Tonight found me in a debate about OSS firewall platforms for about the 5th time this week. It’s generally my position that BSD-based firewalls (like pfsense or m0n0wall) are superior to Linux-based ones (like DD-WRT).  Anyhow, it got me wondering just how old my own M0n0wall install was.

Turns out, the answer was “too old to update nicely”. I was on version 1.22, where the current version is 1.33. This might not seem like much, but I haven’t updated firmware in at least a few years, and haven’t really thought much of it.  A giant disclaimer on the download page says “Version 1.33 now requires a 16mb CF card”.  I figured that I had at least a 32mb in there and that even if I was wrong, that it would just not be able to upgrade.  It seems that I was wrong, on both counts.The warning on the download page seemed quite sure of itself, but also not very dire. It wasn’t like “If you try to upgrade to m0n0wall 1.33 and don’t have a 16mb CF card, your device will be bricked”, though perhaps it should have been.

Once the bricking was pretty certain, I headed downstairs to fetch the firewall from the Rack.  On an aside, my m0n0wall is based on an old PC Engines WRAP 1E-2 (3 10/100 Ethernet and 1 MiniPCI) mounted in a custom rackmount plastic case along with  a laptop power supply and a fan. I’ve had this hardware for around 7 years, and it’s been exceptionally reliable.  If I had to replace it today, I’d be buying the (slightly newer) ALIX, which replaced the WRAP series of boards.

Once I had the lid off, I realized that I had indeed been using an 8mb Canon CF card all these years (hey, back in 2004 8mb was quite a bit). With that discovered, I started searching what remains of my junk bin for a bigger CF card (or a tiny SD card and the SD->CF adapter). I ended up with a 1GB A-Data card that I’d bought a while back for a carputer project that never got off the ground.  Obviously, this is way, way overkill, but it’s what I’ve got, and it’s not as if I’m going to be using it for anything else.

With the CF card in hand, I fired up a copy of phydiskwrite (which I thankfully had stashed on the file server, beside the disk image of m0n0wall 1.22, probably from when that build was installed).  With a minimum of headache, I connected the CF card to my netbook. I ended up using a USB->2.5″ IDE hard drive adapter and a 2.5″ IDE->CF adapter, which does work.  It’s important for phydiskwrite to see the CF card as a hard drive and not as a removable disk (so you can’t use a card reader, for example).

After flashing, I installed the card back in the WRAP b0ard and it booted right up, on the default configs.  A few guesses later (I still had no Internet, save my phone, which isn’t much fun for general surfing) and I had the default username and password.  Unfortunately, I lost my config file (As I’m a moron and failed to back it up before the upgrade attempt), but it’s all pretty simple nowadays;

To make a long story short, Crisis Resolved, and now I ought to be good for another few years, in terms of firewall software, anyhow.

Filed under:
Products, Projects, Technology by Kevin