m0n0wall is a project aimed at creating a complete, embedded firewall software package that, when used together with an embedded PC, provides all the important features of commercial firewall boxes (including ease of use) at a fraction of the price (free software).

m0n0wall is based on a bare-bones version of FreeBSD, along with a web server, PHP and a few other utilities. The entire system configuration is stored in one single XML text file to keep things transparent.
m0n0wall is probably the first UNIX system that has its boot-time configuration done with PHP, rather than the usual shell scripts, and that has the entire system configuration stored in XML format.

m0n0wall provides many of the features of expensive commercial
firewalls, including:

• web interface (supports SSL)


• serial console interface for recovery
  
  
  
  • set LAN IP address
  
  
  • reset password
  
  
  • restore factory defaults
  
  
  • reboot system
  
  
  
  


• wireless support (access point
  with PRISM-II/2.5/3 cards, BSS/IBSS with other cards including Cisco)


• captive portal


• 802.1Q VLAN support


• stateful packet filtering
  
  
  
  • block/pass rules
  
  
  • logging
  
  
  
  


• NAT/PAT (including 1:1)


• DHCP client, PPPoE, PPTP and Telstra BigPond Cable support on the WAN interface



• IPsec VPN tunnels (IKE; with support for hardware crypto cards,
  mobile clients and certificates)


• PPTP VPN (with RADIUS server support)


• static routes


• DHCP server and relay


• caching DNS forwarder


• DynDNS client and RFC 2136 DNS updater


• SNMP agent


• traffic shaper


• SVG-based traffic grapher


• firmware upgrade through the web browser


• Wake on LAN client


• configuration backup/restore


• host/network aliases