2002.06_Lawrence Manning from Smoothwall.pdf

INTERVIEW

ACTIONS

Lawrence Manning

SPEAK LOUDER

Linux Magazine

caught up with

Lawrence

Manning, the

Development

Director and Chief

Architect behind

the SmoothWall

Firewall project. In

the past Lawrence

has contributed

bug reports and

the occasional fix

to various Open

Source projects,

including the Linux

Kernel

Linux Magazine – How did the SmoothWall project

first start?

Lawrence Manning – Around February of 2000 I

met Richard Morrell through a local Linux User

Group. I helped Richard set up a server on his home

network, for file and print sharing. A few months

later Richard told me he had been hacked and was

looking at various firewall solutions for his dial-up

account. He had looked at a few (LRP etc.) but was

not happy with any of them, mostly because they

were a pain to set up. So I told him that I would

happily set him up a Red Hat box with a couple of

CGI scripts to dial and hang up his modem, and it

would do basic masquerading. It was VERY basic –

just a couple of CGIs written in bash on top of a Red

Hat box. Richard was quite impressed, especially with

how quickly I got it working.

After that, we together had the idea to turn this

into something you could install on a stand-alone

box. We also went to our LUG and asked for their

thoughts on this idea of ours. Mostly they had ideas

we didn’t want to consider at all, like running it off

CD-ROM.

By July I had a basic Web interface for setting up

PPP settings. This was still running on my desktop

machine though; there was no installer or anything.

The next stage was to take a Linux distro and strip it

down to its smallest size, though still with enough

services and libraries for our code. By pure chance my

Red Hat 6.2 CD-ROM had become damaged, so I

hunted around for an alternative. Richard, who

worked for them at the time, had given me a copy of

VA Linux 6.2, so I used that; it’s basically Red Hat

with a few improvements anyway. I stripped it down

to about 50Mb of “essentials”.

The next stage was to work on an installer. I

looked at a few options: ncurses , a graphical one, or

just a pure text-based installer with no fancy menus.

A graphical one was out of my range entirely, and

ncurses was interesting, but it seemed to take a lot of

code just to do simple things. So I went for libnewt ,

the API used by the Red Hat text-based installer. This

library has served us well over the years. I should say

that although it LOOKS similar, there is no common

code between the SmoothWall installer and Red

Hat’s.

There were still problems to solve, like how to fit it

all onto a floppy disk. The only interesting thing to

say about this time is that the network installer was

added because it was the only way I could do installs

at the time; I didn’t have a CD burner. Even up to the

first release of 0.9 (early September) CD installation

was untested. In fact it was broken in the first

release, so we did a release of 0.9.1 a few days later,

which fixed the problem.

So, by mid-September we had a SourceForge

project registered and we had mailing lists on

SourceForge, etc. We also had a small team of

testers. Things plodded along quite slowly, until

Richard had the project registered on Freshmeat. I

remember well: Richard phoned me up the next day

and asked me to guess the number of overnight

downloads. It was about 50 and that was amazing

for just one night! So that’s the early history of

SmoothWall, up till around October 2000.

Linux Magazine – What dictated the early

decisions?

Lawrence Manning – With regard to programming,

common sense is the best answer I can give. The best

way to explain this is to give some examples.

I used libnewt because it was a very fast library to

develop in. If you wanted an error dialog to appear,

the code was already written so it was a single

function call. Every dialog I needed at the time was

already written so libnewt was easily the best tool for

the job.

We originally chose, and have stuck to, Apache for

obvious reasons. It’s reasonably fast, obviously very

secure and tested, and it was also fairly well known

by us. That’s another thing that cropped up again

and again: where there are two options, I tended to

choose the one I knew best, even if I thought it had

some shortcomings.

Likewise, the CGIs were written in Perl. While this

is an obvious choice, the reason I chose to use it was

that I had done some Perl at University and it seemed

like the best language to use. I don’t especially like

programming Perl (I am more at home with C) but it

LINUX MAGAZINE

Issue 21 • 2002

INTERVIEW

has proven to be a pretty good choice over the years.

Some of the old code was really bad though! I am

still learning the language, to be honest.

Linux Magazine – How did the team come

together?

Lawrence Manning – Through the mailing lists, and

on IRC. Oftentimes, someone from the outside would

have a really good idea and we would see that and

“invite” them in. Neuro (William Anderson) came

with us with proposals for jazzing up the (then) really

dull interface with some nice graphics. Richard and

myself, to an extent, were really hostile to this but we

saw he had huge talent in graphical work, so

eventually he became part of the team.

