News: This forum is now permanently frozen.
Question: End of m0n0wall means to me:
Staying as long as I can with 1.34 - 1 (7.7%)
Staying as long as I can with 1.8.1 - 9 (69.2%)
I just don't know yet - 3 (23.1%)
OPNsense - 0 (0%)
back to soft firewall - 0 (0%)
Total Voters: 13

Pages: [1]
Topic: Where do die hard m0n0wall users go from here?  (Read 961 times)
« on: February 15, 2015, 19:32:52 »
Curtis *
Posts: 4

Learning about tragic news about end of m0n0wall, I just wonder, well, think of it as speaking at loud. For how long would be 1.8.1, or even 1.34,  be considered as ad acta, obsolete, or should we say a risk factor?

I have friends still using much older versions then 1.34 and having no issues.

One look at alternative OPNsense, or as suggested continuation from m0n0, I wonder, where did the common sense gone? Looking at recommended hardware requirements, I wonder, is it multimedia, HTPC center, or is it disguised firewall?  Sorry, but those specs strike me as a cultural shock when thinking about elegant and resource friendly beloved m0n0wall.

My question remains; why anyone wont continue the present mon0wall as we all know it?
« Reply #1 on: February 15, 2015, 19:57:16 »
Fred Grayson *****
Posts: 994

I'll be sticking with the last version, 1.8.2b574 on ALIX for as long as there are no major security holes discovered.

I took a quick look at pfSense-2.2-RELEASE-1g-i386 on my ALIX. It seemed to run OK.

Google is your friend and Bob's your uncle.
« Reply #2 on: February 16, 2015, 05:14:41 »
azdps **
Posts: 63

Curtis thanks for sharing the alternative OPNsense. I had no idea that this project existed. It's a fork of pfsense but with an impressive webgui. Never was fond of pfsense's webgui.

I like m0n0wall but the development has slowed to a crawl. Would like to see it progress with potentially a webgui upgrade. I know some other users had mentioned there being work done on a python based webgui. Would be nice to see the progress on that.

I'm actually trying to transition to OpenBSD, although I still have a few more things to learn to make the full transition.
« Reply #3 on: February 16, 2015, 05:29:01 »
Lee Sharp *****
Posts: 517

OpenSense if NOT a replacement as it will not even run on most of the hardware I have running m0n0wall. Smiley  And pfSense has gone in a strange direction since that guy bought ElectricSheep Fencing...  Not sure if I really trust it right now.  (And I like Chris... But...)

So there will be something to fill in the gap.  If you want to be a part of it, join the LinkedIn m0n0wall Users group.  It is not going anywhere, and if a fork team develops, we may coordinate the beginnings there.

Or perhaps Manual will change his mind!  Grin
« Reply #4 on: February 16, 2015, 06:53:25 »
azdps **
Posts: 63

All I've seen reference ElectricS heep Fencing is that it's the same as bsdperimeter and is just a name change.

Also it's Opnsense not Opensense.  Tongue

join the LinkedIn m0n0wall Users group

Can't there just be a mailing list or information posted on this forum?
« Reply #5 on: February 16, 2015, 08:37:14 »
fruit *
Posts: 22

Personally I wouldn't go anywhere near LinkedIn after all the unsolicited mail I've received from them in the past.

Very sad to see the end of development of m0n0wall but many, many thanks to Manuel for what he has done over the years - and I feel I will continue to use m0n0wall for quite some time yet!

I had a quick look at the Opnsense site but it doesn't tell me much, perhaps I was looking in the wrong places - and a mention of Twitter caused me to run away from it - irrational I know.
« Reply #6 on: February 16, 2015, 12:28:36 »
Lennart Grahl ***
Posts: 153

I like m0n0wall but the development has slowed to a crawl. Would like to see it progress with potentially a webgui upgrade. I know some other users had mentioned there being work done on a python based webgui. Would be nice to see the progress on that.

That was probably me. I'm not going for OPNsense because I'm more interested in writing the system from scratch.

