Download m0n0wall 1.3b12

The m0n0wall package is a firewall with extended possibilities. It basically uses the Freebsd 6.x operating system and is fully configurable via a web-based interface. M0n0wall has support on board for wireless setups, 802.1Q vlan, nat/pat, ipsec vpn tunnels and pptp vpn. In addition, it can also apply packet filtering and has a traffic shaper. The developers have already released the twelfth beta version of m0n0wall 1.3 with the following list of changes:

Version 1.3b12:

• Known bug: DNS forwarder doesn’t work when “Register DHCP leases in DNS forwarder” option is enabled
• WARNING: this version (any platform) no longer fits on 8 MB CF cards! (>= 16MB required)
• When upgrading from generic-pc 1.2x, you must install 1.3b7 first before you install this image. Other platforms are not affected.
• added initial IPv6 support (based on code contributed by Michael Hanselmann in 2005)
• removed IPv6 tunneling option
• automatically generate self-signed SSL certificate when switching from HTTP to HTTPS (CN = current hostname); also add a button to generate a self-signed certificate on demand on the System: Advanced page
• make captive portal “disable concurrent logins” function compare usernames in a case-insensitive manner
• fix polling setting on optional interfaces
• add ipnat fix (from ipfilter mailing list) to prevent a (rare) case of kernel panic when ipnat sees a fragment of a TCP packet, and that fragment is not the first one
• remove PPPoE/PPTP dial-on-demand feature. Still doesn’t work properly, nobody has enough interest in it to fix it, and most people probably don’t need it anyway
• remove bpalogin – looks like it’s dead
• updated Dnsmasq to 2.42
• don’t run captive portal reauthentication (if enabled) for MAC pass-through clients (patch by Peter Allgeyer)
• repeat banner each time the console menu is displayed

Version 1.3b11:

• fixed IPsec to prefer new SAs over old SAs by default (should solve problems with tunnels not working after an interruption or peer IP address change)
• added DPD (Dead Peer Detection) option to IPsec tunnels (default off as before)
• added asn1dn option to IPsec identifier types to be compatible with what Openswan expects when using certs instead of PSKs (contributed by Wes Morgan)
• fixed SVG traffic/CPU graphs under IE7 (by Daniel S. Haischt)

Version 1.3b10:

• allow fragmented ESP and NAT-T encapsulated IPsec packets when using the integrated IPsec support (should solve MTU issues)
• added patch to make mini_httpd accept intermediate SSL CA certificates
• use NTP vendor pool zone for m0n0wall instead of pool.ntp.org (this will also be automatically replaced in existing installations on the first boot)
• fix MSNTP to properly handle server hostnames that start with a digit
• updated base system to FreeBSD 6.3-RELEASE-p1
• copied dhclient-script from m0n0wall 1.233 (in an attempt at solving the sporadic DHCP renewal problems reported by some users)
• fix MPD WAN PPPoE/PPTP auto-reconnect issue
• webGUI HTML tidyness fixes by Daniel S. Haischt
• put IPSTEALTH in kernel config so that it can be enabled via sysctl if needed
• updated ipsec tools to 0.7