[ previous ] [ next ] [ threads ]
 From:  Christiaens Joachim <jchristi at oce dot be>
 To:  "'mk at neon1 dot net'" <IMCEAMAILTO-mk+40neon1+mk at neon1 dot net>
 Cc:  "'m0n0wall at lists dot m0n0 dot ch'" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  FW: [m0n0wall] pb14 is out
 Date:  Tue, 5 Aug 2003 23:49:03 +0200

This adds the one thing I still was waiting for!


P.S. The mirror has moved from Brecht to Zaventem, Belgium, with 90Mbits
badnwith and enough storage ;-)

-----Original Message-----
From: Manuel Kasper [mailto:mk at neon1 dot net]
Sent: zaterdag 2 augustus 2003 20:25
To: m0n0wall at lists dot m0n0 dot ch
Subject: [m0n0wall] pb14 is out

Hi all,

I finally found some time and impulse to work on m0n0wall again. Two
features that have been on the wishlist for quite some time have finally
been implemented; here's the full changelog:

- static routes are now supported! This means you can have secondary
networks on LAN or any optional interface
(the filter rule generator has also been modified to generate the proper
anti-spoofing rules for each interface when static routes are setup)

This feature also called for another feature to be actually useful:

- outbound NAT is now configurable. You can turn on "advanced outbound
NAT"; this will cause the NAT rule generator not to generate any outbound
NAT rules automatically anymore (by default one rule per interface (except
WAN, of course) is generated). You can then specify all the subnets you
want to NAT, or if you turn advanced outbound NAT on and don't specify any
rules, then outbound NAT (or NAT in general if no inbound/1:1 rules are
specified either) is disabled completely. Note that NAT is still only done
on packets going through the WAN interface; maybe this will be extended to
all interfaces later.

- syscons and atkbdc support have been removed from the net45xx kernel as
they are not needed at all

- the "Read error" problem with some CF cards on Soekris net45xx should
finally be fixed for good (somebody with a known-bad card please confirm

Here's a short guide on what to do if you want to allow a secondary
network on the LAN interface to access the Internet:

- add a static route on LAN with the proper destination/gateway

- turn on advanced outbound NAT, make sure to add outbound NAT rules for
your LAN and all your optional interfaces (if any)

- add an outbound NAT rule for your secondary network

- add a filter rule to permit traffic on LAN with source <your secondary
network> and destination any

That's all folks.



To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

Oce enables its customers to manage their documents efficiently and
effectively by offering innovative print and document management products
and services for professional environments.

This e-mail message and any attachment are intended for the sole use of the
recipient(s) named above and may contain information which is confidential
and/or protected by intellectual property rights.
Any use of the information contained herein (including, but not limited to,
total or partial reproduction, communication or distribution in any form) by
other persons than the designated recipient(s) is prohibited.

If you have received this e-mail in error, please notify the sender either
by telephone (0032-2-729.48.11) or by e-mail and delete the material from
any computer.
Oce-Belgium/Oce-Interservices is nor responsible for the correct and
complete transfer of the contents of the sent e-mail, neither for the
receipt on due time.  This e-mail message does not bring about a contractual
obligation for Oce-Belgium/Oce-Interservices.

Thank you for your cooperation.

For further information about Oce-Belgium/Oce-Interservices please see our
website at www.oce.be