Just got my Bullet and got it on the air - no issues, done in a few minutes. 

A nice configuration note - NO switch hardware (managed or otherwise) is necessary to decode and separate the LAN/WAN connections of the bullet.   If you are plugged in to Linux or an OS that supports VLAN tagging it will happily separate the VLAN tag into another interface while the router is plugged directly into the network card. This should even be true when sharing ports on "dumb" switches - the vlan tag is part of the normal packet header and even dumb switches can pass it (even if they don't know what to do with it).

I have the Mesh coming in to my Linux box with a transparent Squid proxy (logging connections and traffic) before sending out to the real internet.  

A few things I learned: 

• Squid transparent Proxy takes care of moving the content - but not the DNS connectivity.   You still need DNS to resolve names. 
• Even if you have custom DNS settings for ONE nodes' internet connection all others will still be looking for the google DNS servers and will basically fail to resolve names at all.   This means you probably want to just forward any google DNS traffic straight through. 

Still more to do to filter out some advertisements (squid has a module for that) and a few other things, but overall it is working.

Now if there were slightly more nodes to connect to... 

Yes should even work through a dumb switch.  Funny enough you basically described the first version of my programming lab.

dns:  try an Iptables redirect anything inbound interface vlan1 destination port 53 redirect to 127.0.0.1 (locust had to run a dns server fort his to work ). This lets you cache responses. This may break DNSSEC

Make sure your fellow hams know your filtering and not allowing all connections so they are not suprised when they can not access some locations (unless you opened up all other ports like NTP ETC  and are only intercepting http.

BTW how did you decide to handle HTTPS allow or deny?  Fun fact lots of advertising is on HTTPS these days.

Inline filter is really not a bad idea for filtering http through a node.... I'm trying to recall I'll have to check my desk, I use to have a regularly updating free categories list we pulled off of,  could block certain categories in squid (porn, illegal,etc).  I haven't used it in a while (I'm spoiled with access to full commercial solutions these day) but will look for it if you want on Monday.

Haven't decided what to do with encrypted protocols yet - but I did read up on the package that disables them.  If the map is correct I'm the second node in my state (MN) and the only within 68 miles.  So nothing to connect to yet. A few other local hams and I are trying to string up something that works. 

I may need to figure out how to set up an internet tunnel just to have some activity.

I'm forwarding through all ports but 80 right now.  

I know some other locals (still probably not local enough to connect to) are using openwrt directly. 

We'll see.

KC0LQL

Am I missing something?  I am now trying to set up a Bullet and an Airgrid but am not finding any step by step install data.  The Ubiquity Install for Dummies manual is needed.

Thanks for any help pointing me in the right direction.

Dave KM2O

This should help:

http://ubnt.hsmm-mesh.org/products/BBHN/wiki/HowTo/FlashUbiquiti

Thanks!

Please reffer to the following datasheet

http://dl.ubnt.com/datasheets/bulletm/bm_ds_web.pdf

Actual power output depends on how good a signal path the device has to the device it is contacting and is limited to he max configured power in the user interface.

Unlike a typical 2m radio where RF power can fluctuate based in power source (VIN is tied directly to the RF amplifier) these devices have a built in Switch Mode Power Supply (SMPS) and all circuits are belived to be behind this supply so they should receive a constant voltage supply to operate at the intended paramaters.

The built in components have to be highly linear so they would not react well of this wasn't the case.