Originally, I wanted to rewrite m0n0wall in Python but I think Rust is much more suitable for this kind of system. And due to the fact that Rust hasn't made it to a stable 1.0 version yet, you can expect that this project will take quite some time to even get into an alpha stage.
My target is to use even less resources than m0n0wall did, so I want this system to run smoothly on my old ALIX board. Maybe that's something some of you might be interested in as well.

Anyway, I want to try something new here - more of a revolution. When there is something to announce, I'll probably post it in the OPNsense forums.
« Last Edit: February 16, 2015, 12:31:04 by Lennart Grahl »
« Reply #7 on: February 16, 2015, 16:00:12 »
azdps **
Posts: 63

When I initially replied to this email I didn't know Manuel had actually made an official announcement that the m0n0wall project has officially ended. I just want to say thanks to Manuel Kasper and all those who have helped with the project as I have used m0n0wall for several years now.

Personally I wouldn't go anywhere near LinkedIn after all the unsolicited mail I've received from them in the past.

I completely agree with this and had a similar experience.

I had a quick look at the Opnsense site but it doesn't tell me much, perhaps I was looking in the wrong places - and a mention of Twitter caused me to run away from it - irrational I know.

I completely agree with the irrational part.  Tongue . You just have to spend a few moments at the website to look around. There's a forum, install instructions, goal of the project, blog, etc. The project looks very promising.

I would like m0n0wall forked before the this forum and mailing list is shutdown at the end of the month.

« Last Edit: February 17, 2015, 04:00:41 by azdps »
« Reply #8 on: February 16, 2015, 20:12:20 »
Lee Sharp *****
Posts: 517

Two answers...

Electric Sheep Fencing was Chris's old support company.  At some point he got a partner who bought in...  This guy has been VERY aggressive in his attempts to monetize, and has ticked off a lot of people doing so.  I have this from so many sources that it is not even funny.  Also, he totally blasted me in a LinkedIn discussion.  I had worked with Chris a few times over the years, so when his partner blasted me on LinkedIn, I tried to contact Chris privately to find out what was going on.  I heard nothing, so I suspect he is contractually enjoyed from saying anything.  This means that I can not trust Chris (who I still consider a very good guy) to keep pfSense trustworthy.  So pfSense is off the table.  (As a distribution, anyways...  But FOSS is FOSS, so as sources...)

LinkedIn - Yeah, I know...  But I own the LinkedIn forum, so it will not shut down in a month. Smiley  I wanted to let people know there will still be a m0n0wall centric place, even if this forum shuts down.  Saying "Go to the OpenSense forums" will not work as OpenSense is just right out for many of us.  And the pfSense forum is out since the new partner is aggressive in moderating things he does not like.  (He removed the LinkedIn thread where he attacked me, and it did not go as he planned...)
« Reply #9 on: February 17, 2015, 00:28:38 »
Curtis *
Posts: 4

I have nothing but praise and kind word to address to attention of Manuel Kasper. He was always generous, kind and truly enthusiast with ample resources to share. I do not know the real reasons for him leaving m0n0wall, I’m sure he has his reasons, and I respect him.

But I do think it is drastic measure to assume automatically that nobody would continue monowall development. Surely this is not an alarming task, and even one version on yearly basis would be more then appreciated. When I think of elegance, absolute resource king that m0n0wall represents in terms of resources. Mind you , this has nothing to do with spending more money of bigger hardware, it is a matter of pride and intelligence. M0n0wall showed us all how superior it really is with penalty of incredible moderate resources required. In my book that says great things about m0n0wall. And when I read absolutely spoiled resources needed for m0n0wall fork replacement. Sorry, but everything in my body opposes such prospect. This is entirely different mentality and plane from m0n0wall.

My friends can’t sleep from gastrointestinal problems, if he stops reading only for a few weeks, latest updates on his FPGA documentation. He says to me in such despair: If I stop following latest specs, in a few months, it feels like I’m almost a year behind. I think we would all agree, m0n0wall is somewhat easier task.

I salute to all friends of m0n0wall, please designate the new location for all m0n0wall news, and I beg you, lets not say goodbye to our beloved m0n0wall. The way I feel about m0n0, there is nothing as elegant and superb available today.

Thank you for reading
« Reply #10 on: February 17, 2015, 18:02:28 »
weust **
Posts: 54

I've moved on to pfSense. Mainly because I want to virtualize my home machines.
Part of the hobby. New hardware, Hyper-V free version, etc.

