Firewall v1
2024-Jan-29 /firewall-v1
The year is 2008 and the latest discovery is m0n0wall from 2002, a lightweight but powerful firewall that’s been increasingly recommended for power users looking for enterprise-level control over their home network as a DIY project.
The problem with consumer and some prosumer wi-fi routers is that they are all-in-one devices that are scandalously underpowered. They often use a small dinky chipset, built down to a cost, which is expected to handle both network routing and firewall duties, across both wireless and wired clients. These class of devices are at a disadvantage before they’re even plugged in and powered on.
Inserting a DIY firewall in between the ISP and a wi-fi router offloads most of the computational workload away from the wi-fi router. The firewall would then take over routing, traffic shaping (asserting QoS — Quality of Service — which prevents any single network device from monopolizing all of the available bandwidth), and network client/address management (DHCP server). This setup allows a wi-fi router to serve as a simple but very effective wireless access point that also happens to have a built-in network switch for wired devices.
There is far more to firewall theory than those brief statements above but the focus here is the hardware so perhaps it will be expounded upon at a later time.
And now, the hardware:
Built upon a lovable (but underpowered for daily computing) PC Chips M789CG, this firewall was impressively effective. The stock heatsink was replaced with a more effective copper one with the PSU exhaust providing airflow. m0n0wall was installed on an SD card that was interfaced through an IDE adapter to the motherboard. The yellow ethernet cable brought in the interwebs while the blue one went onwards to the home network.
This motherboard featured a VIA C3 processor paired with DDR memory. The performance of the C3 was closer to an eight-year-old Pentium 3 than anything else at the time so it wasn’t recommended for a tolerable Windows XP experience. However, it had more than enough resources to handle firewall duties and its power consumption was low enough to be powered on continuously. Towards the end of its production, it sold for less than the cost of a lunch plate at under $7.
Experiments with m0n0wall at that time served to instill an interest in networking in a way that still engrosses a decade and a half later.