Hello. After many hours of labor, I finally got m0n0 running today. I
guess it pays to make sure you actually have a NIC chipset supported by
Anyway, I have a question or two about using m0n0 with a hotspot I am
installing in my business. I have a LAN behind my Linksys Nat router/switch
with an IP/subnet range of 192.168.1.0/24. Only 3 computers connected to
the switch. What I am wanting to do is connect m0n0 right to the switch on
my LAN (through m0n0 WAN device). Then I want to connect my wireless AP to
the m0n0 box. The problem is, I don't know if I should use the DMZ/OPT1
interface or the LAN interface. I won't need anything connected to the LAN
interface on the m0n0 box so could I actually just connect the AP to the LAN
interface and my hotspot becomes "another lan" in effect?
I then need to make sure m0n0 blocks all access to my actually "real" wired
lan since all I want the wireless clients to do is surf and not sniff my
network. Would I simply need to setup a rule for the LAN interface that
would block all outgoing traffic that had a destination of 192.168.1.0/24.
Lastly, I need m0n0 to block access to everything the wireless clients can
do except pop3, http, and https. Would I simply add a set of allow rules to
the LAN interface again something to the idea of this:
Proto Source Port Destination Port
TCP LAN net * * 80 (HTTP)
TCP LAN net * * 110 (POP3)
TCP LAN net * * 443 (HTTPS)
Then at the bottom of those 3 rules have one that blocks EVERYTHING else?
Thanks in advance for any help, guys!