« Archives in December, 2005

m0n0wall Firewall

I have to admit that I don’t really like GUI interfaces. I use them, but often I find that I move more efficently in a text based enviroment. I am so bad that I often find :wq in various text files that I edit in Windows (:wq is vi short hand for “write then quit”).

When it came time to find a firewall application, I was not keen on some of the more “flashy” alternatives out there. I had my heart set on a Cisco PIX and was planning on using that until I discovered m0n0wall.

m0n0wall had all the features I was looking for. Stateful firewall, logging, could run from an optimized compact flash device, supported VLANs (802.1q), supported device polling, and last but not least, ran FreeBSD.

I have to say that my experience with m0n0wall over the past month has really proven to me that there is some really great software out there. It just works. It is flexible enough that is does exactly what I need, efficient enough that I don’t dread making changes to it, and out of all the things I have used for firewalls it is easy to learn and not difficult to master.

The best part is that it does so much more than what I am using it for. Not only does m0n0wall excel as a border firewall/router, but you can use it at home as well. It fully supports NAT, wireless network cards, VPN endpoints, etc… Couple this software with some soekris hardware and you could easily duplicate the functionality of the Linksys. Granted this option might cost you a little bit more money, but that also comes with added flexibility in how you can configure the device, not to mention more CPU intensive operations like VPNs.

If you are considering a firewall for your network, personal or professional, I highly recommend the m0n0wall application.