreen 5XP
> I didn't intend to create an enterprise-class firewall, and I didn't 
> intend to make a file, mail, print, web or whatever server. And despite 
> the fact that m0n0wall runs well (and in the majority of installations, 
> according to the survey!) on normal PCs, it is targeted at embedded PCs, 
> which means they dicate what is possible in terms of storage, CPU speed 
> and RAM size.
> I think m0n0wall mostly meets or even exceeds the feature range of the 
> aforementioned products, so my goal has already been reached. That 
> doesn't mean there's no room for or point in improvements. I just want 
> to make it clear that I don't think we're ever going to see things like 
> the following in m0n0wall:
> - caching proxy
> - file server (Samba etc.)
> - mail server
> - web server (Apache etc.)
> - very extensive statistics
> simply because it wasn't my goal to produce some all-in-one thing like 
> e-smith, but a packet filtering firewall. Furthermore, these things 
> usually don't mix well with embedded PCs for several reasons.
> Why do we have a DHCP server then? Because all the commercial products I 
> mentioned before do, because it's small and lightweight enough to fit in 
> with the rest, and because it considerably increases ease-of-use 
> (meaning that if your Internet connection uses DHCP too, like for 
> example cable, you don't have to configure anything at all to let your 
> clients access the Internet - that's why it's on by default too).
> Now, about the NTP server... Rest assured that if msntp didn't have 
> problems with Windows XP clients, there would have been a nice little 
> NTP server configuration page in the webGUI, or at least a checkbox on 
> the general setup page (with default to off of course), since pb15. But 
> I don't like stuff that works only half of the time, so that's why it 
> hasn't happened yet.
> There you go... Hope I've explained my point of view now.
> Regards,
> Manuel
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch