Links
Categories

Bluetrait
        Bluetrait
                Bluetrait
                    Coding
                    Geek
                    General
                    Videos
                    Solar
                    Coding
                    Geek
                    General
                    Coding
                        PHP
                        Bluetrait
                        PHP
                        Bluetrait
                        WordPress
                            Plugins
                        PHP
                        Bluetrait (Program)
                    Geek
                        Juniper
                        Cisco
                        IBM N2200 8363
                        PCs
                        Spam
                        IPv6
                        Apple
                        NetScreen
                        Internet
                    General
                        Uni

Mon, 28 Mar 2005 1:03 PM

m0n0wall

Michael Dale
m0n0wall logo

Earlier this morning I made the jump to m0n0wall from Smoothwall. Both these programs are small operating systems that provide services such as NAT/Firewalls etc.

Side Bar for m0n0wall There were a few reasons I decided to move. I’ve been talking about it for a while and finally got the time to do it over this long weekend.

Smoothwall had done pretty well. It was hacked at a bit to provide better uptime but it was really starting to get dodgy.

Smoothwall has a built in intrusion detection system called Snort. It could be useful. It logs all possible intrusions, more than a basic firewall that just blocks stuff. But it had gotten to the point where it was filling up the hard drive EACH DAY with log files. So the system would start having issues as there was no drive space to do anything. The basic routing was fine because that was loaded into Ram, but everything else stopped. Smoothwall just decided to turn services off when it got to this point. Great.

There was no way to clean out logs via the webadmin and I was getting sick of SSH’ing into it all the time.

So time to give m0n0wall a run. The install process was very easy. Copy the .img file to the Smoothwall box via FTP over SSH. And run the following command:

gunzip -c generic-pc-1.2b7.img | dd of=/dev/hdX bs=16k  


There went Smoothwall. The funny thing was the box was still routing. It wasn’t until I rebooted and m0n0wall started did I loose internet connectivity.

I was greeted with a few options. So I configure the LAN interface. After that was setup I had access to the webadmin. Which is very nice. So from then on everything was done via a web interface.

I setup PPPoE and save the setting. Mmmm did that work? Tried whirlpool and it was going! Cool. The basic box was up in 5 minutes. This includes killing the old OS.

Firewall settings

I then decided to setup incoming connections. I went to the firewall rules and setup a few. It didn’t work. The problem was that m0n0wall has two areas to handle connections. The firewall and the NAT section. Both can have different settings, which is cool I just didn’t realize that I needed to setup both. Anyway I did that and incoming connections were allowed through.

NAT settings

All I can say is that I am very happy with m0n0wall. There are so many options. The thing is very flexible.
It isn’t as easy to use as Smoothwall but it feels more like a real router.

The following is from the m0n0wall site:

m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.

Very cool. Here are a few more screen shots:


Captive PortalCPU LoadTraffic Load

On another note, I am slowing syncing the web servers time so that it isn't 10 minutes wrong. Since I have the security level so high I can only change the time 1 second at a time. And I don't feel like rebooting it. ;) Give it a few more hours and it should be right.

Permalink | Comments 1