Subject: Re: m0n0wall on NetBSD for SoC?
To: David Young <dyoung@pobox.com>
From: Marcin Jessa <lists@yazzy.org>
List: tech-embed
Date: 04/20/2006 10:23:07
On Wed, 19 Apr 2006 15:33:47 -0500
David Young <dyoung@pobox.com> wrote:
> On Wed, Apr 19, 2006 at 07:41:10PM +0200, Christian Hattemer wrote:
> > Hi,
> >
> > I recently stumbled on m0n0wall (http://www.m0n0.ch/wall/) when I
> > wanted to build a DSL router for my parents. However the project
> > was aborted because it turned out to be more expensive than the
> > current solution.
> >
> > But m0n0wall looked nice and I wondered whether it would be
> > possible to do the same with NetBSD. Well, that question should
> > quite certainly be answered with "yes", but does it make sense?
>
> Last I checked, m0n0wall was heavyweight (i.e., not very suitable for
> embedded systems), owing (I believe) to its using PHP. It was
> distributed as a monolithic tarball instead of as a build-from-source
> type system (so it is not very portable). Also, owing to its using
> PHP, there is not a great separation between the web presentation and
> logic.
I find both m0n0wall and it's fork pfsense.com very little flexible as
well. The model of having one LAN and one WAN interface is suitable only
for home routers or simple setups.
> IMO, NetBSD is in need of some embeddable web technology for
> router/firewall UIs. To the best of my knowledge, the best C-language
> library for embedded web stuff is ClearSilver, but I find its native
> <?cs ?cs> markup deficient. I would like to see ClearSilver extended
> to work with Template Attribute Language (TAL) instead of the native
> <?cs cs?> interpolation strings, since this eases cooperation between
> programmers and designers. Many of the elements of an embeddable
> ClearSilver+TAL solution exist in the form of expat, scew,
> clearsilver (of course), and the TAL spec. (ISTR all but scew is
> under BSD license, which is a plus.)
>
> Something else that NetBSD is missing is a configuration manager that
> can speak with SNMP/CLI/Web clients and call the right userland utils
> or ioctls to change a router's operating state. For high
> availability, it needs to have some kind of automatic rollback
> facility, so that if you're configuring some router that's halfway
> around the world (or up on somebody's roof...), you cannot lose
> control of the system.
I am working on NetBSD version of CLI
based on http://www.nmedia.net/~chris/nsh/
It will store config files in XML format making it easy to be parsed
by anything from web based UI to a parsing daemon one can talk to with
a GUI running on user's desktop.
I've been working on wifiBSD for some time (www.wifibsd.org) changing
platform from FreeBSD to NetBSD which I find way more suitable.
The work is going slowly since I am the only one working on the project
and as many of you I have a day job and family which make it harder to
find extra time for open source projects.
For those of you familiar with RouterOS from mikrotik.com, I'd like to
create something similar but based on NetBSD and of course totally free.
[...]
Cheers,
Marcin.