M0n0wall 1.3B TODO/WISHLIST
To do (1.3b):* wireless:
o MAC authentication list
o hidden SSID option
o antenna selection
o WPA
* turn off core dumps by default
* PPTP performance problems (?)
* fix HD spindown
* upgrade base system to 6.2-RELEASE
* bug: IP fragments don't seem to be passed, even though the corresponding ipfilter rule is set to "keep frags", and there are no log entries for the missing fragments
Wishlist:
* certificate management for IPsec, webGUI, OpenVPN and captive portal
* allow bouncing with inbound NAT mappings (see this)
* quick-setup wizard
* allow groups of hosts/networks for aliases
* NAT on arbitrary IP protocols
* port scan detection with automatic blackholing
* per-IP bandwidth stats/accounting
* support secondary networks on WAN interface (possibly with load balancing)
* time/day of week based firewall rules
* dialup backup link (via serial port)
* high availability (VRRP, CARP, ...) 比较诱人的是:
* support secondary networks on WAN interface (possibly with load balancing)
* time/day of week based firewall rules
* dialup backup link (via serial port)
* high availability (VRRP, CARP, ...) 对于网吧来说这个功能可能比较受它们欢迎:
* allow bouncing with inbound NAT mappings (see this) :lol 比较诱人的是:
* support secondary networks on WAN interface (possibly with load balancing)
* time/day of week based firewall rules
* dialup backup link (via serial port)
* high availability (VRRP, CARP, ...)
Yeah, very wonderful!!!!
这份“期望清单”里面的内容,看起来真有点企业级应用的味道,提供了一些5000~万元级别防火墙或者VPN路由器的功能。
比如第二WAN口及负载均衡,通过串口和外置Moden支持的拨号连接作为链路备份,基于时间、日期的防火墙规则,VRRP等高可用性支持。。。
很诱人。强烈支持。
quick-setup wizard 快速设置向导功能。在一个成熟的网络产品里面是必须的。
per-IP bandwidth stats/accounting 每一IP的带宽状态明细功能,太需要了。记得以前只能用入网门户来变通实现,而且相当复杂。
port scan detection with automatic blackholing 端口扫描关于自动黑洞探测? 这里不太理解。
我一直在关注M0N0WALL在VPN方面的应用,本人以前也测试成功过m0n0和CheckPoint的VPN设备做Site-to-Site的IPsec VPN,不过当时还是有一些兼容性问题,比如m0n0的phase 1的协商模式不能用aggressive,只能用main。不知道这个版本的m0n0是否有所改进。
VPN方面的升级或者改动:
certificate management for IPsec 支持IPsec的证书管理了。
原来只能用粘贴密钥文件内容的方法使用X.509安全证书,现在可以用导入.p12和.pfx等标准pkcs格式证书文件了吗? 要知道高级的VPN设备都是使用证书的。
OpenVPN and captive portal
把OpenVPN也做进来了?不错,现在SSLVPN很流行,使用起来也很方便。 * support secondary networks on WAN interface (possibly with load balancing)
传说中的双WAN??? 越来越强大了! http://m0n0.ch/wall/beta-1.3.php
;P To do (1.3b):
* wireless:
o MAC authentication list
o hidden SSID option
o antenna selection
o WPA
* turn off core dumps by default
* PPTP performance problems (?)
* fix HD spindown
* upgrade base system to 6.2-RELEASE
* bug: IP fragments don't seem to be passed, even though the corresponding ipfilter rule is set to "keep frags", and there are no log entries for the missing fragments
Wishlist:
* certificate management for IPsec, webGUI, OpenVPN and captive portal
* allow bouncing with inbound NAT mappings (see this)
* quick-setup wizard
* allow groups of hosts/networks for aliases
* NAT on arbitrary IP protocols
* port scan detection with automatic blackholing
* per-IP bandwidth stats/accounting
* support secondary networks on WAN interface (possibly with load balancing)
* time/day of week based firewall rules
* dialup backup link (via serial port)
* high availability (VRRP, CARP, ...)
这些是不是已经做进去了??? 原帖由 z811007 于 2007-2-27 03:38 发表
这些是不是已经做进去了???
没有做呢 不知道这些功能什么时候可以做出来? 哈哈,看来新版MONO慢慢超过PFS也说不定哦
页:
[1]