Known GUI bug. The firewall display is incorrect. See this message from a few weeks ago: https://lists.bufferbloat.net/pipermail/cerowrt-devel/2014-September/003543.html On Sat, Oct 4, 2014 at 10:07 PM, Matt Taggart wrote: > Hi cerowrt-devel, > > In a default 3.10.50-1 install on the Network->Firewall->General settings > page, there are some default zones for wan, lan, guest. > > They don't appear to have any interfaces assigned to them, I am guessing > the intent is: > > ge00: wired wan port, should be 'wan' zone > gw00, gw10: guest 2.4/5 wireless, should be 'guest' zone > se00: wired switch ports, should be 'lan' zone > sw00, sw10: secure 2.4/5 wireless, ? zone > gw01, gw11: babel 2.4/5 wireless, ? zone > > 0) shouldn't the interfaces be assigned to zones? > > 1) If the intent is that se00, sw00, sw10 can all communicate freely, maybe > the zone name should be 'private' or 'secure' (rather than 'lan') and they > should all be part of that? > > 2) What zone should the babel devices be in, what do they need to be able > to do? > > This is maybe a good segway into some other questions I have: > > * is there a good description of how the babel stuff works? > I found this > http://www.bufferbloat.net/projects/cerowrt/wiki/Mesh > which explains configuring, but I guess I would like something like a walk > through of how a wireless client connects to an interior router and how > things make it to the internet and back. > > * if I need to secure both my guest wireless and secure wireless networks, > what does that mean for security of the babel networks and what (if > anything) stops someone from using them? given that I haven't set > credentials anywhere on the routers to make it work, I am guessing nothing. > I think the last time I wirelessly connected two routers it was using the > old Linksys WDS and it used credentials somehow... > > Thanks, > > -- > Matt Taggart > matt@lackof.org > > > _______________________________________________ > Cerowrt-devel mailing list > Cerowrt-devel@lists.bufferbloat.net > https://lists.bufferbloat.net/listinfo/cerowrt-devel >