m0n0wall – Opensource embedded Firewall turns a PC into firewall

In: Linux, OpenSource, Opensource Firewall, Security, Unix, Wireless
Tagged: , , , , ,

m0n0wall is a free opensource embedded firewall that runs on embedded PCs (recommended) and other generic standard PC workstations that can run FreeBSD or rather supported by FreeBSD. m0n0wall firewall provides most of the features provided by a commercial firewall.

Click here for a list of supported FreeBSD/i386 hardware.

For more information on the hardware details m0n0wall click here

M0n0wall is based on a bare-bones version of FreeBSD with mini-httpd webserver for web GUI and PHP (with CGI support) for boot time configuration. The complete configuration is stored in XML format. This is likely the only softwar where PHP does the boot time configuration instead of Shell scripts.

The image file for installation is of 6MB in size including the core freebsd and the required components and utilities that offers most if not all the features of a commercial firewall appliance. There are seperate image files for each of the different hardware platforms supported. For more information on downloads, click here

The whole software package can be run on a compact flash card (atleast 8M in size) or on a IDE hard disk. The recommended memory is atleast 64MB. The installation procedures are well documented.

For details on installation procedures click here

The Main features of m0n0wall firewall are,

  • Stateful Packet Filtering
  • Web Interface (SSL) and Serial Console for administration (mini-httpd)
  • Wireless Support
  • Captive Portal
  • 802.1Q VLAN  support
  • Stateful Packet Filtering using ipfilter
  • NAT/PAT, Static Router, Host Aliases support
  • DHCP client, PPPoE, PPTP and Telstra BigPond Cable support on the WAN interface
  • IPsec IKE VPN using Racoon with support for hardware crypto cards, mobile clients and certificates
  • PPTP VPN (with RADIUS server support)
  • DHCP server and DHCP-Relay (ISC DHCP)
  • Caching DNS forwarder using dnsmasq
  • DynDNS client and RFC 2136 DNS updater using ez-ipupdate
  • Traffic shaping
  • SVG-based traffic grapher
  • firmware upgrade through the web browser
  • Wake on LAN
  • Configuration backup/restore

For more detailed feature list, click here

For more information on this FreeBSD based open source firewall, please click here

A Reader's Toobox

After 70-290, a small number of professionals who wants to study 70-296 move on to the next level i.e. 70-270, where as the rest go with the 642-901.

Leave a Reply

Your email address will not be published. Required fields are marked *