[Cerowrt-devel] default zones including interfaces and babel

[Matt Taggart <matt@lackof.org>]

Hi cerowrt-devel,

In a default 3.10.50-1 install on the Network->Firewall->General settings 
page, there are some default zones for wan, lan, guest.

They don't appear to have any interfaces assigned to them, I am guessing 
the intent is:

ge00: wired wan port, should be 'wan' zone
gw00, gw10: guest 2.4/5 wireless, should be 'guest' zone
se00: wired switch ports, should be 'lan' zone
sw00, sw10: secure 2.4/5 wireless, ? zone
gw01, gw11: babel 2.4/5 wireless, ? zone

0) shouldn't the interfaces be assigned to zones?

1) If the intent is that se00, sw00, sw10 can all communicate freely, maybe 
the zone name should be 'private' or 'secure' (rather than 'lan') and they 
should all be part of that?

2) What zone should the babel devices be in, what do they need to be able 
to do?

This is maybe a good segway into some other questions I have:

* is there a good description of how the babel stuff works?
I found this
  http://www.bufferbloat.net/projects/cerowrt/wiki/Mesh
which explains configuring, but I guess I would like something like a walk 
through of how a wireless client connects to an interior router and how 
things make it to the internet and back.

* if I need to secure both my guest wireless and secure wireless networks, 
what does that mean for security of the babel networks and what (if 
anything) stops someone from using them? given that I haven't set 
credentials anywhere on the routers to make it work, I am guessing nothing. 
I think the last time I wirelessly connected two routers it was using the 
old Linksys WDS and it used credentials somehow...

Thanks,

-- 
Matt Taggart
matt@lackof.org