[ previous ] [ next ] [ threads ]
 From:  Quark Group - Hilton Travis <Hilton at quarkgroup dot com dot au>
 To:  "valnar at yahoo dot com" <valnar at yahoo dot com>, "m0n0wall at lists dot m0n0 dot ch" <m0n0wall at lists dot m0n0 dot ch>
 Subject:  RE: [m0n0wall] Future plans after 1.3?
 Date:  Sun, 13 Dec 2009 20:11:08 +1000
G'day Robert,

UPnP should *NEVER* be used on a gateway security device unless you dislike the idea of security for
your network.  UPnP on media machines makes sense, but on a security device it cannot possibly make
any sense in any way whatsoever.  I do not *ever* want to see a vulnerability like UPnP making its
way to m0n0wall.




Hilton Travis                       Phone: +61 (0)7 3105 9101
(Brisbane, Australia)               Phone: +61 (0)419 792 394
Manager, Quark IT                   http://www.quarkit.com.au
         Quark Group                http://www.quarkgroup.com.au

War doesn't determine who is right.  War determines who is left.

> -----Original Message-----
> From: Robert [mailto:valnar at yahoo dot com]
> Sent: Saturday, 5 December 2009 12:49 AM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: [m0n0wall] Future plans after 1.3?
> Now that m0n0wall is at version 1.3, I looked back at what where it
> started
> and when it came out.  A lot has changed in six years.  Embedded
> processors
> are more powerful now and 16Mb CF cards are practically non-existent.
> We
> all throw away the 32Mb cards that come with our cameras.  The original
> and net4801 boards are discontinued, the ALIX boards are now the
> platform of
> choice, and earlier this year AMD announced that it stopped development
> of
> the Geode processor.
> I think the original goals of m0n0wall were to make it as small as
> possible,
> run from RAM and work on embedded platforms.  But the definition of
> "small"
> has changed.  Upgrading the scope of m0n0wall to platforms with 128MB
> and 32MB Flash would be a better target.  I still think it should focus
> as a
> firewall which can be run entirely from RAM, as to not cross paths with
> pfSense, Untangle or other firewalls which need more muscle and read-
> write
> access to hard drives for caching, like squid.  But that being said,
> there
> are a couple features which could be added without breaking that rule.
> For an entirely selfish reason, I'd like to see UPnP supported added.
> I
> don't use m0n0wall today for this very reason.  I'm forced to use
> pfSense
> with all its bugs and inability to upgrade easily over the network.
> Adding
> UPnP as a feature would allow me to return.  OpenVPN and load-balancing
> might also be possibilities.
> What other features would people like to see?
> -Robert

This document and any attachments are for the intended recipient only.
It may contain confidential, privileged or copyright material which
must not be disclosed or distributed without prior approval.

Quark Group Pty Ltd :: ABN 23 114 975 772
Trading As Quark AudioVisual, Quark Automation, Quark IT