m0n0wall versus Smoothwall versus the others...

Y

YeOldeStonecat

[H]F Junkie
Joined
Jul 19, 2004
Messages
11,330
Some of you guys praising these home-built routers in the "dual NIC mobo thread"...so as not to dump on his thread, I'll post this question in a virgin thread.

Pro's and Con's of m0n0wall versus Smoothwall

Who likes which one better, why, advantages of one over the other.

Obviously the most valued input would be from peeps who have "tried" both, not those who "Well...<such and such> is better because I run it..therefore it must be."
 
I am also intrested in what every one thinks. I have just started configuring a smoothwall box last night and like it so far, but would like to hear what will be said about monowall
 
I haven't run m0n0wall, yet, but I do have some months of experience with Smoothwall.

Aside from Smoothwall, I've also used FreeSCO and am currently using Coyote.

Mind you, my demands for a firewall/NAT router are mostly about simplicity and reliability. Coyote Linux is a single-floppy solution which is a router and nothing more. You configure it using a web-based interface and the rest of the time it just sits there, doing its work.

For my needs Smoothwall would be gross overkill, so the question is more like 'what do you need in a router?' :)
 
Elledan said:
so the question is more like 'what do you need in a router?' :)
Click to expand...

Just the sheer "experience, and seeing what everyone is talking about"

I change routers at home almost monthly...constantly trying different ones.

At times I often run ISA because I have Small Business Server running at home. Talk about "overkill for the home"! on a duallie gighertz machine.

I'm not looking for any specific functions. For as long as I've been a Consultant/VAR in the Windows network world, specializing in smaller business networks, I've not dabbled in *nix much. Although granted from what I've read on each's website, it doesn't look like any *nix knowledge is really needed, the installs seem about as exciting as installing Quake 4.

I imagine each one has its fan club, much like the nVidia crowd versus the ATI crowd, or in the router world...the Linksys versus the DLink crowd.

I kind of wanted to get into it a year ago, but the wifes kid was getting hard into P2P programs and bittorrent and all that warez crap. I kicked ISA back in, but naturally some of my online games don't work perfectly well running under ISA, so I'd have to revert back to whatever router I had for that time. That need is gone now, as they're moving out next week...going through a grueling divorce. But the curiousity is still there.

But I just wanted to ask and perk up my ears.
 
i think you pretty much hit it on the head, that it's a personal preference kind of thing.
i have used monowall, smoothwall, and clarkconnect.

i'm sticking with clarkconnect now, but for no reason other than it's met my needs, and i find the interface to be easy to use.
 
From the reasearch that I have done for smooth wall it seems to be much more robust, and there are also tons of little add ins that you can install to to just about anything but brush your teeth. I havnt done much reasearch on m0n0wall. so those options may be out there for it also. From what I have seen from smoothwall so far it has my vote.
 
I haven't used monowall either, but have had a smoothwall box running for over 2 years now. Once I set it up, found that it worked great, I never bothered looking into anything else.

The note on the mods is a good one to point out. You can get mods for network traffic graphs, advanced IP routing, advanced firewalling, more robust VPN, etc... really too many to mention so just look here for the whole list :p

Not sure if monowall has a modding community like that, but if it's linux based I'm sure there's mods out there.
 
I was in a similar position last year, looking for a m0n0wall vs smoothwall vs ipcop comparison to find something to suit my LAN center. What I found out was that comparisons amongst them are pretty rare, and when you find them they are not very in-depth. I was pretty surprised. Maybe there's info out there, but I couldn't find it for the life of me.

That being said, I ended up with IPCop and I'm very happy with it.
 
tHE only one I could get up and running has been the latest release of monowall. Works real well. Many options. Easy to set up. Don't need anything else right now.
 
I used to use IPCop, but I wanted a change. Smoothwall Express, which is the free version does not support SCSI, so I went with m0n0wall.

How long I will stick with m0n0wall, I don't know. It is very nice, but I miss some of the featurs IPCop had like a proxy cache. But m0n0wall supports SNMP so you can monitor it's bandwidth with monometer from your desktop. In the end, I switched to using IDE since m0n0wall has a new feature this release that shuts off the HD after it boots.

IPCop is way easier to install. Just burn the CD and boot from it. With m0n0wall the easiest way is to burn a DSL (Damn Small Linux) CD and boot from that and use it to download the image and extract it to the HD. There are instructions on how to do it on the m0n0wall page.
 
From a pure aesthetics point of view, m0n0wall is probably the slickest, most "professional" free firewall I've seen. I'd say it would even qualify as a small corporate firewall based on UI alone.

That being said, it's a great firewall too. I have one on a WRAP box and it was the best Sonicwall replacement I've come up with. It doesn't have all the features of Smoothwall, Clark Connect or IPCOP, but they go above & beyond what a firewall is supposed to do anyway. If you need all those features, ClarkConnect is great.

Robert
 
Regarding how to install monowall, the easiest (for me, at least) seems to be to put the target drive in another computer and write the image to it from there.
 
Thanks for the feedback guys...reading through them. We recently moved a cardiology group to a new office they built (boy was that new APC Netshelter server cabinet, patch panel, and switches fun to build! :) )

Anyways...point of the above, they're discarding some of their older workstations, those little Compaq Deskpro EN small form factor desktop chassis, mid range PIII's...those little boxes should make a neat platform for whatever I choose to dabble with.
 
Assuming you can fit another network card in there, they sound just about perfect. :)
 
smoothwall user for years now

smoothwall - Interface is "ok" I've modified it to look black. So many great mods. Do you use programs to monitor bandwidth on your machine? Why theres a mod thatll log all that information, want better reporting? it's there, want more control over IDS features(snort) Theres a mod for that. the list goes on and on. The others all have or can have this to some extent. But it's just not as simple

Tried Ipcop. it's ugly. Not enough mods for me. Support just isnt enough. Felt lacking.

Astaro Firewall - OMG Beautiful webbased interface, nice modules, really good syslog reporting and software, Free version doesnt have all I want Tho.

m0n0wall - Nice interface, good features, not enough easy mods for me. can run well on even older slower harder than the others above.


My smoothwall box
AEFire.jpg


Astaro
AstaroLogs2.jpg

AstaroLogs.jpg

AstaroLogs4.jpg

AstaroLogs3.jpg
 
I love M0n0wall. It had many more features then smoothwall had. Its free and its based of FreeBSD. Its small and hardware doesn't need to be top notch. I do want to try http://www.pfsense.com/index.php?id=26 Its another branch of M0n0 but it has more corp type features like dual wan link etc.
 
monowall is a true firewall. It doesn't have alot of unnecessary bells and whistles, but what it does it does well!

I have tried a bunch of the different distros and monowall is my favorite. It is so freaking powerful once you figure out how to work with rules and traffic shaping. Not only that but it has a VPN endpoint built into it.

Monowall is the way to go if you want it to just be an awesome firewall.

If you want tons of features go smoothwall
 
I love monowall. I used to use smoothwall but I had two hard drives in a row die on the pc I was using. That got me looking at a distro that doesn't require a hdd. Monowall is perfect for that. I have been using compact flash and a ide-compact flash adapter. No more worrying about drives failing. Put it on a soekris 4801 and you have a highly reliable solution. I've even installed them for clients in production situations.

The lack of a hard drive means no web proxy etc. You can always install the web proxy on a seperate box if you want. Although, I know for home that's probably overkill.
 
I just tried out Astaro out of curiosity. No thanks. Good thing I didnt erase my drive I had monowall on.

Astaro has a very confusing interface.
 
HHunt said:
Then I'd have to dig up a spare CD-ROM, a CD-R, and burn a CD. A quick drive swap remains my favourite. :)

I agree that an installation CD would generally be a good idea, though.
Click to expand...

Ahhh... my bad. Didn't consider you had no reader in your m0n0wall. I couldn't use the Live CD version because I don't have a floppy in my 1U server to save the settings to.

Nice thing is once you get it up and running, you can update from the web interface...I discovered that feature after doing 2 updates the "hard" way. LOL
 
Wrench00 said:
I love M0n0wall. It had many more features then smoothwall had. Its free and its based of FreeBSD. Its small and hardware doesn't need to be top notch. I do want to try http://www.pfsense.com/index.php?id=26 Its another branch of M0n0 but it has more corp type features like dual wan link etc.
Click to expand...


yummy! I think I'm going to try that.

I'm currently running smoothwall. I find the lack of SMP & SCSI support annoying at the moment since I have it running on my IBM Netfinity 4000r. I might be moving over to an older box soon when I find enough parts to build it. I do love the fact that it's mounted in my cabinet though.

-Robert
 
roberttran said:
yummy! I think I'm going to try that.

I'm currently running smoothwall. I find the lack of SMP & SCSI support annoying at the moment since I have it running on my IBM Netfinity 4000r. I might be moving over to an older box soon when I find enough parts to build it. I do love the fact that it's mounted in my cabinet though.

-Robert
Click to expand...

You have the same machine as I am running my m0n0wall on. I chose m0n0wall for the lack of SCSI support in smoothwall, but in the end, I put in a small IDE drive to make use of m0n0wall's IDE spindown feature where the drive shuts off and stays off 1 minute after boot.
 
1c3d0g said:
Indeed, it looks very easy even to beginners like me. :) Makes me very tempted to setup a PC with it... :D
Click to expand...

Go for it. It is very nice and very easy to use and has lots of features. It supports most hardware if not all hardware.

I really liked the proxy cache feature it has.

Here is a link to a QuckStart guide in PDF format. http://www.ipcop.org/1.4.0/en/quickstart/quickstart-en.pdf.zip Print this and follow the instructions for setting up IPCop. It doesn't get any easier.
 
1c3d0g said:
Indeed, it looks very easy even to beginners like me. :) Makes me very tempted to setup a PC with it... :D
Click to expand...

It's really simple. There's only a couple of things you need to do during the installation and then bam, it works. Plus, when I find it easier to admin than most "regular" routers I've tried.
 
Thanks for the QuickStart Guide, Met-Al, it's really simple! :)

Question: if I have 2 PC's, how should I set it up?

Phone Outlet in wall &#9654; Router &#9654; PC with IPcop &#9654; my own PC - second PC with Wireless card

Phone Outlet in wall &#9654; Router &#9654; PC with IPcop - second PC with Wireless card &#9654; my own PC

Phone Outlet in wall &#9654; PC with IPcop &#9654; Router &#9654; my own PC - second PC with Wireless card

Phone Outlet in wall &#9654; PC with IPcop &#9654; Router - second PC with Wireless card &#9654; my own PC

I hope that wasn't confusing... :eek:
 
Phone Outlet -> Modem -> IPCop -> Switch -> PC's

IPCop replaces your router.
 
If you have PCs that you want to connect with wirelessly, you'll need to put a wireless card in the IPCop box, or connect a wireless access point (not router) to the switch.
 
Ok, thanks! :D I should have clarified though, as I currently have an ADSL modem, not a router (or at least, that's what most people say it is - it's a crappy Starbridge Pyxis 210). The plan is to have a second PC in the near future, so then I'd need a wireless card to connect to the IPcop PC. Nevertheless it's good to know beforehand what's needed. ;)
 
Met-AL said:
Yep, send it to me :D
Click to expand...
Damn you and your geographical proximity. :D

Alternatively, you could put NetBSD (possibly OpenBSD; not sure about their sparc support) on it and set up pf yourself.
 
HHunt said:
.... and set up pf yourself.
Click to expand...

There lies the issue.... :p

It would be nice to have something that can be setup as painlessly as possible. I tried netbsd for a few hours and got fed up with configuring the dns settings (vi wasnt rendering the text quite right through hyperterm). Long story short, I had an improperly formatted conf file that prevented me from logging in. :(

I want to use solaris, but the lack of documentation in setting it up in the firewall/router configuration is very annoying for a novice; but at least I have the os installed and connecting to the internet fine.
 
You must log in or register to reply here.
Back
Top