On Fri, Dec 4, 2009 at 9:48 AM, Robert <valnar at yahoo dot com> wrote:
> Now that m0n0wall is at version 1.3, I looked back at what where it started
> and when it came out. A lot has changed in six years. Embedded processors
> are more powerful now and 16Mb CF cards are practically non-existent. We
> all throw away the 32Mb cards that come with our cameras. The original WRAP
> and net4801 boards are discontinued, the ALIX boards are now the platform of
> choice, and earlier this year AMD announced that it stopped development of
> the Geode processor.
> I think the original goals of m0n0wall were to make it as small as possible,
> run from RAM and work on embedded platforms. But the definition of "small"
> has changed. Upgrading the scope of m0n0wall to platforms with 128MB RAM
> and 32MB Flash would be a better target. I still think it should focus as a
> firewall which can be run entirely from RAM, as to not cross paths with
> pfSense, Untangle or other firewalls which need more muscle and read-write
> access to hard drives for caching, like squid. But that being said, there
> are a couple features which could be added without breaking that rule.
Without stopping support for systems with 64 MB RAM, there isn't much
you can add. In off-list discussions between the currently active
developers, Manuel mentioned possibly switching to a nanobsd-style
format in the future so things can grow without requiring
corresponding growth in RAM requirements. What the future definitely
holds though is unknown.
> For an entirely selfish reason, I'd like to see UPnP supported added. I
> don't use m0n0wall today for this very reason. I'm forced to use pfSense
> with all its bugs and inability to upgrade easily over the network.
The problematic old pfSense embedded is gone now, replaced with the
nanobsd-based embedded in 1.2.3 which gets rid of all the issues of
the old embedded. Re-flash when 1.2.3 is released (this week).
> What other features would people like to see?
Unless you want to also do the development work, these discussions
probably won't go far. Of the active developers, none of us have much
interest in anything but maintaining things as they are, providing bug
and security fixes as needed, and putting out updated releases on new
OS versions from time to time.
It appears future additions to the project are largely up to what
people other than current developers may step forward to add, as I
don't expect any of us to do much more than maintaining things as they
are now and making minor enhancements, based on private discussions.
Not that I wouldn't like to, it's just a matter of not having time. I
make a full time living working on pfSense, where there is
considerable commercial support and development backing, just isn't as
much interest for that with m0n0wall. As much as I'd like to add
things to both simultaneously, maintaining one actively developed
project is a huge endeavor, and there are 10-15 other developers
always active with pfSense, where there are less than a handful of
active folks here. The two aren't even close to the same underneath
anymore so it's not simple to port most functionality. There are only
so many hours in the day and I work almost all of them that I'm not
sleeping, not much time to work on m0n0wall unfortunately.
So I wouldn't expect much to change here, but the existing project
will at least be maintained.