sbnMerlin 1.2.7 - Network Isolation Tool based on Guest Networks, January 2 2026

[echonode]

Hello

@janico82 I've opened 2 PRs, one fixing a bug observed on dnsmasq.postconf updates (wasn't sourcing the helper script if I remember correctly and the lack of pc_append was messing around with the config).
Feel free to amend or close.
Cheers!

 

[janico82]

sbnMerlin version 1.2.7 published.

 

[arne123]

Hello again, I've been using sbnMerlin since not long after @janico82 published it the first time, very happily and in a specific way; besides the basic division in zones, also assigning specific IP addresses and hostnames (dhcp based on mac address), and using iptables exceptions for individual devices. For example: only a specific IoT device may reach the internet, or guests can talk to some port on the NAS, or breaking the ap isolation for specific devices or ports. You get the idea.

And it's been working great for me! The only downside is the effort of maintaining the mac/ip/hostname mappings and iptables rules. So I built a companion tool that makes it easy to document and manage a setup like this in a yaml file. It generates the sbnMerlin.conf and the br*_iptables.filter files and can push them to the router if you want. As a bonus it draws a diagram of your configured network including the exceptions.

Honestly I don't know if others have been using or want to use sbnMerlin for this kind of setup. If you're interested, please check out the tool: https://github.com/arner/netgen. Examples and instructions included. Hope it helps someone else too, looking forward to your feedback!