[ previous ] [ next ] [ threads ]
 
 From:  Dany Nativel <dany underscore list at natzo dot com>
 To:  m0n0wall at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall] Statement regarding m0n0wall features
 Date:  Tue, 27 Jan 2004 13:23:18 -0500
Manuel,

I think the "to do / Wishlist" on your website clearly shows the path.

Bring us OpenVPN and certificates for IPSec and we'll be all set.

I've tried e-smith, smoothwall and lately IPcop on an old PC. I got 
tired about noise, size and power consumption. I'm about to receive a 
4501 for  monowall and will be using a mini-itx 533MHz board in an 
ultra-small case for the file server (and maybe IPsec for WLAN if the 
4501 is too slow).

Thank you for this amazing 5MB product.
Cheers
Dany

Manuel Kasper wrote:

> Hey folks,
>
> I feel the need to state once and for all what the intention with 
> which I started m0n0wall was. My goal was to create a free/open-source 
> alternative to smaller commercial firewall boxes - no more, no less. I 
> figured that on a Soekris or similar embedded PC, it could be made to 
> look and behave just like a commercial firewall - only cheaper and 
> with me in control of the features. When I started working on it, I 
> especially had the following models in mind:
>
> - WatchGuard SOHO
> - ZyXEL ZyWALL 10
> - SonicWALL SOHO
> - NetScreen 5XP
>
> I didn't intend to create an enterprise-class firewall, and I didn't 
> intend to make a file, mail, print, web or whatever server. And 
> despite the fact that m0n0wall runs well (and in the majority of 
> installations, according to the survey!) on normal PCs, it is targeted 
> at embedded PCs, which means they dicate what is possible in terms of 
> storage, CPU speed and RAM size.
>
> I think m0n0wall mostly meets or even exceeds the feature range of the 
> aforementioned products, so my goal has already been reached. That 
> doesn't mean there's no room for or point in improvements. I just want 
> to make it clear that I don't think we're ever going to see things 
> like the following in m0n0wall:
>
> - caching proxy
> - file server (Samba etc.)
> - mail server
> - web server (Apache etc.)
> - very extensive statistics
>
> simply because it wasn't my goal to produce some all-in-one thing like 
> e-smith, but a packet filtering firewall. Furthermore, these things 
> usually don't mix well with embedded PCs for several reasons.
>
> Why do we have a DHCP server then? Because all the commercial products 
> I mentioned before do, because it's small and lightweight enough to 
> fit in with the rest, and because it considerably increases 
> ease-of-use (meaning that if your Internet connection uses DHCP too, 
> like for example cable, you don't have to configure anything at all to 
> let your clients access the Internet - that's why it's on by default 
> too).
>
> Now, about the NTP server... Rest assured that if msntp didn't have 
> problems with Windows XP clients, there would have been a nice little 
> NTP server configuration page in the webGUI, or at least a checkbox on 
> the general setup page (with default to off of course), since pb15. 
> But I don't like stuff that works only half of the time, so that's why 
> it hasn't happened yet.
>
> There you go... Hope I've explained my point of view now.
>
> Regards,
>
> Manuel
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>