M0n0wall’s firewall rule setup. Rules can be set up by address and port across all interfaces supported by the the underlying hardware. Additionally protocols can be NAT’d (handled via network address translation) or even remapped (to allow the user to use protocols that may be blocked by an ISP’s routing rules).

M0n0wall’s dynamic DNS setup screen. This allows the firewall to have a Domain Name visible on the Internet in implementations where the end-user doesn’t control their own IP address such as a cable-modem or DSL connection.

The setup for M0n0wall interfaces; here one can set up both wireless and wired interfaces. This screen capture shows a wireless interface being configured to allow WEP (“Wired Equivalent Privacy”) Security.

The M0n0wall IPsec status page showing an active connection to another IPsec compatible system.

The M0n0wall setup page for IPsec VPNs; this allows the system to connect with other M0n0wall system as well as other IPsec compliant systems (such as commercial firewalls) to create secure virtual private networks.

The M0n0wall setup page showing the settings for PPTP connections which allow remote users to connect tot he M0n0wall using standard remote access clients.

The M0n0wall status pages showing the status of the network interfaces and how much traffic each network has handled.

The M0n0wall software runs on a large variety of hardware, but the most popular is a small but very powerful embedded system made by Soekris engineering. This particular board, the NET4521, supports two 100Mbit Ethernet interfaces and 2 PCCard/PCMCIA slots which can be used to add wireless (WiFi) cards; there is also a CompactPCI slot that can be used with a hardware encryption accelerator to speed up VPN access.

Soekris also makes optional cases for these embedded systems; this shows the NET4801. These are very compact systems, taking up the space of a small hardcover book.

The rear of the NET4801 in its optional case showing the network interfaces and console/power connections.