Table of Contents
m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software). m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent.
m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.
m0n0wall already provides many of the features of expensive commercial firewalls, including:
web interface (supports SSL)
serial console interface for recovery
set LAN IP address
reset password
restore factory defaults
reboot system
wireless support (access point with PRISM-II/2.5/3 cards, BSS/IBSS with other cards including Cisco)
captive portal
802.1Q VLAN support
stateful packet filtering
block/pass rules
logging
NAT/PAT (including 1:1)
DHCP client, PPPoE, PPTP and Telstra BigPond Cable support on the WAN interface
IPsec VPN tunnels (IKE; with support for hardware crypto cards, mobile clients and certificates)
PPTP VPN (with RADIUS server support)
static routes
DHCP server and relay
caching DNS forwarder
DynDNS client and RFC 2136 DNS updater
SNMP agent
traffic shaper
SVG-based traffic grapher
firmware upgrade through the web browser
Wake on LAN client
configuration backup/restore
host/network aliases