A new pre-release image is out:
- replaced thttpd by mini_httpd --> HTTPS support! Mode can be selected on
the System: General setup page, and a custom certificate/private key can
be submitted on the Diagnostics: Advanced page.
- to use the webGUI from interfaces other than LAN, simply add a filter
rule to pass traffic to m0n0wall's WAN IP (HTTP or HTTPS, respectively).
No NAT rule necessary anymore.
- upgraded PHP to 4.3.3
- the local subnet can now be specified for IPsec tunnels (no longer fixed
to the LAN subnet)
To generate a custom certificate:
openssl req -new -nodes > cert.csr
openssl x509 -in cert.csr -out cert.pem -req -signkey privkey.pem -days 365
The certificate can then be found in cert.pem and the private key in
privkey.pem. cert.csr is not needed anymore.
The SSL works OK for me, but I haven't had much chance to test the last
feature (other than making sure it generates the correct SPD/racoon/filter
configuration for each situation), so as always: please test and report
bugs to me. Thanks!