## réseau

- fonctionne uniquement avec connection filaire, pas wifi
- on crée des bridges pour le réseau WAN et LAN pour qu'ils soient facilement accessible sur le poste de travail

```
# paramètres
PRIMARY_PROFIL=enpXsY
NETWORK_LABEL=harmony

WAN_BRIDGE=$NETWORL_LABEL-wan-brd   # max 15 char
LAN_NIC=$NETWORK_LABEL-lan-nic
LAN_BRIDGE=$NETWORK_LABEL-lan-brd


# Setup WAN bridge
nmcli c down $PRIMARY
nmcli c add type bridge ifname $WAN_BRIDGE con-name $WAN_BRIDGE
nmcli c add type bridge-slave ifname $PRIMARY_PROFILE master $WAN_BRIDGE ipv4.method auto
# nmcli c up $WAN_BRIDGE


# Setup LAN nic
sudo modprobe dummy
sudo ip link add $LAN_NIC type dummy
ip tuntap add dev $LAN_NIC mode tap user root  # todo: why user root?

# Setup LAN bridge
nmcli c add type bridge ifname $LAN_BRIDGE con-name $LAN_BRIDGE
nmcli c add type bridge-slave ifname $LAN_NIC master $LAN_BRIDGE ipv4.method auto
nmcli c up $LAN_BRIDGE
```

LAN bridge do not have an IP address and appear down. But it is successfully used by opnsense and can be accessed from the host network.

## config opnsense minimale

  - ssh enabled