Similar stories can apply to various others. The

team is split quite neatly into two groups, a core

group, and an outside group. The simplest way to

explain this is to say that the core group put the

hours in and are dedicated to the project, so we can

all depend on each other when things need to be

done, especially with regard to security patches and

the like.

Linux Magazine – How are suggestions dealt with?

Lawrence Manning – We evaluate them and work

out if it meets our criteria. Is it where we want

SmoothWall to go? Does it introduce any

vulnerabilities – potential or otherwise? How long

would it take to implement it?

One thing that pretty much sums it up is: just

because it can be done, doesn’t mean it should be.

We still get people wanting us to put Sendmail or

Samba on, something we dismissed at day one.

Often, someone has already had the same idea, or

we have had it, and already rejected it. Sometimes

there are absolute gems though, and it’s a question

of “why didn’t I think of that!”

Linux Magazine – What are the fun elements of

being in a programming team?

Lawrence Manning – I suppose the nicest part

about it is that many of the people in the

SmoothWall team have become best mates.

It is no exaggeration that we’re almost all family

now. There is social and relational interaction that

goes way beyond work or coding. We live very much

in each other’s pockets regardless of geographical

location. Maybe that’s why some people wanting to

“join” the team just simply can’t and won’t ever cut

the grade.

Linux Magazine – What do you use to keep the

code tree in sync?

Lawrence Manning – For the old GPL Smoothie, it

was mostly done by me being fed bits of code and

merging it in (along with testing) by hand. In Lite we

have a full private CVS tree.

Linux Magazine – Why was SmoothWall Limited

started?

Lawrence Manning – SmoothWall Limited was

started for a very simple reason: to keep SmoothWall

alive. Without having a company behind it, both

Richard and I would have to get “normal” jobs, and

would have very little time to work on SmoothWall. I

don’t think it is big of me to say, but without me and

Richard there wouldn’t really be a future for

Smoothie. Someone could of course take it up, but it

wouldn’t be the same. And besides, I LOVE working

on it, and the only way for me to keep doing the

thing I love was to start a company and try to make a

business out of it. This is what we have done, and so

far we have been more successful then we could

have hoped.

That’s the simple reason. Also Richard, with a

family, simply couldn’t afford to keep paying for it

forever. A lot of the community think this stuff just

happens; it doesn’t. It costs a LOT of money.

Linux Magazine – Why was George Lungley

persuaded to join the team?

Lawrence Manning – George was a major player in

corporate IT systems for councils and corporations of

twenty plus years standing. Also a SmoothWall user,

George was very much the straight man to myself,

Richard, and William. George has also created, from

virtually nothing, a company that ended up being

sold for millions of pounds to a multinational

corporate chain. No Linux company in the UK can

claim to have done this. We do sometimes wonder

why he wants to be involved when the community

kick off. I think he views the community with the

same scepticism and bewilderment that we all do at

times.

Linux Magazine – How much time has been

invested?

Lawrence Manning – Well, I have worked on

SmoothWall for just over a year, full time. Before that

I spent maybe three to four hours a day on it. Other

people like William and Dan Goscomb have invested

similar amounts. Richard has invested about the same

amount of time, and a very considerable amount of

money.

Linux Magazine – How does SmoothWall Lite differ

from the 0.9.9 GPL version?

Lawrence Manning – It is a complete rewrite. There

is no common code at all. 0.9.9, and the GPL base

served us well for the best part of two years,

however the time has come to start again. All code

rots, and at some point it has to be time to start

anew. Dan has some great ideas and I personally

can’t wait to see them come to fruition.

Linux Magazine – How does the team focus on

direction?

Lawrence Manning – The team is just that, it’s a

team. Imagine a spider with eight legs. All have to

move in one direction to achieve anything. Like a

spider, we also have to cling on for dear life

sometimes when spinning a Web with no resources.

Dan Goscomb and William Anderson work with

Richard on focus. Richard will suggest ideas, looking

Issue 21 • 2002

LINUX MAGAZINE

INTERVIEW

Info

SmoothWall Ltd.

Web site

http://www.smoothwall.

co.uk/

at competing proprietary products and use a

commercial focus to suggest ideas. Dan will say “OK,

I can do that but it needs to be coded thus”, William

will then come in and design the graphical glue to

hide all the skeleton that lays beneath. Dan and

William provide (on Lite) the bones of the exterior.