Have used m0n0wall for several years, and liked it.
Kinda expected it end though. Development/releases was slow, as far as I could see and I was running beta versions.

Manuel, good luck with what's next.
Anything related or completely different?
« Reply #11 on: February 18, 2015, 01:01:21 »
storkus *
Posts: 9

I too am sorry the project is ending, but with the lack of updates I figured Manuel had moved on to something else.  I've said before that I can never repay what FOSS has done for me, and I mean it: even though I'm too poor to donate much, THANK YOU MANUEL and all the other hard-working and often underpaid FOSS programmers!

I actually started with pfSense, but around version 1.2.3 or 2.0 I started to have severe problems on the old K6-2/550 MHz white box I set up to run our motel's main firewall for guests (I needed a captive portal, mainly).  I traced this initially to an upgraded version of PHP they used, but it turns out the real culprit is Apple (mainly), Android (sometimes), and torrents that hammer the Realtek cards and interrupt the cpu to death without sending any real data.  M0n0wall helped for a while, but even it is suffering now.  Now that we've gotten rid of the WiMax, I can switch to an Intel NIC on the LAN side that will hopefully solve this problem. (Oh, and I discovered last night that M$ updates are like torrents to the firewall!)

I never knew about OpnSense, I'll have to check it out.  I'm not sure I trust pfSense anymore, either.  The alternative is probably a dedicated device running OpenWRT, which would save in the power department as well, <digression>but the boss (east Indian) won't spend a penny if he can help it: it was like pulling teeth just to get new access points to replace the ones that were failing a few years back! I've learned the hard way about volunteering IT services...</digression>

I don't know Manuel personally, but its a testament to him that this project lasted so long and spawned so many others.  I wish him the best for the future.
« Reply #12 on: February 18, 2015, 11:58:44 »
watercooled *
Posts: 11

Just want to say a big thank you from me too; I've been using m0n0wall for years now, and while I've tried alternatives a few times, nothing quite matches what it does in my opinion.

I tried pfSense on my upgrade to an APU1C but, for example, it seems less efficient and throughput with pf always seems to be less than ipfilter when CPU-bound.

Also the m0n0wall traffic shaper is brilliant, I'm not sure if I'm missing something with the pfSense one but after playing with it for a while I couldn't seem to get it to perform as well as m0n0wall. With m0n0 I can set it and forget it, saturate upstream and downstream simultaneously and still use VoIP or play online games without a hiccup. With the pf one, I couldn't get it to work nearly as well as that and it would drop huge amounts of packets when a pipe was saturated.

The stability of m0n0 is also something to be proud of - I can't think of a single occasion where I've needed to restart it, on either the 2D13 or APU1C.

I'm also a big fan of minimalism in software, especially security-related stuff for obvious reasons, but also in general and m0n0wall is a benchmark by which to rate others in my opinion.

Like others, I'll probably keep using m0n0wall for the foreseeable future or until a solid fork/alternative comes along. Looking at the changelog, there really hasn't been much in the way of security issues which is probably partly down to its minimalism, and the software doesn't suddenly become less safe because it's no longer actively maintained. m0n0 has shrugged the big headline security flaws over the past few years.

Anyway, it would be great to keep up with any news from this community and about forks, and really support and appreciate any efforts to keep the project going. I don't have a linkedin account but I'll keep an eye out on the discussions there anyway (provided they're publicly accessible?), and if/when another forum pops up I'll drop in.
« Reply #13 on: February 28, 2015, 00:01:52 »
Јаневски ***
Posts: 153

With great sadness i am reading the news regarding the m0n0wall project end.

It has been an honor and a privilege having such rock solid, robust, efficient, open and free project, with such great people maintaining and supporting it.
I am sending my best regards towards all the people involved in any way with the m0n0wall project and community.
I am thankful for m0n0wall existence so far, it had a great positive impact on the networking scene.

Regarding the versions, i am still with m0n0 1.34.

Never thought it would just end like this, but unfortunately it did.


Pages: [1]
Powered by SMF 1.1.20 | SMF © 2013, Simple Machines