Skip to content

CHill's Ramblings

Thoughts, ideas, and other such things I feel like putting here. About basically any topic.

Router Fun

Posted on August 11, 2021 By darkhelm No Comments on Router Fun
0 0
Read Time:2 Minute, 38 Second
How I learned to appreciate OpenWRT

For years, I had been using a router that had a custom ROM on it. I had used DD-WRT, which had a convenient set of web-based menus that allowed for me to customize how my router functioned and what features it could use. But DD-WRT was limited. There just were some things that were outside of what it could do. So after bricking yet another old router, I decided to change it up and try OpenWRT.

This tends to function quite differently than DD-WRT. It does have a set of web-based menus. It also has a package manager for installing new software. And…. it has Command Line access, which gives me access to more than what I have with just the web interface. It is a full Linux distro with everything that entails.

One of the first things I felt I needed to add was the ability to update DynDNS with the latest IP for my router. That took installing a plugin, where it was built-in with DD-WRT. Simple enough to get working, and it is functioning quite fine.

Next was to rig up SQM QoS, with the cake discipline. Where I used to have to specifically control the QoS myself, this tool allows for it to be managed automatically. No more needing to fiddle with what kinds of apps get what priority. Just installed the plug-in, enabled it, and it does it all for me.

I set up 2 main wifi SSIDs for my LAN — the first is the fastest, and primary network for devices on it. The second is a slower/legacy network for those devices that just plain need something older. I also set a “guest” SSID, which isolates the clients to prevent them from ever seeing the main LAN or devices on it.

A big change I did was I got Nginx (with SSL) up and running on the router, and have its main web interface running through it. I also installed the acme.sh script manually (not through normal package management), and started making Let’s Encrypt certificates. And built a component that automatically upgrades HTTP to HTTPS requests to the router. Everything gets to be secured. My router now also serves as my reverse proxy — essentially handling the routing of web traffic to the correct systems as needed.

I restructured the command-line, using my favorite tools (vim, fish, htop, neofetch, tmux) to customize the appearance/functionality of my CLI to my personal preferences.

Another huge change is I put in an external USB drive, and added AdGuard Home directly to the router, to handle DNS requests, with several standard ad/tracking/malware/adult/etc. blocklists, making network usage at home as safe as possible. So the router is also managing the DNS component, with full blocking when necessary. Some fun firewall rules also force ALL DNS queries through the AdGuard Home, no DNS leaks for our network.

All-in-all, the router is self-sustaining, not relying at all on any external devices for main functionality, and it is the gatekeeper for external and internal traffic.

Share

Facebook
Twitter
Pinterest
LinkedIn

About Post Author

darkhelm

chill@darkhelm.org
http://darkhelm.org
Happy
Happy
0 0 %
Sad
Sad
0 0 %
Excited
Excited
0 0 %
Sleepy
Sleepy
0 0 %
Angry
Angry
0 0 %
Surprise
Surprise
0 0 %
network Tags:acme.sh, nginx, openwrt, router

Post navigation

Previous Post: False Peace
Next Post: To Dave Hines, my friend, may you now have the joy you had spread to everyone around you.

Average Rating

5 Star
0%
4 Star
0%
3 Star
0%
2 Star
0%
1 Star
0%
(Add your review)

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Archives

  • October 2021
  • August 2021
  • October 2019
  • November 2018
  • October 2016
  • September 2016
  • November 2015
  • September 2013
  • May 2013
  • October 2012
  • April 2012
  • March 2012
  • December 2010
  • November 2010
  • September 2010
  • August 2010
  • July 2010
  • January 2010

Categories

  • america
  • bitsy
  • blueprints
  • ejb
  • glassfish
  • gwt-syntaxhighlighter
  • jpa
  • jython
  • lies
  • network
  • politics
  • Uncategorized

Recent Posts

  • To Dave Hines, my friend, may you now have the joy you had spread to everyone around you.
  • Router Fun
  • False Peace
  • Moving away from the google universe.
  • The problem with people abusing scripture to attack entertainment

Recent Comments

  1. darkhelm on To Dave Hines, my friend, may you now have the joy you had spread to everyone around you.
  2. Matt Sutton on To Dave Hines, my friend, may you now have the joy you had spread to everyone around you.
  3. Unknown on Jonah, Jonah, did not obey God immediately…
  4. 1seanv on A Christian’s Response To: A Christian’s View of World of Warcraft (published in 2008)
  5. Unknown on Jonah, Jonah, did not obey God immediately…

Copyright © 2023 CHill's Ramblings.

Powered by PressBook WordPress theme