On 11 August 2017 at 12:11:44, Gio (gio@diveni.re) wrote:
On Wednesday, 9 August 2017 16:03:33 CEST Amuza wrote:
> Hi,
>
> Sometimes I explain what this community network thing is to someone in
> my district. They likes the idea and they has an ISP router. Then I ask
> them if they would like to share their Internet connection and they says
> "yes, why not?". But then they asks if users in the community network
> could have access to their private home network. I answer they could,
> but it can be avoided in different ways -create different VLANs in the
> ISP router, configure a firewall, closing ports in the computers...
>
> Then they stops liking this community network thing.
>
> It is frustrating, because many people do not share their Internet
> connection because of this, and so we lose the resources we need.
Well it seems they have a curious idea of community... but i can understand it
in the current situation, with media talking of "hackers" all the time...
> I was wondering if there would be a way that LiMe could come
> preconfigured in such a way that, when an Internet gateway is added, it
> could only communicate to that ISP router, and no other host in that
> private network. I mean to automatically create the proper firewall
> rules so that the LiMe network could not access hosts in private networks.
>
> That would not be real security, as that configuration could be removed
> by any administrator in the community network, but we would be able to
> start our answer saying "by default LiMe cannot enter into your private
> network", and then explain what they could do to improve their security.
>
> What do you think of it?
I believe it is easy to do but i won't do this by default, you could
eventually create a community profile (ask Pau for the correct naming) with
this enabled by default, but ATM is not on top of my priority stack
>
> Have you found this obstacle?
>
> What would you reply to that person?
Yeah, and I have answere that their computer are exposed to the internet
anyway, so give a little of trust to your neighbours could be the first step to
create a community
>
> Is my proposal doable?
It is pretty easy I would say
> If so, should I open a Github issue? Where? In lime-packages?
It is not an issue, more a "feature" request I would say
Cheers!
_______________________________________________
lime-users mailing list
lime-users@lists.libremesh.org
https://lists.libremesh.org/mailman/listinfo/lime-users