Back in January 2004, Manuel, the guy behind m0n0wall, posted the following to the m0n0wall mailing list,
Hey folks, I feel the need to state once and for all what the intention with which I started m0n0wall was. My goal was to create a free/open-source alternative to smaller commercial firewall boxes - no more, no less. I figured that on a Soekris or similar embedded PC, it could be made to look and behave just like a commercial firewall - only cheaper and with me in control of the features. When I started working on it, I especially had the following models in mind: - WatchGuard SOHO - ZyXEL ZyWALL 10 - SonicWALL SOHO - NetScreen 5XP I didn't intend to create an enterprise-class firewall, and I didn't intend to make a file, mail, print, web or whatever server. And despite the fact that m0n0wall runs well (and in the majority of installations, according to the survey!) on normal PCs, it is targeted at embedded PCs, which means they dictate what is possible in terms of storage, CPU speed and RAM size. I think m0n0wall mostly meets or even exceeds the feature range of the aforementioned products, so my goal has already been reached. That doesn't mean there's no room for or point in improvements. I just want to make it clear that I don't think we're ever going to see things like the following in m0n0wall: - caching proxy - file server (Samba etc.) - mail server - web server (Apache etc.) - very extensive statistics simply because it wasn't my goal to produce some all-in-one thing like e-smith, but a packet filtering firewall. Furthermore, these things usually don't mix well with embedded PCs for several reasons. Why do we have a DHCP server then? Because all the commercial products I mentioned before do, because it's small and lightweight enough to fit in with the rest, and because it considerably increases ease-of-use (meaning that if your Internet connection uses DHCP too, like for example cable, you don't have to configure anything at all to let your clients access the Internet - that's why it's on by default too). Now, about the NTP server... Rest assured that if msntp didn't have problems with Windows XP clients, there would have been a nice little NTP server configuration page in the webGUI, or at least a checkbox on the general setup page (with default to off of course), since pb15. But I don't like stuff that works only half of the time, so that's why it hasn't happened yet. There you go... Hope I've explained my point of view now. Regards, Manuel