back to article M0n0wall comes tumbling down as dev throws in the trowel

The open-source m0n0wall firewall project has been discontinued. The project's author, Manuel Kaspar, has posted that his reason for pulling the plug is simple: “there are now better solutions available and under active development”. The end of the project is in part illustrative of the challenges that face any small-scale …

  1. Shannon Jacobs

    Financial models matter

    I've said it before, but maybe someone is listening this time?

    Great software without a good financial model is meaningless. In contrast, the most awful software (AKA Microsoft) can be extremely successful if the financial model is cunning enough. MS actually has two important innovations, but none of them involve better software. (1) Sell to the makers, not the victims of your software. (2) Devise a EULA that completely absolves you from any responsibility for the egregious flaws in your software.

    Yes, I do have a better idea, but no one is listening, so why waste the keystrokes (again). However, I may soon have the freedom to pursue it seriously...

    1. Frumious Bandersnatch

      Re: Financial models matter

      (2) Devise a EULA that completely absolves you from any responsibility for the egregious flaws in your software.

      Everyone does that. Even (especially?) free software.

      1. DropBear

        Re: Financial models matter

        Everyone does that. Even (especially?) free software.

        Yeah, and? How does that make it ok...? I mean one has to be a very special kind of bastard to actually expect someone to pay damages as well in case of a flaw when said software is being offered for free and developed (most often) through unpaid labour. That in no way implies entities who create software as a business should not be responsible for anything at all either...

    2. A Non e-mouse Silver badge

      Re: Financial models matter

      Sell to the makers, not the victims of your software

      Actually, MS didn't really "sell" to the makers. They strong-armed the makers and said "Pay us a license fee for every PC sold. Oh, and if you sell a PC without out software, we'll jack up the price (Or not sell you cheap OEM versions of software)".

      The only people MS sold to were executives.

    3. RIBrsiq

      Re: Financial models matter

      The article is about the demise of a FreeBSD-based OSS project and your first thought is to bring up Microsoft...?

      Since you mentioned it, if Microsoft's software is so awful, what does that say of the alternatives that people (and businesses) refuse to use even for free...? And it's *not* that Microsoft are entrenched: times were when there was nary a Microsoft server serving pages on the 'net. Now look at things...

      I know Microsoft bashing is popular, with some factions of the IT society. But I just wish people would grow up beyond that phase, already!

      1. M Gale

        Re: Financial models matter

        "Now look at things..."

        Same as a few months ago, nginx seems to the the up-and-coming server. Apache still has a huge lead on web sites that aren't spam and domain parking pages. IIS lost its brief total-sites-including-crud lead due to one of those crud-hosts going under.

        Just saying.

    4. Magnus_Pym

      Re: Financial models matter

      It depends on how you define success.

    5. fruitoftheloon

      @Shannon: Re: Financial models matter


      That's nice for you.

      Out if interest, how much did you make from selling your last startup?



  2. Innocent-Bystander*

    Just Part of the OSS Evolution

    Thank you for your contribution.

    /not sarc.

  3. djack

    This article reads as though it is seen m0n0wall as a failure, or that it demonstrates a weakness in the way that open source software is developed.

    Yes, the project is closing but it is clear that so many people and other software packages owe so much to m0n0. It's code base is old and had been superceded in terms of flexibility and maintainability by those who came later and built and modified what was there . And so, in time, these packages will be replaced by others building upon them.

    It's not a failure, pfSense and the others are all the children of M0n0. It has gone into retirement but it's offspring have great futures ahead of them.

    1. Anonymous Coward
      Anonymous Coward

      I agree.

      m0n0wall should be celebrated, not ridiculed. There are too many idiots in this industry, who just don't get it.

      It's was a full featured firewall OS provided and maintained for £0, that allowed derivatives and to be used in commercial equipment. I dare you to ask Juniper for something like that.

    2. Tim Jenkins

      "m0n0wall should be celebrated, not ridiculed"

      Damn right - we used it for years on our Guest network (running for months on end hosted on an antique PII) and only retired it because the newer OSX devices started interpreting its captive portal function as a hostile interception - an Apple change rather than a failing in m0n0wall itself...

      1. Eddy Ito

        Re: "m0n0wall should be celebrated, not ridiculed"

        Great stuff in a small package. It was great for running a virtual firewall on my laptop that had a smaller footprint, more flexibility, more security and lower overhead than some of the commercial products I've tried particularly one I won't name since it could be confused with a motorcycle company.

        1. Keven E.

          Re: "m0n0wall should be celebrated, not ridiculed"

          "... throws in the trowel".


          When you throw in the "towel", it means your boxing manager/trainer did that to *stop the fight because you got so freakin punch drunk that you probably couldn't even form the *words.

