From: Nathan <c.colon.backslash@gmail.com>
To: Matt Taggart <matt@lackof.org>
Cc: cerowrt-devel@lists.bufferbloat.net
Subject: Re: [Cerowrt-devel] default zones including interfaces and babel
Date: Sat, 4 Oct 2014 22:54:53 -0400 [thread overview]
Message-ID: <CADj7rmHmv5bmXvLrvzpUQVxdDOtB268Y_J6BVrc_U=ectL0hRA@mail.gmail.com> (raw)
In-Reply-To: <20141005020748.63A5F1B1@taggart.lackof.org>
[-- Attachment #1: Type: text/plain, Size: 2114 bytes --]
Known GUI bug. The firewall display is incorrect. See this message from a
few weeks ago:
https://lists.bufferbloat.net/pipermail/cerowrt-devel/2014-September/003543.html
On Sat, Oct 4, 2014 at 10:07 PM, Matt Taggart <matt@lackof.org> wrote:
> Hi cerowrt-devel,
>
> In a default 3.10.50-1 install on the Network->Firewall->General settings
> page, there are some default zones for wan, lan, guest.
>
> They don't appear to have any interfaces assigned to them, I am guessing
> the intent is:
>
> ge00: wired wan port, should be 'wan' zone
> gw00, gw10: guest 2.4/5 wireless, should be 'guest' zone
> se00: wired switch ports, should be 'lan' zone
> sw00, sw10: secure 2.4/5 wireless, ? zone
> gw01, gw11: babel 2.4/5 wireless, ? zone
>
> 0) shouldn't the interfaces be assigned to zones?
>
> 1) If the intent is that se00, sw00, sw10 can all communicate freely, maybe
> the zone name should be 'private' or 'secure' (rather than 'lan') and they
> should all be part of that?
>
> 2) What zone should the babel devices be in, what do they need to be able
> to do?
>
> This is maybe a good segway into some other questions I have:
>
> * is there a good description of how the babel stuff works?
> I found this
> http://www.bufferbloat.net/projects/cerowrt/wiki/Mesh
> which explains configuring, but I guess I would like something like a walk
> through of how a wireless client connects to an interior router and how
> things make it to the internet and back.
>
> * if I need to secure both my guest wireless and secure wireless networks,
> what does that mean for security of the babel networks and what (if
> anything) stops someone from using them? given that I haven't set
> credentials anywhere on the routers to make it work, I am guessing nothing.
> I think the last time I wirelessly connected two routers it was using the
> old Linksys WDS and it used credentials somehow...
>
> Thanks,
>
> --
> Matt Taggart
> matt@lackof.org
>
>
> _______________________________________________
> Cerowrt-devel mailing list
> Cerowrt-devel@lists.bufferbloat.net
> https://lists.bufferbloat.net/listinfo/cerowrt-devel
>
[-- Attachment #2: Type: text/html, Size: 3046 bytes --]
prev parent reply other threads:[~2014-10-05 2:54 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-10-05 2:07 Matt Taggart
2014-10-05 2:54 ` Nathan [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://lists.bufferbloat.net/postorius/lists/cerowrt-devel.lists.bufferbloat.net/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CADj7rmHmv5bmXvLrvzpUQVxdDOtB268Y_J6BVrc_U=ectL0hRA@mail.gmail.com' \
--to=c.colon.backslash@gmail.com \
--cc=cerowrt-devel@lists.bufferbloat.net \
--cc=matt@lackof.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox