[ previous ] [ next ] [ threads ]
 From:  Chet Harvey <chet at pittech dot com>
 To:  Joe Lagreca <lagreca at gmail dot com>
 Cc:  Monowall List <m0n0wall at lists dot m0n0 dot ch>
 Subject:  Re: [m0n0wall] Feature request to move firewall rules
 Date:  Wed, 11 Aug 2004 15:09:42 -0400
Actually I just took a look at the m0n0wall wishlist Manuel has on the site and 
our wish is one of his too for the "groups" policies:

-allow groups of hosts/networks for aliases

Some of interest to me are:

-certificate authentication for IPsec VPN 
-OpenVPN support
-support secondary networks on WAN interface (ESPECIALLY with load balancing)
-second webGUI user with read-only access 

As for the one below, I don't know if I like this idea in that portsentry is 
nice but can also block out legitimate traffic. I may try this one on a test 
box since it would be pretty easy to setup. (I think)
-port scan detection with automatic blackholing 

Chet Harvey
Pitbull Technologies <http://www.pittech.com/> 
Protecting your Digital Assets

Quoting Joe Lagreca <lagreca at gmail dot com>:

> I realize there are arrows to move rules up and down by one place
> right now, however I thought it would be really nice to have a move
> button, that pops up a window and lets you place a rule anywhere
> within the rule listings.  It may require numbering all of the rules,
> and then you could say place this rule before rule #2, or after rule
> #7.
> Just an idea that may help people who need to move rules around, but
> have a long rule list.
> Another idea that I believe have been suggested before is to be able
> to group services into an alias.  Then you could just create one rule
> to allow all services in that alias through.  This is something I used
> frequently with Netscreen.
> I'm not knocking m0n0 at all.  I think its a FABULOUS project, and its
> all I use now for my firewalling.  GREAT JOB Manuel.
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch