m0n0wall

M0n0wall is a free firewall and a free router. With the help of a bootable CD -ROM ( Live CD ), it is possible to operate an x86 - compatible PC into a comprehensive firewall. In addition, versions for various embedded systems exist. m0n0wall is developed by Manuel Kasper.

Operation

If used m0n0wall on a standard PC, the system can either be installed on a hard drive or it will boot from a CD -ROM, which has been previously described with a less than 20 MB image. On the CD-based read-only system is the actual operating system, whereas any settings on an ordinary 3.5 " floppy disk or a USB stick can be stored. The entire configuration is stored in a single XML file that is read during the boot process. In addition, a disk image available, which enables one to install m0n0wall on a hard drive or a CompactFlash memory card. Here, the configuration is saved on the same media, enabling greater flexibility and speed in configuration changes. The special feature of m0n0wall is the boot configuration that was fully realized in the programming language PHP. m0n0wall supports any hardware that is supported by FreeBSD in each version, as well as SMP systems.

The actual configuration - apart from the unique configuration of the IP address and network card - takes place in a very concise web interface, so no Unix or FreeBSD skills are required. The basic configuration ( own IP, Interface Assignment) is made ​​out directly to the console using a text-based menus. On request, an automatic interface assignment can be selected without having to know the BSD driver names of network interfaces.

Scope

In the distribution there are many programs that together make up a large variety of functions. Some of the features are listed here:

  • Internet or WAN connection via PPPoE, PPTP, DHCP or static IP address (including multiple subnets)
  • Comprehensive package filter configuration based on ipfw
  • Additional network cards can be used for DMZ or other networks.
  • Support for VLANs ( 802.1q by default)
  • Wi-Fi support, either via Ad Hoc mode or Access Point (Due to the FreeBSD 4- kernel does not recognize all wireless cards immediately. )
  • DHCP server and DNS forwarder
  • QoS support with integrated peer-to -peer setup wizard for most file sharing programs
  • VPN server in two different versions: PPTP and IPsec (in addition also a PPTP Forward to an internal server is available) ( OpenVPN has now been removed in version 1.2 and will likely not implemented)
  • Support for external SNMP diagnostics and remote syslog server
  • Real-time CPU and traffic display based on SVG
  • Dynamic DNS Client
  • Accounting and control by forced home page ( captive portal ) with authentication via RADIUS server or by an internal database
  • IPv6 Support

Security

The m0n0wall distribution is regularly updated and available together in a newer version available for download. The release cycle is usually at 1-2 months, with larger changes even more. An update to a newer version is usually possible without any problems. In the CD -ROM version, it is sufficient to boot the system with a new CD - ROM on which is the new version. The configuration of disk remains unchanged. For a hard disk or CF card version you have the possibility a "Firmware Update" perform by simply uploading the new image via the web interface and performs a restart of the firewall.

In addition, it should be noted that no report was published at the present time, indicating that a m0n0wall system was successfully attacked.

Versions

Stable releases

The current stable version is available in version 1.8.1.

All versions up to version 1.2b3 based on FreeBSD 4.11 whereas in the 1.2b5 and above the entire system has been ported to FreeBSD 5.3. Thus, up to and including version 1.2b7 WLAN cards with 802.11g (54 Mbit / s) are supported. Due to the generally poor performance of the FreeBSD 5.3 implementation, the system in version 1.2b8 but it has been reset to 4:11 FreeBSD. The version 1.33 is based on the FreeBSD version 6.4. Version 1.8 was changed from FreeBSD 6.4 to FreeBSD 8.

Current beta version

Currently working on a beta version which is based on the FreeBSD version 8.3. This is to better support new hardware components and an improvement in the IPv6 implementation be ensured. The current revisions can be downloaded since September 2013 from the official site.

Derived products

PfSense

Derived from m0n0wall was developed by Scott Ullrich pfSense system. It is based as opposed to m0n0wall to FreeBSD 7 From version 2.0 of pfSense FreeBSD 8 is employed. Are highlighted by the developers and Others

  • ALTQ ( traffic shaping )
  • CARP ( fault-tolerant clustering) and
  • An integrated package management system.

PfSense is freely available under the BSD license. Ready Images ( for embedded systems ) are available for download.

FreeNAS

Likewise, emerged from the m0n0wall project is FreeNAS, a free software to provide mass storage in networks (Network Attached Storage).

AskoziaPBX

From the m0n0wall project is further Askozia, a free implementation of an Asterisk -based PBX, formed.

537044
de