[ previous ] [ next ] [ threads ]
 
 From:  "Egbert Jan van den Bussche" <egbert at vandenbussche dot nl>
 To:  <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Future plans after 1.3?
 Date:  Fri, 4 Dec 2009 16:46:50 +0100
To speak with Lee, I really would like to see OpenVPN back in MonoWall. I
had to install the OpenVPN client on a separate ubuntu box with an extra
ethernet card to do the task. If my current hw (Soekris Net4801) is not
powerfull enough, it is easy to step up to 5501 or equivalent.

My 2$c
Egbert Jan (NL) 

> -----Oorspronkelijk bericht-----
> Van: Lee Sharp [mailto:leesharp at hal dash pc dot org] 
> Verzonden: vrijdag 4 december 2009 16:08
> Aan: m0n0wall at lists dot m0n0 dot ch
> Onderwerp: Re: [m0n0wall] Future plans after 1.3?
> 
> 
> Have you ever noticed how cars get bigger every year?  Back 
> in 2001, I 
> had a BMW 3 series.  Now the 1 series is out, and it is the 
> size of my 
> old car.  But bigger does not always mean better...
> 
> 
> Robert wrote:
> > Now that m0n0wall is at version 1.3, I looked back at what where it 
> > started and when it came out.  A lot has changed in six years.  
> > Embedded processors are more powerful now and 16Mb CF cards are 
> > practically non-existent.  We all throw away the 32Mb cards 
> that come 
> > with our cameras.  The original WRAP and net4801 boards are 
> > discontinued, the ALIX boards are now the platform of choice, and 
> > earlier this year AMD announced that it stopped development of the 
> > Geode processor.
> 
> I have about 100 firewalls in production.  Right now I am trying to 
> figure out how to tell remotely which ones have an 8 mb 
> flash, and will 
> need a site visit.  There is still a lot of legacy equipment 
> out there.
> 
> > I think the original goals of m0n0wall were to make it as small as 
> > possible, run from RAM and work on embedded platforms.  But the 
> > definition of "small" has changed.  Upgrading the scope of 
> m0n0wall to 
> > platforms with 128MB RAM and 32MB Flash would be a better 
> target.  I 
> > still think it should focus as a firewall which can be run entirely 
> > from RAM, as to not cross paths with pfSense, Untangle or other 
> > firewalls which need more muscle and read-write access to 
> hard drives 
> > for caching, like squid.  But that being said, there are a couple 
> > features which could be added without breaking that rule.
> 
> Also there is the reliability and power savings of sleeping the hard 
> drive all the time.
> 
> > For an entirely selfish reason, I'd like to see UPnP 
> supported added.  
> > I don't use m0n0wall today for this very reason.  I'm forced to use 
> > pfSense with all its bugs and inability to upgrade easily over the 
> > network.  Adding UPnP as a feature would allow me to 
> return.  OpenVPN 
> > and load-balancing might also be possibilities.
> 
> Many of us will argue that any device with UPnP is NOT a security 
> device.  There are more than a few UPnP aware viruses and 
> malware.  It 
> is like a gun in the hand of a child.  And I HATE applications that 
> "need" it.  Luckily, right now we don't have it, so I 
> actually have to 
> do things in the firewall the right way.  I am afraid that if it is 
> enabled, I will be forced to do things the wrong way by people who do 
> not understand the risk, just because I can.
> 
> OpenVPN and load balancing would be nice, however. :)
> 
> 			Lee
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
> 
>