Help a Newbe, please :)

Hi Experts,

I am new with the Turris and Firewalling topics.
I would like to handle to topics and need some guidance and help from you experts.

  1. have have a network segmentation
  • ISP to ISP Router: 192.168.1.1
    No WIFI beside Guest-Wifi (no access to internal lan)

  • Turris to ISP Router: Turris has 192.168.2.1
    All my internal systems like server, NAS and Wifi are hosted here
    Here I want to block any connection from WAN to LAN (works so fine)
    Only 1 client can access from WAN to LAN (NAS) (works also fine)

But, i do not understand Firewall Zones? Currently I have WAN to LAN open. This is not so good i guess.
What is zoning for, what is Masquerading (is that NAT-ing?) and how should i config it at the best?

  1. For Example: I have a Smart TV (IP for ex. 192.168.2.20) behind the turris. Now i would like to block everything, but whitelist youtube for exampe.

URL handling is not able with turris so i read. A solution is to run Pi-Hole in a container with LXC.
But how do i do this and how do i install pi-hole? (so step by step guide)

I have activated LXC in Turris and i see at the admin console the LXC Service. I choose “create container” with Ubuntu Bionic. On the DHCP Screen i see LXC-Name with IP 192.168.2.115
a) is the container the right on or should i use another distri?
b) how do i access to the container? via ssh on the IP 2.115 i do not get a connection
c) how can i change the IP to a static one?

//EDIT: Now i could access to the container using SSH on Turris and then using LXC-attach
BUT: I couldnt install PiHole: the installer said unsupported OS
AND: I was not able to ssh on the container. I changed the IP on a static on and install openssh-server.
Using Putty the SSH prompt come up, but login as root doesnt work. password was not accepted :frowning:

Would be great if someone can help :slight_smile:

best regards OrgImp

This topic was automatically closed after 60 days. New replies are no longer allowed.