m0n0wall
| m0n0wall | |
|---|---|
 Screenshot of the web interface |
|
| developer | Manuel Kasper |
| License (s) | BSD license |
| Current version |
1.8.1 from January 15, 2014 (6 years and 225 days ago) |
| ancestry |
UNIX ↳ BSD ↳ 386BSD ↳ FreeBSD ↳ m0n0wall |
| m0n0.ch/wall | |
m0n0wall is a free firewall and a free router . With the help of a bootable CD-ROM ( Live-CD ) it is possible to convert an x86-compatible PC into an extensive firewall. There are also versions for various embedded systems . m0n0wall was developed by Manuel Kasper, who discontinued the project in early 2015.
functionality
If m0n0wall is used on a standard PC, the system can either be installed on a hard disk or it can be started from a CD-ROM, which was previously written with an image of less than 20 MB . The actual operating system is located on the CD-based read-only system, whereas all settings are saved on a normal 3.5 ″ floppy disk or a USB stick. The entire configuration is saved in a single XML file that is read out during the boot process. There is also a hard drive image that allows you to install m0n0wall on a hard drive or a CompactFlash memory card . The configuration is saved on the same medium, thus enabling greater flexibility and speed when making changes to the configuration. The special thing about m0n0wall is the boot configuration, which was completely implemented in the PHP programming language . m0n0wall supports all hardware that is also supported by FreeBSD in the respective version, including SMP systems.
The actual configuration - apart from the one-time configuration of the IP address and network card - takes place in a very clear web interface, which is why no Unix or FreeBSD knowledge is required. The basic configuration (own IP, interface assignment) is carried out directly on the console using a text-based menu. If desired, an automatic interface assignment can also be selected without having to know the BSD driver names of the network interfaces.
scope
There are many programs in the distribution, which together result in a large variety of functions. Some of the features are listed here:
- Internet or WAN connection via PPPoE , PPTP , DHCP or static IP address (including entire subnets )
- extensive packet filter configuration based on ipfw
- Additional network cards can be used for DMZ or other networks.
- Support for VLANs (according to 802.1q standard)
- WLAN support, either via ad-hoc mode or as an access point (due to the FreeBSD-4 kernel, not all WLAN cards are recognized immediately.)
- DHCP server and DNS forwarder
- QoS support with an integrated peer-to-peer setting wizard for most file sharing programs
- VPN server in two different versions: PPTP and IPsec (PPTP forward to an internal server is also possible) ( Version 1.2 of OpenVPN has now been removed and will probably no longer be implemented)
- Support for external diagnostics through SNMP and remote syslog servers
- Real-time CPU and traffic display based on SVG
- Dynamic DNS Client
- Accounting and control through forced start page ( captive portal ) with authentication by RADIUS server or using an internal database
- IPv6 support
safety
The m0n0wall distribution was updated regularly and a newer version was made available for download together. The publication cycle was usually 1–2 months, with larger changes even more. An update to a newer version was usually possible without any problems. With the CD-ROM version it was sufficient to boot the system with a new CD-ROM on which the new version was located. The configuration from diskette is adopted unchanged. With a hard drive or CF card version, you had the option of performing a “firmware update” by simply uploading the new image via the web interface and restarting the firewall.
It should also be noted that at this point in time no report has been published stating that a m0n0wall system has been successfully attacked.
Versions
Stable versions
The current stable version is version 1.8.1.
All versions up to and including version 1.2b3 are based on FreeBSD 4.11, whereas in 1.2b5 the entire system was ported to FreeBSD 5.3. This means that up to and including version 1.2b7, WLAN cards with the 802.11g (54 Mbit / s) standard are also supported. Due to the generally poorer performance of the FreeBSD 5.3 implementation, the system in version 1.2b8 was reverted to FreeBSD 4.11. Version 1.33 is based on FreeBSD version 6.4. Starting with version 1.8, FreeBSD 6.4 was upgraded to FreeBSD 8.
| version | date |
|---|---|
| pb1 | February 15, 2003 |
| pb4 | March 9, 2003 |
| pb12 | June 15, 2003 |
| pb15 | September 4, 2003 |
| pb21 | December 7, 2003 |
| 1.0 | February 15, 2004 |
| 1.1 | August 22, 2004 |
| 1.1.1 | November 11, 2004 |
| 1.2 | October 9, 2005 |
| 1.21 | January 5, 2006 |
| 1.22 | April 2, 2006 |
| 1.23 | March 10, 2007 |
| 1,231 | April 7, 2007 |
| 1,232 | December 16, 2007 |
| 1,233 | January 23, 2008 |
| 1,234 | August 8, 2008 |
| 1,235 | September 4, 2008 |
| 1,236 | September 30, 2009 |
| 1.3 | November 30, 2009 |
| 1.31 | March 6, 2010 |
| 1.32 | April 17, 2010 |
| 1.33 | March 16, 2011 |
| 1.34 | November 12, 2012 |
| 1.8.1 | 15th January 2014 |
Current beta version
A beta version was worked on, which is based on FreeBSD version 8.3. This should ensure better support for new hardware components and an improvement in the IPv6 implementation. The revisions can be downloaded from the official site since September 2013.
Derived products
pfSense
The pfSense system developed by Scott Ullrich was derived from m0n0wall . In contrast to m0n0wall, it is based on FreeBSD 7. From version 2.0 of pfSense FreeBSD 8 is used. Highlighted by the developers u. a.
- ALTQ ( traffic shaping ),
- CARP (fault tolerant clustering) and
- an integrated package management system.
pfSense is freely available under the BSD license . Finished images (also for embedded systems) are available for download.
FreeNAS
FreeNAS, a free software for providing mass storage in networks ( Network Attached Storage ) , also emerged from the m0n0wall project .
AskoziaPBX
From the m0n0wall project, Askozia, a free implementation of a telephone system based on Asterisk , has emerged.
OPNsense
This is a further development recommended by Manuel Kasper, which is being developed by Deciso . It is a spin-off from pfSense and is also licensed under a 2-clause BSD license .
Web links
- Official website of m0n0wall
- Official website of the pfSense project
- Supported hardware in the current versions
- Supported hardware in m0n0wall versions 1.2b5 to 1.2b7
Individual evidence
- ↑ a b End of the m0n0wall project ., February 15, 2015
- ↑ Beta versions. m0n0.ch/wall, accessed on December 6, 2013 (English).
- ↑ Thank you Manuel! - OPNsense. In: OPNsense. Retrieved July 11, 2015 .
- ↑ Partners Archief - OPNsense. In: OPNsense. Retrieved July 11, 2015 .
- ^ Legal notices - OPNsense. In: OPNsense. Retrieved July 11, 2015 .