[ previous ] [ next ] [ threads ]
 
 From:  "Mitch \(WebCob\)" <mitch at webcob dot com>
 To:  "Uli Wachowitz" <uli at wach dash o dash witz dot de>, m0n0wall at lists dot m0n0 dot ch
 Subject:  RE: [m0n0wall] suggestion
 Date:  Wed, 2 Jun 2004 17:11:08 -0700
We have "plug in support" - another great use for this interface. Anyone can
write it, and we can all add it in at will... if it conforms to Manuels
vision and requirements, it could potentially be added to the base system if
it doesn't interfere with majority use of the software, or add unreasonably
to the image size etc.

Just my 2 pennies

m/

> -----Original Message-----
> From: Uli Wachowitz [mailto:uli at wach dash o dash witz dot de]
> Sent: Wednesday, June 02, 2004 12:51 PM
> To: m0n0wall at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall] suggestion
>
>
> 2004-06-02 20:28, Adam Nellemann wrote:
>
> > such as MRTG or similar, providing that you have some always-on box on
>
> Agreed
>
> > That being said, I can see the use of such a feature on m0n0wall
>
> Me too
>
> > Well, that is always an easy opinion to have, IF you are lucky enough
> > to have access to one or more always-on box(en) and
>
> Again, I agree. The fact that not everyone has the possibility to own
> those 'always-on-boxes' has to be considered. I don't know right now
> what to answer in that case
>
> > IF you happen to know how to setup and use such tools!
>
> If you don't know, you can always learn it. I mean, if you are
> responsible for a firewall or your amount of traffic, you should have
> enough ambition to learn that.
>
> > typically don't seem to recognize the fact that many people do NOT
> > have this option
>
> Believe me, I recognize this fact. As I said above, I don't know what to
> answer in this case. Maybe I'm a bit arrogant, but I'm just phrasing my
> opinion.
>
> > This is especially true for a project like m0n0wall, which was hardly
> > meant to be a tool for hardcore coorporate server admins
>
> OK, point for you
>
> > Yes, IF you know how to set it up and use it
>
> Learn it
>
> > IF you have a box to run
>
> Built one
>
> > Apparantly, and not only have we heard it often before, but it is also
> > quite a narrowminded way to look at things (IMHO, and no offence
> > intended), m0n0wall in particular, which was never meant to be JUST a
> > firewall, as there would then be only one page in the webGUI, namely
> > the one with the firewall rules!
>
> Mhh, if so, I might have misunderstood the intention of this project
>
> > I'd suggest that you find such a product then, because m0n0wall
> > obviously isn't it, seeing as it has NAT, Traffic shaping, DNS
> > forwarder, DHCP server, DynDNS client, and... and... All of which
> > can't be said to be strictly firewall related.
>
> This depends on how you define 'firewall'. One could (and should) also
> say, that a firewall is a concept, not only a box full of functions.
>
> > I accept the fact that I can't expect m0n0wall to have all and every
> > feature I want or need, and more to the point: That it might have some
> > that I don't need or want. I don't understand why certain people have
> > such a hard time accepting this "fact of life"?
>
> *sig*
>
> > Oh yes, and I'd like to apologise for being instrumental in
> > perpetuating this discussion. Also, if any of the above come across as
> > "flaming", I'd like to apologise for that too,
>
> No, believe me, I'll never see answers like yours as flaming. We are all
> different individuals with different points of view. As long as we
> discuss thing in a fair and respectful way every opinion should be
> listened to.
>
> > I'm perfectly happy with any additional feature m0n0wall gets, as long
> > as the various security, storage, and other issues are taken into
> > account.
>
> The more features, the more points of failures. But i see your point.
>
> > why would I want to have yet another
> > complex box, full of moving, noisy parts,
>
> ecause it makes fun to assemble something like this?
>
> > running in my diningroom
>
> You need a seperate serveroom ;-)
>
> > That, IMHO, is an option suited for admins of large cooporate
> > networks, where uptime, stability and extreme and convoluted security
> > measures are apropriate concerns.
>
> Well, you've just described my Home-LAN
>
> > Also, I still haven't heard any really good arguments against adding
> > these things? As long as they do not pose a potential security risk or
> > take up extreme ammounts of CF space or RAM, and can be disabled (or
> > come in the form of user installable modules),
>
> Avoiding security risks will become more and more difficult the more
> features you add. Making features as modules would give the users the
> freedom to decide what risk to take.
>
> > I'm not saying that the suggested feature, or any other, should be
> > added without due consideration, just that there are very good
> > arguments for not making m0n0wall a "firewall is a firewall is a
> > firewall" product.
>
> This depends on everyones personal point of view. Mine is, it is a tool
> to secure my net, with VPN if I like, etc. If I want some colorfull,
> noisy gizmos and fancy reports and bells'n wizzles, well, ok, I'll now
> my way to get all this, but I simply don't like those fancy things on a
> device which is 'merely' responsible for my protection.
>
> > (I just hope I didn't offend too many people in the process?)
>
> Same passes for me
>
> uli
>
> --
> Prayers have no place in school, just as facts
> have no place in religion! - The Simpsons
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch
>
>