          Really bad cockney rhyming slang? A mondegreen?

          1. ParaHandy

            Re: "m0n0wall should be celebrated, not ridiculed"

            "...throws in the trowel"

            I think it is a pun on fireWALL. i.e. made of bricks and assembled with a trowel, no?

  4. Anonymous Coward

    If it looks like a lame duck, quacks like a lame duck and walks like a lame duck then it's the m0n0wall firewall.

    1. ByeLaw101

      I used M0n0wall for years, it was a great product and admittedly I don't use it now I can tell you it certainly wasn't a lame duck.

  5. batfastad

    Times changed

    Used it for a number of years at a few small offices and worked well. IPCop also. But as embedded router boxes increased in power and features our need for the use of commodity hardware and dedicated firewall distros has gone away.

    Used a few Microtik RouterOS devices in the last 5 years which do a good job but with fewer moving parts.


    m0n0wall was a superb project.

    Very successful. There are A LOT of people with reason to be grateful. I personally use both pfSense and Nas4Free.

  7. Ian Johnston Silver badge

    If it's good, and since it's open source, why doesn't someone else take it over?

    1. Solmyr ibn Wali Barad

      Possible. But may not be necessary. Depends on whether these newer alternatives are good for everyone and every known usage case. Original developer seems to think so, but if anyone disagrees, they can grab a source and get hacking.

  8. Christopher Edwards

    Manuel Kaspar === Chap

    That is all.

  9. Barry Page

    Alas poor m0n0wall, I knew him...

    When I used m0n0wall, I was staggered by just how good it was. It has spawned a whole generation of software-based firewalls and routers and shown us what was possible for relatively little configuration effort and skill compared to -- let's say -- a Cisco router.

    So long and thanks for all the fish.

  10. tiger99

    @Frumious Bandersnatch

    Yes, every small guy has to do that, to avoid being wiped out by legal action if a bug results in someone suffering loss or damage, despite his or her best efforts. If you are giving software away free, it is entirely unreasonable to be held to be liable. Developers already give a great deal of time and intellectual effort, with often no direct reward, except the immense satisfaction of doing a job well.

    What is unacceptable is that the Big Bully Boys of the industry (pick whichever you hate most, M$, Apple, Oracle, SAP.....) are also able to hide behind similar get-out clauses, whereas the manufacturers of just about any other retail product are liable for the consequences of their products malfunctioning. Someone, I think it may have been the dangerous incompetent who ran M$ at the time, once claimed that it was because software was not yet a mature industry. That was more a reflection on the maturity of the individuals concerned, himself in particular, because, unknown to him (I don't think he is capable of understanding), techniques for producing rock solid, reliable code, and the necessary hardware to run it reliably, are well-known and understood, but rarely practiced. Nevertheless such techniques are only within the scope of large teams, with some capital to invest, and the bulk of software that is written is either just quick hacks to satisfy the internal needs of a business, or open source for public distribution. The amount of expensive commercial software that is written, and can economically support the procedures needed to give it high reliability, is most likely well under half of the total, whether measured by lines of code, programmers hours or installed copies.

    Nevertheless, the "small" developers can, and do, apply good practice to their coding in many instances, and turn out stuff that is as good as any commercial product, if not better. Long may that continue. People should always feel the need to do things well, rather than just adequately, it provides more satisfaction in the end, and everyone wins. Visibility of source code helps, of course.

    The developer is to be congratulated and thanked for running a successful product for all those years. Closing down now is a sign of success, not failure. The successors to m0n0wall live on, much like how UNIX is virtually dead (thanks to a certain Mr. McBride who sued the world and lost), but one of its successors (Linux) is found in the majority of smartphones (all Androids and some more) and umpteen other places, being the numerically dominant full OS when all computing devices are considered. (OK, not very significant on the desktop, yet...). And look what the other successors, mostly the xBSD family, are doing. Apple products, many routers and NAS boxes, etc. Solaris lives on, despite almost the whole world hating, with good cause, its current owner, Oracle. So UNIX is all but gone (the remnant of the business lives on, still). Was it a failure? Of course not. Likewise m0n0wall was, and will always remain, an outstanding success.

  11. Adam Inistrator


    if only pfsense would run on arm - but it is tied to freebsd and therefore intel/amd. i know the reason is that freebsd is supposed to be more secure but - o well ... freetards cant be choosers.

    1. fnj

      Re: arm

      In what world is FreeBSD limited to "intel/amd"? In the world I inhabit, we have:

      ARM 32-bit:

      PowerPC 32-bit:

      PowerPC 64-bit:

      PC98 and SPARC admittedly seem to have been dropped.

      Apologies for not making proper links, but TheReg won't let me play with html until I've mae a billion posts or something.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like