Richard is the catalyst, as he has relationships with

players in the Linux hierarchy that we don’t. His job is

to use these contacts to talk to comms hardware

vendors and the like and give us the driver support

that we need.

Linux Magazine – What was the reasoning for Lite

being Closed Source?

Lawrence Manning – Lite is a product that has to

remain free. We are committed to it being free.

Although it may use some GPL code, we will use

common proprietary compiled elements from

SmoothWall Ltd. and from other companies we have

relationships with. We are not about to suggest these

other third parties look to GPL their code: it won’t

happen. Being Closed Source is the best way to

produce a good product, in OUR case. This is because

it is the only way that we that the product we care

about can remain competitive in important areas, like

device compatibility.

After the rampant abuse of our rights as

developers by the IPCop team, and others, there is no

way we will share advantage with the community.

And there is no doubting this point. I do not want to

go into details or get into a debate. But we were

abused. No one would ever fork the kernel, change

it’s name, and claim absolute credit. Yet this is exactly

what they have done. Also, if we did Open Source a

lot of the common code it would disadvantage our

resellers and our credibility in the corporate paying

world. The community has no real role in the “fee

paying world” that subsidises the servers that power

the “community”; it’s a food chain. We don’t

particularly want to become consumable items – we

would much rather be the supplier.

Linux Magazine – What are you hoping to

concentrate on developing in the future?

Lawrence Manning – I really want to get started

on our Enterprise level products. We have some

fantastic ideas for the “ultimate” SmoothWall, and I

can’t wait to get started on it. It is hard to explain

to a non-coder, but when you see your ideas that

you had while doing the most mundane of everyday

tasks, when you see them come into reality, it’s an

amazing thing. Still now, when people say “we are

using Corporate Server in our

hospital/school/whatever”, I get a huge buzz. It’s

going to be an even bigger buzz in the future,

when we are truly up there with the big boys,

competing on a level playing field.

Linux Magazine – What is the advantage of the

Corporate Server?

Lawrence Manning – Corporate Server is a fully

rounded, “corporate” product, compared to GPL,

which is a home level server product. Our

competition to Corporate Server is GPL. However

they are very different products, not bedfellows.

Corporate Server has features and has code that

shares common boundaries but the expectation levels

are totally different.

Corporate Server is also modular, so you can bolt

on things like an x.509 certificate authenticate VPN

management, complete with Windows remote Road

Warrior support. SmoothHost is our module that

allows you to replace a Cisco PIX for 10 per cent of

the comparative price. This is all gone into in greater

detail on the Web site (details are below).

But even without the modules, Corporate Server

has features that make it “stand proud” with the

other servers and services provided by your typical

corporate network.

Linux Magazine – Do you still get to play

RuneQuest?

Lawrence Manning – Sadly not. Friends separate,

and people have “grown up”. I would love to get

into online gaming in a big way, but I don’t have the

time!

Linux Magazine – I heard you are using a PPC

machine?

Lawrence Manning – I’m playing with a PPC box at

the moment. It’s a complete pig to get going! If

anyone has any experience running Linux on a

powerstack, I’d appreciate it!

Linux Magazine – Tell us about your brother Virgil.

He’s the Emmy award winning animator behind such

classics as “Walking with Dinosaurs”. What does he

think of your success?

Lawrence Manning – He’s happy for me. But he’s so

laid back, it’s hard to surprise him at all! This guy

meets film stars every now and then, has been to the

USA more times then I’ve been to London (I live in

Southampton). Yes, he is impressed I’m a company

director and how many users SmoothWall has.

Linux Magazine – What do you do to relax after

coding?

Lawrence Manning – Well, I’m a big Star Trek fan...

And I try to do a bit of cooking every now and again.

Just normal stuff. But I’m a computer geek through

and through. Coding can be very relaxing!

Linux Magazine – If you could change just one

thing what would it be?

Lawrence Manning – I’d like the community to

grow up and stop being so rude and one minded. It

can be a horrid place to work on occasion. If the

community started behaving more maturely and more

like the talented developers that they are then it

would be a much nicer world. We’d also get

adoption of Open Source further and faster. Right

now some of them, a small minority, are a bad

advert. I’d also like to have as many Corporate Server

customers as we have GPL users.

LINUX MAGAZINE

Issue 21 • 2002

Plik z chomika:

Inne pliki z tego folderu:

Inne foldery tego chomika: