W0CHP-PiStar-Dash Node Type and Security Improvements
Recently, I’ve witnessed two networks suffer from loops, caused by
mis-configured hotspots. Now while Pi-Star has some rudimentary checks in place
(simply a warning message for hotspots configured as “Public Nodes”), I’ve
W0CHP-PiStar-Dash to help
prevent these loops even further.
Now, while attempting to configure the hotspot/repeater node type to “Public”, the user/operator is first forced to enter an allowed DMR ID(’s) to an access control list (ACL), before making the node type as public (i.e. the “public” button is disabled until this condition is met).
This will help prevent the annoying (and unfortunately common!) network loops we all abhor, as well as help to foster better hotspot security.
And speaking of security…it got me thinking; what about PiStar-Remote? Some operators may want to configure the hotspot to a “public” node with allowed operators in the ACL, however, PiStar-Remote is always running - which allows operators to reboot the hotspot, kill services, and more.
To further secure the hotspot, I’ve added a new feature to disable (and re-enable) PiStar-Remote in the Admin System Manager.