[Cu-wireless] m0n0wall: http://www.m0n0.ch/wall/

Sascha Meinrath sascha at ucimc.org
Fri Apr 2 14:00:49 CST 2004 

m0n0wall is an interesting piece of software.  folks should look it over.
we may borrow components for CUWiN and it would be great to collaborate
with these folks.

--sascha

***

Facts

    * The m0n0wall system currently takes up less than 5 MB on the Compact
Flash card (or CD-ROM), and contains
          o all the required FreeBSD components (kernel, user programs)
          o ipfilter
          o PHP (CGI version)
          o thttpd
          o MPD
          o ISC DHCP server
          o ez-ipupdate (for DynDNS updates)
          o Dnsmasq (for the caching DNS forwarder)
          o racoon (for IPsec IKE)
    * On a net4501, m0n0wall provides a WAN <-> LAN TCP throughput of
about 17 Mbps, including NAT, when run with the default configuration. On
faster platforms (like net4801 or WRAP), throughput in excess of 50 Mbps
is possible (and > 100 Mbps with newer standard PCs).
    * On a net4501, m0n0wall boots to a fully working state in less than
40 seconds after power-up, including POST (with a properly configured
BIOS)

Features

At this time, m0n0wall can be used as-is with the Wireless Router
Application Platform from PC Engines (www.pcengines.ch), the
net45xx/net48xx embedded PCs from Soekris Engineering (www.soekris.com) or
any standard PC with a BIOS that supports booting from CD-ROM (El Torito
standard).

m0n0wall already provides many of the features of expensive commercial
firewalls, including:

    * web interface (supports SSL)
    * serial console interface for recovery
          o set LAN IP address
          o reset password
          o restore factory defaults
          o reboot system
    * wireless support (access point with PRISM-II/2.5 cards, BSS/IBSS
with other cards including Cisco)
    * stateful packet filtering
          o block/pass rules
          o logging
    * NAT/PAT (including 1:1)
    * DHCP client, PPPoE and PPTP support on the WAN interface
    * IPsec VPN tunnels (IKE; with support for hardware crypto cards and
mobile clients)
    * PPTP VPN (with RADIUS server support)
    * static routes
    * DHCP server
    * caching DNS forwarder
    * DynDNS client
    * SNMP agent
    * traffic shaper
    * firmware upgrade over FTP
    * configuration backup/restore
    * host/network aliases


-- 
Sascha Meinrath
Project Manager & President      *      Project Manager
Acorn Active Media Foundation   ***     Eggplant Active Media
www.acornactivemedia.com         *      www.eggplantmedia.com

More information about the CU-Wireless mailing list