Excellent Evaluations

m0n0wall FreeBSD Firewall

March 7th, 2006

A while ago I was asked by a client to provide them with a firewall which could route 80 - 100Mbps through it’s WAN port and deal with the steady 10 - 50Mbps of garbage and intrusion attempts one sees on any academic network.  The only problem was that the didn’t have the budget for (what some would call) a real hardware firewall.  By “real” firewall I mean something from Cisco, Netscreen or Watchguard.  What they did have and what is also exceedingly common in academic environments was a pile of elderly computer hardware just taking up space.  

All this unloved hardware lying around got me thinking.  For years I’ve been using software firewalls on the various Linux systems I have on the web and they’ve worked great.  I remembered reading about some Linux or BSD based firewalls which could run on generic x86 systems and were even small enough to fit on a compact flash card to eliminate the need to have a hard disk in the system.  After searching around for a bit I happened upon m0n0wall, downloaded the bootable image file and gave it a spin.

Firstly I have to say the the GUI is great.  Lots of opensource projects suffer from what I’ll generously call “less-than-optimal” user interfaces.  m0n0wall isn’t one of these.  The interface is easily to use even for a novice as I’ll get into later.
 
The router software is based on FreeBSD and can be booted off of a CD-ROM if you’re so inclined.  A floppy disk can be used for configuration data which means that you’ve got yourself a hard disk-less software firewall. Answers to your questions about ACE inhibitors and more We have the answers you seek Lotensin Buy Lotrel Fast Licensed Canadian Pharmacy   It is based on the 4.6 kernel which means that there’ s not a lot of support for more modern hardware however most people are going to run this software on a dinosaur so that shouldn’t be a problem anyway.  m0n0wall had no problem with the PIII 500Mhz system I installed it on. 

My m0n0wall configuration required three NICs, one for the WAN connection, one for the LAN connection and one to act as an administrative port for configuring the software.  After booting the system for the first time the software will ask you a few basic configuration questions and let you choose which NIC does wha news, check out the Nimotop, Nimodipine News Wire. Health Products from 44+ Shops. Nimotop Intake or Nimotop whether your. biz has generic NimotopNimotop, Butalbital Overnight, Order Vicodin COD, Fosamax 180 Pills X 10 Mgtablet A (made in China) and nimotopNimotop, Cheap Prevacid Without Prescription, Diovan Online Without PrescriNews on Nimotop, Nimodipine (generic) continually updated from thousands ofNimotop, Soma Cafe, Endep Without A Prescription, Purchase Calan Overnight. t.  After that you can connect a computer to the administrative NIC and configure the device using the GUI.  I set mine up as a passive bridge.  This means that the device itself is not acting as a router or providing any of the NAT, DHCP, DNS or other services that the software is capable of.  It’s simply inspecting traffic and allowing or rejecting traffic based on a rule set. 

Anyway, after about 10 minutes the router was setup and filtering away.   There’s a cool SVG-based traffic monitor which actually lets you see a graph of of how much traffic is at each of the NICs.  There was a steady 15Mbps worth of junk on the WAN port of the system which was being dutifully dropped by the firewall.  Perfect.  We then tested to see how much trusted systems outside the firewall could push through to the FTP servers on the LAN side of things.  We could easily get 80Mbps out of the unit which was pretty much as fast as we could go with all the other garbage floating around on the FastE connection.  The GUI was so simple to setup that the office manager (who isn’t too tech savvy) was able to setup his own rule-sets and continues to administrator the box by himself to this day.

I was very impressed with this free product and would very much recommend it to anyone looking to add an inexpensive yet powerful firewall to their network.

Rating: 5/5
URL:  www.m0n0.ch/wall/

Entry Filed under: Software