[email protected] wrote: > I plan to make a home network; one can see my plan here: > > https://dl.dropboxusercontent.com/u/56020882/HomeNetwork_01.png > > I shall use shorewall as firewall. This should be a firewall with 4 > interfaces. > > > My question is: should I use for wireless LAN ( wlan0) dmz zone also, as > for web server ( eth2)?
I'd be more inclined to make it it's own zone OR to make it part of the loc zone. There really isn't any right or wrong answer - as a lot depends on your requirements and attitude to risk. If you put it in it's own zone, then you can have fairly fine grained control of how much access to the loc zone any wireless device has. But you also need to consider the restrictions it may impose - many "IOT" things expect the end user to have a "flat" network where all devices have access to each other and can be found by simple broadcast packets. Some of these may be difficult, or even impossible, to use when connected to a different network to the computer you want to use it from (whether that's accessing a WiFi device from wired computer, or a wired device from a WiFi computer/tablet/phone. I'd also point out that a Pi is far from ideal for this sort of task - the USB bus is a significant bottleneck through which all network traffic must flow (twice). It's onboard ethernet is also USB and (IIRC) shares the same host port as the USB sockets. While you may be thinking along the lines of "I've only got 20mbps internet" (inserting whatever speed you get) - don't forget that you'll have to pass this through the USB bus twice, and you'll have inter-zone traffic as well. As someone who really noticed the difference between "up to" 54G WiFi, 100Mbps ethernet, and Gbps ethernet - it wouldn't suit me, but YMMV. I believe there are other devices out there with better networking and similar price levels - but it's not an area I'm familiar with. ------------------------------------------------------------------------------ BPM Camp - Free Virtual Workshop May 6th at 10am PDT/1PM EDT Develop your own process in accordance with the BPMN 2 standard Learn Process modeling best practices with Bonita BPM through live exercises http://www.bonitasoft.com/be-part-of-it/events/bpm-camp-virtual- event?utm_ source=Sourceforge_BPM_Camp_5_6_15&utm_medium=email&utm_campaign=VA_SF _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
