back to http://scratchpad.wikia.com/wiki/Sasecurity
http://meshtrak.timbuktuwifi.com/phpBB2/viewtopic.php?t=20
My main goal is to bring up a DMZ or a LAN on a second NIC installed in a meshbox. I wanted to know if somebody here played with this, investigated it etc.... Should work alright with a few custom iptables commands if your node is a gateway. If it is a repeater then good luck. As ryan knows to his cost make sure the mesh is on eth0 , not sure if the software will mesh on second eth1 as there are no controls in wiana.settings for second eth. I'm not sure if people will be able to access the dmz due to intermesh firewalling.. datamile - forgot to login
To my mind, if it is a repeater, then dhcpd is runable on eth0 in wiana settings (core settings AFAIR). So it means you may mesh the lan AND te wireless cell through the tunnel(s). in this configuration, then adding a second nic is not so hard and some changes may be done in /hj/detectmode (adding eth1 detection...and other little stuff) The tricky part would be the securisation of the DMZ traffic towards TUNs and the Cells (wired or not). I'm thinking to use shorewall for this, and will try to install it on the mesh to improve the iptables rules.... what do you think about it ?