Installing m0n0wall to other PC hardware
Installation to other PC hardware involves much the same method, with the exception of the CD-ROM version.
Soekris net4801/PC Engines WRAP Images
As these are also embedded devices booting from a CF card, follow the instructions for the Soekris net4501, substituting the appropriate image at the physdiskwrite/dd stage of writing the image to the CF card.
On the PC Engines WRAP, the LAN1 interface is assigned as the m0n0wall LAN interface and given a default IP address of 192.168.1.1/24 in the same manner as the Soekris net4501. LAN1 is the on the far right next to the power socket. As you would expect, the Soekris net4801 network interfaces are assigned in exactly the same way as the net4501.
Generic PC Images
As already discussed, the generic PC images can be installed on any Intel x86 compatible hardware that meets the minimum requirements. This could be an embedded PC platform where a m0n0wall image compiled for optimum performance isn't available, or a standard desktop PC being given a new lease of life as a firewall.
The main decision to make is how to boot your hardware, Compact Flash, IDE Hard Disk or CD-ROM? My suggestion is that where possible, always go for CompactFlash. IDE CF adaptors and CF cards are relatively inexpensive and this is the storage medium that m0n0wall was designed for.
The only shortcoming of CF cards is the relatively low number of write/delete cycles that the memory will support before failing. While this is measured in figures of hundreds of thousands, a firewall permanently connected to the Internet that is configured to write an entry to the system log for every blocked IP packet is going to hit that limitation fairly quickly.
To overcome this, m0n0wall only accesses storage media under three circumstances:
- booting the system and reading the software image into RAM
- writing configuration changes to the XML configuration file
- writing a new software image using the 'Firmware Upgrade' function while the firewall is on-line.
Everything else is performed in RAM. This does mean m0n0wall's minimum RAM requirement of 64MB is higher than some other comparable firewall systems. But those other systems rely on virtual memory in the way of a swap file on disk and can't take advantage of the low power requirements and high mechanical reliability of booting from CompactFlash.
If CompactFlash is not possible, hard disk is the next best option. Chances are if you are giving a retired PC a new lease of life, it will already have a hard disk. This isn't going to be quite as reliable or power efficient as CompactFlash, but running a firewall with a hard disk isn't unusual and you can still get the convenience of the online 'Firmware Upgrade' functionality.
Installation of an image to hard disk is mostly the same as installation of an image to CompactFlash. You will just have the inconvenience of having to shut down and partly disassemble the PC you are using to install the m0n0wall image and attach the hard disk to a spare IDE channel. Also special pay attention at the stage of selecting which device you will be writing the m0n0wall image to since the last thing you will want to do is overwrite the HD with your operating system!
The final option is the CD-ROM ISO image. From a long-term reliability point of view this is the worst of both worlds, since it depends on both writeable CD-ROMs and 3.5" floppy disks!! However, as method of evaluating m0n0wall on general PC hardware, it couldn't be more convenient. You won't have the convenience of the online 'Firmware Upgrade' function, but by that stage you will have reconfigured your m0n0wall to use a CF card or hard disk, or will have moved on to other solutions.
Simply write the ISO image to a CD-R using your favourite CD-ROM burning software, making sure the software is writing a Mode-1 image at 2048 Bytes/sector. Then find a 1.44MB 3.5" floppy disk and format with the FAT16 file system. Insert the disks in the relevant drives and configure the PC BIOS to boot from the CD-ROM device.
Instructions for both writing the CD-ROM image and formatting the floppy disk under FreeBSD are on the m0n0wall website at http://www.m0n0.ch/wall/installation_cdrom.php
TIP: Just be sure that once the evaluation is over, m0n0wall and the PC are reconfigured to boot from a CF card or hard disk. The configuration can be 'backed-up' and applied to the new configuration as long as all the other hardware (particularly network interfaces) is the same.